Docs Home
Control Plane v0.0.60 published on Thursday, Jul 3, 2025 by pulumiverse
cpln.Identity
Explore with Pulumi AI
Create Identity Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Identity(name: string, args: IdentityArgs, opts?: CustomResourceOptions);@overload
def Identity(resource_name: str,
args: IdentityArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Identity(resource_name: str,
opts: Optional[ResourceOptions] = None,
gvc: Optional[str] = None,
aws_access_policy: Optional[IdentityAwsAccessPolicyArgs] = None,
azure_access_policy: Optional[IdentityAzureAccessPolicyArgs] = None,
description: Optional[str] = None,
gcp_access_policy: Optional[IdentityGcpAccessPolicyArgs] = None,
name: Optional[str] = None,
native_network_resources: Optional[Sequence[IdentityNativeNetworkResourceArgs]] = None,
network_resources: Optional[Sequence[IdentityNetworkResourceArgs]] = None,
ngs_access_policy: Optional[IdentityNgsAccessPolicyArgs] = None,
tags: Optional[Mapping[str, str]] = None)func NewIdentity(ctx *Context, name string, args IdentityArgs, opts ...ResourceOption) (*Identity, error)public Identity(string name, IdentityArgs args, CustomResourceOptions? opts = null)
public Identity(String name, IdentityArgs args)
public Identity(String name, IdentityArgs args, CustomResourceOptions options)
type: cpln:Identity
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IdentityArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IdentityArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IdentityArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IdentityArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IdentityArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var identityResource = new Cpln.Identity("identityResource", new()
{
Gvc = "string",
AwsAccessPolicy = new Cpln.Inputs.IdentityAwsAccessPolicyArgs
{
CloudAccountLink = "string",
PolicyRefs = new[]
{
"string",
},
RoleName = "string",
TrustPolicies = new[]
{
new Cpln.Inputs.IdentityAwsAccessPolicyTrustPolicyArgs
{
Statements = new[]
{
{
{ "string", "string" },
},
},
Version = "string",
},
},
},
AzureAccessPolicy = new Cpln.Inputs.IdentityAzureAccessPolicyArgs
{
CloudAccountLink = "string",
RoleAssignments = new[]
{
new Cpln.Inputs.IdentityAzureAccessPolicyRoleAssignmentArgs
{
Roles = new[]
{
"string",
},
Scope = "string",
},
},
},
Description = "string",
GcpAccessPolicy = new Cpln.Inputs.IdentityGcpAccessPolicyArgs
{
CloudAccountLink = "string",
Bindings = new[]
{
new Cpln.Inputs.IdentityGcpAccessPolicyBindingArgs
{
Resource = "string",
Roles = new[]
{
"string",
},
},
},
Scopes = new[]
{
"string",
},
ServiceAccount = "string",
},
Name = "string",
NativeNetworkResources = new[]
{
new Cpln.Inputs.IdentityNativeNetworkResourceArgs
{
Fqdn = "string",
Name = "string",
Ports = new[]
{
0,
},
AwsPrivateLink = new Cpln.Inputs.IdentityNativeNetworkResourceAwsPrivateLinkArgs
{
EndpointServiceName = "string",
},
GcpServiceConnect = new Cpln.Inputs.IdentityNativeNetworkResourceGcpServiceConnectArgs
{
TargetService = "string",
},
},
},
NetworkResources = new[]
{
new Cpln.Inputs.IdentityNetworkResourceArgs
{
Name = "string",
Ports = new[]
{
0,
},
AgentLink = "string",
Fqdn = "string",
Ips = new[]
{
"string",
},
ResolverIp = "string",
},
},
NgsAccessPolicy = new Cpln.Inputs.IdentityNgsAccessPolicyArgs
{
CloudAccountLink = "string",
Data = 0,
Payload = 0,
Pub = new Cpln.Inputs.IdentityNgsAccessPolicyPubArgs
{
Allows = new[]
{
"string",
},
Denies = new[]
{
"string",
},
},
Resp = new Cpln.Inputs.IdentityNgsAccessPolicyRespArgs
{
Max = 0,
Ttl = "string",
},
Sub = new Cpln.Inputs.IdentityNgsAccessPolicySubArgs
{
Allows = new[]
{
"string",
},
Denies = new[]
{
"string",
},
},
Subs = 0,
},
Tags =
{
{ "string", "string" },
},
});
example, err := cpln.NewIdentity(ctx, "identityResource", &cpln.IdentityArgs{
Gvc: pulumi.String("string"),
AwsAccessPolicy: &cpln.IdentityAwsAccessPolicyArgs{
CloudAccountLink: pulumi.String("string"),
