Manages a generic connector (upstream identity provider) in Dex. Use this resource for connectors not covered by specific connector types, or when you need full control over the connector configuration.
Create Connector Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Connector(name: string, args: ConnectorArgs, opts?: CustomResourceOptions);@overload
def Connector(resource_name: str,
args: ConnectorArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Connector(resource_name: str,
opts: Optional[ResourceOptions] = None,
connector_id: Optional[str] = None,
name: Optional[str] = None,
type: Optional[str] = None,
oidc_config: Optional[OIDCConfigArgs] = None,
raw_config: Optional[str] = None)func NewConnector(ctx *Context, name string, args ConnectorArgs, opts ...ResourceOption) (*Connector, error)public Connector(string name, ConnectorArgs args, CustomResourceOptions? opts = null)
public Connector(String name, ConnectorArgs args)
public Connector(String name, ConnectorArgs args, CustomResourceOptions options)
type: dex:resources:Connector
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ConnectorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ConnectorArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ConnectorArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConnectorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ConnectorArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var connectorResource = new Dex.Resources.Connector("connectorResource", new()
{
ConnectorId = "string",
Name = "string",
Type = "string",
OidcConfig = new Dex.Resources.Inputs.OIDCConfigArgs
{
ClientId = "string",
ClientSecret = "string",
Issuer = "string",
RedirectUri = "string",
ClaimMapping = new Dex.Resources.Inputs.OIDCClaimMappingArgs
{
EmailKey = "string",
GroupsKey = "string",
},
Extra =
{
{ "string", "any" },
},
InsecureIssuer = false,
InsecureSkipEmailVerified = false,
Scopes = new[]
{
"string",
},
UserNameKey = "string",
},
RawConfig = "string",
});
example, err := resources.NewConnector(ctx, "connectorResource", &resources.ConnectorArgs{
ConnectorId: pulumi.String("string"),
Name: pulumi.String("string"),
Type: pulumi.String("string"),
OidcConfig: &resources.OIDCConfigArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
Issuer: pulumi.String("string"),
RedirectUri: pulumi.String("string"),
ClaimMapping: &resources.OIDCClaimMappingArgs{
EmailKey: pulumi.String("string"),
GroupsKey: pulumi.String("string"),
},
Extra: pulumi.Map{
"string": pulumi.Any("any"),
},
InsecureIssuer: pulumi.Bool(false),
InsecureSkipEmailVerified: pulumi.Bool(false),
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
UserNameKey: pulumi.String("string"),
},
RawConfig: pulumi.String("string"),
})
var connectorResource = new Connector("connectorResource", ConnectorArgs.builder()
.connectorId("string")
.name("string")
.type("string")
.oidcConfig(OIDCConfigArgs.builder()
.clientId("string")
.clientSecret("string")
.issuer("string")
.redirectUri("string")
.claimMapping(OIDCClaimMappingArgs.builder()
.emailKey("string")
.groupsKey("string")
.build())
.extra(Map.of("string", "any"))
.insecureIssuer(false)
.insecureSkipEmailVerified(false)
.scopes("string")
.userNameKey("string")
.build())
.rawConfig("string")
.build());
connector_resource = dex.resources.Connector("connectorResource",
connector_id="string",
name="string",
type="string",
oidc_config={
"client_id": "string",
"client_secret": "string",
"issuer": "string",
"redirect_uri": "string",
"claim_mapping": {
"email_key": "string",
"groups_key": "string",
},
"extra": {
"string": "any",
},
"insecure_issuer": False,
"insecure_skip_email_verified": False,
"scopes": ["string"],
"user_name_key": "string",
},
raw_config="string")
const connectorResource = new dex.resources.Connector("connectorResource", {
connectorId: "string",
name: "string",
type: "string",
oidcConfig: {
clientId: "string",
clientSecret: "string",
issuer: "string",
redirectUri: "string",
claimMapping: {
emailKey: "string",
groupsKey: "string",
},
extra: {
string: "any",
},
insecureIssuer: false,
insecureSkipEmailVerified: false,
scopes: ["string"],
userNameKey: "string",
},
rawConfig: "string",
});
type: dex:resources:Connector
properties:
connectorId: string
name: string
oidcConfig:
claimMapping:
emailKey: string
groupsKey: string
clientId: string
clientSecret: string
extra:
string: any
insecureIssuer: false
insecureSkipEmailVerified: false
issuer: string
redirectUri: string
scopes:
- string
userNameKey: string
rawConfig: string
type: string
Connector Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Connector resource accepts the following input properties:
- Connector
Id string - Unique identifier for the connector.
