Represents a SCIM Token for a Workforce Pool Provider Scim Tenant. The SCIM Token is used for authenticating SCIM provisioning requests during the synchronization of user/group identities from external identity provider into Google Cloud using the System for Cross-domain Identity Management (SCIM) protocol. This needs to be provided in the Secret (Long Lived) Token field when configuring SCIM on an IdP.
To get more information about WorkforcePoolProviderScimToken, see:
Example Usage
Iam Workforce Pool Provider Scim Token Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const pool = new gcp.iam.WorkforcePool("pool", {
workforcePoolId: "example-pool",
parent: "organizations/123456789",
location: "global",
});
const provider = new gcp.iam.WorkforcePoolProvider("provider", {
location: "global",
workforcePoolId: pool.workforcePoolId,
providerId: "example-prvdr",
attributeMapping: {
"google.subject": "assertion.sub",
},
oidc: {
issuerUri: "https://accounts.thirdparty.com",
clientId: "client-id",
clientSecret: {
value: {
plainText: "client-secret",
},
},
webSsoConfig: {
responseType: "CODE",
assertionClaimsBehavior: "MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS",
additionalScopes: [
"groups",
"roles",
],
},
},
displayName: "Display name",
description: "A sample OIDC workforce pool provider.",
disabled: false,
attributeCondition: "true",
});
const tenant = new gcp.iam.WorkforcePoolProviderScimTenant("tenant", {
location: "global",
workforcePoolId: pool.workforcePoolId,
providerId: provider.providerId,
scimTenantId: "example-tenant",
displayName: "SCIM Tenant display Name",
description: "A SCIM Tenant for IAM Workforce Pool Provider",
claimMapping: {
"google.subject": "user.externalId",
"google.group": "group.externalId",
},
});
const example = new gcp.iam.WorkforcePoolProviderScimToken("example", {
location: "global",
workforcePoolId: pool.workforcePoolId,
providerId: provider.providerId,
scimTenantId: tenant.scimTenantId,
scimTokenId: "example-scim-token",
displayName: "SCIM Token display Name",
});
import pulumi
import pulumi_gcp as gcp
pool = gcp.iam.WorkforcePool("pool",
workforce_pool_id="example-pool",
parent="organizations/123456789",
location="global")
provider = gcp.iam.WorkforcePoolProvider("provider",
location="global",
workforce_pool_id=pool.workforce_pool_id,
provider_id="example-prvdr",
attribute_mapping={
"google.subject": "assertion.sub",
},
oidc={
"issuer_uri": "https://accounts.thirdparty.com",
"client_id": "client-id",
"client_secret": {
"value": {
"plain_text": "client-secret",
},
},
"web_sso_config": {
"response_type": "CODE",
"assertion_claims_behavior": "MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS",
"additional_scopes": [
"groups",
"roles",
],
},
},
display_name="Display name",
description="A sample OIDC workforce pool provider.",
disabled=False,
attribute_condition="true")
tenant = gcp.iam.WorkforcePoolProviderScimTenant("tenant",
location="global",
workforce_pool_id=pool.workforce_pool_id,
provider_id=provider.provider_id,
scim_tenant_id="example-tenant",
display_name="SCIM Tenant display Name",
description="A SCIM Tenant for IAM Workforce Pool Provider",
claim_mapping={
"google.subject": "user.externalId",
"google.group": "group.externalId",
})
example = gcp.iam.WorkforcePoolProviderScimToken("example",
location="global",
workforce_pool_id=pool.workforce_pool_id,
provider_id=provider.provider_id,
scim_tenant_id=tenant.scim_tenant_id,
scim_token_id="example-scim-token",
display_name="SCIM Token display Name")
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
pool, err := iam.NewWorkforcePool(ctx, "pool", &iam.WorkforcePoolArgs{
WorkforcePoolId: pulumi.String("example-pool"),