PolicyRefs: pulumi.StringArray{
pulumi.String("string"),
},
RoleName: pulumi.String("string"),
TrustPolicies: cpln.IdentityAwsAccessPolicyTrustPolicyArray{
&cpln.IdentityAwsAccessPolicyTrustPolicyArgs{
Statements: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Version: pulumi.String("string"),
},
},
},
AzureAccessPolicy: &cpln.IdentityAzureAccessPolicyArgs{
CloudAccountLink: pulumi.String("string"),
RoleAssignments: cpln.IdentityAzureAccessPolicyRoleAssignmentArray{
&cpln.IdentityAzureAccessPolicyRoleAssignmentArgs{
Roles: pulumi.StringArray{
pulumi.String("string"),
},
Scope: pulumi.String("string"),
},
},
},
Description: pulumi.String("string"),
GcpAccessPolicy: &cpln.IdentityGcpAccessPolicyArgs{
CloudAccountLink: pulumi.String("string"),
Bindings: cpln.IdentityGcpAccessPolicyBindingArray{
&cpln.IdentityGcpAccessPolicyBindingArgs{
Resource: pulumi.String("string"),
Roles: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
ServiceAccount: pulumi.String("string"),
},
Name: pulumi.String("string"),
NativeNetworkResources: cpln.IdentityNativeNetworkResourceArray{
&cpln.IdentityNativeNetworkResourceArgs{
Fqdn: pulumi.String("string"),
Name: pulumi.String("string"),
Ports: pulumi.IntArray{
pulumi.Int(0),
},
AwsPrivateLink: &cpln.IdentityNativeNetworkResourceAwsPrivateLinkArgs{
EndpointServiceName: pulumi.String("string"),
},
GcpServiceConnect: &cpln.IdentityNativeNetworkResourceGcpServiceConnectArgs{
TargetService: pulumi.String("string"),
},
},
},
NetworkResources: cpln.IdentityNetworkResourceArray{
&cpln.IdentityNetworkResourceArgs{
Name: pulumi.String("string"),
Ports: pulumi.IntArray{
pulumi.Int(0),
},
AgentLink: pulumi.String("string"),
Fqdn: pulumi.String("string"),
Ips: pulumi.StringArray{
pulumi.String("string"),
},
ResolverIp: pulumi.String("string"),
},
},
NgsAccessPolicy: &cpln.IdentityNgsAccessPolicyArgs{
CloudAccountLink: pulumi.String("string"),
Data: pulumi.Int(0),
Payload: pulumi.Int(0),
Pub: &cpln.IdentityNgsAccessPolicyPubArgs{
Allows: pulumi.StringArray{
pulumi.String("string"),
},
Denies: pulumi.StringArray{
pulumi.String("string"),
},
},
Resp: &cpln.IdentityNgsAccessPolicyRespArgs{
Max: pulumi.Int(0),
Ttl: pulumi.String("string"),
},
Sub: &cpln.IdentityNgsAccessPolicySubArgs{
Allows: pulumi.StringArray{
pulumi.String("string"),
},
Denies: pulumi.StringArray{
pulumi.String("string"),
},
},
Subs: pulumi.Int(0),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var identityResource = new Identity("identityResource", IdentityArgs.builder()
.gvc("string")
.awsAccessPolicy(IdentityAwsAccessPolicyArgs.builder()
.cloudAccountLink("string")
.policyRefs("string")
.roleName("string")
.trustPolicies(IdentityAwsAccessPolicyTrustPolicyArgs.builder()
.statements(Map.of("string", "string"))
.version("string")
.build())
.build())
.azureAccessPolicy(IdentityAzureAccessPolicyArgs.builder()
.cloudAccountLink("string")
.roleAssignments(IdentityAzureAccessPolicyRoleAssignmentArgs.builder()
.roles("string")
.scope("string")
.build())
.build())
.description("string")
.gcpAccessPolicy(IdentityGcpAccessPolicyArgs.builder()
.cloudAccountLink("string")
.bindings(IdentityGcpAccessPolicyBindingArgs.builder()
.resource("string")
.roles("string")
.build())
.scopes("string")
.serviceAccount("string")
.build())
.name("string")
.nativeNetworkResources(IdentityNativeNetworkResourceArgs.builder()
.fqdn("string")
.name("string")
.ports(0)
.awsPrivateLink(IdentityNativeNetworkResourceAwsPrivateLinkArgs.builder()
.endpointServiceName("string")
.build())
.gcpServiceConnect(IdentityNativeNetworkResourceGcpServiceConnectArgs.builder()
.targetService("string")
.build())
.build())
.networkResources(IdentityNetworkResourceArgs.builder()
.name("string")
.ports(0)
.agentLink("string")
.fqdn("string")
.ips("string")
.resolverIp("string")
.build())
.ngsAccessPolicy(IdentityNgsAccessPolicyArgs.builder()
.cloudAccountLink("string")
.data(0)
.payload(0)
.pub(IdentityNgsAccessPolicyPubArgs.builder()
