pulumi-nomad 2.2.1__py3-none-any.whl → 2.3.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_nomad/__init__.py +1 -0
- pulumi_nomad/_inputs.py +189 -63
- pulumi_nomad/acl_auth_method.py +14 -14
- pulumi_nomad/get_deployments.py +5 -0
- pulumi_nomad/get_jwks.py +116 -0
- pulumi_nomad/outputs.py +242 -56
- pulumi_nomad/pulumi-plugin.json +2 -1
- {pulumi_nomad-2.2.1.dist-info → pulumi_nomad-2.3.0.dist-info}/METADATA +1 -1
- {pulumi_nomad-2.2.1.dist-info → pulumi_nomad-2.3.0.dist-info}/RECORD +11 -10
- {pulumi_nomad-2.2.1.dist-info → pulumi_nomad-2.3.0.dist-info}/WHEEL +0 -0
- {pulumi_nomad-2.2.1.dist-info → pulumi_nomad-2.3.0.dist-info}/top_level.txt +0 -0
pulumi_nomad/__init__.py
CHANGED
pulumi_nomad/_inputs.py
CHANGED
@@ -58,56 +58,93 @@ __all__ = [
|
|
58
58
|
@pulumi.input_type
|
59
59
|
class AclAuthMethodConfigArgs:
|
60
60
|
def __init__(__self__, *,
|
61
|
-
allowed_redirect_uris: pulumi.Input[Sequence[pulumi.Input[str]]],
|
62
|
-
oidc_client_id: pulumi.Input[str],
|
63
|
-
oidc_client_secret: pulumi.Input[str],
|
64
|
-
oidc_discovery_url: pulumi.Input[str],
|
61
|
+
allowed_redirect_uris: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
65
62
|
bound_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
63
|
+
bound_issuers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
66
64
|
claim_mappings: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
65
|
+
clock_skew_leeway: Optional[pulumi.Input[str]] = None,
|
67
66
|
discovery_ca_pems: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
67
|
+
expiration_leeway: Optional[pulumi.Input[str]] = None,
|
68
|
+
jwks_ca_cert: Optional[pulumi.Input[str]] = None,
|
69
|
+
jwks_url: Optional[pulumi.Input[str]] = None,
|
70
|
+
jwt_validation_pub_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
68
71
|
list_claim_mappings: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
72
|
+
not_before_leeway: Optional[pulumi.Input[str]] = None,
|
73
|
+
oidc_client_id: Optional[pulumi.Input[str]] = None,
|
74
|
+
oidc_client_secret: Optional[pulumi.Input[str]] = None,
|
69
75
|
oidc_disable_userinfo: Optional[pulumi.Input[bool]] = None,
|
76
|
+
oidc_discovery_url: Optional[pulumi.Input[str]] = None,
|
70
77
|
oidc_scopes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
71
78
|
signing_algs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
|
72
79
|
"""
|
73
80
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_redirect_uris: `([]string: <optional>)` - A list of allowed values
|
74
81
|
that can be used for the redirect URI.
|
75
|
-
:param pulumi.Input[str] oidc_client_id: `(string: <required>)` - The OAuth Client ID configured
|
76
|
-
with the OIDC provider.
|
77
|
-
:param pulumi.Input[str] oidc_client_secret: `(string: <required>)` - The OAuth Client Secret
|
78
|
-
configured with the OIDC provider.
|
79
|
-
:param pulumi.Input[str] oidc_discovery_url: `(string: <required>)` - The OIDC Discovery URL,
|
80
|
-
without any .well-known component (base path).
|
81
82
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] bound_audiences: `([]string: <optional>)` - List of auth claims that are
|
82
83
|
valid for login.
|
83
|
-
:param pulumi.Input[
|
84
|
-
|
84
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] bound_issuers: `([]string: <optional>)` - The value against which to match
|
85
|
+
the iss claim in a JWT.
|
86
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] claim_mappings: Mappings of claims (key) that will be copied to a metadata field (value).
|
87
|
+
:param pulumi.Input[str] clock_skew_leeway: `(string: <optional>)` - Duration of leeway when validating
|
88
|
+
all claims in the form of a time duration such as "5m" or "1h".
