rancher2.AuthConfigOkta
Explore with Pulumi AI
Provides a Rancher v2 Auth Config OKTA resource. This can be used to configure and enable Auth Config OKTA for Rancher v2 RKE clusters and retrieve their information.
In addition to the built-in local auth, only one external auth config provider can be enabled at a time.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Rancher2 = Pulumi.Rancher2;
return await Deployment.RunAsync(() =>
{
// Create a new rancher2 Auth Config OKTA
var okta = new Rancher2.AuthConfigOkta("okta", new()
{
DisplayNameField = "<DISPLAY_NAME_FIELD>",
GroupsField = "<GROUPS_FIELD>",
IdpMetadataContent = "<IDP_METADATA_CONTENT>",
RancherApiHost = "https://<RANCHER_API_HOST>",
SpCert = "<SP_CERT>",
SpKey = "<SP_KEY>",
UidField = "<UID_FIELD>",
UserNameField = "<USER_NAME_FIELD>",
});
});
package main
import (
"github.com/pulumi/pulumi-rancher2/sdk/v4/go/rancher2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := rancher2.NewAuthConfigOkta(ctx, "okta", &rancher2.AuthConfigOktaArgs{
DisplayNameField: pulumi.String("<DISPLAY_NAME_FIELD>"),
GroupsField: pulumi.String("<GROUPS_FIELD>"),
IdpMetadataContent: pulumi.String("<IDP_METADATA_CONTENT>"),
RancherApiHost: pulumi.String("https://<RANCHER_API_HOST>"),
SpCert: pulumi.String("<SP_CERT>"),
SpKey: pulumi.String("<SP_KEY>"),
UidField: pulumi.String("<UID_FIELD>"),
UserNameField: pulumi.String("<USER_NAME_FIELD>"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.rancher2.AuthConfigOkta;
import com.pulumi.rancher2.AuthConfigOktaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var okta = new AuthConfigOkta("okta", AuthConfigOktaArgs.builder()
.displayNameField("<DISPLAY_NAME_FIELD>")
.groupsField("<GROUPS_FIELD>")
.idpMetadataContent("<IDP_METADATA_CONTENT>")
.rancherApiHost("https://<RANCHER_API_HOST>")
.spCert("<SP_CERT>")
.spKey("<SP_KEY>")
.uidField("<UID_FIELD>")
.userNameField("<USER_NAME_FIELD>")
.build());
}
}
import pulumi
import pulumi_rancher2 as rancher2
# Create a new rancher2 Auth Config OKTA
okta = rancher2.AuthConfigOkta("okta",
display_name_field="<DISPLAY_NAME_FIELD>",
groups_field="<GROUPS_FIELD>",
idp_metadata_content="<IDP_METADATA_CONTENT>",
rancher_api_host="https://<RANCHER_API_HOST>",
sp_cert="<SP_CERT>",
sp_key="<SP_KEY>",
uid_field="<UID_FIELD>",
user_name_field="<USER_NAME_FIELD>")
import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";
// Create a new rancher2 Auth Config OKTA
const okta = new rancher2.AuthConfigOkta("okta", {
displayNameField: "<DISPLAY_NAME_FIELD>",
groupsField: "<GROUPS_FIELD>",
idpMetadataContent: "<IDP_METADATA_CONTENT>",
rancherApiHost: "https://<RANCHER_API_HOST>",
spCert: "<SP_CERT>",
spKey: "<SP_KEY>",
uidField: "<UID_FIELD>",
userNameField: "<USER_NAME_FIELD>",
});
resources:
# Create a new rancher2 Auth Config OKTA
okta:
type: rancher2:AuthConfigOkta
properties:
displayNameField: <DISPLAY_NAME_FIELD>
groupsField: <GROUPS_FIELD>
idpMetadataContent: <IDP_METADATA_CONTENT>
rancherApiHost: https://<RANCHER_API_HOST>
spCert: <SP_CERT>
spKey: <SP_KEY>
uidField: <UID_FIELD>
userNameField: <USER_NAME_FIELD>
Create AuthConfigOkta Resource
new AuthConfigOkta(name: string, args: AuthConfigOktaArgs, opts?: CustomResourceOptions);
@overload
def AuthConfigOkta(resource_name: str,
opts: Optional[ResourceOptions] = None,
access_mode: Optional[str] = None,
allowed_principal_ids: Optional[Sequence[str]] = None,
annotations: Optional[Mapping[str, Any]] = None,
display_name_field: Optional[str] = None,
enabled: Optional[bool] = None,
groups_field: Optional[str] = None,
idp_metadata_content: Optional[str] = None,
labels: Optional[Mapping[str, Any]] = None,
rancher_api_host: Optional[str] = None,
sp_cert: Optional[str] = None,
sp_key: Optional[str] = None,
uid_field: Optional[str] = None,
user_name_field: Optional[str] = None)
@overload
def AuthConfigOkta(resource_name: str,
args: AuthConfigOktaArgs,
opts: Optional[ResourceOptions] = None)
func NewAuthConfigOkta(ctx *Context, name string, args AuthConfigOktaArgs, opts ...ResourceOption) (*AuthConfigOkta, error)
