panos 2.0.7 published on Thursday, Nov 27, 2025 by paloaltonetworks
panos 2.0.7 published on Thursday, Nov 27, 2025 by paloaltonetworks
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as panos from "@pulumi/panos";
const example = new panos.Template("example", {
location: {
panorama: {},
},
name: "example-tmpl",
});
const exampleLdapProfile = new panos.LdapProfile("example", {
location: {
template: {
name: example.name,
},
},
name: "example-ldap-profile",
});
// Authentication Profile with LDAP method
const exampleAuthenticationProfile = new panos.AuthenticationProfile("example", {
location: {
template: {
name: example.name,
},
},
name: "example-auth-profile",
allowLists: ["all"],
lockout: {
failedAttempts: 5,
lockoutTime: 30,
},
method: {
ldap: {
loginAttribute: "sAMAccountName",
passwdExpDays: 14,
serverProfile: exampleLdapProfile.name,
},
},
});
import pulumi
import pulumi_panos as panos
example = panos.Template("example",
location={
"panorama": {},
},
name="example-tmpl")
example_ldap_profile = panos.LdapProfile("example",
location={
"template": {
"name": example.name,
},
},
name="example-ldap-profile")
# Authentication Profile with LDAP method
example_authentication_profile = panos.AuthenticationProfile("example",
location={
"template": {
"name": example.name,
},
},
name="example-auth-profile",
allow_lists=["all"],
lockout={
"failed_attempts": 5,
"lockout_time": 30,
},
method={
"ldap": {
"login_attribute": "sAMAccountName",
"passwd_exp_days": 14,
"server_profile": example_ldap_profile.name,
},
})
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/panos/v2/panos"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := panos.NewTemplate(ctx, "example", &panos.TemplateArgs{
Location: &panos.TemplateLocationArgs{
Panorama: &panos.TemplateLocationPanoramaArgs{},
},
Name: pulumi.String("example-tmpl"),
})
if err != nil {
return err
}
exampleLdapProfile, err := panos.NewLdapProfile(ctx, "example", &panos.LdapProfileArgs{
Location: &panos.LdapProfileLocationArgs{
Template: &panos.LdapProfileLocationTemplateArgs{
Name: example.Name,
},
},
Name: pulumi.String("example-ldap-profile"),
})
if err != nil {
return err
}
// Authentication Profile with LDAP method
_, err = panos.NewAuthenticationProfile(ctx, "example", &panos.AuthenticationProfileArgs{
Location: &panos.AuthenticationProfileLocationArgs{
Template: &panos.AuthenticationProfileLocationTemplateArgs{
Name: example.Name,
},
},
Name: pulumi.String("example-auth-profile"),
AllowLists: pulumi.StringArray{
pulumi.String("all"),
},
Lockout: &panos.AuthenticationProfileLockoutArgs{
FailedAttempts: pulumi.Float64(5),
LockoutTime: pulumi.Float64(30),
},
Method: &panos.AuthenticationProfileMethodArgs{
Ldap: &panos.AuthenticationProfileMethodLdapArgs{
LoginAttribute: pulumi.String("sAMAccountName"),
PasswdExpDays: pulumi.Float64(14),
ServerProfile: exampleLdapProfile.Name,
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Panos = Pulumi.Panos;
return await Deployment.RunAsync(() =>
{
var example = new Panos.Template("example", new()
{
Location = new Panos.Inputs.TemplateLocationArgs
{
Panorama = null,
},
Name = "example-tmpl",
});
var exampleLdapProfile = new Panos.LdapProfile("example", new()
{
Location = new Panos.Inputs.LdapProfileLocationArgs
{
Template = new Panos.Inputs.LdapProfileLocationTemplateArgs
{
Name = example.Name,
},
},
Name = "example-ldap-profile",
});
// Authentication Profile with LDAP method
var exampleAuthenticationProfile = new Panos.AuthenticationProfile("example", new()
{
Location = new Panos.Inputs.AuthenticationProfileLocationArgs
{
Template = new Panos.Inputs.AuthenticationProfileLocationTemplateArgs
{
Name = example.Name,
},
},
Name = "example-auth-profile",
AllowLists = new[]
{
"all",
},
Lockout = new Panos.Inputs.AuthenticationProfileLockoutArgs
{
FailedAttempts = 5,
LockoutTime = 30,
},
Method = new Panos.Inputs.AuthenticationProfileMethodArgs
{
Ldap = new Panos.Inputs.AuthenticationProfileMethodLdapArgs
{
LoginAttribute = "sAMAccountName",
PasswdExpDays = 14,
ServerProfile = exampleLdapProfile.Name,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.panos.Template;
import com.pulumi.panos.TemplateArgs;
import com.pulumi.panos.inputs.TemplateLocationArgs;
import com.pulumi.panos.inputs.TemplateLocationPanoramaArgs;
import com.pulumi.panos.LdapProfile;
import com.pulumi.panos.LdapProfileArgs;
import com.pulumi.panos.inputs.LdapProfileLocationArgs;
import com.pulumi.panos.inputs.LdapProfileLocationTemplateArgs;
import com.pulumi.panos.AuthenticationProfile;
import com.pulumi.panos.AuthenticationProfileArgs;
import com.pulumi.panos.inputs.AuthenticationProfileLocationArgs;
import com.pulumi.panos.inputs.AuthenticationProfileLocationTemplateArgs;
import com.pulumi.panos.inputs.AuthenticationProfileLockoutArgs;
import com.pulumi.panos.inputs.AuthenticationProfileMethodArgs;
import com.pulumi.panos.inputs.AuthenticationProfileMethodLdapArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Template("example", TemplateArgs.builder()
.location(TemplateLocationArgs.builder()
.panorama(TemplateLocationPanoramaArgs.builder()
.build())
.build())
.name("example-tmpl")
.build());
var exampleLdapProfile = new LdapProfile("exampleLdapProfile", LdapProfileArgs.builder()
.location(LdapProfileLocationArgs.builder()
.template(LdapProfileLocationTemplateArgs.builder()
.name(example.name())
.build())
.build())
.name("example-ldap-profile")
.build());
// Authentication Profile with LDAP method
var exampleAuthenticationProfile = new AuthenticationProfile("exampleAuthenticationProfile", AuthenticationProfileArgs.builder()
.location(AuthenticationProfileLocationArgs.builder()
.template(AuthenticationProfileLocationTemplateArgs.builder()
.name(example.name())
.build())
.build())
.name("example-auth-profile")
