@sapslaj/pulumi-infisical 0.15.36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +8 -0
- package/dist/accessApprovalPolicy.d.ts +137 -0
- package/dist/accessApprovalPolicy.d.ts.map +1 -0
- package/dist/accessApprovalPolicy.js +98 -0
- package/dist/accessApprovalPolicy.js.map +1 -0
- package/dist/appConnection1password.d.ts +97 -0
- package/dist/appConnection1password.d.ts.map +1 -0
- package/dist/appConnection1password.js +86 -0
- package/dist/appConnection1password.js.map +1 -0
- package/dist/appConnectionAws.d.ts +97 -0
- package/dist/appConnectionAws.d.ts.map +1 -0
- package/dist/appConnectionAws.js +86 -0
- package/dist/appConnectionAws.js.map +1 -0
- package/dist/appConnectionAzureClientSecrets.d.ts +97 -0
- package/dist/appConnectionAzureClientSecrets.d.ts.map +1 -0
- package/dist/appConnectionAzureClientSecrets.js +86 -0
- package/dist/appConnectionAzureClientSecrets.js.map +1 -0
- package/dist/appConnectionBitbucket.d.ts +97 -0
- package/dist/appConnectionBitbucket.d.ts.map +1 -0
- package/dist/appConnectionBitbucket.js +86 -0
- package/dist/appConnectionBitbucket.js.map +1 -0
- package/dist/appConnectionCloudflare.d.ts +97 -0
- package/dist/appConnectionCloudflare.d.ts.map +1 -0
- package/dist/appConnectionCloudflare.js +86 -0
- package/dist/appConnectionCloudflare.js.map +1 -0
- package/dist/appConnectionDatabricks.d.ts +97 -0
- package/dist/appConnectionDatabricks.d.ts.map +1 -0
- package/dist/appConnectionDatabricks.js +86 -0
- package/dist/appConnectionDatabricks.js.map +1 -0
- package/dist/appConnectionFlyio.d.ts +97 -0
- package/dist/appConnectionFlyio.d.ts.map +1 -0
- package/dist/appConnectionFlyio.js +86 -0
- package/dist/appConnectionFlyio.js.map +1 -0
- package/dist/appConnectionGcp.d.ts +97 -0
- package/dist/appConnectionGcp.d.ts.map +1 -0
- package/dist/appConnectionGcp.js +86 -0
- package/dist/appConnectionGcp.js.map +1 -0
- package/dist/appConnectionGitlab.d.ts +97 -0
- package/dist/appConnectionGitlab.d.ts.map +1 -0
- package/dist/appConnectionGitlab.js +86 -0
- package/dist/appConnectionGitlab.js.map +1 -0
- package/dist/appConnectionLdap.d.ts +97 -0
- package/dist/appConnectionLdap.d.ts.map +1 -0
- package/dist/appConnectionLdap.js +86 -0
- package/dist/appConnectionLdap.js.map +1 -0
- package/dist/appConnectionMssql.d.ts +97 -0
- package/dist/appConnectionMssql.d.ts.map +1 -0
- package/dist/appConnectionMssql.js +86 -0
- package/dist/appConnectionMssql.js.map +1 -0
- package/dist/appConnectionMysql.d.ts +97 -0
- package/dist/appConnectionMysql.d.ts.map +1 -0
- package/dist/appConnectionMysql.js +86 -0
- package/dist/appConnectionMysql.js.map +1 -0
- package/dist/appConnectionOracledb.d.ts +97 -0
- package/dist/appConnectionOracledb.d.ts.map +1 -0
- package/dist/appConnectionOracledb.js +86 -0
- package/dist/appConnectionOracledb.js.map +1 -0
- package/dist/appConnectionPostgres.d.ts +97 -0
- package/dist/appConnectionPostgres.d.ts.map +1 -0
- package/dist/appConnectionPostgres.js +86 -0
- package/dist/appConnectionPostgres.js.map +1 -0
- package/dist/appConnectionRender.d.ts +97 -0
- package/dist/appConnectionRender.d.ts.map +1 -0
- package/dist/appConnectionRender.js +86 -0
- package/dist/appConnectionRender.js.map +1 -0
- package/dist/appConnectionSupabase.d.ts +97 -0
- package/dist/appConnectionSupabase.d.ts.map +1 -0
- package/dist/appConnectionSupabase.js +86 -0
- package/dist/appConnectionSupabase.js.map +1 -0
- package/dist/config/index.d.ts +2 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/config/index.js +21 -0
- package/dist/config/index.js.map +1 -0
- package/dist/config/vars.d.ts +22 -0
- package/dist/config/vars.d.ts.map +1 -0
- package/dist/config/vars.js +60 -0
- package/dist/config/vars.js.map +1 -0
- package/dist/dynamicSecretAwsIam.d.ts +149 -0
- package/dist/dynamicSecretAwsIam.d.ts.map +1 -0
- package/dist/dynamicSecretAwsIam.js +103 -0
- package/dist/dynamicSecretAwsIam.js.map +1 -0
- package/dist/dynamicSecretKubernetes.d.ts +149 -0
- package/dist/dynamicSecretKubernetes.d.ts.map +1 -0
- package/dist/dynamicSecretKubernetes.js +103 -0
- package/dist/dynamicSecretKubernetes.js.map +1 -0
- package/dist/dynamicSecretMongoAtlas.d.ts +149 -0
- package/dist/dynamicSecretMongoAtlas.d.ts.map +1 -0
- package/dist/dynamicSecretMongoAtlas.js +103 -0
- package/dist/dynamicSecretMongoAtlas.js.map +1 -0
- package/dist/dynamicSecretMongoDb.d.ts +149 -0
- package/dist/dynamicSecretMongoDb.d.ts.map +1 -0
- package/dist/dynamicSecretMongoDb.js +103 -0
- package/dist/dynamicSecretMongoDb.js.map +1 -0
- package/dist/dynamicSecretSqlDatabase.d.ts +149 -0
- package/dist/dynamicSecretSqlDatabase.d.ts.map +1 -0
- package/dist/dynamicSecretSqlDatabase.js +103 -0
- package/dist/dynamicSecretSqlDatabase.js.map +1 -0
- package/dist/getGroups.d.ts +15 -0
- package/dist/getGroups.d.ts.map +1 -0
- package/dist/getGroups.js +41 -0
- package/dist/getGroups.js.map +1 -0
- package/dist/getIdentityDetails.d.ts +15 -0
- package/dist/getIdentityDetails.d.ts.map +1 -0
- package/dist/getIdentityDetails.js +41 -0
- package/dist/getIdentityDetails.js.map +1 -0
- package/dist/getProjects.d.ts +34 -0
- package/dist/getProjects.d.ts.map +1 -0
- package/dist/getProjects.js +45 -0
- package/dist/getProjects.js.map +1 -0
- package/dist/getSecretFolders.d.ts +34 -0
- package/dist/getSecretFolders.d.ts.map +1 -0
- package/dist/getSecretFolders.js +49 -0
- package/dist/getSecretFolders.js.map +1 -0
- package/dist/getSecretTag.d.ts +28 -0
- package/dist/getSecretTag.d.ts.map +1 -0
- package/dist/getSecretTag.js +47 -0
- package/dist/getSecretTag.js.map +1 -0
- package/dist/getSecrets.d.ts +36 -0
- package/dist/getSecrets.d.ts.map +1 -0
- package/dist/getSecrets.js +49 -0