|
85
89
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] discovery_ca_pems: `([]string: <optional>)` - PEM encoded CA certs for use
|
86
90
|
by the TLS client used to talk with the OIDC Discovery URL.
|
87
|
-
:param pulumi.Input[
|
88
|
-
|
91
|
+
:param pulumi.Input[str] expiration_leeway: `(string: <optional>)` - Duration of leeway when validating
|
92
|
+
expiration of a JWT in the form of a time duration such as "5m" or "1h".
|
93
|
+
:param pulumi.Input[str] jwks_ca_cert: `(string: <optional>)` - PEM encoded CA cert for use by the
|
94
|
+
TLS client used to talk with the JWKS server.
|
95
|
+
:param pulumi.Input[str] jwks_url: `(string: <optional>)` - JSON Web Key Sets url for authenticating
|
96
|
+
signatures.
|
97
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] jwt_validation_pub_keys: `([]string: <optional>)` - List of PEM-encoded
|
98
|
+
public keys to use to authenticate signatures locally.
|
99
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] list_claim_mappings: Mappings of list claims (key) that will be copied to a metadata field (value).
|
100
|
+
:param pulumi.Input[str] not_before_leeway: `(string: <optional>)` - Duration of leeway when validating
|
101
|
+
not before values of a token in the form of a time duration such as "5m" or "1h".
|
102
|
+
:param pulumi.Input[str] oidc_client_id: `(string: <optional>)` - The OAuth Client ID configured
|
103
|
+
with the OIDC provider.
|
104
|
+
:param pulumi.Input[str] oidc_client_secret: `(string: <optional>)` - The OAuth Client Secret
|
105
|
+
configured with the OIDC provider.
|
89
106
|
:param pulumi.Input[bool] oidc_disable_userinfo: `(bool: false)` - When set to `true`, Nomad will
|
90
107
|
not make a request to the identity provider to get OIDC `UserInfo`.
|
91
108
|
You may wish to set this if your identity provider doesn't send any
|
92
109
|
additional claims from the `UserInfo` endpoint.
|
110
|
+
:param pulumi.Input[str] oidc_discovery_url: `(string: <optional>)` - The OIDC Discovery URL,
|
111
|
+
without any .well-known component (base path).
|
93
112
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] oidc_scopes: `([]string: <optional>)` - List of OIDC scopes.
|
94
113
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] signing_algs: `([]string: <optional>)` - A list of supported signing
|
95
114
|
algorithms.
|
96
115
|
"""
|
97
|
-
|
98
|
-
|
99
|
-
pulumi.set(__self__, "oidc_client_secret", oidc_client_secret)
|
100
|
-
pulumi.set(__self__, "oidc_discovery_url", oidc_discovery_url)
|
116
|
+
if allowed_redirect_uris is not None:
|
117
|
+
pulumi.set(__self__, "allowed_redirect_uris", allowed_redirect_uris)
|
101
118
|
if bound_audiences is not None:
|
102
119
|
pulumi.set(__self__, "bound_audiences", bound_audiences)
|
120
|
+
if bound_issuers is not None:
|
121
|
+
pulumi.set(__self__, "bound_issuers", bound_issuers)
|
103
122
|
if claim_mappings is not None:
|
104
123
|
pulumi.set(__self__, "claim_mappings", claim_mappings)
|
124
|
+
if clock_skew_leeway is not None:
|
125
|
+
pulumi.set(__self__, "clock_skew_leeway", clock_skew_leeway)
|
105
126
|
if discovery_ca_pems is not None:
|
106
127
|
pulumi.set(__self__, "discovery_ca_pems", discovery_ca_pems)
|
128
|
+
if expiration_leeway is not None:
|
129
|
+
pulumi.set(__self__, "expiration_leeway", expiration_leeway)