public AuthConfigOkta(string name, AuthConfigOktaArgs args, CustomResourceOptions? opts = null)
public AuthConfigOkta(String name, AuthConfigOktaArgs args)
public AuthConfigOkta(String name, AuthConfigOktaArgs args, CustomResourceOptions options)
type: rancher2:AuthConfigOkta
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthConfigOktaArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AuthConfigOktaArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AuthConfigOktaArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthConfigOktaArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AuthConfigOktaArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AuthConfigOkta Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AuthConfigOkta resource accepts the following input properties:
- Display
Name stringField OKTA display name field (string)
- Groups
Field string OKTA group field (string)
- Idp
Metadata stringContent OKTA IDP metadata content (string)
- Rancher
Api stringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- Sp
Cert string OKTA SP cert (string)
- Sp
Key string OKTA SP key (string)
- Uid
Field string OKTA UID field (string)
- User
Name stringField OKTA user name field (string)
- Access
Mode string Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- Allowed
Principal List<string>Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- Annotations Dictionary<string, object>
Annotations of the resource (map)
- Enabled bool
Enable auth config provider. Default
true
(bool)- Labels Dictionary<string, object>
Labels of the resource (map)
- Display
Name stringField OKTA display name field (string)
- Groups
Field string OKTA group field (string)
- Idp
Metadata stringContent OKTA IDP metadata content (string)
- Rancher
Api stringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- Sp
Cert string OKTA SP cert (string)
- Sp
Key string OKTA SP key (string)
- Uid
Field string OKTA UID field (string)
- User
Name stringField OKTA user name field (string)
- Access
Mode string Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- Allowed
Principal []stringIds Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- Annotations map[string]interface{}
Annotations of the resource (map)
- Enabled bool
Enable auth config provider. Default
true
(bool)- Labels map[string]interface{}
Labels of the resource (map)
- display
Name StringField OKTA display name field (string)
- groups
Field String OKTA group field (string)
- idp
Metadata StringContent OKTA IDP metadata content (string)
- rancher
Api StringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp
Cert String OKTA SP cert (string)
- sp
Key String OKTA SP key (string)
- uid
Field String OKTA UID field (string)
- user
Name StringField OKTA user name field (string)
- access
Mode String Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed
Principal List<String>Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations Map<String,Object>
Annotations of the resource (map)
- enabled Boolean
Enable auth config provider. Default
true
(bool)- labels Map<String,Object>
Labels of the resource (map)
- display
Name stringField OKTA display name field (string)
- groups
Field string OKTA group field (string)
- idp
Metadata stringContent OKTA IDP metadata content (string)
- rancher
Api stringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp
Cert string OKTA SP cert (string)
- sp
Key string OKTA SP key (string)
- uid
Field string OKTA UID field (string)
- user
Name stringField OKTA user name field (string)
- access
Mode string Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed
Principal string[]Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations {[key: string]: any}
Annotations of the resource (map)
- enabled boolean
Enable auth config provider. Default
true
(bool)- labels {[key: string]: any}
Labels of the resource (map)
- display_
name_ strfield OKTA display name field (string)
- groups_
field str OKTA group field (string)
- idp_
metadata_ strcontent OKTA IDP metadata content (string)
- rancher_
api_ strhost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp_