Parent: pulumi.String("organizations/123456789"),
Location: pulumi.String("global"),
})
if err != nil {
return err
}
provider, err := iam.NewWorkforcePoolProvider(ctx, "provider", &iam.WorkforcePoolProviderArgs{
Location: pulumi.String("global"),
WorkforcePoolId: pool.WorkforcePoolId,
ProviderId: pulumi.String("example-prvdr"),
AttributeMapping: pulumi.StringMap{
"google.subject": pulumi.String("assertion.sub"),
},
Oidc: &iam.WorkforcePoolProviderOidcArgs{
IssuerUri: pulumi.String("https://accounts.thirdparty.com"),
ClientId: pulumi.String("client-id"),
ClientSecret: &iam.WorkforcePoolProviderOidcClientSecretArgs{
Value: &iam.WorkforcePoolProviderOidcClientSecretValueArgs{
PlainText: pulumi.String("client-secret"),
},
},
WebSsoConfig: &iam.WorkforcePoolProviderOidcWebSsoConfigArgs{
ResponseType: pulumi.String("CODE"),
AssertionClaimsBehavior: pulumi.String("MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS"),
AdditionalScopes: pulumi.StringArray{
pulumi.String("groups"),
pulumi.String("roles"),
},
},
},
DisplayName: pulumi.String("Display name"),
Description: pulumi.String("A sample OIDC workforce pool provider."),
Disabled: pulumi.Bool(false),
AttributeCondition: pulumi.String("true"),
})
if err != nil {
return err
}
tenant, err := iam.NewWorkforcePoolProviderScimTenant(ctx, "tenant", &iam.WorkforcePoolProviderScimTenantArgs{
Location: pulumi.String("global"),
WorkforcePoolId: pool.WorkforcePoolId,
ProviderId: provider.ProviderId,
ScimTenantId: pulumi.String("example-tenant"),
DisplayName: pulumi.String("SCIM Tenant display Name"),
Description: pulumi.String("A SCIM Tenant for IAM Workforce Pool Provider"),
ClaimMapping: pulumi.StringMap{
"google.subject": pulumi.String("user.externalId"),
"google.group": pulumi.String("group.externalId"),
},
})
if err != nil {
return err
}
_, err = iam.NewWorkforcePoolProviderScimToken(ctx, "example", &iam.WorkforcePoolProviderScimTokenArgs{
Location: pulumi.String("global"),
WorkforcePoolId: pool.WorkforcePoolId,
ProviderId: provider.ProviderId,
ScimTenantId: tenant.ScimTenantId,
ScimTokenId: pulumi.String("example-scim-token"),
DisplayName: pulumi.String("SCIM Token display Name"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var pool = new Gcp.Iam.WorkforcePool("pool", new()
{
WorkforcePoolId = "example-pool",
Parent = "organizations/123456789",
Location = "global",
});
var provider = new Gcp.Iam.WorkforcePoolProvider("provider", new()
{
Location = "global",
WorkforcePoolId = pool.WorkforcePoolId,
ProviderId = "example-prvdr",
AttributeMapping =
{
{ "google.subject", "assertion.sub" },
},
Oidc = new Gcp.Iam.Inputs.WorkforcePoolProviderOidcArgs
{
IssuerUri = "https://accounts.thirdparty.com",
ClientId = "client-id",
ClientSecret = new Gcp.Iam.Inputs.WorkforcePoolProviderOidcClientSecretArgs
{
Value = new Gcp.Iam.Inputs.WorkforcePoolProviderOidcClientSecretValueArgs
{
PlainText = "client-secret",
},
},
WebSsoConfig = new Gcp.Iam.Inputs.WorkforcePoolProviderOidcWebSsoConfigArgs
{
ResponseType = "CODE",
AssertionClaimsBehavior = "MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS",
AdditionalScopes = new[]
{
"groups",
"roles",
},
},
},
DisplayName = "Display name",
Description = "A sample OIDC workforce pool provider.",
Disabled = false,
AttributeCondition = "true",
});
var tenant = new Gcp.Iam.WorkforcePoolProviderScimTenant("tenant", new()
{
Location = "global",
WorkforcePoolId = pool.WorkforcePoolId,
ProviderId = provider.ProviderId,
ScimTenantId = "example-tenant",
DisplayName = "SCIM Tenant display Name",
Description = "A SCIM Tenant for IAM Workforce Pool Provider",
ClaimMapping =
{
{ "google.subject", "user.externalId" },