.allowLists("all")
.lockout(AuthenticationProfileLockoutArgs.builder()
.failedAttempts(5.0)
.lockoutTime(30.0)
.build())
.method(AuthenticationProfileMethodArgs.builder()
.ldap(AuthenticationProfileMethodLdapArgs.builder()
.loginAttribute("sAMAccountName")
.passwdExpDays(14.0)
.serverProfile(exampleLdapProfile.name())
.build())
.build())
.build());
}
}
resources:
example:
type: panos:Template
properties:
location:
panorama: {}
name: example-tmpl
exampleLdapProfile:
type: panos:LdapProfile
name: example
properties:
location:
template:
name: ${example.name}
name: example-ldap-profile
# Authentication Profile with LDAP method
exampleAuthenticationProfile:
type: panos:AuthenticationProfile
name: example
properties:
location:
template:
name: ${example.name}
name: example-auth-profile
allowLists:
- all
lockout:
failedAttempts: 5
lockoutTime: 30
method:
ldap:
loginAttribute: sAMAccountName
passwdExpDays: 14
serverProfile: ${exampleLdapProfile.name}
Create AuthenticationProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AuthenticationProfile(name: string, args: AuthenticationProfileArgs, opts?: CustomResourceOptions);@overload
def AuthenticationProfile(resource_name: str,
args: AuthenticationProfileArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AuthenticationProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
location: Optional[AuthenticationProfileLocationArgs] = None,
allow_lists: Optional[Sequence[str]] = None,
lockout: Optional[AuthenticationProfileLockoutArgs] = None,
method: Optional[AuthenticationProfileMethodArgs] = None,
multi_factor_auth: Optional[AuthenticationProfileMultiFactorAuthArgs] = None,
name: Optional[str] = None,
single_sign_on: Optional[AuthenticationProfileSingleSignOnArgs] = None,
user_domain: Optional[str] = None,
username_modifier: Optional[str] = None)func NewAuthenticationProfile(ctx *Context, name string, args AuthenticationProfileArgs, opts ...ResourceOption) (*AuthenticationProfile, error)public AuthenticationProfile(string name, AuthenticationProfileArgs args, CustomResourceOptions? opts = null)
public AuthenticationProfile(String name, AuthenticationProfileArgs args)
public AuthenticationProfile(String name, AuthenticationProfileArgs args, CustomResourceOptions options)
type: panos:AuthenticationProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AuthenticationProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AuthenticationProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AuthenticationProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthenticationProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AuthenticationProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var authenticationProfileResource = new Panos.AuthenticationProfile("authenticationProfileResource", new()
{
Location = new Panos.Inputs.AuthenticationProfileLocationArgs
{
Panorama = null,
Template = new Panos.Inputs.AuthenticationProfileLocationTemplateArgs
{
Name = "string",
PanoramaDevice = "string",
},
TemplateStack = new Panos.Inputs.AuthenticationProfileLocationTemplateStackArgs
{
Name = "string",
PanoramaDevice = "string",
},
TemplateStackVsys = new Panos.Inputs.AuthenticationProfileLocationTemplateStackVsysArgs
{
NgfwDevice = "string",
PanoramaDevice = "string",
TemplateStack = "string",
Vsys = "string",
},
TemplateVsys = new Panos.Inputs.AuthenticationProfileLocationTemplateVsysArgs
{
NgfwDevice = "string",
PanoramaDevice = "string",
Template = "string",
Vsys = "string",
},
Vsys = new Panos.Inputs.AuthenticationProfileLocationVsysArgs
{
Name = "string",
NgfwDevice = "string",
},
},
AllowLists = new[]
{
"string",
},
Lockout = new Panos.Inputs.AuthenticationProfileLockoutArgs
{
FailedAttempts = 0,
LockoutTime = 0,
},
Method = new Panos.Inputs.AuthenticationProfileMethodArgs
{
Cloud = new Panos.Inputs.AuthenticationProfileMethodCloudArgs
{
ClockSkew = 0,
Region = new Panos.Inputs.AuthenticationProfileMethodCloudRegionArgs
{
RegionId = "string",
Tenant = new Panos.Inputs.AuthenticationProfileMethodCloudRegionTenantArgs
{
Profile = new Panos.Inputs.AuthenticationProfileMethodCloudRegionTenantProfileArgs
{
Mfa = new Panos.Inputs.AuthenticationProfileMethodCloudRegionTenantProfileMfaArgs
{
ForceMfa = "string",
},
ProfileId = "string",
},
TenantId = "string",
},
},
},
Kerberos = new Panos.Inputs.AuthenticationProfileMethodKerberosArgs
{
Realm = "string",
ServerProfile = "string",
},
Ldap = new Panos.Inputs.AuthenticationProfileMethodLdapArgs
{
LoginAttribute = "string",
PasswdExpDays = 0,
ServerProfile = "string",
},
LocalDatabase = null,
None = null,
Radius = new Panos.Inputs.AuthenticationProfileMethodRadiusArgs
{
Checkgroup = false,
ServerProfile = "string",
},
SamlIdp = new Panos.Inputs.AuthenticationProfileMethodSamlIdpArgs
{
AttributeNameAccessDomain = "string",
AttributeNameAdminRole = "string",
AttributeNameUsergroup = "string",
AttributeNameUsername = "string",
CertificateProfile = "string",
EnableSingleLogout = false,
RequestSigningCertificate = "string",
ServerProfile = "string",
},
Tacplus = new Panos.Inputs.AuthenticationProfileMethodTacplusArgs
{
Checkgroup = false,
ServerProfile = "string",
},
},
MultiFactorAuth = new Panos.Inputs.AuthenticationProfileMultiFactorAuthArgs
{
Factors = new[]
{
"string",
},
MfaEnable = false,
},
Name = "string",
SingleSignOn = new Panos.Inputs.AuthenticationProfileSingleSignOnArgs
{
KerberosKeytab = "string",
Realm = "string",
ServicePrincipal = "string",
},
UserDomain = "string",
UsernameModifier = "string",
});
example, err := panos.NewAuthenticationProfile(ctx, "authenticationProfileResource", &panos.AuthenticationProfileArgs{
Location: &panos.AuthenticationProfileLocationArgs{
Panorama: &panos.AuthenticationProfileLocationPanoramaArgs{},
Template: &panos.AuthenticationProfileLocationTemplateArgs{