- package/dist/getSecrets.js.map +1 -0
- package/dist/group.d.ts +75 -0
- package/dist/group.d.ts.map +1 -0
- package/dist/group.js +82 -0
- package/dist/group.js.map +1 -0
- package/dist/identity.d.ts +109 -0
- package/dist/identity.d.ts.map +1 -0
- package/dist/identity.js +88 -0
- package/dist/identity.js.map +1 -0
- package/dist/identityAwsAuth.d.ts +137 -0
- package/dist/identityAwsAuth.d.ts.map +1 -0
- package/dist/identityAwsAuth.js +89 -0
- package/dist/identityAwsAuth.js.map +1 -0
- package/dist/identityAzureAuth.d.ts +137 -0
- package/dist/identityAzureAuth.d.ts.map +1 -0
- package/dist/identityAzureAuth.js +92 -0
- package/dist/identityAzureAuth.js.map +1 -0
- package/dist/identityGcpAuth.d.ts +149 -0
- package/dist/identityGcpAuth.d.ts.map +1 -0
- package/dist/identityGcpAuth.js +91 -0
- package/dist/identityGcpAuth.js.map +1 -0
- package/dist/identityKubernetesAuth.d.ts +173 -0
- package/dist/identityKubernetesAuth.d.ts.map +1 -0
- package/dist/identityKubernetesAuth.js +101 -0
- package/dist/identityKubernetesAuth.js.map +1 -0
- package/dist/identityOidcAuth.d.ts +197 -0
- package/dist/identityOidcAuth.d.ts.map +1 -0
- package/dist/identityOidcAuth.js +103 -0
- package/dist/identityOidcAuth.js.map +1 -0
- package/dist/identityUniversalAuth.d.ts +113 -0
- package/dist/identityUniversalAuth.d.ts.map +1 -0
- package/dist/identityUniversalAuth.js +85 -0
- package/dist/identityUniversalAuth.js.map +1 -0
- package/dist/identityUniversalAuthClientSecret.d.ts +127 -0
- package/dist/identityUniversalAuthClientSecret.d.ts.map +1 -0
- package/dist/identityUniversalAuthClientSecret.js +93 -0
- package/dist/identityUniversalAuthClientSecret.js.map +1 -0
- package/dist/index.d.ts +239 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +438 -0
- package/dist/index.js.map +1 -0
- package/dist/integrationAwsParameterStore.d.ts +165 -0
- package/dist/integrationAwsParameterStore.d.ts.map +1 -0
- package/dist/integrationAwsParameterStore.js +109 -0
- package/dist/integrationAwsParameterStore.js.map +1 -0
- package/dist/integrationAwsSecretsManager.d.ts +177 -0
- package/dist/integrationAwsSecretsManager.d.ts.map +1 -0
- package/dist/integrationAwsSecretsManager.js +108 -0
- package/dist/integrationAwsSecretsManager.js.map +1 -0
- package/dist/integrationCircleci.d.ts +127 -0
- package/dist/integrationCircleci.d.ts.map +1 -0
- package/dist/integrationCircleci.js +106 -0
- package/dist/integrationCircleci.js.map +1 -0
- package/dist/integrationDatabricks.d.ts +127 -0
- package/dist/integrationDatabricks.d.ts.map +1 -0
- package/dist/integrationDatabricks.js +106 -0
- package/dist/integrationDatabricks.js.map +1 -0
- package/dist/integrationGcpSecretManager.d.ts +129 -0
- package/dist/integrationGcpSecretManager.d.ts.map +1 -0
- package/dist/integrationGcpSecretManager.js +103 -0
- package/dist/integrationGcpSecretManager.js.map +1 -0
- package/dist/project.d.ts +137 -0
- package/dist/project.d.ts.map +1 -0
- package/dist/project.js +91 -0
- package/dist/project.js.map +1 -0
- package/dist/projectEnvironment.d.ts +87 -0
- package/dist/projectEnvironment.d.ts.map +1 -0
- package/dist/projectEnvironment.js +84 -0
- package/dist/projectEnvironment.js.map +1 -0
- package/dist/projectGroup.d.ts +97 -0
- package/dist/projectGroup.d.ts.map +1 -0
- package/dist/projectGroup.js +86 -0
- package/dist/projectGroup.js.map +1 -0
- package/dist/projectIdentity.d.ts +93 -0
- package/dist/projectIdentity.d.ts.map +1 -0
- package/dist/projectIdentity.js +89 -0
- package/dist/projectIdentity.js.map +1 -0
- package/dist/projectIdentitySpecificPrivilege.d.ts +161 -0
- package/dist/projectIdentitySpecificPrivilege.d.ts.map +1 -0
- package/dist/projectIdentitySpecificPrivilege.js +96 -0
- package/dist/projectIdentitySpecificPrivilege.js.map +1 -0
- package/dist/projectRole.d.ts +113 -0
- package/dist/projectRole.d.ts.map +1 -0
- package/dist/projectRole.js +88 -0
- package/dist/projectRole.js.map +1 -0
- package/dist/projectTemplate.d.ts +101 -0
- package/dist/projectTemplate.d.ts.map +1 -0
- package/dist/projectTemplate.js +83 -0
- package/dist/projectTemplate.js.map +1 -0
- package/dist/projectUser.d.ts +93 -0
- package/dist/projectUser.d.ts.map +1 -0
- package/dist/projectUser.js +89 -0
- package/dist/projectUser.js.map +1 -0
- package/dist/provider.d.ts +83 -0
- package/dist/provider.d.ts.map +1 -0
- package/dist/provider.js +83 -0
- package/dist/provider.js.map +1 -0
- package/dist/secret.d.ts +118 -0
- package/dist/secret.d.ts.map +1 -0
- package/dist/secret.js +97 -0
- package/dist/secret.js.map +1 -0
- package/dist/secretApprovalPolicy.d.ts +149 -0
- package/dist/secretApprovalPolicy.d.ts.map +1 -0
- package/dist/secretApprovalPolicy.js +100 -0
- package/dist/secretApprovalPolicy.js.map +1 -0
- package/dist/secretFolder.d.ts +103 -0
- package/dist/secretFolder.d.ts.map +1 -0
- package/dist/secretFolder.js +91 -0
- package/dist/secretFolder.js.map +1 -0
- package/dist/secretImport.d.ts +111 -0
- package/dist/secretImport.d.ts.map +1 -0
- package/dist/secretImport.js +100 -0
- package/dist/secretImport.js.map +1 -0
- package/dist/secretRotationAwsIamUserSecret.d.ts +185 -0
- package/dist/secretRotationAwsIamUserSecret.d.ts.map +1 -0
- package/dist/secretRotationAwsIamUserSecret.js +112 -0
- package/dist/secretRotationAwsIamUserSecret.js.map +1 -0
- package/dist/secretRotationAzureClientSecret.d.ts +185 -0
- package/dist/secretRotationAzureClientSecret.d.ts.map +1 -0
- package/dist/secretRotationAzureClientSecret.js +112 -0
- package/dist/secretRotationAzureClientSecret.js.map +1 -0
- package/dist/secretRotationLdapPassword.d.ts +185 -0
- package/dist/secretRotationLdapPassword.d.ts.map +1 -0