{ "google.group", "group.externalId" },
},
});
var example = new Gcp.Iam.WorkforcePoolProviderScimToken("example", new()
{
Location = "global",
WorkforcePoolId = pool.WorkforcePoolId,
ProviderId = provider.ProviderId,
ScimTenantId = tenant.ScimTenantId,
ScimTokenId = "example-scim-token",
DisplayName = "SCIM Token display Name",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.iam.WorkforcePool;
import com.pulumi.gcp.iam.WorkforcePoolArgs;
import com.pulumi.gcp.iam.WorkforcePoolProvider;
import com.pulumi.gcp.iam.WorkforcePoolProviderArgs;
import com.pulumi.gcp.iam.inputs.WorkforcePoolProviderOidcArgs;
import com.pulumi.gcp.iam.inputs.WorkforcePoolProviderOidcClientSecretArgs;
import com.pulumi.gcp.iam.inputs.WorkforcePoolProviderOidcClientSecretValueArgs;
import com.pulumi.gcp.iam.inputs.WorkforcePoolProviderOidcWebSsoConfigArgs;
import com.pulumi.gcp.iam.WorkforcePoolProviderScimTenant;
import com.pulumi.gcp.iam.WorkforcePoolProviderScimTenantArgs;
import com.pulumi.gcp.iam.WorkforcePoolProviderScimToken;
import com.pulumi.gcp.iam.WorkforcePoolProviderScimTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pool = new WorkforcePool("pool", WorkforcePoolArgs.builder()
.workforcePoolId("example-pool")
.parent("organizations/123456789")
.location("global")
.build());
var provider = new WorkforcePoolProvider("provider", WorkforcePoolProviderArgs.builder()
.location("global")
.workforcePoolId(pool.workforcePoolId())
.providerId("example-prvdr")
.attributeMapping(Map.of("google.subject", "assertion.sub"))
.oidc(WorkforcePoolProviderOidcArgs.builder()
.issuerUri("https://accounts.thirdparty.com")
.clientId("client-id")
.clientSecret(WorkforcePoolProviderOidcClientSecretArgs.builder()
.value(WorkforcePoolProviderOidcClientSecretValueArgs.builder()
.plainText("client-secret")
.build())
.build())
.webSsoConfig(WorkforcePoolProviderOidcWebSsoConfigArgs.builder()
.responseType("CODE")
.assertionClaimsBehavior("MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS")
.additionalScopes(
"groups",
"roles")
.build())
.build())
.displayName("Display name")
.description("A sample OIDC workforce pool provider.")
.disabled(false)
.attributeCondition("true")
.build());
var tenant = new WorkforcePoolProviderScimTenant("tenant", WorkforcePoolProviderScimTenantArgs.builder()
.location("global")
.workforcePoolId(pool.workforcePoolId())
.providerId(provider.providerId())
.scimTenantId("example-tenant")
.displayName("SCIM Tenant display Name")
.description("A SCIM Tenant for IAM Workforce Pool Provider")
.claimMapping(Map.ofEntries(
Map.entry("google.subject", "user.externalId"),
Map.entry("google.group", "group.externalId")
))
.build());
var example = new WorkforcePoolProviderScimToken("example", WorkforcePoolProviderScimTokenArgs.builder()
.location("global")
.workforcePoolId(pool.workforcePoolId())
.providerId(provider.providerId())
.scimTenantId(tenant.scimTenantId())
.scimTokenId("example-scim-token")
.displayName("SCIM Token display Name")
.build());
}
}
resources:
pool:
type: gcp:iam:WorkforcePool
properties:
workforcePoolId: example-pool
parent: organizations/123456789
location: global
provider:
type: gcp:iam:WorkforcePoolProvider
properties:
location: global
workforcePoolId: ${pool.workforcePoolId}
providerId: example-prvdr
attributeMapping:
google.subject: assertion.sub
oidc:
issuerUri: https://accounts.thirdparty.com
clientId: client-id
clientSecret:
value:
plainText: client-secret
webSsoConfig:
responseType: CODE
assertionClaimsBehavior: MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS
additionalScopes:
- groups
- roles
displayName: Display name
description: A sample OIDC workforce pool provider.
