rancher2 logo
Rancher 2 v4.0.0, Apr 20 23

rancher2.AuthConfigOkta

Explore with Pulumi AI

Provides a Rancher v2 Auth Config OKTA resource. This can be used to configure and enable Auth Config OKTA for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Rancher2 = Pulumi.Rancher2;

return await Deployment.RunAsync(() => 
{
    // Create a new rancher2 Auth Config OKTA
    var okta = new Rancher2.AuthConfigOkta("okta", new()
    {
        DisplayNameField = "<DISPLAY_NAME_FIELD>",
        GroupsField = "<GROUPS_FIELD>",
        IdpMetadataContent = "<IDP_METADATA_CONTENT>",
        RancherApiHost = "https://<RANCHER_API_HOST>",
        SpCert = "<SP_CERT>",
        SpKey = "<SP_KEY>",
        UidField = "<UID_FIELD>",
        UserNameField = "<USER_NAME_FIELD>",
    });

});
package main

import (
	"github.com/pulumi/pulumi-rancher2/sdk/v4/go/rancher2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := rancher2.NewAuthConfigOkta(ctx, "okta", &rancher2.AuthConfigOktaArgs{
			DisplayNameField:   pulumi.String("<DISPLAY_NAME_FIELD>"),
			GroupsField:        pulumi.String("<GROUPS_FIELD>"),
			IdpMetadataContent: pulumi.String("<IDP_METADATA_CONTENT>"),
			RancherApiHost:     pulumi.String("https://<RANCHER_API_HOST>"),
			SpCert:             pulumi.String("<SP_CERT>"),
			SpKey:              pulumi.String("<SP_KEY>"),
			UidField:           pulumi.String("<UID_FIELD>"),
			UserNameField:      pulumi.String("<USER_NAME_FIELD>"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.rancher2.AuthConfigOkta;
import com.pulumi.rancher2.AuthConfigOktaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var okta = new AuthConfigOkta("okta", AuthConfigOktaArgs.builder()        
            .displayNameField("<DISPLAY_NAME_FIELD>")
            .groupsField("<GROUPS_FIELD>")
            .idpMetadataContent("<IDP_METADATA_CONTENT>")
            .rancherApiHost("https://<RANCHER_API_HOST>")
            .spCert("<SP_CERT>")
            .spKey("<SP_KEY>")
            .uidField("<UID_FIELD>")
            .userNameField("<USER_NAME_FIELD>")
            .build());

    }
}
import pulumi
import pulumi_rancher2 as rancher2

# Create a new rancher2 Auth Config OKTA
okta = rancher2.AuthConfigOkta("okta",
    display_name_field="<DISPLAY_NAME_FIELD>",
    groups_field="<GROUPS_FIELD>",
    idp_metadata_content="<IDP_METADATA_CONTENT>",
    rancher_api_host="https://<RANCHER_API_HOST>",
    sp_cert="<SP_CERT>",
    sp_key="<SP_KEY>",
    uid_field="<UID_FIELD>",
    user_name_field="<USER_NAME_FIELD>")
import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";

// Create a new rancher2 Auth Config OKTA
const okta = new rancher2.AuthConfigOkta("okta", {
    displayNameField: "<DISPLAY_NAME_FIELD>",
    groupsField: "<GROUPS_FIELD>",
    idpMetadataContent: "<IDP_METADATA_CONTENT>",
    rancherApiHost: "https://<RANCHER_API_HOST>",
    spCert: "<SP_CERT>",
    spKey: "<SP_KEY>",
    uidField: "<UID_FIELD>",
    userNameField: "<USER_NAME_FIELD>",
});
resources:
  # Create a new rancher2 Auth Config OKTA
  okta:
    type: rancher2:AuthConfigOkta
    properties:
      displayNameField: <DISPLAY_NAME_FIELD>
      groupsField: <GROUPS_FIELD>
      idpMetadataContent: <IDP_METADATA_CONTENT>
      rancherApiHost: https://<RANCHER_API_HOST>
      spCert: <SP_CERT>
      spKey: <SP_KEY>
      uidField: <UID_FIELD>
      userNameField: <USER_NAME_FIELD>