.allows("string")
.denies("string")
.build())
.resp(IdentityNgsAccessPolicyRespArgs.builder()
.max(0)
.ttl("string")
.build())
.sub(IdentityNgsAccessPolicySubArgs.builder()
.allows("string")
.denies("string")
.build())
.subs(0)
.build())
.tags(Map.of("string", "string"))
.build());
identity_resource = cpln.Identity("identityResource",
gvc="string",
aws_access_policy={
"cloud_account_link": "string",
"policy_refs": ["string"],
"role_name": "string",
"trust_policies": [{
"statements": [{
"string": "string",
}],
"version": "string",
}],
},
azure_access_policy={
"cloud_account_link": "string",
"role_assignments": [{
"roles": ["string"],
"scope": "string",
}],
},
description="string",
gcp_access_policy={
"cloud_account_link": "string",
"bindings": [{
"resource": "string",
"roles": ["string"],
}],
"scopes": ["string"],
"service_account": "string",
},
name="string",
native_network_resources=[{
"fqdn": "string",
"name": "string",
"ports": [0],
"aws_private_link": {
"endpoint_service_name": "string",
},
"gcp_service_connect": {
"target_service": "string",
},
}],
network_resources=[{
"name": "string",
"ports": [0],
"agent_link": "string",
"fqdn": "string",
"ips": ["string"],
"resolver_ip": "string",
}],
ngs_access_policy={
"cloud_account_link": "string",
"data": 0,
"payload": 0,
"pub": {
"allows": ["string"],
"denies": ["string"],
},
"resp": {
"max": 0,
"ttl": "string",
},
"sub": {
"allows": ["string"],
"denies": ["string"],
},
"subs": 0,
},
tags={
"string": "string",
})
const identityResource = new cpln.Identity("identityResource", {
gvc: "string",
awsAccessPolicy: {
cloudAccountLink: "string",
policyRefs: ["string"],
roleName: "string",
trustPolicies: [{
statements: [{
string: "string",
}],
version: "string",
}],
},
azureAccessPolicy: {
cloudAccountLink: "string",
roleAssignments: [{
roles: ["string"],
scope: "string",
}],
},
description: "string",
gcpAccessPolicy: {
cloudAccountLink: "string",
bindings: [{
resource: "string",
roles: ["string"],
}],
scopes: ["string"],
serviceAccount: "string",
},
name: "string",
nativeNetworkResources: [{
fqdn: "string",
name: "string",
ports: [0],
awsPrivateLink: {
endpointServiceName: "string",
},
gcpServiceConnect: {
targetService: "string",
},
}],
networkResources: [{
name: "string",
ports: [0],
agentLink: "string",
fqdn: "string",
ips: ["string"],
resolverIp: "string",
}],
ngsAccessPolicy: {
cloudAccountLink: "string",
data: 0,
payload: 0,
pub: {
allows: ["string"],
denies: ["string"],
},
resp: {
max: 0,
ttl: "string",
},
sub: {
allows: ["string"],
denies: ["string"],
},
subs: 0,
},
tags: {
string: "string",
},
});
type: cpln:Identity
properties:
awsAccessPolicy:
cloudAccountLink: string
policyRefs:
- string
roleName: string
trustPolicies:
- statements:
- string: string
version: string
azureAccessPolicy:
cloudAccountLink: string
roleAssignments:
- roles:
- string
scope: string
description: string
gcpAccessPolicy:
bindings:
- resource: string
roles:
- string
cloudAccountLink: string
scopes:
- string
serviceAccount: string
gvc: string
name: string
nativeNetworkResources:
- awsPrivateLink:
endpointServiceName: string
fqdn: string
gcpServiceConnect:
targetService: string
name: string
ports:
- 0
networkResources:
- agentLink: string
fqdn: string
ips:
- string
name: string
ports:
- 0
resolverIp: string
ngsAccessPolicy:
cloudAccountLink: string
data: 0
payload: 0
pub:
allows:
- string
denies:
- string
resp:
max: 0
ttl: string
sub:
allows:
- string
denies:
- string
subs: 0
tags:
string: string
Identity Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Identity resource accepts the following input properties:
- Gvc string
- The GVC to which this identity belongs.
- Aws
Access Pulumiverse.Policy Cpln. Inputs. Identity Aws Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- Azure
Access Pulumiverse.Policy Cpln. Inputs. Identity Azure Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- Description string
- Description of the identity.