- package/dist/secretRotationLdapPassword.js +112 -0
- package/dist/secretRotationLdapPassword.js.map +1 -0
- package/dist/secretRotationMssqlCredentials.d.ts +185 -0
- package/dist/secretRotationMssqlCredentials.d.ts.map +1 -0
- package/dist/secretRotationMssqlCredentials.js +112 -0
- package/dist/secretRotationMssqlCredentials.js.map +1 -0
- package/dist/secretRotationMysqlCredentials.d.ts +185 -0
- package/dist/secretRotationMysqlCredentials.d.ts.map +1 -0
- package/dist/secretRotationMysqlCredentials.js +112 -0
- package/dist/secretRotationMysqlCredentials.js.map +1 -0
- package/dist/secretRotationOracledbCredentials.d.ts +185 -0
- package/dist/secretRotationOracledbCredentials.d.ts.map +1 -0
- package/dist/secretRotationOracledbCredentials.js +112 -0
- package/dist/secretRotationOracledbCredentials.js.map +1 -0
- package/dist/secretRotationPostgresCredentials.d.ts +185 -0
- package/dist/secretRotationPostgresCredentials.d.ts.map +1 -0
- package/dist/secretRotationPostgresCredentials.js +112 -0
- package/dist/secretRotationPostgresCredentials.js.map +1 -0
- package/dist/secretSync1password.d.ts +149 -0
- package/dist/secretSync1password.d.ts.map +1 -0
- package/dist/secretSync1password.js +106 -0
- package/dist/secretSync1password.js.map +1 -0
- package/dist/secretSyncAwsParameterStore.d.ts +149 -0
- package/dist/secretSyncAwsParameterStore.d.ts.map +1 -0
- package/dist/secretSyncAwsParameterStore.js +106 -0
- package/dist/secretSyncAwsParameterStore.js.map +1 -0
- package/dist/secretSyncAwsSecretsManager.d.ts +149 -0
- package/dist/secretSyncAwsSecretsManager.d.ts.map +1 -0
- package/dist/secretSyncAwsSecretsManager.js +106 -0
- package/dist/secretSyncAwsSecretsManager.js.map +1 -0
- package/dist/secretSyncAzureAppConfiguration.d.ts +149 -0
- package/dist/secretSyncAzureAppConfiguration.d.ts.map +1 -0
- package/dist/secretSyncAzureAppConfiguration.js +106 -0
- package/dist/secretSyncAzureAppConfiguration.js.map +1 -0
- package/dist/secretSyncAzureDevops.d.ts +149 -0
- package/dist/secretSyncAzureDevops.d.ts.map +1 -0
- package/dist/secretSyncAzureDevops.js +106 -0
- package/dist/secretSyncAzureDevops.js.map +1 -0
- package/dist/secretSyncAzureKeyVault.d.ts +149 -0
- package/dist/secretSyncAzureKeyVault.d.ts.map +1 -0
- package/dist/secretSyncAzureKeyVault.js +106 -0
- package/dist/secretSyncAzureKeyVault.js.map +1 -0
- package/dist/secretSyncBitbucket.d.ts +149 -0
- package/dist/secretSyncBitbucket.d.ts.map +1 -0
- package/dist/secretSyncBitbucket.js +106 -0
- package/dist/secretSyncBitbucket.js.map +1 -0
- package/dist/secretSyncCloudflarePages.d.ts +149 -0
- package/dist/secretSyncCloudflarePages.d.ts.map +1 -0
- package/dist/secretSyncCloudflarePages.js +106 -0
- package/dist/secretSyncCloudflarePages.js.map +1 -0
- package/dist/secretSyncCloudflareWorkers.d.ts +149 -0
- package/dist/secretSyncCloudflareWorkers.d.ts.map +1 -0
- package/dist/secretSyncCloudflareWorkers.js +106 -0
- package/dist/secretSyncCloudflareWorkers.js.map +1 -0
- package/dist/secretSyncDatabricks.d.ts +149 -0
- package/dist/secretSyncDatabricks.d.ts.map +1 -0
- package/dist/secretSyncDatabricks.js +106 -0
- package/dist/secretSyncDatabricks.js.map +1 -0
- package/dist/secretSyncFlyio.d.ts +149 -0
- package/dist/secretSyncFlyio.d.ts.map +1 -0
- package/dist/secretSyncFlyio.js +106 -0
- package/dist/secretSyncFlyio.js.map +1 -0
- package/dist/secretSyncGcpSecretManager.d.ts +149 -0
- package/dist/secretSyncGcpSecretManager.d.ts.map +1 -0
- package/dist/secretSyncGcpSecretManager.js +106 -0
- package/dist/secretSyncGcpSecretManager.js.map +1 -0
- package/dist/secretSyncGithub.d.ts +149 -0
- package/dist/secretSyncGithub.d.ts.map +1 -0
- package/dist/secretSyncGithub.js +106 -0
- package/dist/secretSyncGithub.js.map +1 -0
- package/dist/secretSyncGitlab.d.ts +149 -0
- package/dist/secretSyncGitlab.d.ts.map +1 -0
- package/dist/secretSyncGitlab.js +106 -0
- package/dist/secretSyncGitlab.js.map +1 -0
- package/dist/secretSyncRender.d.ts +149 -0
- package/dist/secretSyncRender.d.ts.map +1 -0
- package/dist/secretSyncRender.js +106 -0
- package/dist/secretSyncRender.js.map +1 -0
- package/dist/secretSyncSupabase.d.ts +149 -0
- package/dist/secretSyncSupabase.d.ts.map +1 -0
- package/dist/secretSyncSupabase.js +106 -0
- package/dist/secretSyncSupabase.js.map +1 -0
- package/dist/secretTag.d.ts +87 -0
- package/dist/secretTag.d.ts.map +1 -0
- package/dist/secretTag.js +87 -0
- package/dist/secretTag.js.map +1 -0
- package/dist/types/index.d.ts +4 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +34 -0
- package/dist/types/index.js.map +1 -0
- package/dist/types/input.d.ts +1766 -0
- package/dist/types/input.d.ts.map +1 -0
- package/dist/types/input.js +5 -0
- package/dist/types/input.js.map +1 -0
- package/dist/types/output.d.ts +1839 -0
- package/dist/types/output.d.ts.map +1 -0
- package/dist/types/output.js +5 -0
- package/dist/types/output.js.map +1 -0
- package/dist/utilities.d.ts +15 -0
- package/dist/utilities.d.ts.map +1 -0
- package/dist/utilities.js +152 -0
- package/dist/utilities.js.map +1 -0
- package/package.json +27 -0
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
import * as inputs from "./types/input";
|
|
3
|
+
import * as outputs from "./types/output";
|
|
4
|
+
export declare class Identity extends pulumi.CustomResource {
|
|
5
|
+
/**
|
|
6
|
+
* Get an existing Identity resource's state with the given name, ID, and optional extra
|
|
7
|
+
* properties used to qualify the lookup.
|
|
8
|
+
*
|
|
9
|
+
* @param name The _unique_ name of the resulting resource.
|
|
10
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
11
|
+
* @param state Any extra arguments used during the lookup.