Name: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
},
TemplateStack: &panos.AuthenticationProfileLocationTemplateStackArgs{
Name: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
},
TemplateStackVsys: &panos.AuthenticationProfileLocationTemplateStackVsysArgs{
NgfwDevice: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
TemplateStack: pulumi.String("string"),
Vsys: pulumi.String("string"),
},
TemplateVsys: &panos.AuthenticationProfileLocationTemplateVsysArgs{
NgfwDevice: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
Template: pulumi.String("string"),
Vsys: pulumi.String("string"),
},
Vsys: &panos.AuthenticationProfileLocationVsysArgs{
Name: pulumi.String("string"),
NgfwDevice: pulumi.String("string"),
},
},
AllowLists: pulumi.StringArray{
pulumi.String("string"),
},
Lockout: &panos.AuthenticationProfileLockoutArgs{
FailedAttempts: pulumi.Float64(0),
LockoutTime: pulumi.Float64(0),
},
Method: &panos.AuthenticationProfileMethodArgs{
Cloud: &panos.AuthenticationProfileMethodCloudArgs{
ClockSkew: pulumi.Float64(0),
Region: &panos.AuthenticationProfileMethodCloudRegionArgs{
RegionId: pulumi.String("string"),
Tenant: &panos.AuthenticationProfileMethodCloudRegionTenantArgs{
Profile: &panos.AuthenticationProfileMethodCloudRegionTenantProfileArgs{
Mfa: &panos.AuthenticationProfileMethodCloudRegionTenantProfileMfaArgs{
ForceMfa: pulumi.String("string"),
},
ProfileId: pulumi.String("string"),
},
TenantId: pulumi.String("string"),
},
},
},
Kerberos: &panos.AuthenticationProfileMethodKerberosArgs{
Realm: pulumi.String("string"),
ServerProfile: pulumi.String("string"),
},
Ldap: &panos.AuthenticationProfileMethodLdapArgs{
LoginAttribute: pulumi.String("string"),
PasswdExpDays: pulumi.Float64(0),
ServerProfile: pulumi.String("string"),
},
LocalDatabase: &panos.AuthenticationProfileMethodLocalDatabaseArgs{},
None: &panos.AuthenticationProfileMethodNoneArgs{},
Radius: &panos.AuthenticationProfileMethodRadiusArgs{
Checkgroup: pulumi.Bool(false),
ServerProfile: pulumi.String("string"),
},
SamlIdp: &panos.AuthenticationProfileMethodSamlIdpArgs{
AttributeNameAccessDomain: pulumi.String("string"),
AttributeNameAdminRole: pulumi.String("string"),
AttributeNameUsergroup: pulumi.String("string"),
AttributeNameUsername: pulumi.String("string"),
CertificateProfile: pulumi.String("string"),
EnableSingleLogout: pulumi.Bool(false),
RequestSigningCertificate: pulumi.String("string"),
ServerProfile: pulumi.String("string"),
},
Tacplus: &panos.AuthenticationProfileMethodTacplusArgs{
Checkgroup: pulumi.Bool(false),
ServerProfile: pulumi.String("string"),
},
},
MultiFactorAuth: &panos.AuthenticationProfileMultiFactorAuthArgs{
Factors: pulumi.StringArray{
pulumi.String("string"),
},
MfaEnable: pulumi.Bool(false),
},
Name: pulumi.String("string"),
SingleSignOn: &panos.AuthenticationProfileSingleSignOnArgs{
KerberosKeytab: pulumi.String("string"),
Realm: pulumi.String("string"),
ServicePrincipal: pulumi.String("string"),
},
UserDomain: pulumi.String("string"),
UsernameModifier: pulumi.String("string"),
})
var authenticationProfileResource = new AuthenticationProfile("authenticationProfileResource", AuthenticationProfileArgs.builder()
.location(AuthenticationProfileLocationArgs.builder()
.panorama(AuthenticationProfileLocationPanoramaArgs.builder()
.build())
.template(AuthenticationProfileLocationTemplateArgs.builder()
.name("string")
.panoramaDevice("string")
.build())
.templateStack(AuthenticationProfileLocationTemplateStackArgs.builder()
.name("string")
.panoramaDevice("string")
.build())
.templateStackVsys(AuthenticationProfileLocationTemplateStackVsysArgs.builder()
.ngfwDevice("string")
.panoramaDevice("string")
.templateStack("string")
.vsys("string")
.build())
.templateVsys(AuthenticationProfileLocationTemplateVsysArgs.builder()
.ngfwDevice("string")
.panoramaDevice("string")
.template("string")
.vsys("string")
.build())
.vsys(AuthenticationProfileLocationVsysArgs.builder()
.name("string")
.ngfwDevice("string")
.build())
.build())
.allowLists("string")
.lockout(AuthenticationProfileLockoutArgs.builder()
.failedAttempts(0.0)
.lockoutTime(0.0)
.build())
.method(AuthenticationProfileMethodArgs.builder()
.cloud(AuthenticationProfileMethodCloudArgs.builder()
.clockSkew(0.0)
.region(AuthenticationProfileMethodCloudRegionArgs.builder()
.regionId("string")
.tenant(AuthenticationProfileMethodCloudRegionTenantArgs.builder()
.profile(AuthenticationProfileMethodCloudRegionTenantProfileArgs.builder()
.mfa(AuthenticationProfileMethodCloudRegionTenantProfileMfaArgs.builder()
.forceMfa("string")
.build())
.profileId("string")
.build())
.tenantId("string")
.build())
.build())
.build())
.kerberos(AuthenticationProfileMethodKerberosArgs.builder()
.realm("string")
.serverProfile("string")
.build())
.ldap(AuthenticationProfileMethodLdapArgs.builder()
.loginAttribute("string")
.passwdExpDays(0.0)
.serverProfile("string")
.build())
.localDatabase(AuthenticationProfileMethodLocalDatabaseArgs.builder()
.build())
.none(AuthenticationProfileMethodNoneArgs.builder()
.build())
.radius(AuthenticationProfileMethodRadiusArgs.builder()
.checkgroup(false)
.serverProfile("string")
.build())
.samlIdp(AuthenticationProfileMethodSamlIdpArgs.builder()
.attributeNameAccessDomain("string")
.attributeNameAdminRole("string")
.attributeNameUsergroup("string")
.attributeNameUsername("string")
.certificateProfile("string")
.enableSingleLogout(false)
.requestSigningCertificate("string")
.serverProfile("string")
.build())
.tacplus(AuthenticationProfileMethodTacplusArgs.builder()
.checkgroup(false)
.serverProfile("string")
.build())
.build())
.multiFactorAuth(AuthenticationProfileMultiFactorAuthArgs.builder()
.factors("string")
.mfaEnable(false)
.build())
.name("string")
.singleSignOn(AuthenticationProfileSingleSignOnArgs.builder()