- Gcp
Access Pulumiverse.Policy Cpln. Inputs. Identity Gcp Access Policy - The GCP access policy can either contain an existing service_account or multiple bindings.
- Name string
- Name of the identity.
- Native
Network List<Pulumiverse.Resources Cpln. Inputs. Identity Native Network Resource> NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- Network
Resources List<Pulumiverse.Cpln. Inputs. Identity Network Resource> - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- Ngs
Access Pulumiverse.Policy Cpln. Inputs. Identity Ngs Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- Dictionary<string, string>
- Key-value map of resource tags.
- Gvc string
- The GVC to which this identity belongs.
- Aws
Access IdentityPolicy Aws Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- Azure
Access IdentityPolicy Azure Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- Description string
- Description of the identity.
- Gcp
Access IdentityPolicy Gcp Access Policy Args - The GCP access policy can either contain an existing service_account or multiple bindings.
- Name string
- Name of the identity.
- Native
Network []IdentityResources Native Network Resource Args NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- Network
Resources []IdentityNetwork Resource Args - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- Ngs
Access IdentityPolicy Ngs Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- map[string]string
- Key-value map of resource tags.
- gvc String
- The GVC to which this identity belongs.
- aws
Access IdentityPolicy Aws Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure
Access IdentityPolicy Azure Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- description String
- Description of the identity.
- gcp
Access IdentityPolicy Gcp Access Policy - The GCP access policy can either contain an existing service_account or multiple bindings.
- name String
- Name of the identity.
- native
Network List<IdentityResources Native Network Resource> NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network
Resources List<IdentityNetwork Resource> - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs
Access IdentityPolicy Ngs Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- Map<String,String>
- Key-value map of resource tags.
- gvc string
- The GVC to which this identity belongs.
- aws
Access IdentityPolicy Aws Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure
Access IdentityPolicy Azure Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- description string
- Description of the identity.
- gcp
Access IdentityPolicy Gcp Access Policy - The GCP access policy can either contain an existing service_account or multiple bindings.
- name string
- Name of the identity.
- native
Network IdentityResources Native Network Resource[] NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network
Resources IdentityNetwork Resource[] - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs
Access IdentityPolicy Ngs Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- {[key: string]: string}
- Key-value map of resource tags.
- gvc str
- The GVC to which this identity belongs.
- aws_
access_ Identitypolicy Aws Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure_
access_ Identitypolicy Azure Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- description str
- Description of the identity.
- gcp_
access_ Identitypolicy Gcp Access Policy Args - The GCP access policy can either contain an existing service_account or multiple bindings.
- name str
- Name of the identity.
- native_
network_ Sequence[Identityresources Native Network Resource Args] NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network_
resources Sequence[IdentityNetwork Resource Args] - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs_
access_ Identitypolicy Ngs Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- Mapping[str, str]
- Key-value map of resource tags.
- gvc String
- The GVC to which this identity belongs.
- aws
Access Property MapPolicy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure
Access Property MapPolicy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- description String
- Description of the identity.
- gcp
Access Property MapPolicy - The GCP access policy can either contain an existing service_account or multiple bindings.
- name String
- Name of the identity.
- native
Network List<Property Map>Resources NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network
Resources List<Property Map> - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs
Access Property MapPolicy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- Map<String>
- Key-value map of resource tags.
Outputs
All input properties are implicitly available as output properties. Additionally, the Identity resource produces the following output properties:
Look up Existing Identity Resource
Get an existing Identity resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IdentityState, opts?: CustomResourceOptions): Identity@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aws_access_policy: Optional[IdentityAwsAccessPolicyArgs] = None,
azure_access_policy: Optional[IdentityAzureAccessPolicyArgs] = None,
cpln_id: Optional[str] = None,
description: Optional[str] = None,
gcp_access_policy: Optional[IdentityGcpAccessPolicyArgs] = None,
gvc: Optional[str] = None,
name: Optional[str] = None,
native_network_resources: Optional[Sequence[IdentityNativeNetworkResourceArgs]] = None,
network_resources: Optional[Sequence[IdentityNetworkResourceArgs]] = None,
ngs_access_policy: Optional[IdentityNgsAccessPolicyArgs] = None,
self_link: Optional[str] = None,
status: Optional[Mapping[str, str]] = None,
tags: Optional[Mapping[str, str]] = None) -> Identityfunc GetIdentity(ctx *Context, name string, id IDInput, state *IdentityState, opts ...ResourceOption) (*Identity, error)public static Identity Get(string name, Input<string> id, IdentityState? state, CustomResourceOptions? opts = null)public static Identity get(String name, Output<String> id, IdentityState state, CustomResourceOptions options)resources: _: type: cpln:Identity get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Aws
Access Pulumiverse.Policy Cpln. Inputs. Identity Aws Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- Azure
Access Pulumiverse.Policy Cpln. Inputs. Identity Azure Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- Cpln
Id string - The ID, in GUID format, of the identity.