|
130
|
+
if jwks_ca_cert is not None:
|
131
|
+
pulumi.set(__self__, "jwks_ca_cert", jwks_ca_cert)
|
132
|
+
if jwks_url is not None:
|
133
|
+
pulumi.set(__self__, "jwks_url", jwks_url)
|
134
|
+
if jwt_validation_pub_keys is not None:
|
135
|
+
pulumi.set(__self__, "jwt_validation_pub_keys", jwt_validation_pub_keys)
|
107
136
|
if list_claim_mappings is not None:
|
108
137
|
pulumi.set(__self__, "list_claim_mappings", list_claim_mappings)
|
138
|
+
if not_before_leeway is not None:
|
139
|
+
pulumi.set(__self__, "not_before_leeway", not_before_leeway)
|
140
|
+
if oidc_client_id is not None:
|
141
|
+
pulumi.set(__self__, "oidc_client_id", oidc_client_id)
|
142
|
+
if oidc_client_secret is not None:
|
143
|
+
pulumi.set(__self__, "oidc_client_secret", oidc_client_secret)
|
109
144
|
if oidc_disable_userinfo is not None:
|
110
145
|
pulumi.set(__self__, "oidc_disable_userinfo", oidc_disable_userinfo)
|
146
|
+
if oidc_discovery_url is not None:
|
147
|
+
pulumi.set(__self__, "oidc_discovery_url", oidc_discovery_url)
|
111
148
|
if oidc_scopes is not None:
|
112
149
|
pulumi.set(__self__, "oidc_scopes", oidc_scopes)
|
113
150
|
if signing_algs is not None:
|
@@ -115,7 +152,7 @@ class AclAuthMethodConfigArgs:
|
|
115
152
|
|
116
153
|
@property
|
117
154
|
@pulumi.getter(name="allowedRedirectUris")
|
118
|
-
def allowed_redirect_uris(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
|
155
|
+
def allowed_redirect_uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
119
156
|
"""
|
120
157
|
`([]string: <optional>)` - A list of allowed values
|
121
158
|
that can be used for the redirect URI.
|
@@ -123,48 +160,9 @@ class AclAuthMethodConfigArgs:
|
|
123
160
|
return pulumi.get(self, "allowed_redirect_uris")
|
124
161
|
|
125
162
|
@allowed_redirect_uris.setter
|
126
|
-
def allowed_redirect_uris(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]):
|
163
|
+
def allowed_redirect_uris(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
127
164
|
pulumi.set(self, "allowed_redirect_uris", value)
|
128
165
|
|
129
|
-
@property
|
130
|
-
@pulumi.getter(name="oidcClientId")
|
131
|
-
def oidc_client_id(self) -> pulumi.Input[str]:
|
132
|
-
"""
|
133
|
-
`(string: <required>)` - The OAuth Client ID configured
|
134
|
-
with the OIDC provider.
|
135
|
-
"""
|
136
|
-
return pulumi.get(self, "oidc_client_id")
|
137
|
-
|
138
|
-
@oidc_client_id.setter
|
139
|
-
def oidc_client_id(self, value: pulumi.Input[str]):
|
140
|
-
pulumi.set(self, "oidc_client_id", value)
|
141
|
-
|
142
|
-
@property
|
143
|
-
@pulumi.getter(name="oidcClientSecret")
|
144
|
-
def oidc_client_secret(self) -> pulumi.Input[str]:
|
145
|
-
"""
|
146
|
-
`(string: <required>)` - The OAuth Client Secret
|
147
|
-
configured with the OIDC provider.
|
148
|
-
"""
|
149
|
-
return pulumi.get(self, "oidc_client_secret")
|
150
|
-
|
151
|
-
@oidc_client_secret.setter
|
152
|
-
def oidc_client_secret(self, value: pulumi.Input[str]):
|
153
|
-
pulumi.set(self, "oidc_client_secret", value)
|
154
|
-
|
155
|
-
@property
|
156
|
-
@pulumi.getter(name="oidcDiscoveryUrl")
|
157
|
-
def oidc_discovery_url(self) -> pulumi.Input[str]:
|
158
|
-
"""
|
159
|
-
`(string: <required>)` - The OIDC Discovery URL,
|
160
|
-
without any .well-known component (base path).