.kerberosKeytab("string")
.realm("string")
.servicePrincipal("string")
.build())
.userDomain("string")
.usernameModifier("string")
.build());
authentication_profile_resource = panos.AuthenticationProfile("authenticationProfileResource",
location={
"panorama": {},
"template": {
"name": "string",
"panorama_device": "string",
},
"template_stack": {
"name": "string",
"panorama_device": "string",
},
"template_stack_vsys": {
"ngfw_device": "string",
"panorama_device": "string",
"template_stack": "string",
"vsys": "string",
},
"template_vsys": {
"ngfw_device": "string",
"panorama_device": "string",
"template": "string",
"vsys": "string",
},
"vsys": {
"name": "string",
"ngfw_device": "string",
},
},
allow_lists=["string"],
lockout={
"failed_attempts": 0,
"lockout_time": 0,
},
method={
"cloud": {
"clock_skew": 0,
"region": {
"region_id": "string",
"tenant": {
"profile": {
"mfa": {
"force_mfa": "string",
},
"profile_id": "string",
},
"tenant_id": "string",
},
},
},
"kerberos": {
"realm": "string",
"server_profile": "string",
},
"ldap": {
"login_attribute": "string",
"passwd_exp_days": 0,
"server_profile": "string",
},
"local_database": {},
"none": {},
"radius": {
"checkgroup": False,
"server_profile": "string",
},
"saml_idp": {
"attribute_name_access_domain": "string",
"attribute_name_admin_role": "string",
"attribute_name_usergroup": "string",
"attribute_name_username": "string",
"certificate_profile": "string",
"enable_single_logout": False,
"request_signing_certificate": "string",
"server_profile": "string",
},
"tacplus": {
"checkgroup": False,
"server_profile": "string",
},
},
multi_factor_auth={
"factors": ["string"],
"mfa_enable": False,
},
name="string",
single_sign_on={
"kerberos_keytab": "string",
"realm": "string",
"service_principal": "string",
},
user_domain="string",
username_modifier="string")
const authenticationProfileResource = new panos.AuthenticationProfile("authenticationProfileResource", {
location: {
panorama: {},
template: {
name: "string",
panoramaDevice: "string",
},
templateStack: {
name: "string",
panoramaDevice: "string",
},
templateStackVsys: {
ngfwDevice: "string",
panoramaDevice: "string",
templateStack: "string",
vsys: "string",
},
templateVsys: {
ngfwDevice: "string",
panoramaDevice: "string",
template: "string",
vsys: "string",
},
vsys: {
name: "string",
ngfwDevice: "string",
},
},
allowLists: ["string"],
lockout: {
failedAttempts: 0,
lockoutTime: 0,
},
method: {
cloud: {
clockSkew: 0,
region: {
regionId: "string",
tenant: {
profile: {
mfa: {
forceMfa: "string",
},
profileId: "string",
},
tenantId: "string",
},
},
},
kerberos: {
realm: "string",
serverProfile: "string",
},
ldap: {
loginAttribute: "string",
passwdExpDays: 0,
serverProfile: "string",
},
localDatabase: {},
none: {},
radius: {
checkgroup: false,
serverProfile: "string",
},
samlIdp: {
attributeNameAccessDomain: "string",
attributeNameAdminRole: "string",
attributeNameUsergroup: "string",
attributeNameUsername: "string",
certificateProfile: "string",
enableSingleLogout: false,
requestSigningCertificate: "string",
serverProfile: "string",
},
tacplus: {
checkgroup: false,
serverProfile: "string",
},
},
multiFactorAuth: {
factors: ["string"],
mfaEnable: false,
},
name: "string",
singleSignOn: {
kerberosKeytab: "string",
realm: "string",
servicePrincipal: "string",
},
userDomain: "string",
usernameModifier: "string",
});
type: panos:AuthenticationProfile
properties:
allowLists:
- string
location:
panorama: {}
template:
name: string
panoramaDevice: string
templateStack:
name: string
panoramaDevice: string
templateStackVsys:
ngfwDevice: string
panoramaDevice: string
templateStack: string
vsys: string
templateVsys:
ngfwDevice: string
panoramaDevice: string
template: string
vsys: string
vsys:
name: string
ngfwDevice: string
lockout:
failedAttempts: 0
lockoutTime: 0
method:
cloud:
clockSkew: 0
region:
regionId: string
tenant:
profile:
mfa:
forceMfa: string
profileId: string
tenantId: string
kerberos:
realm: string
serverProfile: string
ldap:
loginAttribute: string
passwdExpDays: 0
serverProfile: string
localDatabase: {}
none: {}
radius:
checkgroup: false
serverProfile: string
samlIdp:
attributeNameAccessDomain: string
attributeNameAdminRole: string
attributeNameUsergroup: string
attributeNameUsername: string
certificateProfile: string
enableSingleLogout: false
requestSigningCertificate: string
serverProfile: string
tacplus:
checkgroup: false
serverProfile: string
multiFactorAuth:
factors:
- string
mfaEnable: false
name: string
singleSignOn:
kerberosKeytab: string
realm: string
servicePrincipal: string
userDomain: string
usernameModifier: string
AuthenticationProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AuthenticationProfile resource accepts the following input properties:
- Location
Authentication
Profile Location - The location of this object.
- Allow
Lists List<string> - Lockout
Authentication
Profile Lockout - Method
Authentication
Profile Method - Multi
Factor AuthenticationAuth Profile Multi Factor Auth - Name string
- Single
Sign AuthenticationOn Profile Single Sign On - User
Domain string - Domain name(Not for SAML) to be used for authentication
- Username
Modifier string - Username modifier(Not for SAML) to handle user domain
- Location
Authentication
Profile Location Args - The location of this object.
- Allow
Lists []string - Lockout
Authentication
Profile Lockout Args - Method
Authentication
Profile Method Args - Multi
Factor AuthenticationAuth Profile Multi Factor Auth Args - Name string
- Single
Sign AuthenticationOn Profile Single Sign On Args - User
Domain string - Domain name(Not for SAML) to be used for authentication
- Username
Modifier string - Username modifier(Not for SAML) to handle user domain
- location
Authentication
Profile Location - The location of this object.