- Description string
- Description of the identity.
- Gcp
Access Pulumiverse.Policy Cpln. Inputs. Identity Gcp Access Policy - The GCP access policy can either contain an existing service_account or multiple bindings.
- Gvc string
- The GVC to which this identity belongs.
- Name string
- Name of the identity.
- Native
Network List<Pulumiverse.Resources Cpln. Inputs. Identity Native Network Resource> NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- Network
Resources List<Pulumiverse.Cpln. Inputs. Identity Network Resource> - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- Ngs
Access Pulumiverse.Policy Cpln. Inputs. Identity Ngs Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- Self
Link string - Full link to this resource. Can be referenced by other resources.
- Status Dictionary<string, string>
- Key-value map of identity status. Available fields:
objectName. - Dictionary<string, string>
- Key-value map of resource tags.
- Aws
Access IdentityPolicy Aws Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- Azure
Access IdentityPolicy Azure Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- Cpln
Id string - The ID, in GUID format, of the identity.
- Description string
- Description of the identity.
- Gcp
Access IdentityPolicy Gcp Access Policy Args - The GCP access policy can either contain an existing service_account or multiple bindings.
- Gvc string
- The GVC to which this identity belongs.
- Name string
- Name of the identity.
- Native
Network []IdentityResources Native Network Resource Args NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- Network
Resources []IdentityNetwork Resource Args - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- Ngs
Access IdentityPolicy Ngs Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- Self
Link string - Full link to this resource. Can be referenced by other resources.
- Status map[string]string
- Key-value map of identity status. Available fields:
objectName. - map[string]string
- Key-value map of resource tags.
- aws
Access IdentityPolicy Aws Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure
Access IdentityPolicy Azure Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- cpln
Id String - The ID, in GUID format, of the identity.
- description String
- Description of the identity.
- gcp
Access IdentityPolicy Gcp Access Policy - The GCP access policy can either contain an existing service_account or multiple bindings.
- gvc String
- The GVC to which this identity belongs.
- name String
- Name of the identity.
- native
Network List<IdentityResources Native Network Resource> NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network
Resources List<IdentityNetwork Resource> - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs
Access IdentityPolicy Ngs Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- self
Link String - Full link to this resource. Can be referenced by other resources.
- status Map<String,String>
- Key-value map of identity status. Available fields:
objectName. - Map<String,String>
- Key-value map of resource tags.
- aws
Access IdentityPolicy Aws Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure
Access IdentityPolicy Azure Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- cpln
Id string - The ID, in GUID format, of the identity.
- description string
- Description of the identity.
- gcp
Access IdentityPolicy Gcp Access Policy - The GCP access policy can either contain an existing service_account or multiple bindings.
- gvc string
- The GVC to which this identity belongs.
- name string
- Name of the identity.
- native
Network IdentityResources Native Network Resource[] NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network
Resources IdentityNetwork Resource[] - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs
Access IdentityPolicy Ngs Access Policy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- self
Link string - Full link to this resource. Can be referenced by other resources.
- status {[key: string]: string}
- Key-value map of identity status. Available fields:
objectName. - {[key: string]: string}
- Key-value map of resource tags.
- aws_
access_ Identitypolicy Aws Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure_
access_ Identitypolicy Azure Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- cpln_
id str - The ID, in GUID format, of the identity.
- description str
- Description of the identity.
- gcp_
access_ Identitypolicy Gcp Access Policy Args - The GCP access policy can either contain an existing service_account or multiple bindings.
- gvc str
- The GVC to which this identity belongs.
- name str
- Name of the identity.
- native_
network_ Sequence[Identityresources Native Network Resource Args] NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network_
resources Sequence[IdentityNetwork Resource Args] - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs_
access_ Identitypolicy Ngs Access Policy Args - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- self_
link str - Full link to this resource. Can be referenced by other resources.
- status Mapping[str, str]
- Key-value map of identity status. Available fields:
objectName. - Mapping[str, str]
- Key-value map of resource tags.
- aws
Access Property MapPolicy - A set of access policy rules that defines the actions and resources that an identity can access within an AWS environment.
- azure
Access Property MapPolicy - A set of access policy rules that defines the actions and resources that an identity can access within an Azure environment.
- cpln
Id String - The ID, in GUID format, of the identity.
- description String
- Description of the identity.
- gcp
Access Property MapPolicy - The GCP access policy can either contain an existing service_account or multiple bindings.
- gvc String
- The GVC to which this identity belongs.