disabled: false
attributeCondition: 'true'
tenant:
type: gcp:iam:WorkforcePoolProviderScimTenant
properties:
location: global
workforcePoolId: ${pool.workforcePoolId}
providerId: ${provider.providerId}
scimTenantId: example-tenant
displayName: SCIM Tenant display Name
description: A SCIM Tenant for IAM Workforce Pool Provider
claimMapping:
google.subject: user.externalId
google.group: group.externalId
example:
type: gcp:iam:WorkforcePoolProviderScimToken
properties:
location: global
workforcePoolId: ${pool.workforcePoolId}
providerId: ${provider.providerId}
scimTenantId: ${tenant.scimTenantId}
scimTokenId: example-scim-token
displayName: SCIM Token display Name
Create WorkforcePoolProviderScimToken Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new WorkforcePoolProviderScimToken(name: string, args: WorkforcePoolProviderScimTokenArgs, opts?: CustomResourceOptions);@overload
def WorkforcePoolProviderScimToken(resource_name: str,
args: WorkforcePoolProviderScimTokenArgs,
opts: Optional[ResourceOptions] = None)
@overload
def WorkforcePoolProviderScimToken(resource_name: str,
opts: Optional[ResourceOptions] = None,
location: Optional[str] = None,
provider_id: Optional[str] = None,
scim_tenant_id: Optional[str] = None,
scim_token_id: Optional[str] = None,
workforce_pool_id: Optional[str] = None,
display_name: Optional[str] = None)func NewWorkforcePoolProviderScimToken(ctx *Context, name string, args WorkforcePoolProviderScimTokenArgs, opts ...ResourceOption) (*WorkforcePoolProviderScimToken, error)public WorkforcePoolProviderScimToken(string name, WorkforcePoolProviderScimTokenArgs args, CustomResourceOptions? opts = null)
public WorkforcePoolProviderScimToken(String name, WorkforcePoolProviderScimTokenArgs args)
public WorkforcePoolProviderScimToken(String name, WorkforcePoolProviderScimTokenArgs args, CustomResourceOptions options)
type: gcp:iam:WorkforcePoolProviderScimToken
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args WorkforcePoolProviderScimTokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args WorkforcePoolProviderScimTokenArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args WorkforcePoolProviderScimTokenArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WorkforcePoolProviderScimTokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args WorkforcePoolProviderScimTokenArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var workforcePoolProviderScimTokenResource = new Gcp.Iam.WorkforcePoolProviderScimToken("workforcePoolProviderScimTokenResource", new()
{
Location = "string",
ProviderId = "string",
ScimTenantId = "string",
ScimTokenId = "string",
WorkforcePoolId = "string",
DisplayName = "string",
});
example, err := iam.NewWorkforcePoolProviderScimToken(ctx, "workforcePoolProviderScimTokenResource", &iam.WorkforcePoolProviderScimTokenArgs{
Location: pulumi.String("string"),
ProviderId: pulumi.String("string"),
ScimTenantId: pulumi.String("string"),
ScimTokenId: pulumi.String("string"),
WorkforcePoolId: pulumi.String("string"),
DisplayName: pulumi.String("string"),
})
var workforcePoolProviderScimTokenResource = new WorkforcePoolProviderScimToken("workforcePoolProviderScimTokenResource", WorkforcePoolProviderScimTokenArgs.builder()
.location("string")
.providerId("string")
.scimTenantId("string")
.scimTokenId("string")
.workforcePoolId("string")
.displayName("string")
.build());
workforce_pool_provider_scim_token_resource = gcp.iam.WorkforcePoolProviderScimToken("workforcePoolProviderScimTokenResource",
location="string",
provider_id="string",
scim_tenant_id="string",
scim_token_id="string",
workforce_pool_id="string",
display_name="string")
const workforcePoolProviderScimTokenResource = new gcp.iam.WorkforcePoolProviderScimToken("workforcePoolProviderScimTokenResource", {
location: "string",
providerId: "string",
scimTenantId: "string",
scimTokenId: "string",
workforcePoolId: "string",
displayName: "string",
});
type: gcp:iam:WorkforcePoolProviderScimToken
properties:
displayName: string
location: string
providerId: string
scimTenantId: string
scimTokenId: string
workforcePoolId: string
WorkforcePoolProviderScimToken Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The WorkforcePoolProviderScimToken resource accepts the following input properties:
- Location string
- The location for the resource.