- allow
Lists List<String> - lockout
Authentication
Profile Lockout - method
Authentication
Profile Method - multi
Factor AuthenticationAuth Profile Multi Factor Auth - name String
- single
Sign AuthenticationOn Profile Single Sign On - user
Domain String - Domain name(Not for SAML) to be used for authentication
- username
Modifier String - Username modifier(Not for SAML) to handle user domain
- location
Authentication
Profile Location - The location of this object.
- allow
Lists string[] - lockout
Authentication
Profile Lockout - method
Authentication
Profile Method - multi
Factor AuthenticationAuth Profile Multi Factor Auth - name string
- single
Sign AuthenticationOn Profile Single Sign On - user
Domain string - Domain name(Not for SAML) to be used for authentication
- username
Modifier string - Username modifier(Not for SAML) to handle user domain
- location
Authentication
Profile Location Args - The location of this object.
- allow_
lists Sequence[str] - lockout
Authentication
Profile Lockout Args - method
Authentication
Profile Method Args - multi_
factor_ Authenticationauth Profile Multi Factor Auth Args - name str
- single_
sign_ Authenticationon Profile Single Sign On Args - user_
domain str - Domain name(Not for SAML) to be used for authentication
- username_
modifier str - Username modifier(Not for SAML) to handle user domain
- location Property Map
- The location of this object.
- allow
Lists List<String> - lockout Property Map
- method Property Map
- multi
Factor Property MapAuth - name String
- single
Sign Property MapOn - user
Domain String - Domain name(Not for SAML) to be used for authentication
- username
Modifier String - Username modifier(Not for SAML) to handle user domain
Outputs
All input properties are implicitly available as output properties. Additionally, the AuthenticationProfile resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AuthenticationProfile Resource
Get an existing AuthenticationProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AuthenticationProfileState, opts?: CustomResourceOptions): AuthenticationProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_lists: Optional[Sequence[str]] = None,
location: Optional[AuthenticationProfileLocationArgs] = None,
lockout: Optional[AuthenticationProfileLockoutArgs] = None,
method: Optional[AuthenticationProfileMethodArgs] = None,
multi_factor_auth: Optional[AuthenticationProfileMultiFactorAuthArgs] = None,
name: Optional[str] = None,
single_sign_on: Optional[AuthenticationProfileSingleSignOnArgs] = None,
user_domain: Optional[str] = None,
username_modifier: Optional[str] = None) -> AuthenticationProfilefunc GetAuthenticationProfile(ctx *Context, name string, id IDInput, state *AuthenticationProfileState, opts ...ResourceOption) (*AuthenticationProfile, error)public static AuthenticationProfile Get(string name, Input<string> id, AuthenticationProfileState? state, CustomResourceOptions? opts = null)public static AuthenticationProfile get(String name, Output<String> id, AuthenticationProfileState state, CustomResourceOptions options)resources: _: type: panos:AuthenticationProfile get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
Lists List<string> - Location
Authentication
Profile Location - The location of this object.
- Lockout
Authentication
Profile Lockout - Method
Authentication
Profile Method - Multi
Factor AuthenticationAuth Profile Multi Factor Auth - Name string
- Single
Sign AuthenticationOn Profile Single Sign On - User
Domain string - Domain name(Not for SAML) to be used for authentication
- Username
Modifier string - Username modifier(Not for SAML) to handle user domain
- Allow
Lists []string - Location
Authentication
Profile Location Args - The location of this object.
- Lockout
Authentication
Profile Lockout Args - Method
Authentication
Profile Method Args - Multi
Factor AuthenticationAuth Profile Multi Factor Auth Args - Name string
- Single
Sign AuthenticationOn Profile Single Sign On Args - User
Domain string - Domain name(Not for SAML) to be used for authentication
- Username
Modifier string - Username modifier(Not for SAML) to handle user domain
- allow
Lists List<String> - location
Authentication
Profile Location - The location of this object.
- lockout
Authentication
Profile Lockout - method
Authentication
Profile Method - multi
Factor AuthenticationAuth Profile Multi Factor Auth - name String
- single
Sign AuthenticationOn Profile Single Sign On - user
Domain String - Domain name(Not for SAML) to be used for authentication
- username
Modifier String - Username modifier(Not for SAML) to handle user domain
- allow
Lists string[] - location
Authentication
Profile Location - The location of this object.
- lockout
Authentication
Profile Lockout - method
Authentication
Profile Method - multi
Factor AuthenticationAuth Profile Multi Factor Auth - name string
- single
Sign AuthenticationOn Profile Single Sign On - user
Domain string - Domain name(Not for SAML) to be used for authentication
- username
Modifier string - Username modifier(Not for SAML) to handle user domain
- allow_
lists Sequence[str] - location
Authentication
Profile Location Args - The location of this object.
- lockout
Authentication
Profile Lockout Args - method
Authentication
Profile Method Args - multi_
factor_ Authenticationauth Profile Multi Factor Auth Args - name str
- single_
sign_ Authenticationon Profile Single Sign On Args - user_
domain str - Domain name(Not for SAML) to be used for authentication
- username_
modifier str - Username modifier(Not for SAML) to handle user domain
- allow
Lists List<String> - location Property Map
- The location of this object.
- lockout Property Map
- method Property Map
- multi
Factor Property MapAuth - name String
- single
Sign Property MapOn - user
Domain String - Domain name(Not for SAML) to be used for authentication
- username
Modifier String - Username modifier(Not for SAML) to handle user domain
Supporting Types
AuthenticationProfileLocation, AuthenticationProfileLocationArgs
- Panorama
Authentication
Profile Location Panorama - Located in a panorama.
- Template
Authentication
Profile Location Template - Located in a specific template
- Template
Stack AuthenticationProfile Location Template Stack - Located in a specific template
- Template
Stack AuthenticationVsys Profile Location Template Stack Vsys - Located in a specific template, device and vsys.
- Template
Vsys AuthenticationProfile Location Template Vsys - Located in a specific template, device and vsys.
- Vsys
Authentication
Profile Location Vsys - Located in a specific Virtual System
- Panorama
Authentication
Profile Location Panorama - Located in a panorama.
- Template
Authentication
Profile Location Template - Located in a specific template
- Template
Stack AuthenticationProfile Location Template Stack - Located in a specific template
- Template
Stack AuthenticationVsys Profile Location Template Stack Vsys - Located in a specific template, device and vsys.
- Template
Vsys AuthenticationProfile Location Template Vsys - Located in a specific template, device and vsys.
