tencentcloud 1.81.189, Apr 30 25

tencentcloud 1.81.189 published on Wednesday, Apr 30, 2025 by tencentcloudstack

tencentcloudstack/terraform-provider-tencentcloud

tencentcloud.CamOidcSso

Explore with Pulumi AI

tencentcloud 1.81.189 published on Wednesday, Apr 30, 2025 by tencentcloudstack

tencentcloudstack/terraform-provider-tencentcloud

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";

const foo = new tencentcloud.CamOidcSso("foo", {
    authorizationEndpoint: "https://login.microsoftonline.com/.../oauth2/v2.0/authorize",
    clientId: "...",
    identityKey: "...",
    identityUrl: "https://login.microsoftonline.com/.../v2.0",
    mappingFiled: "name",
    responseMode: "form_post",
    responseType: "id_token",
    scopes: [
        "openid",
        "email",
    ],
});

import pulumi
import pulumi_tencentcloud as tencentcloud

foo = tencentcloud.CamOidcSso("foo",
    authorization_endpoint="https://login.microsoftonline.com/.../oauth2/v2.0/authorize",
    client_id="...",
    identity_key="...",
    identity_url="https://login.microsoftonline.com/.../v2.0",
    mapping_filed="name",
    response_mode="form_post",
    response_type="id_token",
    scopes=[
        "openid",
        "email",
    ])

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := tencentcloud.NewCamOidcSso(ctx, "foo", &tencentcloud.CamOidcSsoArgs{
			AuthorizationEndpoint: pulumi.String("https://login.microsoftonline.com/.../oauth2/v2.0/authorize"),
			ClientId:              pulumi.String("..."),
			IdentityKey:           pulumi.String("..."),
			IdentityUrl:           pulumi.String("https://login.microsoftonline.com/.../v2.0"),
			MappingFiled:          pulumi.String("name"),
			ResponseMode:          pulumi.String("form_post"),
			ResponseType:          pulumi.String("id_token"),
			Scopes: pulumi.StringArray{
				pulumi.String("openid"),
				pulumi.String("email"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;

return await Deployment.RunAsync(() => 
{
    var foo = new Tencentcloud.CamOidcSso("foo", new()
    {
        AuthorizationEndpoint = "https://login.microsoftonline.com/.../oauth2/v2.0/authorize",
        ClientId = "...",
        IdentityKey = "...",
        IdentityUrl = "https://login.microsoftonline.com/.../v2.0",
        MappingFiled = "name",
        ResponseMode = "form_post",
        ResponseType = "id_token",
        Scopes = new[]
        {
            "openid",
            "email",
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.CamOidcSso;
import com.pulumi.tencentcloud.CamOidcSsoArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var foo = new CamOidcSso("foo", CamOidcSsoArgs.builder()
            .authorizationEndpoint("https://login.microsoftonline.com/.../oauth2/v2.0/authorize")
            .clientId("...")
            .identityKey("...")
            .identityUrl("https://login.microsoftonline.com/.../v2.0")
            .mappingFiled("name")
            .responseMode("form_post")
            .responseType("id_token")
            .scopes(            
                "openid",
                "email")
            .build());

    }
}

resources:
  foo:
    type: tencentcloud:CamOidcSso
    properties:
      authorizationEndpoint: https://login.microsoftonline.com/.../oauth2/v2.0/authorize
      clientId: '...'
      identityKey: '...'
      identityUrl: https://login.microsoftonline.com/.../v2.0
      mappingFiled: name
      responseMode: form_post
      responseType: id_token
      scopes:
        - openid
        - email

Create CamOidcSso Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new CamOidcSso(name: string, args: CamOidcSsoArgs, opts?: CustomResourceOptions);

@overload
def CamOidcSso(resource_name: str,
               args: CamOidcSsoArgs,
               opts: Optional[ResourceOptions] = None)