- Provider
Id string - The ID of the Provider.
- Scim
Tenant stringId - The ID of the SCIM Tenant.
- Scim
Token stringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - Workforce
Pool stringId - The ID of the Workforce Pool.
- Display
Name string - A user-specified display name for the scim token. Cannot exceed 32 characters.
- Location string
- The location for the resource.
- Provider
Id string - The ID of the Provider.
- Scim
Tenant stringId - The ID of the SCIM Tenant.
- Scim
Token stringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - Workforce
Pool stringId - The ID of the Workforce Pool.
- Display
Name string - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location String
- The location for the resource.
- provider
Id String - The ID of the Provider.
- scim
Tenant StringId - The ID of the SCIM Tenant.
- scim
Token StringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - workforce
Pool StringId - The ID of the Workforce Pool.
- display
Name String - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location string
- The location for the resource.
- provider
Id string - The ID of the Provider.
- scim
Tenant stringId - The ID of the SCIM Tenant.
- scim
Token stringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - workforce
Pool stringId - The ID of the Workforce Pool.
- display
Name string - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location str
- The location for the resource.
- provider_
id str - The ID of the Provider.
- scim_
tenant_ strid - The ID of the SCIM Tenant.
- scim_
token_ strid - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - workforce_
pool_ strid - The ID of the Workforce Pool.
- display_
name str - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location String
- The location for the resource.
- provider
Id String - The ID of the Provider.
- scim
Tenant StringId - The ID of the SCIM Tenant.
- scim
Token StringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - workforce
Pool StringId - The ID of the Workforce Pool.
- display
Name String - A user-specified display name for the scim token. Cannot exceed 32 characters.
Outputs
All input properties are implicitly available as output properties. Additionally, the WorkforcePoolProviderScimToken resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - Security
Token string - The token string provided to the IdP for authentication and will be set only during creation.
- State string
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - Security
Token string - The token string provided to the IdP for authentication and will be set only during creation.
- State string
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - security
Token String - The token string provided to the IdP for authentication and will be set only during creation.
- state String
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - security
Token string - The token string provided to the IdP for authentication and will be set only during creation.
- state string
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - security_
token str - The token string provided to the IdP for authentication and will be set only during creation.
- state str
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - security
Token String - The token string provided to the IdP for authentication and will be set only during creation.
- state String
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
Look up Existing WorkforcePoolProviderScimToken Resource
Get an existing WorkforcePoolProviderScimToken resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WorkforcePoolProviderScimTokenState, opts?: CustomResourceOptions): WorkforcePoolProviderScimToken@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
display_name: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
provider_id: Optional[str] = None,
scim_tenant_id: Optional[str] = None,
scim_token_id: Optional[str] = None,
security_token: Optional[str] = None,
state: Optional[str] = None,
workforce_pool_id: Optional[str] = None) -> WorkforcePoolProviderScimTokenfunc GetWorkforcePoolProviderScimToken(ctx *Context, name string, id IDInput, state *WorkforcePoolProviderScimTokenState, opts ...ResourceOption) (*WorkforcePoolProviderScimToken, error)public static WorkforcePoolProviderScimToken Get(string name, Input<string> id, WorkforcePoolProviderScimTokenState? state, CustomResourceOptions? opts = null)public static WorkforcePoolProviderScimToken get(String name, Output<String> id, WorkforcePoolProviderScimTokenState state, CustomResourceOptions options)resources: _: type: gcp:iam:WorkforcePoolProviderScimToken get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Display
Name string - A user-specified display name for the scim token. Cannot exceed 32 characters.