- name String
- Name of the identity.
- native
Network List<Property Map>Resources NOTE The configuration of a native network resource requires the assistance of Control Plane support.
- network
Resources List<Property Map> - A network resource can be configured with: - A fully qualified domain name (FQDN) and ports. - An FQDN, resolver IP, and ports. - IP's and ports.
- ngs
Access Property MapPolicy - A set of access policy rules that defines the actions and resources that an identity can access within an NGA environment.
- self
Link String - Full link to this resource. Can be referenced by other resources.
- status Map<String>
- Key-value map of identity status. Available fields:
objectName. - Map<String>
- Key-value map of resource tags.
Supporting Types
IdentityAwsAccessPolicy, IdentityAwsAccessPolicyArgs
- Cloud
Account stringLink - Full link to referenced cloud account.
- Policy
Refs List<string> - List of policies.
- Role
Name string - Role name.
- Trust
Policies List<Pulumiverse.Cpln. Inputs. Identity Aws Access Policy Trust Policy> - The trust policy for the role.
- Cloud
Account stringLink - Full link to referenced cloud account.
- Policy
Refs []string - List of policies.
- Role
Name string - Role name.
- Trust
Policies []IdentityAws Access Policy Trust Policy - The trust policy for the role.
- cloud
Account StringLink - Full link to referenced cloud account.
- policy
Refs List<String> - List of policies.
- role
Name String - Role name.
- trust
Policies List<IdentityAws Access Policy Trust Policy> - The trust policy for the role.
- cloud
Account stringLink - Full link to referenced cloud account.
- policy
Refs string[] - List of policies.
- role
Name string - Role name.
- trust
Policies IdentityAws Access Policy Trust Policy[] - The trust policy for the role.
- cloud_
account_ strlink - Full link to referenced cloud account.
- policy_
refs Sequence[str] - List of policies.
- role_
name str - Role name.
- trust_
policies Sequence[IdentityAws Access Policy Trust Policy] - The trust policy for the role.
- cloud
Account StringLink - Full link to referenced cloud account.
- policy
Refs List<String> - List of policies.
- role
Name String - Role name.
- trust
Policies List<Property Map> - The trust policy for the role.
IdentityAwsAccessPolicyTrustPolicy, IdentityAwsAccessPolicyTrustPolicyArgs
- Statements
List<Immutable
Dictionary<string, string>> - List of statements.
- Version string
- Version of the policy.
- Statements []map[string]string
- List of statements.
- Version string
- Version of the policy.
- statements List<Map<String,String>>
- List of statements.
- version String
- Version of the policy.
- statements {[key: string]: string}[]
- List of statements.
- version string
- Version of the policy.
- statements Sequence[Mapping[str, str]]
- List of statements.
- version str
- Version of the policy.
- statements List<Map<String>>
- List of statements.
- version String
- Version of the policy.
IdentityAzureAccessPolicy, IdentityAzureAccessPolicyArgs
- Cloud
Account stringLink - Full link to referenced cloud account.
- Role
Assignments List<Pulumiverse.Cpln. Inputs. Identity Azure Access Policy Role Assignment> - The process of assigning specific roles or permissions to an entity, such as a user or a service principal, within the system.
- Cloud
Account stringLink - Full link to referenced cloud account.
- Role
Assignments []IdentityAzure Access Policy Role Assignment - The process of assigning specific roles or permissions to an entity, such as a user or a service principal, within the system.
- cloud
Account StringLink - Full link to referenced cloud account.
- role
Assignments List<IdentityAzure Access Policy Role Assignment> - The process of assigning specific roles or permissions to an entity, such as a user or a service principal, within the system.
- cloud
Account stringLink - Full link to referenced cloud account.
- role
Assignments IdentityAzure Access Policy Role Assignment[] - The process of assigning specific roles or permissions to an entity, such as a user or a service principal, within the system.
- cloud_
account_ strlink - Full link to referenced cloud account.
- role_
assignments Sequence[IdentityAzure Access Policy Role Assignment] - The process of assigning specific roles or permissions to an entity, such as a user or a service principal, within the system.
- cloud
Account StringLink - Full link to referenced cloud account.
- role
Assignments List<Property Map> - The process of assigning specific roles or permissions to an entity, such as a user or a service principal, within the system.
IdentityAzureAccessPolicyRoleAssignment, IdentityAzureAccessPolicyRoleAssignmentArgs
IdentityGcpAccessPolicy, IdentityGcpAccessPolicyArgs
- Cloud
Account stringLink - Full link to referenced cloud account.
- Bindings
List<Pulumiverse.
Cpln. Inputs. Identity Gcp Access Policy Binding> - The association or connection between a particular identity, such as a user or a group, and a set of permissions or roles within the system.