- Name string
- Human-readable name for the connector, displayed to users during login.
- Type string
- Type of connector (e.g., 'oidc', 'saml', 'ldap'). Must match a connector type supported by Dex.
- Oidc
Config OIDCConfig - OIDC-specific configuration. Use this for OIDC-based connectors.
- Raw
Config string - Raw JSON configuration for the connector. Use this for advanced configurations or connector types not directly supported. If provided, this takes precedence over OIDCConfig.
- Connector
Id string - Unique identifier for the connector.
- Name string
- Human-readable name for the connector, displayed to users during login.
- Type string
- Type of connector (e.g., 'oidc', 'saml', 'ldap'). Must match a connector type supported by Dex.
- Oidc
Config OIDCConfigArgs - OIDC-specific configuration. Use this for OIDC-based connectors.
- Raw
Config string - Raw JSON configuration for the connector. Use this for advanced configurations or connector types not directly supported. If provided, this takes precedence over OIDCConfig.
- connector
Id String - Unique identifier for the connector.
- name String
- Human-readable name for the connector, displayed to users during login.
- type String
- Type of connector (e.g., 'oidc', 'saml', 'ldap'). Must match a connector type supported by Dex.
- oidc
Config OIDCConfig - OIDC-specific configuration. Use this for OIDC-based connectors.
- raw
Config String - Raw JSON configuration for the connector. Use this for advanced configurations or connector types not directly supported. If provided, this takes precedence over OIDCConfig.
- connector
Id string - Unique identifier for the connector.
- name string
- Human-readable name for the connector, displayed to users during login.
- type string
- Type of connector (e.g., 'oidc', 'saml', 'ldap'). Must match a connector type supported by Dex.
- oidc
Config OIDCConfig - OIDC-specific configuration. Use this for OIDC-based connectors.
- raw
Config string - Raw JSON configuration for the connector. Use this for advanced configurations or connector types not directly supported. If provided, this takes precedence over OIDCConfig.
- connector_
id str - Unique identifier for the connector.
- name str
- Human-readable name for the connector, displayed to users during login.
- type str
- Type of connector (e.g., 'oidc', 'saml', 'ldap'). Must match a connector type supported by Dex.
- oidc_
config OIDCConfigArgs - OIDC-specific configuration. Use this for OIDC-based connectors.
- raw_
config str - Raw JSON configuration for the connector. Use this for advanced configurations or connector types not directly supported. If provided, this takes precedence over OIDCConfig.
- connector
Id String - Unique identifier for the connector.
- name String
- Human-readable name for the connector, displayed to users during login.
- type String
- Type of connector (e.g., 'oidc', 'saml', 'ldap'). Must match a connector type supported by Dex.
- oidc
Config Property Map - OIDC-specific configuration. Use this for OIDC-based connectors.
- raw
Config String - Raw JSON configuration for the connector. Use this for advanced configurations or connector types not directly supported. If provided, this takes precedence over OIDCConfig.
Outputs
All input properties are implicitly available as output properties. Additionally, the Connector resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Supporting Types
OIDCClaimMapping, OIDCClaimMappingArgs
- email_
key str - The OIDC claim key that contains the user's email address.
- groups_
key str - The OIDC claim key that contains the user's group memberships.
OIDCConfig, OIDCConfigArgs
- Client
Id string - The OIDC client ID.
- Client
Secret string - The OIDC client secret.
- Issuer string
- The OIDC issuer URL (e.g., 'https://accounts.google.com').
- Redirect
Uri string - The redirect URI registered with the OIDC provider. Must match Dex's callback URL.
- Claim
Mapping OIDCClaimMapping - Mapping of OIDC claims to Dex user attributes.
- Extra Dictionary<string, object>
- Additional OIDC configuration fields as key-value pairs.
- Insecure
Issuer bool - If true, skip verification of the issuer URL. Not recommended for production.
- Insecure
Skip boolEmail Verified - If true, skip verification of the 'email_verified' claim. Not recommended for production.
- Scopes List<string>
- List of OIDC scopes to request (e.g., 'openid', 'profile', 'email'). Defaults to ['openid', 'profile', 'email'] if not specified.
- User
Name stringKey - The claim key to use as the username (e.g., 'preferred_username', 'email', 'sub').
- Client
Id string - The OIDC client ID.
- Client
Secret string - The OIDC client secret.
- Issuer string
- The OIDC issuer URL (e.g., 'https://accounts.google.com').
- Redirect
Uri string - The redirect URI registered with the OIDC provider. Must match Dex's callback URL.