Create AuthConfigOkta Resource

new AuthConfigOkta(name: string, args: AuthConfigOktaArgs, opts?: CustomResourceOptions);
@overload
def AuthConfigOkta(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   access_mode: Optional[str] = None,
                   allowed_principal_ids: Optional[Sequence[str]] = None,
                   annotations: Optional[Mapping[str, Any]] = None,
                   display_name_field: Optional[str] = None,
                   enabled: Optional[bool] = None,
                   groups_field: Optional[str] = None,
                   idp_metadata_content: Optional[str] = None,
                   labels: Optional[Mapping[str, Any]] = None,
                   rancher_api_host: Optional[str] = None,
                   sp_cert: Optional[str] = None,
                   sp_key: Optional[str] = None,
                   uid_field: Optional[str] = None,
                   user_name_field: Optional[str] = None)
@overload
def AuthConfigOkta(resource_name: str,
                   args: AuthConfigOktaArgs,
                   opts: Optional[ResourceOptions] = None)
func NewAuthConfigOkta(ctx *Context, name string, args AuthConfigOktaArgs, opts ...ResourceOption) (*AuthConfigOkta, error)
public AuthConfigOkta(string name, AuthConfigOktaArgs args, CustomResourceOptions? opts = null)
public AuthConfigOkta(String name, AuthConfigOktaArgs args)
public AuthConfigOkta(String name, AuthConfigOktaArgs args, CustomResourceOptions options)
type: rancher2:AuthConfigOkta
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AuthConfigOktaArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AuthConfigOktaArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AuthConfigOktaArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AuthConfigOktaArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AuthConfigOktaArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AuthConfigOkta Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AuthConfigOkta resource accepts the following input properties:

DisplayNameField string

OKTA display name field (string)

GroupsField string

OKTA group field (string)

IdpMetadataContent string

OKTA IDP metadata content (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

OKTA SP cert (string)

SpKey string

OKTA SP key (string)

UidField string

OKTA UID field (string)

UserNameField string

OKTA user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

Enabled bool

Enable auth config provider. Default true (bool)

Labels Dictionary<string, object>

Labels of the resource (map)

DisplayNameField string

OKTA display name field (string)

GroupsField string

OKTA group field (string)

IdpMetadataContent string

OKTA IDP metadata content (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

OKTA SP cert (string)

SpKey string

OKTA SP key (string)

UidField string

OKTA UID field (string)

UserNameField string

OKTA user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

Enabled bool

Enable auth config provider. Default true (bool)

Labels map[string]interface{}

Labels of the resource (map)

displayNameField String

OKTA display name field (string)

groupsField String

OKTA group field (string)

idpMetadataContent String

OKTA IDP metadata content (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

OKTA SP cert (string)

spKey String

OKTA SP key (string)

uidField String

OKTA UID field (string)

userNameField String

OKTA user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations Map<String,Object>

Annotations of the resource (map)

enabled Boolean

Enable auth config provider. Default true (bool)

labels Map<String,Object>

Labels of the resource (map)

displayNameField string

OKTA display name field (string)

groupsField string

OKTA group field (string)

idpMetadataContent string

OKTA IDP metadata content (string)

rancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert string

OKTA SP cert (string)

spKey string

OKTA SP key (string)

uidField string

OKTA UID field (string)

userNameField string

OKTA user name field (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

enabled boolean

Enable auth config provider. Default true (bool)

labels {[key: string]: any}

Labels of the resource (map)

display_name_field str

OKTA display name field (string)

groups_field str

OKTA group field (string)

idp_metadata_content str

OKTA IDP metadata content (string)

rancher_api_host str

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert str

OKTA SP cert (string)

sp_key str

OKTA SP key (string)

uid_field str

OKTA UID field (string)

user_name_field str

OKTA user name field (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

enabled bool

Enable auth config provider. Default true (bool)

labels Mapping[str, Any]

Labels of the resource (map)

displayNameField String

OKTA display name field (string)

groupsField String

OKTA group field (string)

idpMetadataContent String

OKTA IDP metadata content (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

OKTA SP cert (string)

spKey String

OKTA SP key (string)

uidField String

OKTA UID field (string)

userNameField String

OKTA user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations Map<Any>

Annotations of the resource (map)

enabled Boolean

Enable auth config provider. Default true (bool)

labels Map<Any>

Labels of the resource (map)

Outputs

All input properties are implicitly available as output properties. Additionally, the AuthConfigOkta resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

Id string

The provider-assigned unique ID for this managed resource.

Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

id String

The provider-assigned unique ID for this managed resource.

name String

(Computed) The name of the resource (string)

type String

(Computed) The type of the resource (string)

id string

The provider-assigned unique ID for this managed resource.

name string

(Computed) The name of the resource (string)

type string

(Computed) The type of the resource (string)

id str

The provider-assigned unique ID for this managed resource.

name str

(Computed) The name of the resource (string)

type str

(Computed) The type of the resource (string)

id String

The provider-assigned unique ID for this managed resource.

name String

(Computed) The name of the resource (string)

type String

(Computed) The type of the resource (string)

Look up Existing AuthConfigOkta Resource

Get an existing AuthConfigOkta resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AuthConfigOktaState, opts?: CustomResourceOptions): AuthConfigOkta
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_mode: Optional[str] = None,
        allowed_principal_ids: Optional[Sequence[str]] = None,
        annotations: Optional[Mapping[str, Any]] = None,
        display_name_field: Optional[str] = None,
        enabled: Optional[bool] = None,
        groups_field: Optional[str] = None,
        idp_metadata_content: Optional[str] = None,
        labels: Optional[Mapping[str, Any]] = None,
        name: Optional[str] = None,
        rancher_api_host: Optional[str] = None,
        sp_cert: Optional[str] = None,
        sp_key: Optional[str] = None,
        type: Optional[str] = None,
        uid_field: Optional[str] = None,
        user_name_field: Optional[str] = None) -> AuthConfigOkta
func GetAuthConfigOkta(ctx *Context, name string, id IDInput, state *AuthConfigOktaState, opts ...ResourceOption) (*AuthConfigOkta, error)
public static AuthConfigOkta Get(string name, Input<string> id, AuthConfigOktaState? state, CustomResourceOptions? opts = null)
public static AuthConfigOkta get(String name, Output<String> id, AuthConfigOktaState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

DisplayNameField string

OKTA display name field (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupsField string

OKTA group field (string)

IdpMetadataContent string

OKTA IDP metadata content (string)

Labels Dictionary<string, object>

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

OKTA SP cert (string)

SpKey string

OKTA SP key (string)

Type string

(Computed) The type of the resource (string)

UidField string

OKTA UID field (string)

UserNameField string

OKTA user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

DisplayNameField string

OKTA display name field (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupsField string

OKTA group field (string)

IdpMetadataContent string

OKTA IDP metadata content (string)

Labels map[string]interface{}

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

OKTA SP cert (string)

SpKey string

OKTA SP key (string)

Type string

(Computed) The type of the resource (string)

UidField string

OKTA UID field (string)

UserNameField string

OKTA user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations Map<String,Object>

Annotations of the resource (map)

displayNameField String

OKTA display name field (string)

enabled Boolean

Enable auth config provider. Default true (bool)

groupsField String

OKTA group field (string)

idpMetadataContent String

OKTA IDP metadata content (string)

labels Map<String,Object>

Labels of the resource (map)

name String

(Computed) The name of the resource (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

OKTA SP cert (string)

spKey String

OKTA SP key (string)

type String

(Computed) The type of the resource (string)

uidField String

OKTA UID field (string)

userNameField String

OKTA user name field (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

displayNameField string

OKTA display name field (string)

enabled boolean

Enable auth config provider. Default true (bool)

groupsField string

OKTA group field (string)

idpMetadataContent string

OKTA IDP metadata content (string)

labels {[key: string]: any}

Labels of the resource (map)

name string

(Computed) The name of the resource (string)

rancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert string

OKTA SP cert (string)

spKey string

OKTA SP key (string)

type string

(Computed) The type of the resource (string)

uidField string

OKTA UID field (string)

userNameField string

OKTA user name field (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

display_name_field str

OKTA display name field (string)

enabled bool

Enable auth config provider. Default true (bool)

groups_field str

OKTA group field (string)

idp_metadata_content str

OKTA IDP metadata content (string)

labels Mapping[str, Any]

Labels of the resource (map)

name str

(Computed) The name of the resource (string)

rancher_api_host str

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert str

OKTA SP cert (string)

sp_key str

OKTA SP key (string)

type str

(Computed) The type of the resource (string)

uid_field str

OKTA UID field (string)

user_name_field str

OKTA user name field (string)

accessMode String

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds List<String>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations Map<Any>

Annotations of the resource (map)

displayNameField String

OKTA display name field (string)

enabled Boolean

Enable auth config provider. Default true (bool)

groupsField String

OKTA group field (string)

idpMetadataContent String

OKTA IDP metadata content (string)

labels Map<Any>

Labels of the resource (map)

name String

(Computed) The name of the resource (string)

rancherApiHost String

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert String

OKTA SP cert (string)

spKey String

OKTA SP key (string)

type String

(Computed) The type of the resource (string)

uidField String

OKTA UID field (string)

userNameField String

OKTA user name field (string)

Package Details

Repository
Rancher2 pulumi/pulumi-rancher2
License
Apache-2.0
Notes

This Pulumi package is based on the rancher2 Terraform Provider.