@overload
def CamOidcSso(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               authorization_endpoint: Optional[str] = None,
               client_id: Optional[str] = None,
               identity_key: Optional[str] = None,
               identity_url: Optional[str] = None,
               mapping_filed: Optional[str] = None,
               response_mode: Optional[str] = None,
               response_type: Optional[str] = None,
               cam_oidc_sso_id: Optional[str] = None,
               scopes: Optional[Sequence[str]] = None)

func NewCamOidcSso(ctx *Context, name string, args CamOidcSsoArgs, opts ...ResourceOption) (*CamOidcSso, error)

public CamOidcSso(string name, CamOidcSsoArgs args, CustomResourceOptions? opts = null)

public CamOidcSso(String name, CamOidcSsoArgs args)
public CamOidcSso(String name, CamOidcSsoArgs args, CustomResourceOptions options)

type: tencentcloud:CamOidcSso
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args CamOidcSsoArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args CamOidcSsoArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args CamOidcSsoArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CamOidcSsoArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args CamOidcSsoArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

CamOidcSso Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The CamOidcSso resource accepts the following input properties:

AuthorizationEndpoint string: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
ClientId string: Client ID, the client ID registered with the OpenID Connect identity provider.
IdentityKey string: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
IdentityUrl string: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
MappingFiled string: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
ResponseMode string: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
ResponseType string: Authorization requests The Response type, with a fixed value id_token.
CamOidcSsoId string: ID of the resource.
Scopes List<string>: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

AuthorizationEndpoint string: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
ClientId string: Client ID, the client ID registered with the OpenID Connect identity provider.
IdentityKey string: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
IdentityUrl string: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
MappingFiled string: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
ResponseMode string: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
ResponseType string: Authorization requests The Response type, with a fixed value id_token.
CamOidcSsoId string: ID of the resource.
Scopes []string: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorizationEndpoint String: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
clientId String: Client ID, the client ID registered with the OpenID Connect identity provider.
identityKey String: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identityUrl String: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mappingFiled String: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
responseMode String: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
responseType String: Authorization requests The Response type, with a fixed value id_token.
camOidcSsoId String: ID of the resource.
scopes List<String>: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorizationEndpoint string: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
clientId string: Client ID, the client ID registered with the OpenID Connect identity provider.
identityKey string: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identityUrl string: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mappingFiled string: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
responseMode string: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
responseType string: Authorization requests The Response type, with a fixed value id_token.
camOidcSsoId string: ID of the resource.
scopes string[]: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorization_endpoint str: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
client_id str: Client ID, the client ID registered with the OpenID Connect identity provider.
identity_key str: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identity_url str: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mapping_filed str: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
response_mode str: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
response_type str: Authorization requests The Response type, with a fixed value id_token.
cam_oidc_sso_id str: ID of the resource.
scopes Sequence[str]: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorizationEndpoint String: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
clientId String: Client ID, the client ID registered with the OpenID Connect identity provider.
identityKey String: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identityUrl String: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mappingFiled String: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
responseMode String: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
responseType String: Authorization requests The Response type, with a fixed value id_token.
camOidcSsoId String: ID of the resource.
scopes List<String>: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

Outputs

All input properties are implicitly available as output properties. Additionally, the CamOidcSso resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing CamOidcSso Resource

Get an existing CamOidcSso resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CamOidcSsoState, opts?: CustomResourceOptions): CamOidcSso