|
161
|
-
"""
|
162
|
-
return pulumi.get(self, "oidc_discovery_url")
|
163
|
-
|
164
|
-
@oidc_discovery_url.setter
|
165
|
-
def oidc_discovery_url(self, value: pulumi.Input[str]):
|
166
|
-
pulumi.set(self, "oidc_discovery_url", value)
|
167
|
-
|
168
166
|
@property
|
169
167
|
@pulumi.getter(name="boundAudiences")
|
170
168
|
def bound_audiences(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
@@ -178,12 +176,24 @@ class AclAuthMethodConfigArgs:
|
|
178
176
|
def bound_audiences(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
179
177
|
pulumi.set(self, "bound_audiences", value)
|
180
178
|
|
179
|
+
@property
|
180
|
+
@pulumi.getter(name="boundIssuers")
|
181
|
+
def bound_issuers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
182
|
+
"""
|
183
|
+
`([]string: <optional>)` - The value against which to match
|
184
|
+
the iss claim in a JWT.
|
185
|
+
"""
|
186
|
+
return pulumi.get(self, "bound_issuers")
|
187
|
+
|
188
|
+
@bound_issuers.setter
|
189
|
+
def bound_issuers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
190
|
+
pulumi.set(self, "bound_issuers", value)
|
191
|
+
|
181
192
|
@property
|
182
193
|
@pulumi.getter(name="claimMappings")
|
183
194
|
def claim_mappings(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
184
195
|
"""
|
185
|
-
|
186
|
-
that will be copied to a metadata field (value).
|
196
|
+
Mappings of claims (key) that will be copied to a metadata field (value).
|
187
197
|
"""
|
188
198
|
return pulumi.get(self, "claim_mappings")
|
189
199
|
|
@@ -191,6 +201,19 @@ class AclAuthMethodConfigArgs:
|
|
191
201
|
def claim_mappings(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
192
202
|
pulumi.set(self, "claim_mappings", value)
|
193
203
|
|
204
|
+
@property
|
205
|
+
@pulumi.getter(name="clockSkewLeeway")
|
206
|
+
def clock_skew_leeway(self) -> Optional[pulumi.Input[str]]:
|
207
|
+
"""
|
208
|
+
`(string: <optional>)` - Duration of leeway when validating
|
209
|
+
all claims in the form of a time duration such as "5m" or "1h".
|
210
|
+
"""
|
211
|
+
return pulumi.get(self, "clock_skew_leeway")
|
212
|
+
|
213
|
+
@clock_skew_leeway.setter
|
214
|
+
def clock_skew_leeway(self, value: Optional[pulumi.Input[str]]):
|
215
|
+
pulumi.set(self, "clock_skew_leeway", value)
|
216
|
+
|
194
217
|
@property
|
195
218
|
@pulumi.getter(name="discoveryCaPems")
|
196
219
|
def discovery_ca_pems(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
@@ -204,12 +227,63 @@ class AclAuthMethodConfigArgs:
|
|
204
227
|
def discovery_ca_pems(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
205
228
|
pulumi.set(self, "discovery_ca_pems", value)
|
206
229
|
|
230
|
+
@property
|
231
|
+
@pulumi.getter(name="expirationLeeway")
|
232
|
+
def expiration_leeway(self) -> Optional[pulumi.Input[str]]:
|
233
|
+
"""
|
234
|
+
`(string: <optional>)` - Duration of leeway when validating
|
235
|
+
expiration of a JWT in the form of a time duration such as "5m" or "1h".
|
236
|
+
"""
|
237
|
+
return pulumi.get(self, "expiration_leeway")
|
238
|
+
|
239
|
+
@expiration_leeway.setter
|
240
|
+
def expiration_leeway(self, value: Optional[pulumi.Input[str]]):
|
241
|
+
pulumi.set(self, "expiration_leeway", value)
|
242
|
+
|
243
|
+
@property
|
244
|
+
@pulumi.getter(name="jwksCaCert")
|
245
|
+
def jwks_ca_cert(self) -> Optional[pulumi.Input[str]]:
|
246
|
+
"""
|
247
|
+
`(string: <optional>)` - PEM encoded CA cert for use by the
|
248
|
+
TLS client used to talk with the JWKS server.