|
|
12
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
13
|
+
*/
|
|
14
|
+
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityState, opts?: pulumi.CustomResourceOptions): Identity;
|
|
15
|
+
/** @internal */
|
|
16
|
+
static readonly __pulumiType = "infisical:index/identity:Identity";
|
|
17
|
+
/**
|
|
18
|
+
* Returns true if the given object is an instance of Identity. This is designed to work even
|
|
19
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
20
|
+
*/
|
|
21
|
+
static isInstance(obj: any): obj is Identity;
|
|
22
|
+
/**
|
|
23
|
+
* The authentication types of the identity
|
|
24
|
+
*/
|
|
25
|
+
readonly authModes: pulumi.Output<string[]>;
|
|
26
|
+
/**
|
|
27
|
+
* Whether the identity has delete protection, defaults to false
|
|
28
|
+
*/
|
|
29
|
+
readonly hasDeleteProtection: pulumi.Output<boolean>;
|
|
30
|
+
/**
|
|
31
|
+
* The metadata associated with this identity
|
|
32
|
+
*/
|
|
33
|
+
readonly metadatas: pulumi.Output<outputs.IdentityMetadata[] | undefined>;
|
|
34
|
+
/**
|
|
35
|
+
* The name for the identity
|
|
36
|
+
*/
|
|
37
|
+
readonly name: pulumi.Output<string>;
|
|
38
|
+
/**
|
|
39
|
+
* The ID of the organization for the identity
|
|
40
|
+
*/
|
|
41
|
+
readonly orgId: pulumi.Output<string>;
|
|
42
|
+
/**
|
|
43
|
+
* The role for the identity. Available default role options are 'admin', 'member', and 'no-access'. If you've created custom roles, you can use their slugs as well.
|
|
44
|
+
*/
|
|
45
|
+
readonly role: pulumi.Output<string>;
|
|
46
|
+
/**
|
|
47
|
+
* Create a Identity resource with the given unique name, arguments, and options.
|
|
48
|
+
*
|
|
49
|
+
* @param name The _unique_ name of the resource.
|
|
50
|
+
* @param args The arguments to use to populate this resource's properties.
|
|
51
|
+
* @param opts A bag of options that control this resource's behavior.
|
|
52
|
+
*/
|
|
53
|
+
constructor(name: string, args: IdentityArgs, opts?: pulumi.CustomResourceOptions);
|
|
54
|
+
}
|
|
55
|
+
/**
|
|
56
|
+
* Input properties used for looking up and filtering Identity resources.
|
|
57
|
+
*/
|
|
58
|
+
export interface IdentityState {
|
|
59
|
+
/**
|
|
60
|
+
* The authentication types of the identity
|
|
61
|
+
*/
|
|
62
|
+
authModes?: pulumi.Input<pulumi.Input<string>[]>;
|
|
63
|
+
/**
|
|
64
|
+
* Whether the identity has delete protection, defaults to false
|
|
65
|
+
*/
|
|
66
|
+
hasDeleteProtection?: pulumi.Input<boolean>;
|
|
67
|
+
/**
|
|
68
|
+
* The metadata associated with this identity
|
|
69
|
+
*/
|
|
70
|
+
metadatas?: pulumi.Input<pulumi.Input<inputs.IdentityMetadata>[]>;
|
|
71
|
+
/**
|
|
72
|
+
* The name for the identity
|
|
73
|
+
*/
|
|
74
|
+
name?: pulumi.Input<string>;
|
|
75
|
+
/**
|
|
76
|
+
* The ID of the organization for the identity
|
|
77
|
+
*/
|
|
78
|
+
orgId?: pulumi.Input<string>;
|
|
79
|
+
/**
|
|
80
|
+
* The role for the identity. Available default role options are 'admin', 'member', and 'no-access'. If you've created custom roles, you can use their slugs as well.
|
|
81
|
+
*/
|
|
82
|
+
role?: pulumi.Input<string>;
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* The set of arguments for constructing a Identity resource.
|
|
86
|
+
*/
|
|
87
|
+
export interface IdentityArgs {
|
|
88
|
+
/**
|
|
89
|
+
* Whether the identity has delete protection, defaults to false
|
|
90
|
+
*/
|
|
91
|
+
hasDeleteProtection?: pulumi.Input<boolean>;
|
|
92
|
+
/**
|
|
93
|
+
* The metadata associated with this identity
|
|
94
|
+
*/
|
|
95
|
+
metadatas?: pulumi.Input<pulumi.Input<inputs.IdentityMetadata>[]>;
|
|
96
|
+
/**
|
|
97
|
+
* The name for the identity
|
|
98
|
+
*/
|
|
99
|
+
name?: pulumi.Input<string>;
|
|
100
|
+
/**
|
|
101
|
+
* The ID of the organization for the identity
|
|
102
|
+
*/
|
|
103
|
+
orgId: pulumi.Input<string>;
|
|
104
|
+
/**
|
|
105
|
+
* The role for the identity. Available default role options are 'admin', 'member', and 'no-access'. If you've created custom roles, you can use their slugs as well.
|
|
106
|
+
*/
|
|
107
|
+
role: pulumi.Input<string>;
|
|
108
|
+
}
|
|
109
|
+
//# sourceMappingURL=identity.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAG1C,qBAAa,QAAS,SAAQ,MAAM,CAAC,cAAc;IAC/C;;;;;;;;OAQG;WACW,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,aAAa,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,qBAAqB,GAAG,QAAQ;IAIlI,gBAAgB;IAChB,gBAAuB,YAAY,uCAAuC;IAE1E;;;OAGG;WACW,UAAU,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,IAAI,QAAQ;IAOnD;;OAEG;IACH,SAAgC,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACnE;;OAEG;IACH,SAAwB,mBAAmB,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACpE;;OAEG;IACH,SAAwB,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,SAAS,CAAC,CAAC;IACzF;;OAEG;IACH,SAAwB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACpD;;OAEG;IACH,SAAwB,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACrD;;OAEG;IACH,SAAwB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAEpD;;;;;;OAMG;gBACS,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,qBAAqB;CA8BpF;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC1B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACjD;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC5C;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;IAClE;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC7B;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IACzB;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC5C;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;IAClE;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CAC9B"}
|
package/dist/identity.js
ADDED
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
|
|
3
|
+
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
5
|
+
if (k2 === undefined) k2 = k;
|
|
6
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
7
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
8
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
9
|
+
}
|
|
10
|
+
Object.defineProperty(o, k2, desc);
|
|
11
|
+
}) : (function(o, m, k, k2) {
|
|
12
|
+
if (k2 === undefined) k2 = k;
|
|
13
|
+
o[k2] = m[k];
|
|
14
|
+
}));
|
|
15
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
16
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
17
|
+
}) : function(o, v) {
|
|
18
|
+
o["default"] = v;
|
|
19
|
+
});
|
|
20
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
21
|
+
if (mod && mod.__esModule) return mod;
|
|
22
|
+
var result = {};
|
|
23
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
24
|
+
__setModuleDefault(result, mod);
|
|
25
|
+
return result;
|
|
26
|
+
};
|
|
27
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
28
|
+
exports.Identity = void 0;
|
|
29
|
+
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
30
|
+
const utilities = __importStar(require("./utilities"));
|
|
31
|
+
class Identity extends pulumi.CustomResource {
|
|
32
|
+
/**
|
|
33
|
+
* Get an existing Identity resource's state with the given name, ID, and optional extra
|
|
34
|
+
* properties used to qualify the lookup.
|
|
35
|
+
*
|
|
36
|
+
* @param name The _unique_ name of the resulting resource.
|
|
37
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
38
|
+
* @param state Any extra arguments used during the lookup.