cert str OKTA SP cert (string)
- sp_
key str OKTA SP key (string)
- uid_
field str OKTA UID field (string)
- user_
name_ strfield OKTA user name field (string)
- access_
mode str Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed_
principal_ Sequence[str]ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations Mapping[str, Any]
Annotations of the resource (map)
- enabled bool
Enable auth config provider. Default
true
(bool)- labels Mapping[str, Any]
Labels of the resource (map)
- display
Name StringField OKTA display name field (string)
- groups
Field String OKTA group field (string)
- idp
Metadata StringContent OKTA IDP metadata content (string)
- rancher
Api StringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp
Cert String OKTA SP cert (string)
- sp
Key String OKTA SP key (string)
- uid
Field String OKTA UID field (string)
- user
Name StringField OKTA user name field (string)
- access
Mode String Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed
Principal List<String>Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations Map<Any>
Annotations of the resource (map)
- enabled Boolean
Enable auth config provider. Default
true
(bool)- labels Map<Any>
Labels of the resource (map)
Outputs
All input properties are implicitly available as output properties. Additionally, the AuthConfigOkta resource produces the following output properties:
Look up Existing AuthConfigOkta Resource
Get an existing AuthConfigOkta resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AuthConfigOktaState, opts?: CustomResourceOptions): AuthConfigOkta
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_mode: Optional[str] = None,
allowed_principal_ids: Optional[Sequence[str]] = None,
annotations: Optional[Mapping[str, Any]] = None,
display_name_field: Optional[str] = None,
enabled: Optional[bool] = None,
groups_field: Optional[str] = None,
idp_metadata_content: Optional[str] = None,
labels: Optional[Mapping[str, Any]] = None,
name: Optional[str] = None,
rancher_api_host: Optional[str] = None,
sp_cert: Optional[str] = None,
sp_key: Optional[str] = None,
type: Optional[str] = None,
uid_field: Optional[str] = None,
user_name_field: Optional[str] = None) -> AuthConfigOkta
func GetAuthConfigOkta(ctx *Context, name string, id IDInput, state *AuthConfigOktaState, opts ...ResourceOption) (*AuthConfigOkta, error)
public static AuthConfigOkta Get(string name, Input<string> id, AuthConfigOktaState? state, CustomResourceOptions? opts = null)
public static AuthConfigOkta get(String name, Output<String> id, AuthConfigOktaState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Mode string Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- Allowed
Principal List<string>Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- Annotations Dictionary<string, object>
Annotations of the resource (map)
- Display
Name stringField OKTA display name field (string)
- Enabled bool
Enable auth config provider. Default
true
(bool)- Groups
Field string OKTA group field (string)
- Idp
Metadata stringContent OKTA IDP metadata content (string)
- Labels Dictionary<string, object>
Labels of the resource (map)
- Name string
(Computed) The name of the resource (string)
- Rancher
Api stringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- Sp
Cert string OKTA SP cert (string)
- Sp
Key string OKTA SP key (string)
- Type string
(Computed) The type of the resource (string)
- Uid
Field string OKTA UID field (string)
- User
Name stringField OKTA user name field (string)
- Access
Mode string Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- Allowed
Principal []stringIds Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- Annotations map[string]interface{}
Annotations of the resource (map)
- Display
Name stringField OKTA display name field (string)
- Enabled bool
Enable auth config provider. Default
true
(bool)- Groups
Field string OKTA group field (string)
- Idp
Metadata stringContent OKTA IDP metadata content (string)
- Labels map[string]interface{}
Labels of the resource (map)
- Name string
(Computed) The name of the resource (string)