|
249
|
+
"""
|
250
|
+
return pulumi.get(self, "jwks_ca_cert")
|
251
|
+
|
252
|
+
@jwks_ca_cert.setter
|
253
|
+
def jwks_ca_cert(self, value: Optional[pulumi.Input[str]]):
|
254
|
+
pulumi.set(self, "jwks_ca_cert", value)
|
255
|
+
|
256
|
+
@property
|
257
|
+
@pulumi.getter(name="jwksUrl")
|
258
|
+
def jwks_url(self) -> Optional[pulumi.Input[str]]:
|
259
|
+
"""
|
260
|
+
`(string: <optional>)` - JSON Web Key Sets url for authenticating
|
261
|
+
signatures.
|
262
|
+
"""
|
263
|
+
return pulumi.get(self, "jwks_url")
|
264
|
+
|
265
|
+
@jwks_url.setter
|
266
|
+
def jwks_url(self, value: Optional[pulumi.Input[str]]):
|
267
|
+
pulumi.set(self, "jwks_url", value)
|
268
|
+
|
269
|
+
@property
|
270
|
+
@pulumi.getter(name="jwtValidationPubKeys")
|
271
|
+
def jwt_validation_pub_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
272
|
+
"""
|
273
|
+
`([]string: <optional>)` - List of PEM-encoded
|
274
|
+
public keys to use to authenticate signatures locally.
|
275
|
+
"""
|
276
|
+
return pulumi.get(self, "jwt_validation_pub_keys")
|
277
|
+
|
278
|
+
@jwt_validation_pub_keys.setter
|
279
|
+
def jwt_validation_pub_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
280
|
+
pulumi.set(self, "jwt_validation_pub_keys", value)
|
281
|
+
|
207
282
|
@property
|
208
283
|
@pulumi.getter(name="listClaimMappings")
|
209
284
|
def list_claim_mappings(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
210
285
|
"""
|
211
|
-
|
212
|
-
claims (key) that will be copied to a metadata field (value).
|
286
|
+
Mappings of list claims (key) that will be copied to a metadata field (value).
|
213
287
|
"""
|
214
288
|
return pulumi.get(self, "list_claim_mappings")
|
215
289
|
|
@@ -217,6 +291,45 @@ class AclAuthMethodConfigArgs:
|
|
217
291
|
def list_claim_mappings(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
218
292
|
pulumi.set(self, "list_claim_mappings", value)
|
219
293
|
|
294
|
+
@property
|
295
|
+
@pulumi.getter(name="notBeforeLeeway")
|
296
|
+
def not_before_leeway(self) -> Optional[pulumi.Input[str]]:
|
297
|
+
"""
|
298
|
+
`(string: <optional>)` - Duration of leeway when validating
|
299
|
+
not before values of a token in the form of a time duration such as "5m" or "1h".
|
300
|
+
"""
|
301
|
+
return pulumi.get(self, "not_before_leeway")
|
302
|
+
|
303
|
+
@not_before_leeway.setter
|
304
|
+
def not_before_leeway(self, value: Optional[pulumi.Input[str]]):
|
305
|
+
pulumi.set(self, "not_before_leeway", value)
|
306
|
+
|
307
|
+
@property
|
308
|
+
@pulumi.getter(name="oidcClientId")
|
309
|
+
def oidc_client_id(self) -> Optional[pulumi.Input[str]]:
|
310
|
+
"""
|
311
|
+
`(string: <optional>)` - The OAuth Client ID configured
|
312
|
+
with the OIDC provider.
|
313
|
+
"""
|
314
|
+
return pulumi.get(self, "oidc_client_id")
|
315
|
+
|
316
|
+
@oidc_client_id.setter
|
317
|
+
def oidc_client_id(self, value: Optional[pulumi.Input[str]]):
|
318
|
+
pulumi.set(self, "oidc_client_id", value)
|
319
|
+
|
320
|
+
@property
|
321
|
+
@pulumi.getter(name="oidcClientSecret")
|
322
|
+
def oidc_client_secret(self) -> Optional[pulumi.Input[str]]:
|
323
|
+
"""
|
324
|
+
`(string: <optional>)` - The OAuth Client Secret
|
325
|
+
configured with the OIDC provider.