|
|
39
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
40
|
+
*/
|
|
41
|
+
static get(name, id, state, opts) {
|
|
42
|
+
return new Identity(name, state, { ...opts, id: id });
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Returns true if the given object is an instance of Identity. This is designed to work even
|
|
46
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
47
|
+
*/
|
|
48
|
+
static isInstance(obj) {
|
|
49
|
+
if (obj === undefined || obj === null) {
|
|
50
|
+
return false;
|
|
51
|
+
}
|
|
52
|
+
return obj['__pulumiType'] === Identity.__pulumiType;
|
|
53
|
+
}
|
|
54
|
+
constructor(name, argsOrState, opts) {
|
|
55
|
+
let resourceInputs = {};
|
|
56
|
+
opts = opts || {};
|
|
57
|
+
if (opts.id) {
|
|
58
|
+
const state = argsOrState;
|
|
59
|
+
resourceInputs["authModes"] = state?.authModes;
|
|
60
|
+
resourceInputs["hasDeleteProtection"] = state?.hasDeleteProtection;
|
|
61
|
+
resourceInputs["metadatas"] = state?.metadatas;
|
|
62
|
+
resourceInputs["name"] = state?.name;
|
|
63
|
+
resourceInputs["orgId"] = state?.orgId;
|
|
64
|
+
resourceInputs["role"] = state?.role;
|
|
65
|
+
}
|
|
66
|
+
else {
|
|
67
|
+
const args = argsOrState;
|
|
68
|
+
if (args?.orgId === undefined && !opts.urn) {
|
|
69
|
+
throw new Error("Missing required property 'orgId'");
|
|
70
|
+
}
|
|
71
|
+
if (args?.role === undefined && !opts.urn) {
|
|
72
|
+
throw new Error("Missing required property 'role'");
|
|
73
|
+
}
|
|
74
|
+
resourceInputs["hasDeleteProtection"] = args?.hasDeleteProtection;
|
|
75
|
+
resourceInputs["metadatas"] = args?.metadatas;
|
|
76
|
+
resourceInputs["name"] = args?.name;
|
|
77
|
+
resourceInputs["orgId"] = args?.orgId;
|
|
78
|
+
resourceInputs["role"] = args?.role;
|
|
79
|
+
resourceInputs["authModes"] = undefined /*out*/;
|
|
80
|
+
}
|
|
81
|
+
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
|
82
|
+
super(Identity.__pulumiType, name, resourceInputs, opts, false /*dependency*/, utilities.getPackage());
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
exports.Identity = Identity;
|
|
86
|
+
/** @internal */
|
|
87
|
+
Identity.__pulumiType = 'infisical:index/identity:Identity';
|
|
88
|
+
//# sourceMappingURL=identity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.js","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;;;;;;;;;;;;;;;;;;;;;;;;AAEjF,uDAAyC;AAGzC,uDAAyC;AAEzC,MAAa,QAAS,SAAQ,MAAM,CAAC,cAAc;IAC/C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAqB,EAAE,IAAmC;QACnH,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,QAAQ,CAAC,YAAY,CAAC;IACzD,CAAC;IAmCD,YAAY,IAAY,EAAE,WAA0C,EAAE,IAAmC;QACrG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAwC,CAAC;YACvD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;SACxC;aAAM;YACH,MAAM,IAAI,GAAG,WAAuC,CAAC;YACrD,IAAI,IAAI,EAAE,KAAK,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxC,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,KAAK,CAAC;YACtC,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACnD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,QAAQ,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,KAAK,CAAC,cAAc,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;IAC3G,CAAC;;AAzFL,4BA0FC;AA5EG,gBAAgB;AACO,qBAAY,GAAG,mCAAmC,CAAC"}
|
|
@@ -0,0 +1,137 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
import * as inputs from "./types/input";
|
|
3
|
+
import * as outputs from "./types/output";
|
|
4
|
+
export declare class IdentityAwsAuth extends pulumi.CustomResource {
|
|
5
|
+
/**
|
|
6
|
+
* Get an existing IdentityAwsAuth resource's state with the given name, ID, and optional extra
|
|
7
|
+
* properties used to qualify the lookup.
|
|
8
|
+
*
|
|
9
|
+
* @param name The _unique_ name of the resulting resource.
|
|
10
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
11
|
+
* @param state Any extra arguments used during the lookup.
|
|
12
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
13
|
+
*/
|
|
14
|
+
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityAwsAuthState, opts?: pulumi.CustomResourceOptions): IdentityAwsAuth;
|
|
15
|
+
/** @internal */
|
|
16
|
+
static readonly __pulumiType = "infisical:index/identityAwsAuth:IdentityAwsAuth";
|
|
17
|
+
/**
|
|
18
|
+
* Returns true if the given object is an instance of IdentityAwsAuth. This is designed to work even
|
|
19
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
20
|
+
*/
|
|
21
|
+
static isInstance(obj: any): obj is IdentityAwsAuth;
|
|
22
|
+
/**
|
|
23
|
+
* The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
24
|
+
*/
|
|
25
|
+
readonly accessTokenMaxTtl: pulumi.Output<number>;
|
|
26
|
+
/**
|
|
27
|
+
* The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default:0
|
|
28
|
+
*/
|
|
29
|
+
readonly accessTokenNumUsesLimit: pulumi.Output<number>;
|
|
30
|
+
/**
|
|
31
|
+
* A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address..
|
|
32
|
+
*/
|
|
33
|
+
readonly accessTokenTrustedIps: pulumi.Output<outputs.IdentityAwsAuthAccessTokenTrustedIp[]>;
|
|
34
|
+
/**
|
|
35
|
+
* The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
36
|
+
*/
|
|
37
|
+
readonly accessTokenTtl: pulumi.Output<number>;
|
|
38
|
+
/**
|
|
39
|
+
* List of trusted AWS account IDs that are allowed to authenticate with Infisical.
|
|
40
|
+
*/
|
|
41
|
+
readonly allowedAccountIds: pulumi.Output<string[]>;
|
|
42
|
+
/**
|
|
43
|
+
* List of trusted IAM principal ARNs that are allowed to authenticate with Infisical. The values should take one of three forms: `arn:aws:iam::123456789012:user/MyUserName`, `arn:aws:iam::123456789012:role/MyRoleName`, or `arn:aws:iam::123456789012:*`. Using a wildcard in this case allows any IAM principal in the account `123456789012` to authenticate with Infisical under the identity
|
|
44
|
+
*/
|
|
45
|
+
readonly allowedPrincipalArns: pulumi.Output<string[]>;
|
|
46
|
+
/**
|
|
47
|
+
* The ID of the identity to attach the configuration onto.
|
|
48
|
+
*/
|
|
49
|
+
readonly identityId: pulumi.Output<string>;
|
|
50
|
+
/**
|
|
51
|
+
* The endpoint URL for the AWS STS API. This value should be adjusted based on the AWS region you are operating in (e.g. `https://sts.us-east-1.amazonaws.com/`); refer to the list of regional STS endpoints [here](https://docs.aws.amazon.com/general/latest/gr/sts.html).
|
|
52
|
+
*/
|
|
53
|
+
readonly stsEndpoint: pulumi.Output<string>;
|
|
54
|
+
/**
|
|
55
|
+
* Create a IdentityAwsAuth resource with the given unique name, arguments, and options.
|
|
56
|
+
*
|
|
57
|
+
* @param name The _unique_ name of the resource.
|
|
58
|
+
* @param args The arguments to use to populate this resource's properties.
|
|
59
|
+
* @param opts A bag of options that control this resource's behavior.
|
|
60
|
+
*/
|
|
61
|
+
constructor(name: string, args: IdentityAwsAuthArgs, opts?: pulumi.CustomResourceOptions);
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Input properties used for looking up and filtering IdentityAwsAuth resources.