- Vsys
Authentication
Profile Location Vsys - Located in a specific Virtual System
- panorama
Authentication
Profile Location Panorama - Located in a panorama.
- template
Authentication
Profile Location Template - Located in a specific template
- template
Stack AuthenticationProfile Location Template Stack - Located in a specific template
- template
Stack AuthenticationVsys Profile Location Template Stack Vsys - Located in a specific template, device and vsys.
- template
Vsys AuthenticationProfile Location Template Vsys - Located in a specific template, device and vsys.
- vsys
Authentication
Profile Location Vsys - Located in a specific Virtual System
- panorama
Authentication
Profile Location Panorama - Located in a panorama.
- template
Authentication
Profile Location Template - Located in a specific template
- template
Stack AuthenticationProfile Location Template Stack - Located in a specific template
- template
Stack AuthenticationVsys Profile Location Template Stack Vsys - Located in a specific template, device and vsys.
- template
Vsys AuthenticationProfile Location Template Vsys - Located in a specific template, device and vsys.
- vsys
Authentication
Profile Location Vsys - Located in a specific Virtual System
- panorama
Authentication
Profile Location Panorama - Located in a panorama.
- template
Authentication
Profile Location Template - Located in a specific template
- template_
stack AuthenticationProfile Location Template Stack - Located in a specific template
- template_
stack_ Authenticationvsys Profile Location Template Stack Vsys - Located in a specific template, device and vsys.
- template_
vsys AuthenticationProfile Location Template Vsys - Located in a specific template, device and vsys.
- vsys
Authentication
Profile Location Vsys - Located in a specific Virtual System
- panorama Property Map
- Located in a panorama.
- template Property Map
- Located in a specific template
- template
Stack Property Map - Located in a specific template
- template
Stack Property MapVsys - Located in a specific template, device and vsys.
- template
Vsys Property Map - Located in a specific template, device and vsys.
- vsys Property Map
- Located in a specific Virtual System
AuthenticationProfileLocationTemplate, AuthenticationProfileLocationTemplateArgs
- Name string
- Specific Panorama template
- Panorama
Device string - Specific Panorama device
- Name string
- Specific Panorama template
- Panorama
Device string - Specific Panorama device
- name String
- Specific Panorama template
- panorama
Device String - Specific Panorama device
- name string
- Specific Panorama template
- panorama
Device string - Specific Panorama device
- name str
- Specific Panorama template
- panorama_
device str - Specific Panorama device
- name String
- Specific Panorama template
- panorama
Device String - Specific Panorama device
AuthenticationProfileLocationTemplateStack, AuthenticationProfileLocationTemplateStackArgs
- Name string
- The template stack
- Panorama
Device string - Specific Panorama device
- Name string
- The template stack
- Panorama
Device string - Specific Panorama device
- name String
- The template stack
- panorama
Device String - Specific Panorama device
- name string
- The template stack
- panorama
Device string - Specific Panorama device
- name str
- The template stack
- panorama_
device str - Specific Panorama device
- name String
- The template stack
- panorama
Device String - Specific Panorama device
AuthenticationProfileLocationTemplateStackVsys, AuthenticationProfileLocationTemplateStackVsysArgs
- Ngfw
Device string - The NGFW device
- Panorama
Device string - Specific Panorama device
- Template
Stack string - The template stack
- Vsys string
- The vsys.
- Ngfw
Device string - The NGFW device
- Panorama
Device string - Specific Panorama device
- Template
Stack string - The template stack
- Vsys string
- The vsys.
- ngfw
Device String - The NGFW device
- panorama
Device String - Specific Panorama device
- template
Stack String - The template stack
- vsys String
- The vsys.
- ngfw
Device string - The NGFW device
- panorama
Device string - Specific Panorama device
- template
Stack string - The template stack
- vsys string
- The vsys.
- ngfw_
device str - The NGFW device
- panorama_
device str - Specific Panorama device
- template_
stack str - The template stack
- vsys str
- The vsys.
- ngfw
Device String - The NGFW device
- panorama
Device String - Specific Panorama device
- template
Stack String - The template stack
- vsys String
- The vsys.
AuthenticationProfileLocationTemplateVsys, AuthenticationProfileLocationTemplateVsysArgs
- Ngfw
Device string - The NGFW device
- Panorama
Device string - Specific Panorama device
- Template string
- Specific Panorama template
- Vsys string
- The vsys.
- Ngfw
Device string - The NGFW device
- Panorama
Device string - Specific Panorama device
- Template string
- Specific Panorama template
- Vsys string
- The vsys.
- ngfw
Device String - The NGFW device
- panorama
Device String - Specific Panorama device
- template String
- Specific Panorama template
- vsys String
- The vsys.
- ngfw
Device string - The NGFW device
- panorama
Device string - Specific Panorama device
- template string
- Specific Panorama template
- vsys string
- The vsys.
- ngfw_
device str - The NGFW device
- panorama_
device str - Specific Panorama device
- template str
- Specific Panorama template
- vsys str
- The vsys.
- ngfw
Device String - The NGFW device
- panorama
Device String - Specific Panorama device
- template String
- Specific Panorama template
- vsys String
- The vsys.