|
326
|
+
"""
|
327
|
+
return pulumi.get(self, "oidc_client_secret")
|
328
|
+
|
329
|
+
@oidc_client_secret.setter
|
330
|
+
def oidc_client_secret(self, value: Optional[pulumi.Input[str]]):
|
331
|
+
pulumi.set(self, "oidc_client_secret", value)
|
332
|
+
|
220
333
|
@property
|
221
334
|
@pulumi.getter(name="oidcDisableUserinfo")
|
222
335
|
def oidc_disable_userinfo(self) -> Optional[pulumi.Input[bool]]:
|
@@ -232,6 +345,19 @@ class AclAuthMethodConfigArgs:
|
|
232
345
|
def oidc_disable_userinfo(self, value: Optional[pulumi.Input[bool]]):
|
233
346
|
pulumi.set(self, "oidc_disable_userinfo", value)
|
234
347
|
|
348
|
+
@property
|
349
|
+
@pulumi.getter(name="oidcDiscoveryUrl")
|
350
|
+
def oidc_discovery_url(self) -> Optional[pulumi.Input[str]]:
|
351
|
+
"""
|
352
|
+
`(string: <optional>)` - The OIDC Discovery URL,
|
353
|
+
without any .well-known component (base path).
|
354
|
+
"""
|
355
|
+
return pulumi.get(self, "oidc_discovery_url")
|
356
|
+
|
357
|
+
@oidc_discovery_url.setter
|
358
|
+
def oidc_discovery_url(self, value: Optional[pulumi.Input[str]]):
|
359
|
+
pulumi.set(self, "oidc_discovery_url", value)
|
360
|
+
|
235
361
|
@property
|
236
362
|
@pulumi.getter(name="oidcScopes")
|
237
363
|
def oidc_scopes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
pulumi_nomad/acl_auth_method.py
CHANGED
@@ -32,8 +32,8 @@ class AclAuthMethodArgs:
|
|
32
32
|
:param pulumi.Input[str] token_locality: `(string: <required>)` - Defines whether the ACL Auth Method
|
33
33
|
creates a local or global token when performing SSO login. This field must be
|
34
34
|
set to either `local` or `global`.
|
35
|
-
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type.
|
36
|
-
|
35
|
+
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type. Valid values,
|
36
|
+
are `OIDC` and `JWT`.
|
37
37
|
:param pulumi.Input[bool] default: `(bool: false)` - Defines whether this ACL Auth Method is to be set
|
38
38
|
as default.
|
39
39
|
:param pulumi.Input[str] name: `(string: <required>)` - The identifier of the ACL Auth Method.
|
@@ -96,8 +96,8 @@ class AclAuthMethodArgs:
|
|
96
96
|
@pulumi.getter
|
97
97
|
def type(self) -> pulumi.Input[str]:
|
98
98
|
"""
|
99
|
-
`(string: <required>)` - ACL Auth Method SSO workflow type.
|
100
|
-
|
99
|
+
`(string: <required>)` - ACL Auth Method SSO workflow type. Valid values,
|
100
|
+
are `OIDC` and `JWT`.
|
101
101
|
"""
|
102
102
|
return pulumi.get(self, "type")
|
103
103
|
|
@@ -170,8 +170,8 @@ class _AclAuthMethodState:
|
|
170
170
|
:param pulumi.Input[str] token_name_format: `(string: "${auth_method_type}-${auth_method_name}")` -
|
171
171
|
Defines the token name format for the generated tokens This can be lightly
|
172
172
|
templated using HIL '${foo}' syntax.
|
173
|
-
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type.
|
174
|
-
|
173
|
+
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type. Valid values,
|
174
|
+
are `OIDC` and `JWT`.
|
175
175
|
"""
|
176
176
|
if config is not None:
|
177
177
|
pulumi.set(__self__, "config", config)
|
@@ -271,8 +271,8 @@ class _AclAuthMethodState:
|
|
271
271
|
@pulumi.getter
|
272
272
|
def type(self) -> Optional[pulumi.Input[str]]:
|
273
273
|
"""
|
274
|
-
`(string: <required>)` - ACL Auth Method SSO workflow type.