|
|
65
|
+
*/
|
|
66
|
+
export interface IdentityAwsAuthState {
|
|
67
|
+
/**
|
|
68
|
+
* The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
69
|
+
*/
|
|
70
|
+
accessTokenMaxTtl?: pulumi.Input<number>;
|
|
71
|
+
/**
|
|
72
|
+
* The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default:0
|
|
73
|
+
*/
|
|
74
|
+
accessTokenNumUsesLimit?: pulumi.Input<number>;
|
|
75
|
+
/**
|
|
76
|
+
* A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address..
|
|
77
|
+
*/
|
|
78
|
+
accessTokenTrustedIps?: pulumi.Input<pulumi.Input<inputs.IdentityAwsAuthAccessTokenTrustedIp>[]>;
|
|
79
|
+
/**
|
|
80
|
+
* The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
81
|
+
*/
|
|
82
|
+
accessTokenTtl?: pulumi.Input<number>;
|
|
83
|
+
/**
|
|
84
|
+
* List of trusted AWS account IDs that are allowed to authenticate with Infisical.
|
|
85
|
+
*/
|
|
86
|
+
allowedAccountIds?: pulumi.Input<pulumi.Input<string>[]>;
|
|
87
|
+
/**
|
|
88
|
+
* List of trusted IAM principal ARNs that are allowed to authenticate with Infisical. The values should take one of three forms: `arn:aws:iam::123456789012:user/MyUserName`, `arn:aws:iam::123456789012:role/MyRoleName`, or `arn:aws:iam::123456789012:*`. Using a wildcard in this case allows any IAM principal in the account `123456789012` to authenticate with Infisical under the identity
|
|
89
|
+
*/
|
|
90
|
+
allowedPrincipalArns?: pulumi.Input<pulumi.Input<string>[]>;
|
|
91
|
+
/**
|
|
92
|
+
* The ID of the identity to attach the configuration onto.
|
|
93
|
+
*/
|
|
94
|
+
identityId?: pulumi.Input<string>;
|
|
95
|
+
/**
|
|
96
|
+
* The endpoint URL for the AWS STS API. This value should be adjusted based on the AWS region you are operating in (e.g. `https://sts.us-east-1.amazonaws.com/`); refer to the list of regional STS endpoints [here](https://docs.aws.amazon.com/general/latest/gr/sts.html).
|
|
97
|
+
*/
|
|
98
|
+
stsEndpoint?: pulumi.Input<string>;
|
|
99
|
+
}
|
|
100
|
+
/**
|
|
101
|
+
* The set of arguments for constructing a IdentityAwsAuth resource.
|
|
102
|
+
*/
|
|
103
|
+
export interface IdentityAwsAuthArgs {
|
|
104
|
+
/**
|
|
105
|
+
* The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
106
|
+
*/
|
|
107
|
+
accessTokenMaxTtl?: pulumi.Input<number>;
|
|
108
|
+
/**
|
|
109
|
+
* The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default:0
|
|
110
|
+
*/
|
|
111
|
+
accessTokenNumUsesLimit?: pulumi.Input<number>;
|
|
112
|
+
/**
|
|
113
|
+
* A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address..
|
|
114
|
+
*/
|
|
115
|
+
accessTokenTrustedIps?: pulumi.Input<pulumi.Input<inputs.IdentityAwsAuthAccessTokenTrustedIp>[]>;
|
|
116
|
+
/**
|
|
117
|
+
* The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
118
|
+
*/
|
|
119
|
+
accessTokenTtl?: pulumi.Input<number>;
|
|
120
|
+
/**
|
|
121
|
+
* List of trusted AWS account IDs that are allowed to authenticate with Infisical.
|
|
122
|
+
*/
|
|
123
|
+
allowedAccountIds?: pulumi.Input<pulumi.Input<string>[]>;
|
|
124
|
+
/**
|
|
125
|
+
* List of trusted IAM principal ARNs that are allowed to authenticate with Infisical. The values should take one of three forms: `arn:aws:iam::123456789012:user/MyUserName`, `arn:aws:iam::123456789012:role/MyRoleName`, or `arn:aws:iam::123456789012:*`. Using a wildcard in this case allows any IAM principal in the account `123456789012` to authenticate with Infisical under the identity
|
|
126
|
+
*/
|
|
127
|
+
allowedPrincipalArns?: pulumi.Input<pulumi.Input<string>[]>;
|
|
128
|
+
/**
|
|
129
|
+
* The ID of the identity to attach the configuration onto.
|
|
130
|
+
*/
|
|
131
|
+
identityId: pulumi.Input<string>;
|
|
132
|
+
/**
|
|
133
|
+
* The endpoint URL for the AWS STS API. This value should be adjusted based on the AWS region you are operating in (e.g. `https://sts.us-east-1.amazonaws.com/`); refer to the list of regional STS endpoints [here](https://docs.aws.amazon.com/general/latest/gr/sts.html).
|
|
134
|
+
*/
|
|
135
|
+
stsEndpoint?: pulumi.Input<string>;
|
|
136
|
+
}
|
|
137
|
+
//# sourceMappingURL=identityAwsAuth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identityAwsAuth.d.ts","sourceRoot":"","sources":["../src/identityAwsAuth.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAG1C,qBAAa,eAAgB,SAAQ,MAAM,CAAC,cAAc;IACtD;;;;;;;;OAQG;WACW,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,oBAAoB,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,qBAAqB,GAAG,eAAe;IAIhJ,gBAAgB;IAChB,gBAAuB,YAAY,qDAAqD;IAExF;;;OAGG;WACW,UAAU,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,IAAI,eAAe;IAO1D;;OAEG;IACH,SAAwB,iBAAiB,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACjE;;OAEG;IACH,SAAwB,uBAAuB,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACvE;;OAEG;IACH,SAAwB,qBAAqB,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,mCAAmC,EAAE,CAAC,CAAC;IAC5G;;OAEG;IACH,SAAwB,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC9D;;OAEG;IACH,SAAwB,iBAAiB,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACnE;;OAEG;IACH,SAAwB,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACtE;;OAEG;IACH,SAAwB,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1D;;OAEG;IACH,SAAwB,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAE3D;;;;;;OAMG;gBACS,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,qBAAqB;CA+B3F;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACjC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACzC;;OAEG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;IACjG;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACzD;;OAEG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC5D;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAClC;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACzC;;OAEG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;IACjG;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACzD;;OAEG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC5D;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CACtC"}
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
|
|
3
|
+
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
5
|
+
if (k2 === undefined) k2 = k;
|
|
6
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
7
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
8
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
9
|
+
}
|
|
10
|
+
Object.defineProperty(o, k2, desc);
|
|
11
|
+
}) : (function(o, m, k, k2) {
|
|
12
|
+
if (k2 === undefined) k2 = k;
|
|
13
|
+
o[k2] = m[k];
|
|
14
|
+
}));
|
|
15
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
16
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
17
|
+
}) : function(o, v) {
|
|
18
|
+
o["default"] = v;
|
|
19
|
+
});
|
|
20
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
21
|
+
if (mod && mod.__esModule) return mod;
|
|
22
|
+
var result = {};
|
|
23
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
24
|
+
__setModuleDefault(result, mod);
|
|
25
|
+
return result;
|
|
26
|
+
};
|
|
27
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
28
|
+
exports.IdentityAwsAuth = void 0;
|
|
29
|
+
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
30
|
+
const utilities = __importStar(require("./utilities"));
|
|
31
|
+
class IdentityAwsAuth extends pulumi.CustomResource {
|
|
32
|
+
/**
|
|
33
|
+
* Get an existing IdentityAwsAuth resource's state with the given name, ID, and optional extra
|
|
34
|
+
* properties used to qualify the lookup.
