rancher2 logo
Rancher 2 v4.0.0, Apr 20 23

rancher2.AuthConfigKeycloak

Explore with Pulumi AI

Provides a Rancher v2 Auth Config KeyCloak resource. This can be used to configure and enable Auth Config KeyCloak for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Rancher2 = Pulumi.Rancher2;

return await Deployment.RunAsync(() => 
{
    // Create a new rancher2 Auth Config KeyCloak
    var keycloak = new Rancher2.AuthConfigKeycloak("keycloak", new()
    {
        DisplayNameField = "<DISPLAY_NAME_FIELD>",
        GroupsField = "<GROUPS_FIELD>",
        IdpMetadataContent = "<IDP_METADATA_CONTENT>",
        RancherApiHost = "https://<RANCHER_API_HOST>",
        SpCert = "<SP_CERT>",
        SpKey = "<SP_KEY>",
        UidField = "<UID_FIELD>",
        UserNameField = "<USER_NAME_FIELD>",
    });

});
package main

import (
	"github.com/pulumi/pulumi-rancher2/sdk/v4/go/rancher2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := rancher2.NewAuthConfigKeycloak(ctx, "keycloak", &rancher2.AuthConfigKeycloakArgs{
			DisplayNameField:   pulumi.String("<DISPLAY_NAME_FIELD>"),
			GroupsField:        pulumi.String("<GROUPS_FIELD>"),
			IdpMetadataContent: pulumi.String("<IDP_METADATA_CONTENT>"),
			RancherApiHost:     pulumi.String("https://<RANCHER_API_HOST>"),
			SpCert:             pulumi.String("<SP_CERT>"),
			SpKey:              pulumi.String("<SP_KEY>"),
			UidField:           pulumi.String("<UID_FIELD>"),
			UserNameField:      pulumi.String("<USER_NAME_FIELD>"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.rancher2.AuthConfigKeycloak;
import com.pulumi.rancher2.AuthConfigKeycloakArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var keycloak = new AuthConfigKeycloak("keycloak", AuthConfigKeycloakArgs.builder()        
            .displayNameField("<DISPLAY_NAME_FIELD>")
            .groupsField("<GROUPS_FIELD>")
            .idpMetadataContent("<IDP_METADATA_CONTENT>")
            .rancherApiHost("https://<RANCHER_API_HOST>")
            .spCert("<SP_CERT>")
            .spKey("<SP_KEY>")
            .uidField("<UID_FIELD>")
            .userNameField("<USER_NAME_FIELD>")
            .build());

    }
}
import pulumi
import pulumi_rancher2 as rancher2

# Create a new rancher2 Auth Config KeyCloak
keycloak = rancher2.AuthConfigKeycloak("keycloak",
    display_name_field="<DISPLAY_NAME_FIELD>",
    groups_field="<GROUPS_FIELD>",
    idp_metadata_content="<IDP_METADATA_CONTENT>",
    rancher_api_host="https://<RANCHER_API_HOST>",
    sp_cert="<SP_CERT>",
    sp_key="<SP_KEY>",
    uid_field="<UID_FIELD>",
    user_name_field="<USER_NAME_FIELD>")
import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";

// Create a new rancher2 Auth Config KeyCloak
const keycloak = new rancher2.AuthConfigKeycloak("keycloak", {
    displayNameField: "<DISPLAY_NAME_FIELD>",
    groupsField: "<GROUPS_FIELD>",
    idpMetadataContent: "<IDP_METADATA_CONTENT>",
    rancherApiHost: "https://<RANCHER_API_HOST>",
    spCert: "<SP_CERT>",
    spKey: "<SP_KEY>",
    uidField: "<UID_FIELD>",
    userNameField: "<USER_NAME_FIELD>",
});
resources:
  # Create a new rancher2 Auth Config KeyCloak
  keycloak:
    type: rancher2:AuthConfigKeycloak
    properties:
      displayNameField: <DISPLAY_NAME_FIELD>
      groupsField: <GROUPS_FIELD>
      idpMetadataContent: <IDP_METADATA_CONTENT>
      rancherApiHost: https://<RANCHER_API_HOST>
      spCert: <SP_CERT>
      spKey: <SP_KEY>
      uidField: <UID_FIELD>
      userNameField: <USER_NAME_FIELD>