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        authorization_endpoint: Optional[str] = None,
        cam_oidc_sso_id: Optional[str] = None,
        client_id: Optional[str] = None,
        identity_key: Optional[str] = None,
        identity_url: Optional[str] = None,
        mapping_filed: Optional[str] = None,
        response_mode: Optional[str] = None,
        response_type: Optional[str] = None,
        scopes: Optional[Sequence[str]] = None) -> CamOidcSso

func GetCamOidcSso(ctx *Context, name string, id IDInput, state *CamOidcSsoState, opts ...ResourceOption) (*CamOidcSso, error)

public static CamOidcSso Get(string name, Input<string> id, CamOidcSsoState? state, CustomResourceOptions? opts = null)

public static CamOidcSso get(String name, Output<String> id, CamOidcSsoState state, CustomResourceOptions options)

resources:  _:    type: tencentcloud:CamOidcSso    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthorizationEndpoint string: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
CamOidcSsoId string: ID of the resource.
ClientId string: Client ID, the client ID registered with the OpenID Connect identity provider.
IdentityKey string: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
IdentityUrl string: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
MappingFiled string: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
ResponseMode string: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
ResponseType string: Authorization requests The Response type, with a fixed value id_token.
Scopes List<string>: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

AuthorizationEndpoint string: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
CamOidcSsoId string: ID of the resource.
ClientId string: Client ID, the client ID registered with the OpenID Connect identity provider.
IdentityKey string: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
IdentityUrl string: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
MappingFiled string: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
ResponseMode string: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
ResponseType string: Authorization requests The Response type, with a fixed value id_token.
Scopes []string: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorizationEndpoint String: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
camOidcSsoId String: ID of the resource.
clientId String: Client ID, the client ID registered with the OpenID Connect identity provider.
identityKey String: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identityUrl String: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mappingFiled String: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
responseMode String: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
responseType String: Authorization requests The Response type, with a fixed value id_token.
scopes List<String>: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorizationEndpoint string: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
camOidcSsoId string: ID of the resource.
clientId string: Client ID, the client ID registered with the OpenID Connect identity provider.
identityKey string: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identityUrl string: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mappingFiled string: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
responseMode string: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
responseType string: Authorization requests The Response type, with a fixed value id_token.
scopes string[]: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorization_endpoint str: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
cam_oidc_sso_id str: ID of the resource.
client_id str: Client ID, the client ID registered with the OpenID Connect identity provider.
identity_key str: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identity_url str: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mapping_filed str: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
response_mode str: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
response_type str: Authorization requests The Response type, with a fixed value id_token.
scopes Sequence[str]: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

authorizationEndpoint String: Authorization request Endpoint, OpenID Connect identity provider authorization address. Corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the Enterprise IdP.
camOidcSsoId String: ID of the resource.
clientId String: Client ID, the client ID registered with the OpenID Connect identity provider.
identityKey String: The signature public key requires base64_encode. Verify the public key signed by the OpenID Connect identity provider ID Token. For the security of your account, we recommend that you rotate the signed public key regularly.
identityUrl String: Identity provider URL. OpenID Connect identity provider identity.Corresponds to the value of the issuer field in the Openid-configuration provided by the Enterprise IdP.
mappingFiled String: Map field names. Which field in the IdP's id_token maps to the user name of the subuser, usually the sub or name field.
responseMode String: Authorize the request Forsonse mode. Authorization request return mode, form_post and frogment two optional modes, recommended to select form_post mode.
responseType String: Authorization requests The Response type, with a fixed value id_token.
scopes List<String>: Authorize the request Scope. openid; email; profile; Authorization request information scope. The default is required openid.

Import

CAM-OIDC-SSO can be imported using the client_id or any string which can identifier resource, e.g.

$ pulumi import tencentcloud:index/camOidcSso:CamOidcSso foo xxxxxxxxxxx

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: tencentcloud tencentcloudstack/terraform-provider-tencentcloud
License
Notes: This Pulumi package is based on the tencentcloud Terraform Provider.

tencentcloud 1.81.189 published on Wednesday, Apr 30, 2025 by tencentcloudstack

tencentcloudstack/terraform-provider-tencentcloud

tencentcloud.CamOidcSso

On this page

On this page

Example Usage

Create CamOidcSso Resource

Constructor syntax

Parameters

CamOidcSso Resource Properties

Inputs

Outputs

Look up Existing CamOidcSso Resource

Import

Package Details

On this page

On this page