|
275
|
-
|
274
|
+
`(string: <required>)` - ACL Auth Method SSO workflow type. Valid values,
|
275
|
+
are `OIDC` and `JWT`.
|
276
276
|
"""
|
277
277
|
return pulumi.get(self, "type")
|
278
278
|
|
@@ -342,8 +342,8 @@ class AclAuthMethod(pulumi.CustomResource):
|
|
342
342
|
:param pulumi.Input[str] token_name_format: `(string: "${auth_method_type}-${auth_method_name}")` -
|
343
343
|
Defines the token name format for the generated tokens This can be lightly
|
344
344
|
templated using HIL '${foo}' syntax.
|
345
|
-
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type.
|
346
|
-
|
345
|
+
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type. Valid values,
|
346
|
+
are `OIDC` and `JWT`.
|
347
347
|
"""
|
348
348
|
...
|
349
349
|
@overload
|
@@ -467,8 +467,8 @@ class AclAuthMethod(pulumi.CustomResource):
|
|
467
467
|
:param pulumi.Input[str] token_name_format: `(string: "${auth_method_type}-${auth_method_name}")` -
|
468
468
|
Defines the token name format for the generated tokens This can be lightly
|
469
469
|
templated using HIL '${foo}' syntax.
|
470
|
-
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type.
|
471
|
-
|
470
|
+
:param pulumi.Input[str] type: `(string: <required>)` - ACL Auth Method SSO workflow type. Valid values,
|
471
|
+
are `OIDC` and `JWT`.
|
472
472
|
"""
|
473
473
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
474
474
|
|
@@ -542,8 +542,8 @@ class AclAuthMethod(pulumi.CustomResource):
|
|
542
542
|
@pulumi.getter
|
543
543
|
def type(self) -> pulumi.Output[str]:
|
544
544
|
"""
|
545
|
-
`(string: <required>)` - ACL Auth Method SSO workflow type.
|
546
|
-
|
545
|
+
`(string: <required>)` - ACL Auth Method SSO workflow type. Valid values,
|
546
|
+
are `OIDC` and `JWT`.
|
547
547
|
"""
|
548
548
|
return pulumi.get(self, "type")
|
549
549
|
|
pulumi_nomad/get_deployments.py
CHANGED
@@ -34,6 +34,11 @@ class GetDeploymentsResult:
|
|
34
34
|
def deployments(self) -> Sequence[Mapping[str, Any]]:
|
35
35
|
"""
|
36
36
|
`list of maps` a list of deployments in the cluster.
|
37
|
+
* `ID`: `string` Deployment ID.
|
38
|
+
* `JobID`: `string` Job ID associated with the deployment.
|
39
|
+
* `JobVersion`: `string` Job version.
|
40
|
+
* `Status`: `string` Deployment status.
|
41
|
+
* `StatusDescription`: `string` Detailed description of the deployment's status.
|
37
42
|
"""
|
38
43
|
return pulumi.get(self, "deployments")
|
39
44
|
|
pulumi_nomad/get_jwks.py
ADDED
@@ -0,0 +1,116 @@
|
|
1
|
+
# coding=utf-8
|
2
|
+
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
|
+
|
5
|
+
import copy
|
6
|
+
import warnings
|
7
|
+
import pulumi
|
8
|
+
import pulumi.runtime
|
9
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
10
|
+
from . import _utilities
|
11
|
+
from . import outputs
|
12
|
+
|
13
|
+
__all__ = [
|
14
|
+
'GetJwksResult',
|
15
|
+
'AwaitableGetJwksResult',
|
16
|
+
'get_jwks',
|
17
|
+
'get_jwks_output',
|
18
|
+
]
|
19
|
+
|
20
|
+
@pulumi.output_type
|
21
|
+
class GetJwksResult:
|
22
|
+
"""
|
23
|
+
A collection of values returned by getJwks.