Create AuthConfigKeycloak Resource

new AuthConfigKeycloak(name: string, args: AuthConfigKeycloakArgs, opts?: CustomResourceOptions);
@overload
def AuthConfigKeycloak(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       access_mode: Optional[str] = None,
                       allowed_principal_ids: Optional[Sequence[str]] = None,
                       annotations: Optional[Mapping[str, Any]] = None,
                       display_name_field: Optional[str] = None,
                       enabled: Optional[bool] = None,
                       entity_id: Optional[str] = None,
                       groups_field: Optional[str] = None,
                       idp_metadata_content: Optional[str] = None,
                       labels: Optional[Mapping[str, Any]] = None,
                       rancher_api_host: Optional[str] = None,
                       sp_cert: Optional[str] = None,
                       sp_key: Optional[str] = None,
                       uid_field: Optional[str] = None,
                       user_name_field: Optional[str] = None)
@overload
def AuthConfigKeycloak(resource_name: str,
                       args: AuthConfigKeycloakArgs,
                       opts: Optional[ResourceOptions] = None)
func NewAuthConfigKeycloak(ctx *Context, name string, args AuthConfigKeycloakArgs, opts ...ResourceOption) (*AuthConfigKeycloak, error)
public AuthConfigKeycloak(string name, AuthConfigKeycloakArgs args, CustomResourceOptions? opts = null)
public AuthConfigKeycloak(String name, AuthConfigKeycloakArgs args)
public AuthConfigKeycloak(String name, AuthConfigKeycloakArgs args, CustomResourceOptions options)
type: rancher2:AuthConfigKeycloak
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AuthConfigKeycloak Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AuthConfigKeycloak resource accepts the following input properties:

DisplayNameField string

KeyCloak display name field (string)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

Enabled bool

Enable auth config provider. Default true (bool)

EntityId string

KeyCloak Client ID field (string)

Labels Dictionary<string, object>

Labels of the resource (map)

DisplayNameField string

KeyCloak display name field (string)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

Enabled bool

Enable auth config provider. Default true (bool)

EntityId string

KeyCloak Client ID field (string)

Labels map[string]interface{}

Labels of the resource (map)

displayNameField String

KeyCloak display name field (string)

groupsField String

KeyCloak group field (string)

idpMetadataContent String

KeyCloak IDP metadata content (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

KeyCloak SP cert (string)

spKey String

KeyCloak SP key (string)

uidField String

KeyCloak UID field (string)

userNameField String

KeyCloak user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Map<String,Object>

Annotations of the resource (map)

enabled Boolean

Enable auth config provider. Default true (bool)

entityId String

KeyCloak Client ID field (string)

labels Map<String,Object>

Labels of the resource (map)

displayNameField string

KeyCloak display name field (string)

groupsField string

KeyCloak group field (string)

idpMetadataContent string

KeyCloak IDP metadata content (string)

rancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert string

KeyCloak SP cert (string)

spKey string

KeyCloak SP key (string)

uidField string

KeyCloak UID field (string)

userNameField string

KeyCloak user name field (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

enabled boolean

Enable auth config provider. Default true (bool)

entityId string

KeyCloak Client ID field (string)

labels {[key: string]: any}

Labels of the resource (map)

display_name_field str

KeyCloak display name field (string)

groups_field str

KeyCloak group field (string)

idp_metadata_content str

KeyCloak IDP metadata content (string)

rancher_api_host str

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert str

KeyCloak SP cert (string)

sp_key str

KeyCloak SP key (string)

uid_field str

KeyCloak UID field (string)

user_name_field str

KeyCloak user name field (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

enabled bool

Enable auth config provider. Default true (bool)

entity_id str

KeyCloak Client ID field (string)

labels Mapping[str, Any]

Labels of the resource (map)

displayNameField String

KeyCloak display name field (string)

groupsField String

KeyCloak group field (string)

idpMetadataContent String

KeyCloak IDP metadata content (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

KeyCloak SP cert (string)

spKey String

KeyCloak SP key (string)

uidField String

KeyCloak UID field (string)

userNameField String

KeyCloak user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Map<Any>

Annotations of the resource (map)

enabled Boolean

Enable auth config provider. Default true (bool)

entityId String

KeyCloak Client ID field (string)

labels Map<Any>

Labels of the resource (map)

Outputs

All input properties are implicitly available as output properties. Additionally, the AuthConfigKeycloak resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

Id string

The provider-assigned unique ID for this managed resource.

Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

id String

The provider-assigned unique ID for this managed resource.

name String

(Computed) The name of the resource (string)

type String

(Computed) The type of the resource (string)

id string

The provider-assigned unique ID for this managed resource.

name string

(Computed) The name of the resource (string)

type string

(Computed) The type of the resource (string)

id str

The provider-assigned unique ID for this managed resource.

name str

(Computed) The name of the resource (string)

type str

(Computed) The type of the resource (string)

id String

The provider-assigned unique ID for this managed resource.

name String

(Computed) The name of the resource (string)

type String

(Computed) The type of the resource (string)

Look up Existing AuthConfigKeycloak Resource

Get an existing AuthConfigKeycloak resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AuthConfigKeycloakState, opts?: CustomResourceOptions): AuthConfigKeycloak
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_mode: Optional[str] = None,
        allowed_principal_ids: Optional[Sequence[str]] = None,
        annotations: Optional[Mapping[str, Any]] = None,
        display_name_field: Optional[str] = None,
        enabled: Optional[bool] = None,
        entity_id: Optional[str] = None,
        groups_field: Optional[str] = None,
        idp_metadata_content: Optional[str] = None,
        labels: Optional[Mapping[str, Any]] = None,
        name: Optional[str] = None,
        rancher_api_host: Optional[str] = None,
        sp_cert: Optional[str] = None,
        sp_key: Optional[str] = None,
        type: Optional[str] = None,
        uid_field: Optional[str] = None,
        user_name_field: Optional[str] = None) -> AuthConfigKeycloak
func GetAuthConfigKeycloak(ctx *Context, name string, id IDInput, state *AuthConfigKeycloakState, opts ...ResourceOption) (*AuthConfigKeycloak, error)
public static AuthConfigKeycloak Get(string name, Input<string> id, AuthConfigKeycloakState? state, CustomResourceOptions? opts = null)
public static AuthConfigKeycloak get(String name, Output<String> id, AuthConfigKeycloakState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

DisplayNameField string

KeyCloak display name field (string)

Enabled bool

Enable auth config provider. Default true (bool)

EntityId string

KeyCloak Client ID field (string)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

Labels Dictionary<string, object>

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

Type string

(Computed) The type of the resource (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

DisplayNameField string

KeyCloak display name field (string)

Enabled bool

Enable auth config provider. Default true (bool)

EntityId string

KeyCloak Client ID field (string)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

Labels map[string]interface{}

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

Type string

(Computed) The type of the resource (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Map<String,Object>

Annotations of the resource (map)

displayNameField String

KeyCloak display name field (string)

enabled Boolean

Enable auth config provider. Default true (bool)

entityId String

KeyCloak Client ID field (string)

groupsField String

KeyCloak group field (string)

idpMetadataContent String

KeyCloak IDP metadata content (string)

labels Map<String,Object>

Labels of the resource (map)

name String

(Computed) The name of the resource (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

KeyCloak SP cert (string)

spKey String

KeyCloak SP key (string)

type String

(Computed) The type of the resource (string)

uidField String

KeyCloak UID field (string)

userNameField String

KeyCloak user name field (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

displayNameField string

KeyCloak display name field (string)

enabled boolean

Enable auth config provider. Default true (bool)

entityId string

KeyCloak Client ID field (string)

groupsField string

KeyCloak group field (string)

idpMetadataContent string

KeyCloak IDP metadata content (string)

labels {[key: string]: any}

Labels of the resource (map)

name string

(Computed) The name of the resource (string)

rancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert string

KeyCloak SP cert (string)

spKey string

KeyCloak SP key (string)

type string

(Computed) The type of the resource (string)

uidField string

KeyCloak UID field (string)

userNameField string

KeyCloak user name field (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

display_name_field str

KeyCloak display name field (string)

enabled bool

Enable auth config provider. Default true (bool)

entity_id str

KeyCloak Client ID field (string)

groups_field str

KeyCloak group field (string)

idp_metadata_content str

KeyCloak IDP metadata content (string)

labels Mapping[str, Any]

Labels of the resource (map)

name str

(Computed) The name of the resource (string)

rancher_api_host str

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert str

KeyCloak SP cert (string)

sp_key str

KeyCloak SP key (string)

type str

(Computed) The type of the resource (string)

uid_field str

KeyCloak UID field (string)

user_name_field str

KeyCloak user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Map<Any>

Annotations of the resource (map)

displayNameField String

KeyCloak display name field (string)

enabled Boolean

Enable auth config provider. Default true (bool)

entityId String

KeyCloak Client ID field (string)

groupsField String

KeyCloak group field (string)

idpMetadataContent String

KeyCloak IDP metadata content (string)

labels Map<Any>

Labels of the resource (map)

name String

(Computed) The name of the resource (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

KeyCloak SP cert (string)

spKey String

KeyCloak SP key (string)

type String

(Computed) The type of the resource (string)

uidField String

KeyCloak UID field (string)

userNameField String

KeyCloak user name field (string)

Package Details

Repository
Rancher2 pulumi/pulumi-rancher2
License
Apache-2.0
Notes

This Pulumi package is based on the rancher2 Terraform Provider.