|
|
35
|
+
*
|
|
36
|
+
* @param name The _unique_ name of the resulting resource.
|
|
37
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
38
|
+
* @param state Any extra arguments used during the lookup.
|
|
39
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
40
|
+
*/
|
|
41
|
+
static get(name, id, state, opts) {
|
|
42
|
+
return new IdentityAwsAuth(name, state, { ...opts, id: id });
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Returns true if the given object is an instance of IdentityAwsAuth. This is designed to work even
|
|
46
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
47
|
+
*/
|
|
48
|
+
static isInstance(obj) {
|
|
49
|
+
if (obj === undefined || obj === null) {
|
|
50
|
+
return false;
|
|
51
|
+
}
|
|
52
|
+
return obj['__pulumiType'] === IdentityAwsAuth.__pulumiType;
|
|
53
|
+
}
|
|
54
|
+
constructor(name, argsOrState, opts) {
|
|
55
|
+
let resourceInputs = {};
|
|
56
|
+
opts = opts || {};
|
|
57
|
+
if (opts.id) {
|
|
58
|
+
const state = argsOrState;
|
|
59
|
+
resourceInputs["accessTokenMaxTtl"] = state?.accessTokenMaxTtl;
|
|
60
|
+
resourceInputs["accessTokenNumUsesLimit"] = state?.accessTokenNumUsesLimit;
|
|
61
|
+
resourceInputs["accessTokenTrustedIps"] = state?.accessTokenTrustedIps;
|
|
62
|
+
resourceInputs["accessTokenTtl"] = state?.accessTokenTtl;
|
|
63
|
+
resourceInputs["allowedAccountIds"] = state?.allowedAccountIds;
|
|
64
|
+
resourceInputs["allowedPrincipalArns"] = state?.allowedPrincipalArns;
|
|
65
|
+
resourceInputs["identityId"] = state?.identityId;
|
|
66
|
+
resourceInputs["stsEndpoint"] = state?.stsEndpoint;
|
|
67
|
+
}
|
|
68
|
+
else {
|
|
69
|
+
const args = argsOrState;
|
|
70
|
+
if (args?.identityId === undefined && !opts.urn) {
|
|
71
|
+
throw new Error("Missing required property 'identityId'");
|
|
72
|
+
}
|
|
73
|
+
resourceInputs["accessTokenMaxTtl"] = args?.accessTokenMaxTtl;
|
|
74
|
+
resourceInputs["accessTokenNumUsesLimit"] = args?.accessTokenNumUsesLimit;
|
|
75
|
+
resourceInputs["accessTokenTrustedIps"] = args?.accessTokenTrustedIps;
|
|
76
|
+
resourceInputs["accessTokenTtl"] = args?.accessTokenTtl;
|
|
77
|
+
resourceInputs["allowedAccountIds"] = args?.allowedAccountIds;
|
|
78
|
+
resourceInputs["allowedPrincipalArns"] = args?.allowedPrincipalArns;
|
|
79
|
+
resourceInputs["identityId"] = args?.identityId;
|
|
80
|
+
resourceInputs["stsEndpoint"] = args?.stsEndpoint;
|
|
81
|
+
}
|
|
82
|
+
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
|
83
|
+
super(IdentityAwsAuth.__pulumiType, name, resourceInputs, opts, false /*dependency*/, utilities.getPackage());
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
exports.IdentityAwsAuth = IdentityAwsAuth;
|
|
87
|
+
/** @internal */
|
|
88
|
+
IdentityAwsAuth.__pulumiType = 'infisical:index/identityAwsAuth:IdentityAwsAuth';
|
|
89
|
+
//# sourceMappingURL=identityAwsAuth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identityAwsAuth.js","sourceRoot":"","sources":["../src/identityAwsAuth.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;;;;;;;;;;;;;;;;;;;;;;;;AAEjF,uDAAyC;AAGzC,uDAAyC;AAEzC,MAAa,eAAgB,SAAQ,MAAM,CAAC,cAAc;IACtD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA4B,EAAE,IAAmC;QAC1H,OAAO,IAAI,eAAe,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,eAAe,CAAC,YAAY,CAAC;IAChE,CAAC;IA2CD,YAAY,IAAY,EAAE,WAAwD,EAAE,IAAmC;QACnH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA+C,CAAC;YAC9D,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,EAAE,uBAAuB,CAAC;YAC3E,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,EAAE,oBAAoB,CAAC;YACrE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;SACtD;aAAM;YACH,MAAM,IAAI,GAAG,WAA8C,CAAC;YAC5D,IAAI,IAAI,EAAE,UAAU,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC7C,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,EAAE,uBAAuB,CAAC;YAC1E,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,EAAE,oBAAoB,CAAC;YACpE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;SACrD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,KAAK,CAAC,cAAc,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;IAClH,CAAC;;AAlGL,0CAmGC;AArFG,gBAAgB;AACO,4BAAY,GAAG,iDAAiD,CAAC"}
|
|
@@ -0,0 +1,137 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
import * as inputs from "./types/input";
|
|
3
|
+
import * as outputs from "./types/output";
|
|
4
|
+
export declare class IdentityAzureAuth extends pulumi.CustomResource {
|
|
5
|
+
/**
|
|
6
|
+
* Get an existing IdentityAzureAuth resource's state with the given name, ID, and optional extra
|
|
7
|
+
* properties used to qualify the lookup.
|
|
8
|
+
*
|
|
9
|
+
* @param name The _unique_ name of the resulting resource.
|
|
10
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
11
|
+
* @param state Any extra arguments used during the lookup.
|
|
12
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
13
|
+
*/
|
|
14
|
+
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityAzureAuthState, opts?: pulumi.CustomResourceOptions): IdentityAzureAuth;
|
|
15
|
+
/** @internal */
|
|
16
|
+
static readonly __pulumiType = "infisical:index/identityAzureAuth:IdentityAzureAuth";
|
|
17
|
+
/**
|
|
18
|
+
* Returns true if the given object is an instance of IdentityAzureAuth. This is designed to work even
|
|
19
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
20
|
+
*/
|
|
21
|
+
static isInstance(obj: any): obj is IdentityAzureAuth;
|
|
22
|
+
/**
|
|
23
|
+
* The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
24
|
+
*/
|
|
25
|
+
readonly accessTokenMaxTtl: pulumi.Output<number>;
|
|
26
|
+
/**
|
|
27
|
+
* The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default:0
|
|
28
|
+
*/
|
|
29
|
+
readonly accessTokenNumUsesLimit: pulumi.Output<number>;
|
|
30
|
+
/**
|
|
31
|
+
* A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address..
|
|
32
|
+
*/
|
|
33
|
+
readonly accessTokenTrustedIps: pulumi.Output<outputs.IdentityAzureAuthAccessTokenTrustedIp[]>;
|
|
34
|
+
/**
|
|
35
|
+
* The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
36
|
+
*/
|
|
37
|
+
readonly accessTokenTtl: pulumi.Output<number>;
|
|
38
|
+
/**
|
|
39
|
+
* List of Azure AD service principal IDs that are allowed to authenticate with Infisical
|
|
40
|
+
*/
|
|
41
|
+
readonly allowedServicePrincipalIds: pulumi.Output<string[]>;
|
|
42
|
+
/**
|
|
43
|
+
* The ID of the identity to attach the configuration onto.