AuthenticationProfileLocationVsys, AuthenticationProfileLocationVsysArgs
- Name string
- The Virtual System name
- Ngfw
Device string - The NGFW device name
- Name string
- The Virtual System name
- Ngfw
Device string - The NGFW device name
- name String
- The Virtual System name
- ngfw
Device String - The NGFW device name
- name string
- The Virtual System name
- ngfw
Device string - The NGFW device name
- name str
- The Virtual System name
- ngfw_
device str - The NGFW device name
- name String
- The Virtual System name
- ngfw
Device String - The NGFW device name
AuthenticationProfileLockout, AuthenticationProfileLockoutArgs
- Failed
Attempts double - Number of failed login attempts to trigger lock-out
- Lockout
Time double - Number of minutes to lock-out
- Failed
Attempts float64 - Number of failed login attempts to trigger lock-out
- Lockout
Time float64 - Number of minutes to lock-out
- failed
Attempts Double - Number of failed login attempts to trigger lock-out
- lockout
Time Double - Number of minutes to lock-out
- failed
Attempts number - Number of failed login attempts to trigger lock-out
- lockout
Time number - Number of minutes to lock-out
- failed_
attempts float - Number of failed login attempts to trigger lock-out
- lockout_
time float - Number of minutes to lock-out
- failed
Attempts Number - Number of failed login attempts to trigger lock-out
- lockout
Time Number - Number of minutes to lock-out
AuthenticationProfileMethod, AuthenticationProfileMethodArgs
- Cloud
Authentication
Profile Method Cloud - Kerberos
Authentication
Profile Method Kerberos - Ldap
Authentication
Profile Method Ldap - Local
Database AuthenticationProfile Method Local Database - None
Authentication
Profile Method None - Radius
Authentication
Profile Method Radius - Saml
Idp AuthenticationProfile Method Saml Idp - Tacplus
Authentication
Profile Method Tacplus
- Cloud
Authentication
Profile Method Cloud - Kerberos
Authentication
Profile Method Kerberos - Ldap
Authentication
Profile Method Ldap - Local
Database AuthenticationProfile Method Local Database - None
Authentication
Profile Method None - Radius
Authentication
Profile Method Radius - Saml
Idp AuthenticationProfile Method Saml Idp - Tacplus
Authentication
Profile Method Tacplus
- cloud
Authentication
Profile Method Cloud - kerberos
Authentication
Profile Method Kerberos - ldap
Authentication
Profile Method Ldap - local
Database AuthenticationProfile Method Local Database - none
Authentication
Profile Method None - radius
Authentication
Profile Method Radius - saml
Idp AuthenticationProfile Method Saml Idp - tacplus
Authentication
Profile Method Tacplus
- cloud
Authentication
Profile Method Cloud - kerberos
Authentication
Profile Method Kerberos - ldap
Authentication
Profile Method Ldap - local
Database AuthenticationProfile Method Local Database - none
Authentication
Profile Method None - radius
Authentication
Profile Method Radius - saml
Idp AuthenticationProfile Method Saml Idp - tacplus
Authentication
Profile Method Tacplus
- cloud
Authentication
Profile Method Cloud - kerberos
Authentication
Profile Method Kerberos - ldap
Authentication
Profile Method Ldap - local_
database AuthenticationProfile Method Local Database - none
Authentication
Profile Method None - radius
Authentication
Profile Method Radius - saml_
idp AuthenticationProfile Method Saml Idp - tacplus
Authentication
Profile Method Tacplus
AuthenticationProfileMethodCloud, AuthenticationProfileMethodCloudArgs
- Clock
Skew double - clock skew between CAS service and device
- Region
Authentication
Profile Method Cloud Region
- Clock
Skew float64 - clock skew between CAS service and device
- Region
Authentication
Profile Method Cloud Region
- clock
Skew Double - clock skew between CAS service and device
- region
Authentication
Profile Method Cloud Region
- clock
Skew number - clock skew between CAS service and device
- region
Authentication
Profile Method Cloud Region
- clock_
skew float - clock skew between CAS service and device
- region
Authentication
Profile Method Cloud Region
- clock
Skew Number - clock skew between CAS service and device
- region Property Map
AuthenticationProfileMethodCloudRegion, AuthenticationProfileMethodCloudRegionArgs
- Region
Id string - Region Id
- Tenant
Authentication
Profile Method Cloud Region Tenant
- Region
Id string - Region Id
- Tenant
Authentication
Profile Method Cloud Region Tenant
- region
Id String - Region Id
- tenant
Authentication
Profile Method Cloud Region Tenant
- region
Id string - Region Id
- tenant
Authentication
Profile Method Cloud Region Tenant
- region
Id String - Region Id
- tenant Property Map
AuthenticationProfileMethodCloudRegionTenant, AuthenticationProfileMethodCloudRegionTenantArgs
- Profile
Authentication
Profile Method Cloud Region Tenant Profile - Tenant
Id string - Tenant id
- Profile
Authentication
Profile Method Cloud Region Tenant Profile - Tenant
Id string - Tenant id
- profile
Authentication
Profile Method Cloud Region Tenant Profile - tenant
Id String - Tenant id
- profile
Authentication
Profile Method Cloud Region Tenant Profile - tenant
Id string - Tenant id
- profile Property Map
- tenant
Id String - Tenant id
AuthenticationProfileMethodCloudRegionTenantProfile, AuthenticationProfileMethodCloudRegionTenantProfileArgs
- Mfa
Authentication
Profile Method Cloud Region Tenant Profile Mfa - Profile
Id string - CAS Profile id
- Mfa
Authentication
Profile Method Cloud Region Tenant Profile Mfa - Profile
Id string - CAS Profile id
- mfa
Authentication
Profile Method Cloud Region Tenant Profile Mfa - profile
Id String - CAS Profile id
- mfa
Authentication
Profile Method Cloud Region Tenant Profile Mfa - profile
Id string - CAS Profile id
- mfa
Authentication
Profile Method Cloud Region Tenant Profile Mfa - profile_
id str - CAS Profile id
- mfa Property Map
- profile
Id String - CAS Profile id
AuthenticationProfileMethodCloudRegionTenantProfileMfa, AuthenticationProfileMethodCloudRegionTenantProfileMfaArgs
- Force
Mfa string - force multi-factor authentication in cloud
- Force
Mfa string - force multi-factor authentication in cloud
- force
Mfa String - force multi-factor authentication in cloud
- force
Mfa string - force multi-factor authentication in cloud
- force_
mfa str - force multi-factor authentication in cloud
- force
Mfa String - force multi-factor authentication in cloud
AuthenticationProfileMethodKerberos, AuthenticationProfileMethodKerberosArgs
- Realm string
- Realm name to be used for authentication
- Server
Profile string - Kerberos server profile object
- Realm string
- Realm name to be used for authentication
- Server
Profile string - Kerberos server profile object
- realm String
- Realm name to be used for authentication
- server
Profile String - Kerberos server profile object
- realm string
- Realm name to be used for authentication
- server
Profile string - Kerberos server profile object
- realm str
- Realm name to be used for authentication
- server_
profile str - Kerberos server profile object
- realm String
- Realm name to be used for authentication
- server
Profile String - Kerberos server profile object
AuthenticationProfileMethodLdap, AuthenticationProfileMethodLdapArgs