- Scopes List<string>
- Comma delimited list of GCP scope URLs.
- Service
Account string - Name of existing GCP service account.
- Cloud
Account stringLink - Full link to referenced cloud account.
- Bindings
[]Identity
Gcp Access Policy Binding - The association or connection between a particular identity, such as a user or a group, and a set of permissions or roles within the system.
- Scopes []string
- Comma delimited list of GCP scope URLs.
- Service
Account string - Name of existing GCP service account.
- cloud
Account StringLink - Full link to referenced cloud account.
- bindings
List<Identity
Gcp Access Policy Binding> - The association or connection between a particular identity, such as a user or a group, and a set of permissions or roles within the system.
- scopes List<String>
- Comma delimited list of GCP scope URLs.
- service
Account String - Name of existing GCP service account.
- cloud
Account stringLink - Full link to referenced cloud account.
- bindings
Identity
Gcp Access Policy Binding[] - The association or connection between a particular identity, such as a user or a group, and a set of permissions or roles within the system.
- scopes string[]
- Comma delimited list of GCP scope URLs.
- service
Account string - Name of existing GCP service account.
- cloud_
account_ strlink - Full link to referenced cloud account.
- bindings
Sequence[Identity
Gcp Access Policy Binding] - The association or connection between a particular identity, such as a user or a group, and a set of permissions or roles within the system.
- scopes Sequence[str]
- Comma delimited list of GCP scope URLs.
- service_
account str - Name of existing GCP service account.
- cloud
Account StringLink - Full link to referenced cloud account.
- bindings List<Property Map>
- The association or connection between a particular identity, such as a user or a group, and a set of permissions or roles within the system.
- scopes List<String>
- Comma delimited list of GCP scope URLs.
- service
Account String - Name of existing GCP service account.
IdentityGcpAccessPolicyBinding, IdentityGcpAccessPolicyBindingArgs
IdentityNativeNetworkResource, IdentityNativeNetworkResourceArgs
- Fqdn string
- Fully qualified domain name.
- Name string
- Name of the Native Network Resource.
- Ports List<int>
- Ports to expose. At least one port is required.
- Aws
Private Pulumiverse.Link Cpln. Inputs. Identity Native Network Resource Aws Private Link - A feature provided by AWS that enables private connectivity between private VPCs and compute running at Control Plane without traversing the public internet.
- Gcp
Service Pulumiverse.Connect Cpln. Inputs. Identity Native Network Resource Gcp Service Connect - Capability provided by GCP that allows private communication between private VPC networks and compute running at Control Plane.
- Fqdn string
- Fully qualified domain name.
- Name string
- Name of the Native Network Resource.
- Ports []int
- Ports to expose. At least one port is required.
- Aws
Private IdentityLink Native Network Resource Aws Private Link - A feature provided by AWS that enables private connectivity between private VPCs and compute running at Control Plane without traversing the public internet.
- Gcp
Service IdentityConnect Native Network Resource Gcp Service Connect - Capability provided by GCP that allows private communication between private VPC networks and compute running at Control Plane.
- fqdn String
- Fully qualified domain name.
- name String
- Name of the Native Network Resource.
- ports List<Integer>
- Ports to expose. At least one port is required.
- aws
Private IdentityLink Native Network Resource Aws Private Link - A feature provided by AWS that enables private connectivity between private VPCs and compute running at Control Plane without traversing the public internet.
- gcp
Service IdentityConnect Native Network Resource Gcp Service Connect - Capability provided by GCP that allows private communication between private VPC networks and compute running at Control Plane.
- fqdn string
- Fully qualified domain name.
- name string
- Name of the Native Network Resource.
- ports number[]
- Ports to expose. At least one port is required.
- aws
Private IdentityLink Native Network Resource Aws Private Link - A feature provided by AWS that enables private connectivity between private VPCs and compute running at Control Plane without traversing the public internet.
- gcp
Service IdentityConnect Native Network Resource Gcp Service Connect - Capability provided by GCP that allows private communication between private VPC networks and compute running at Control Plane.
- fqdn str
- Fully qualified domain name.
- name str
- Name of the Native Network Resource.
- ports Sequence[int]
- Ports to expose. At least one port is required.
- aws_
private_ Identitylink Native Network Resource Aws Private Link - A feature provided by AWS that enables private connectivity between private VPCs and compute running at Control Plane without traversing the public internet.
- gcp_
service_ Identityconnect Native Network Resource Gcp Service Connect - Capability provided by GCP that allows private communication between private VPC networks and compute running at Control Plane.
- fqdn String
- Fully qualified domain name.
- name String
- Name of the Native Network Resource.