- Rancher
Api stringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- Sp
Cert string OKTA SP cert (string)
- Sp
Key string OKTA SP key (string)
- Type string
(Computed) The type of the resource (string)
- Uid
Field string OKTA UID field (string)
- User
Name stringField OKTA user name field (string)
- access
Mode String Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed
Principal List<String>Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations Map<String,Object>
Annotations of the resource (map)
- display
Name StringField OKTA display name field (string)
- enabled Boolean
Enable auth config provider. Default
true
(bool)- groups
Field String OKTA group field (string)
- idp
Metadata StringContent OKTA IDP metadata content (string)
- labels Map<String,Object>
Labels of the resource (map)
- name String
(Computed) The name of the resource (string)
- rancher
Api StringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp
Cert String OKTA SP cert (string)
- sp
Key String OKTA SP key (string)
- type String
(Computed) The type of the resource (string)
- uid
Field String OKTA UID field (string)
- user
Name StringField OKTA user name field (string)
- access
Mode string Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed
Principal string[]Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations {[key: string]: any}
Annotations of the resource (map)
- display
Name stringField OKTA display name field (string)
- enabled boolean
Enable auth config provider. Default
true
(bool)- groups
Field string OKTA group field (string)
- idp
Metadata stringContent OKTA IDP metadata content (string)
- labels {[key: string]: any}
Labels of the resource (map)
- name string
(Computed) The name of the resource (string)
- rancher
Api stringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp
Cert string OKTA SP cert (string)
- sp
Key string OKTA SP key (string)
- type string
(Computed) The type of the resource (string)
- uid
Field string OKTA UID field (string)
- user
Name stringField OKTA user name field (string)
- access_
mode str Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed_
principal_ Sequence[str]ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations Mapping[str, Any]
Annotations of the resource (map)
- display_
name_ strfield OKTA display name field (string)
- enabled bool
Enable auth config provider. Default
true
(bool)- groups_
field str OKTA group field (string)
- idp_
metadata_ strcontent OKTA IDP metadata content (string)
- labels Mapping[str, Any]
Labels of the resource (map)
- name str
(Computed) The name of the resource (string)
- rancher_
api_ strhost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp_
cert str OKTA SP cert (string)
- sp_
key str OKTA SP key (string)
- type str
(Computed) The type of the resource (string)
- uid_
field str OKTA UID field (string)
- user_
name_ strfield OKTA user name field (string)
- access
Mode String Access mode for auth.
required
,restricted
,unrestricted
are supported. Defaultunrestricted
(string)- allowed
Principal List<String>Ids Allowed principal ids for auth. Required if
access_mode
isrequired
orrestricted
. Ex:okta_user://<USER_ID>
okta_group://<GROUP_ID>
(list)- annotations Map<Any>
Annotations of the resource (map)
- display
Name StringField OKTA display name field (string)
- enabled Boolean
Enable auth config provider. Default
true
(bool)- groups
Field String OKTA group field (string)
- idp
Metadata StringContent OKTA IDP metadata content (string)
- labels Map<Any>
Labels of the resource (map)
- name String
(Computed) The name of the resource (string)
- rancher
Api StringHost Rancher URL. URL scheme needs to be specified,
https://<RANCHER_API_HOST>
(string)- sp
Cert String OKTA SP cert (string)
- sp
Key String OKTA SP key (string)
- type String
(Computed) The type of the resource (string)
- uid
Field String OKTA UID field (string)
- user
Name StringField OKTA user name field (string)
Package Details
- Repository
- Rancher2 pulumi/pulumi-rancher2
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
rancher2
Terraform Provider.