|
|
44
|
+
*/
|
|
45
|
+
readonly identityId: pulumi.Output<string>;
|
|
46
|
+
/**
|
|
47
|
+
* The resource URL for the application registered in Azure AD. The value is expected to match the `aud` claim of the access token JWT later used in the login operation against Infisical. See the [resource](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/how-to-use-vm-token#get-a-token-using-http) parameter for how the audience is set when requesting a JWT access token from the Azure Instance Metadata Service (IMDS) endpoint. In most cases, this value should be `https://management.azure.com/` which is the default
|
|
48
|
+
*/
|
|
49
|
+
readonly resourceUrl: pulumi.Output<string>;
|
|
50
|
+
/**
|
|
51
|
+
* The [tenant ID](https://learn.microsoft.com/en-us/entra/fundamentals/how-to-find-tenant) for the Azure AD organization.
|
|
52
|
+
*/
|
|
53
|
+
readonly tenantId: pulumi.Output<string>;
|
|
54
|
+
/**
|
|
55
|
+
* Create a IdentityAzureAuth resource with the given unique name, arguments, and options.
|
|
56
|
+
*
|
|
57
|
+
* @param name The _unique_ name of the resource.
|
|
58
|
+
* @param args The arguments to use to populate this resource's properties.
|
|
59
|
+
* @param opts A bag of options that control this resource's behavior.
|
|
60
|
+
*/
|
|
61
|
+
constructor(name: string, args: IdentityAzureAuthArgs, opts?: pulumi.CustomResourceOptions);
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Input properties used for looking up and filtering IdentityAzureAuth resources.
|
|
65
|
+
*/
|
|
66
|
+
export interface IdentityAzureAuthState {
|
|
67
|
+
/**
|
|
68
|
+
* The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
69
|
+
*/
|
|
70
|
+
accessTokenMaxTtl?: pulumi.Input<number>;
|
|
71
|
+
/**
|
|
72
|
+
* The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default:0
|
|
73
|
+
*/
|
|
74
|
+
accessTokenNumUsesLimit?: pulumi.Input<number>;
|
|
75
|
+
/**
|
|
76
|
+
* A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address..
|
|
77
|
+
*/
|
|
78
|
+
accessTokenTrustedIps?: pulumi.Input<pulumi.Input<inputs.IdentityAzureAuthAccessTokenTrustedIp>[]>;
|
|
79
|
+
/**
|
|
80
|
+
* The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
81
|
+
*/
|
|
82
|
+
accessTokenTtl?: pulumi.Input<number>;
|
|
83
|
+
/**
|
|
84
|
+
* List of Azure AD service principal IDs that are allowed to authenticate with Infisical
|
|
85
|
+
*/
|
|
86
|
+
allowedServicePrincipalIds?: pulumi.Input<pulumi.Input<string>[]>;
|
|
87
|
+
/**
|
|
88
|
+
* The ID of the identity to attach the configuration onto.
|
|
89
|
+
*/
|
|
90
|
+
identityId?: pulumi.Input<string>;
|
|
91
|
+
/**
|
|
92
|
+
* The resource URL for the application registered in Azure AD. The value is expected to match the `aud` claim of the access token JWT later used in the login operation against Infisical. See the [resource](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/how-to-use-vm-token#get-a-token-using-http) parameter for how the audience is set when requesting a JWT access token from the Azure Instance Metadata Service (IMDS) endpoint. In most cases, this value should be `https://management.azure.com/` which is the default
|
|
93
|
+
*/
|
|
94
|
+
resourceUrl?: pulumi.Input<string>;
|
|
95
|
+
/**
|
|
96
|
+
* The [tenant ID](https://learn.microsoft.com/en-us/entra/fundamentals/how-to-find-tenant) for the Azure AD organization.
|
|
97
|
+
*/
|
|
98
|
+
tenantId?: pulumi.Input<string>;
|
|
99
|
+
}
|
|
100
|
+
/**
|
|
101
|
+
* The set of arguments for constructing a IdentityAzureAuth resource.
|
|
102
|
+
*/
|
|
103
|
+
export interface IdentityAzureAuthArgs {
|
|
104
|
+
/**
|
|
105
|
+
* The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
106
|
+
*/
|
|
107
|
+
accessTokenMaxTtl?: pulumi.Input<number>;
|
|
108
|
+
/**
|
|
109
|
+
* The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default:0
|
|
110
|
+
*/
|
|
111
|
+
accessTokenNumUsesLimit?: pulumi.Input<number>;
|
|
112
|
+
/**
|
|
113
|
+
* A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address..
|
|
114
|
+
*/
|
|
115
|
+
accessTokenTrustedIps?: pulumi.Input<pulumi.Input<inputs.IdentityAzureAuthAccessTokenTrustedIp>[]>;
|
|
116
|
+
/**
|
|
117
|
+
* The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000
|
|
118
|
+
*/
|
|
119
|
+
accessTokenTtl?: pulumi.Input<number>;
|
|
120
|
+
/**
|
|
121
|
+
* List of Azure AD service principal IDs that are allowed to authenticate with Infisical
|
|
122
|
+
*/
|
|
123
|
+
allowedServicePrincipalIds?: pulumi.Input<pulumi.Input<string>[]>;
|
|
124
|
+
/**
|
|
125
|
+
* The ID of the identity to attach the configuration onto.
|
|
126
|
+
*/
|
|
127
|
+
identityId: pulumi.Input<string>;
|
|
128
|
+
/**
|
|
129
|
+
* The resource URL for the application registered in Azure AD. The value is expected to match the `aud` claim of the access token JWT later used in the login operation against Infisical. See the [resource](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/how-to-use-vm-token#get-a-token-using-http) parameter for how the audience is set when requesting a JWT access token from the Azure Instance Metadata Service (IMDS) endpoint. In most cases, this value should be `https://management.azure.com/` which is the default
|
|
130
|
+
*/
|
|
131
|
+
resourceUrl?: pulumi.Input<string>;
|
|
132
|
+
/**
|
|
133
|
+
* The [tenant ID](https://learn.microsoft.com/en-us/entra/fundamentals/how-to-find-tenant) for the Azure AD organization.
|
|
134
|
+
*/
|
|
135
|
+
tenantId: pulumi.Input<string>;
|
|
136
|
+
}
|
|
137
|
+
//# sourceMappingURL=identityAzureAuth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identityAzureAuth.d.ts","sourceRoot":"","sources":["../src/identityAzureAuth.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAG1C,qBAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;WACW,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,sBAAsB,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,qBAAqB,GAAG,iBAAiB;IAIpJ,gBAAgB;IAChB,gBAAuB,YAAY,yDAAyD;IAE5F;;;OAGG;WACW,UAAU,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,IAAI,iBAAiB;IAO5D;;OAEG;IACH,SAAwB,iBAAiB,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACjE;;OAEG;IACH,SAAwB,uBAAuB,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACvE;;OAEG;IACH,SAAwB,qBAAqB,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,qCAAqC,EAAE,CAAC,CAAC;IAC9G;;OAEG;IACH,SAAwB,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC9D;;OAEG;IACH,SAAwB,0BAA0B,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5E;;OAEG;IACH,SAAwB,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1D;;OAEG;IACH,SAAwB,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC3D;;OAEG;IACH,SAAwB,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAExD;;;;;;OAMG;gBACS,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,qBAAqB;CAkC7F;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACnC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACzC;;OAEG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;IACnG;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC;;OAEG;IACH,0BAA0B,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAClE;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAClC;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IAClC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACzC;;OAEG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;IACnG;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC;;OAEG;IACH,0BAA0B,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAClE;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CAClC"}
|