- Login
Attribute string - Default is samAccountName for Active Directory, uid for other directory servers
- Passwd
Exp doubleDays - Avail for Active Directory, eDir
- Server
Profile string - LDAP server profile object
- Login
Attribute string - Default is samAccountName for Active Directory, uid for other directory servers
- Passwd
Exp float64Days - Avail for Active Directory, eDir
- Server
Profile string - LDAP server profile object
- login
Attribute String - Default is samAccountName for Active Directory, uid for other directory servers
- passwd
Exp DoubleDays - Avail for Active Directory, eDir
- server
Profile String - LDAP server profile object
- login
Attribute string - Default is samAccountName for Active Directory, uid for other directory servers
- passwd
Exp numberDays - Avail for Active Directory, eDir
- server
Profile string - LDAP server profile object
- login_
attribute str - Default is samAccountName for Active Directory, uid for other directory servers
- passwd_
exp_ floatdays - Avail for Active Directory, eDir
- server_
profile str - LDAP server profile object
- login
Attribute String - Default is samAccountName for Active Directory, uid for other directory servers
- passwd
Exp NumberDays - Avail for Active Directory, eDir
- server
Profile String - LDAP server profile object
AuthenticationProfileMethodRadius, AuthenticationProfileMethodRadiusArgs
- Checkgroup bool
- Retrieve user group from RADIUS
- Server
Profile string - RADIUS server profile object
- Checkgroup bool
- Retrieve user group from RADIUS
- Server
Profile string - RADIUS server profile object
- checkgroup Boolean
- Retrieve user group from RADIUS
- server
Profile String - RADIUS server profile object
- checkgroup boolean
- Retrieve user group from RADIUS
- server
Profile string - RADIUS server profile object
- checkgroup bool
- Retrieve user group from RADIUS
- server_
profile str - RADIUS server profile object
- checkgroup Boolean
- Retrieve user group from RADIUS
- server
Profile String - RADIUS server profile object
AuthenticationProfileMethodSamlIdp, AuthenticationProfileMethodSamlIdpArgs
- Attribute
Name stringAccess Domain - access-domain
- Attribute
Name stringAdmin Role - admin-role
- Attribute
Name stringUsergroup - usergroup
- Attribute
Name stringUsername - Attribute name for username to be extracted from SAML response
- Certificate
Profile string - Certificate profile for IDP and SP
- Enable
Single boolLogout - Enable single logout
- Request
Signing stringCertificate - Signing certificate for SAML requests
- Server
Profile string - IdP server profile object
- Attribute
Name stringAccess Domain - access-domain
- Attribute
Name stringAdmin Role - admin-role
- Attribute
Name stringUsergroup - usergroup
- Attribute
Name stringUsername - Attribute name for username to be extracted from SAML response
- Certificate
Profile string - Certificate profile for IDP and SP
- Enable
Single boolLogout - Enable single logout
- Request
Signing stringCertificate - Signing certificate for SAML requests
- Server
Profile string - IdP server profile object
- attribute
Name StringAccess Domain - access-domain
- attribute
Name StringAdmin Role - admin-role
- attribute
Name StringUsergroup - usergroup
- attribute
Name StringUsername - Attribute name for username to be extracted from SAML response
- certificate
Profile String - Certificate profile for IDP and SP
- enable
Single BooleanLogout - Enable single logout
- request
Signing StringCertificate - Signing certificate for SAML requests
- server
Profile String - IdP server profile object
- attribute
Name stringAccess Domain - access-domain
- attribute
Name stringAdmin Role - admin-role
- attribute
Name stringUsergroup - usergroup
- attribute
Name stringUsername - Attribute name for username to be extracted from SAML response
- certificate
Profile string - Certificate profile for IDP and SP
- enable
Single booleanLogout - Enable single logout
- request
Signing stringCertificate - Signing certificate for SAML requests
- server
Profile string - IdP server profile object
- attribute_
name_ straccess_ domain - access-domain
- attribute_
name_ stradmin_ role - admin-role
- attribute_
name_ strusergroup - usergroup
- attribute_
name_ strusername - Attribute name for username to be extracted from SAML response
- certificate_
profile str - Certificate profile for IDP and SP
- enable_
single_ boollogout - Enable single logout
- request_
signing_ strcertificate - Signing certificate for SAML requests
- server_
profile str - IdP server profile object
- attribute
Name StringAccess Domain - access-domain
- attribute
Name StringAdmin Role - admin-role
- attribute
Name StringUsergroup - usergroup
- attribute
Name StringUsername - Attribute name for username to be extracted from SAML response
- certificate
Profile String - Certificate profile for IDP and SP
- enable
Single BooleanLogout - Enable single logout
- request
Signing StringCertificate - Signing certificate for SAML requests
- server
Profile String - IdP server profile object
AuthenticationProfileMethodTacplus, AuthenticationProfileMethodTacplusArgs
- Checkgroup bool
- Retrieve user group from TACACS+
- Server
Profile string - TACACS+ server profile object
- Checkgroup bool
- Retrieve user group from TACACS+
- Server
Profile string - TACACS+ server profile object
- checkgroup Boolean
- Retrieve user group from TACACS+
- server
Profile String - TACACS+ server profile object
- checkgroup boolean
- Retrieve user group from TACACS+
- server
Profile string - TACACS+ server profile object
- checkgroup bool
- Retrieve user group from TACACS+
- server_
profile str - TACACS+ server profile object
- checkgroup Boolean
- Retrieve user group from TACACS+
- server
Profile String - TACACS+ server profile object
AuthenticationProfileMultiFactorAuth, AuthenticationProfileMultiFactorAuthArgs
- factors Sequence[str]
- mfa_
enable bool - Enable Additional Authentication Factors
AuthenticationProfileSingleSignOn, AuthenticationProfileSingleSignOnArgs
- Kerberos
Keytab string - Kerberos keytab
- Realm string
- Kerberos realm to be used for authentication
- Service
Principal string - Kerberos service principal
- Kerberos
Keytab string - Kerberos keytab
- Realm string
- Kerberos realm to be used for authentication
- Service
Principal string - Kerberos service principal
- kerberos
Keytab String - Kerberos keytab
- realm String
- Kerberos realm to be used for authentication
- service
Principal String - Kerberos service principal
- kerberos
Keytab string - Kerberos keytab
- realm string
- Kerberos realm to be used for authentication
- service
Principal string - Kerberos service principal
- kerberos_
keytab str - Kerberos keytab
- realm str
- Kerberos realm to be used for authentication
- service_
principal str - Kerberos service principal
- kerberos
Keytab String - Kerberos keytab
- realm String
- Kerberos realm to be used for authentication
- service
Principal String - Kerberos service principal
Package Details
- Repository
- panos paloaltonetworks/terraform-provider-panos
- License
- Notes
- This Pulumi package is based on the
panosTerraform Provider.
panos 2.0.7 published on Thursday, Nov 27, 2025 by paloaltonetworks