- Claim
Mapping OIDCClaimMapping - Mapping of OIDC claims to Dex user attributes.
- Extra map[string]interface{}
- Additional OIDC configuration fields as key-value pairs.
- Insecure
Issuer bool - If true, skip verification of the issuer URL. Not recommended for production.
- Insecure
Skip boolEmail Verified - If true, skip verification of the 'email_verified' claim. Not recommended for production.
- Scopes []string
- List of OIDC scopes to request (e.g., 'openid', 'profile', 'email'). Defaults to ['openid', 'profile', 'email'] if not specified.
- User
Name stringKey - The claim key to use as the username (e.g., 'preferred_username', 'email', 'sub').
- client
Id String - The OIDC client ID.
- client
Secret String - The OIDC client secret.
- issuer String
- The OIDC issuer URL (e.g., 'https://accounts.google.com').
- redirect
Uri String - The redirect URI registered with the OIDC provider. Must match Dex's callback URL.
- claim
Mapping OIDCClaimMapping - Mapping of OIDC claims to Dex user attributes.
- extra Map<String,Object>
- Additional OIDC configuration fields as key-value pairs.
- insecure
Issuer Boolean - If true, skip verification of the issuer URL. Not recommended for production.
- insecure
Skip BooleanEmail Verified - If true, skip verification of the 'email_verified' claim. Not recommended for production.
- scopes List<String>
- List of OIDC scopes to request (e.g., 'openid', 'profile', 'email'). Defaults to ['openid', 'profile', 'email'] if not specified.
- user
Name StringKey - The claim key to use as the username (e.g., 'preferred_username', 'email', 'sub').
- client
Id string - The OIDC client ID.
- client
Secret string - The OIDC client secret.
- issuer string
- The OIDC issuer URL (e.g., 'https://accounts.google.com').
- redirect
Uri string - The redirect URI registered with the OIDC provider. Must match Dex's callback URL.
- claim
Mapping OIDCClaimMapping - Mapping of OIDC claims to Dex user attributes.
- extra {[key: string]: any}
- Additional OIDC configuration fields as key-value pairs.
- insecure
Issuer boolean - If true, skip verification of the issuer URL. Not recommended for production.
- insecure
Skip booleanEmail Verified - If true, skip verification of the 'email_verified' claim. Not recommended for production.
- scopes string[]
- List of OIDC scopes to request (e.g., 'openid', 'profile', 'email'). Defaults to ['openid', 'profile', 'email'] if not specified.
- user
Name stringKey - The claim key to use as the username (e.g., 'preferred_username', 'email', 'sub').
- client_
id str - The OIDC client ID.
- client_
secret str - The OIDC client secret.
- issuer str
- The OIDC issuer URL (e.g., 'https://accounts.google.com').
- redirect_
uri str - The redirect URI registered with the OIDC provider. Must match Dex's callback URL.
- claim_
mapping OIDCClaimMapping - Mapping of OIDC claims to Dex user attributes.
- extra Mapping[str, Any]
- Additional OIDC configuration fields as key-value pairs.
- insecure_
issuer bool - If true, skip verification of the issuer URL. Not recommended for production.
- insecure_
skip_ boolemail_ verified - If true, skip verification of the 'email_verified' claim. Not recommended for production.
- scopes Sequence[str]
- List of OIDC scopes to request (e.g., 'openid', 'profile', 'email'). Defaults to ['openid', 'profile', 'email'] if not specified.
- user_
name_ strkey - The claim key to use as the username (e.g., 'preferred_username', 'email', 'sub').
- client
Id String - The OIDC client ID.
- client
Secret String - The OIDC client secret.
- issuer String
- The OIDC issuer URL (e.g., 'https://accounts.google.com').
- redirect
Uri String - The redirect URI registered with the OIDC provider. Must match Dex's callback URL.
- claim
Mapping Property Map - Mapping of OIDC claims to Dex user attributes.
- extra Map<Any>
- Additional OIDC configuration fields as key-value pairs.
- insecure
Issuer Boolean - If true, skip verification of the issuer URL. Not recommended for production.
- insecure
Skip BooleanEmail Verified - If true, skip verification of the 'email_verified' claim. Not recommended for production.
- scopes List<String>
- List of OIDC scopes to request (e.g., 'openid', 'profile', 'email'). Defaults to ['openid', 'profile', 'email'] if not specified.
- user
Name StringKey - The claim key to use as the username (e.g., 'preferred_username', 'email', 'sub').
Package Details
- Repository
- dex kotaicode/pulumi-dex
- License