- Location string
- The location for the resource.
- Name string
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - Provider
Id string - The ID of the Provider.
- Scim
Tenant stringId - The ID of the SCIM Tenant.
- Scim
Token stringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - Security
Token string - The token string provided to the IdP for authentication and will be set only during creation.
- State string
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- Workforce
Pool stringId - The ID of the Workforce Pool.
- Display
Name string - A user-specified display name for the scim token. Cannot exceed 32 characters.
- Location string
- The location for the resource.
- Name string
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - Provider
Id string - The ID of the Provider.
- Scim
Tenant stringId - The ID of the SCIM Tenant.
- Scim
Token stringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - Security
Token string - The token string provided to the IdP for authentication and will be set only during creation.
- State string
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- Workforce
Pool stringId - The ID of the Workforce Pool.
- display
Name String - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location String
- The location for the resource.
- name String
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - provider
Id String - The ID of the Provider.
- scim
Tenant StringId - The ID of the SCIM Tenant.
- scim
Token StringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - security
Token String - The token string provided to the IdP for authentication and will be set only during creation.
- state String
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- workforce
Pool StringId - The ID of the Workforce Pool.
- display
Name string - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location string
- The location for the resource.
- name string
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - provider
Id string - The ID of the Provider.
- scim
Tenant stringId - The ID of the SCIM Tenant.
- scim
Token stringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - security
Token string - The token string provided to the IdP for authentication and will be set only during creation.
- state string
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- workforce
Pool stringId - The ID of the Workforce Pool.
- display_
name str - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location str
- The location for the resource.
- name str
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - provider_
id str - The ID of the Provider.
- scim_
tenant_ strid - The ID of the SCIM Tenant.
- scim_
token_ strid - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - security_
token str - The token string provided to the IdP for authentication and will be set only during creation.
- state str
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- workforce_
pool_ strid - The ID of the Workforce Pool.
- display
Name String - A user-specified display name for the scim token. Cannot exceed 32 characters.
- location String
- The location for the resource.
- name String
- Identifier. The resource name of the scim token.
Format:
locations/{location}/workforcePools/{workforce_pool}/providers/{workforce_pool_provider}/scimTenants/{scim_tenant_id}/tokens/{scim_token_id} - provider
Id String - The ID of the Provider.
- scim
Tenant StringId - The ID of the SCIM Tenant.
- scim
Token StringId - The ID to use for the SCIM Token, which becomes the final component of the resource name. This value should be 4-32 characters and follow the pattern:
(a-z). - security
Token String - The token string provided to the IdP for authentication and will be set only during creation.
- state String
- The current state of the scim token.
- ACTIVE: The token is active and may be used to provision users and groups.
- DELETED: The token is soft-deleted. Soft-deleted tokens are permanently deleted after approximately 30 days.
- workforce
Pool StringId - The ID of the Workforce Pool.
Import
WorkforcePoolProviderScimToken can be imported using any of these accepted formats:
locations/{{location}}/workforcePools/{{workforce_pool_id}}/providers/{{provider_id}}/scimTenants/{{scim_tenant_id}}/tokens/{{scim_token_id}}{{location}}/{{workforce_pool_id}}/{{provider_id}}/{{scim_tenant_id}}/{{scim_token_id}}
When using the pulumi import command, WorkforcePoolProviderScimToken can be imported using one of the formats above. For example:
$ pulumi import gcp:iam/workforcePoolProviderScimToken:WorkforcePoolProviderScimToken default locations/{{location}}/workforcePools/{{workforce_pool_id}}/providers/{{provider_id}}/scimTenants/{{scim_tenant_id}}/tokens/{{scim_token_id}}
$ pulumi import gcp:iam/workforcePoolProviderScimToken:WorkforcePoolProviderScimToken default {{location}}/{{workforce_pool_id}}/{{provider_id}}/{{scim_tenant_id}}/{{scim_token_id}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-betaTerraform Provider.