- ports List<Number>
- Ports to expose. At least one port is required.
- aws
Private Property MapLink - A feature provided by AWS that enables private connectivity between private VPCs and compute running at Control Plane without traversing the public internet.
- gcp
Service Property MapConnect - Capability provided by GCP that allows private communication between private VPC networks and compute running at Control Plane.
IdentityNativeNetworkResourceAwsPrivateLink, IdentityNativeNetworkResourceAwsPrivateLinkArgs
- Endpoint
Service stringName - Endpoint service name.
- Endpoint
Service stringName - Endpoint service name.
- endpoint
Service StringName - Endpoint service name.
- endpoint
Service stringName - Endpoint service name.
- endpoint_
service_ strname - Endpoint service name.
- endpoint
Service StringName - Endpoint service name.
IdentityNativeNetworkResourceGcpServiceConnect, IdentityNativeNetworkResourceGcpServiceConnectArgs
- Target
Service string - Target service name.
- Target
Service string - Target service name.
- target
Service String - Target service name.
- target
Service string - Target service name.
- target_
service str - Target service name.
- target
Service String - Target service name.
IdentityNetworkResource, IdentityNetworkResourceArgs
- name str
- Name of the Network Resource.
- ports Sequence[int]
- Ports to expose.
- agent_
link str - Full link to referenced Agent.
- fqdn str
- Fully qualified domain name.
- ips Sequence[str]
- List of IP addresses.
- resolver_
ip str - Resolver IP.
IdentityNgsAccessPolicy, IdentityNgsAccessPolicyArgs
- Cloud
Account stringLink - Full link to referenced cloud account.
- Data int
- Max number of bytes a connection can send. Default: -1
- Payload int
- Max message payload. Default: -1
- Pub
Pulumiverse.
Cpln. Inputs. Identity Ngs Access Policy Pub - Pub Permission.
- Resp
Pulumiverse.
Cpln. Inputs. Identity Ngs Access Policy Resp - Reponses.
- Sub
Pulumiverse.
Cpln. Inputs. Identity Ngs Access Policy Sub - Sub Permission.
- Subs int
- Max number of subscriptions per connection. Default: -1
- Cloud
Account stringLink - Full link to referenced cloud account.
- Data int
- Max number of bytes a connection can send. Default: -1
- Payload int
- Max message payload. Default: -1
- Pub
Identity
Ngs Access Policy Pub - Pub Permission.
- Resp
Identity
Ngs Access Policy Resp - Reponses.
- Sub
Identity
Ngs Access Policy Sub - Sub Permission.
- Subs int
- Max number of subscriptions per connection. Default: -1
- cloud
Account StringLink - Full link to referenced cloud account.
- data Integer
- Max number of bytes a connection can send. Default: -1
- payload Integer
- Max message payload. Default: -1
- pub
Identity
Ngs Access Policy Pub - Pub Permission.
- resp
Identity
Ngs Access Policy Resp - Reponses.
- sub
Identity
Ngs Access Policy Sub - Sub Permission.
- subs Integer
- Max number of subscriptions per connection. Default: -1
- cloud
Account stringLink - Full link to referenced cloud account.
- data number
- Max number of bytes a connection can send. Default: -1
- payload number
- Max message payload. Default: -1
- pub
Identity
Ngs Access Policy Pub - Pub Permission.
- resp
Identity
Ngs Access Policy Resp - Reponses.
- sub
Identity
Ngs Access Policy Sub - Sub Permission.
- subs number
- Max number of subscriptions per connection. Default: -1
- cloud_
account_ strlink - Full link to referenced cloud account.
- data int
- Max number of bytes a connection can send. Default: -1
- payload int
- Max message payload. Default: -1
- pub
Identity
Ngs Access Policy Pub - Pub Permission.
- resp
Identity
Ngs Access Policy Resp - Reponses.
- sub
Identity
Ngs Access Policy Sub - Sub Permission.
- subs int
- Max number of subscriptions per connection. Default: -1
- cloud
Account StringLink - Full link to referenced cloud account.
- data Number
- Max number of bytes a connection can send. Default: -1
- payload Number
- Max message payload. Default: -1
- pub Property Map
- Pub Permission.
- resp Property Map
- Reponses.
- sub Property Map
- Sub Permission.
- subs Number
- Max number of subscriptions per connection. Default: -1
IdentityNgsAccessPolicyPub, IdentityNgsAccessPolicyPubArgs
IdentityNgsAccessPolicyResp, IdentityNgsAccessPolicyRespArgs
IdentityNgsAccessPolicySub, IdentityNgsAccessPolicySubArgs
Package Details
- Repository
- cpln pulumiverse/pulumi-cpln
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cplnTerraform Provider.