|
24
|
+
"""
|
25
|
+
def __init__(__self__, id=None, keys=None, pem_keys=None):
|
26
|
+
if id and not isinstance(id, str):
|
27
|
+
raise TypeError("Expected argument 'id' to be a str")
|
28
|
+
pulumi.set(__self__, "id", id)
|
29
|
+
if keys and not isinstance(keys, list):
|
30
|
+
raise TypeError("Expected argument 'keys' to be a list")
|
31
|
+
pulumi.set(__self__, "keys", keys)
|
32
|
+
if pem_keys and not isinstance(pem_keys, list):
|
33
|
+
raise TypeError("Expected argument 'pem_keys' to be a list")
|
34
|
+
pulumi.set(__self__, "pem_keys", pem_keys)
|
35
|
+
|
36
|
+
@property
|
37
|
+
@pulumi.getter
|
38
|
+
def id(self) -> str:
|
39
|
+
"""
|
40
|
+
The provider-assigned unique ID for this managed resource.
|
41
|
+
"""
|
42
|
+
return pulumi.get(self, "id")
|
43
|
+
|
44
|
+
@property
|
45
|
+
@pulumi.getter
|
46
|
+
def keys(self) -> Sequence['outputs.GetJwksKeyResult']:
|
47
|
+
"""
|
48
|
+
`list of maps` a list of JWK keys in structured format: see [RFC7517](https://datatracker.ietf.org/doc/html/rfc7517) for the
|
49
|
+
JWK field meanings.
|
50
|
+
"""
|
51
|
+
return pulumi.get(self, "keys")
|
52
|
+
|
53
|
+
@property
|
54
|
+
@pulumi.getter(name="pemKeys")
|
55
|
+
def pem_keys(self) -> Sequence[str]:
|
56
|
+
"""
|
57
|
+
`list of strings` a list JWK keys rendered as PEM-encoded X.509 keys
|
58
|
+
"""
|
59
|
+
return pulumi.get(self, "pem_keys")
|
60
|
+
|
61
|
+
|
62
|
+
class AwaitableGetJwksResult(GetJwksResult):
|
63
|
+
# pylint: disable=using-constant-test
|
64
|
+
def __await__(self):
|
65
|
+
if False:
|
66
|
+
yield self
|
67
|
+
return GetJwksResult(
|
68
|
+
id=self.id,
|
69
|
+
keys=self.keys,
|
70
|
+
pem_keys=self.pem_keys)
|
71
|
+
|
72
|
+
|
73
|
+
def get_jwks(opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetJwksResult:
|
74
|
+
"""
|
75
|
+
Retrieve the cluster JWKS public keys.
|
76
|
+
|
77
|
+
The keys are returned both as a list of maps (`keys`), and as a list of PEM-encoded strings
|
78
|
+
(`pem_keys`), which may be more convenient for use.
|
79
|
+
|
80
|
+
## Example Usage
|
81
|
+
|
82
|
+
```python
|
83
|
+
import pulumi
|
84
|
+
import pulumi_nomad as nomad
|
85
|
+
|
86
|
+
example = nomad.get_jwks()
|
87
|
+
```
|
88
|
+
"""
|
89
|
+
__args__ = dict()
|
90
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
91
|
+
__ret__ = pulumi.runtime.invoke('nomad:index/getJwks:getJwks', __args__, opts=opts, typ=GetJwksResult).value
|
92
|
+
|
93
|
+
return AwaitableGetJwksResult(
|
94
|
+
id=pulumi.get(__ret__, 'id'),
|
95
|
+
keys=pulumi.get(__ret__, 'keys'),
|
96
|
+
pem_keys=pulumi.get(__ret__, 'pem_keys'))
|
97
|
+
|
98
|
+
|
99
|
+
@_utilities.lift_output_func(get_jwks)
|
100
|
+
def get_jwks_output(opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetJwksResult]:
|
101
|
+
"""
|
102
|
+
Retrieve the cluster JWKS public keys.
|
103
|
+
|
104
|
+
The keys are returned both as a list of maps (`keys`), and as a list of PEM-encoded strings
|
105
|
+
(`pem_keys`), which may be more convenient for use.
|
106
|
+
|
107
|
+
## Example Usage
|
108
|
+
|
109
|
+
```python
|
110
|
+
import pulumi
|
111
|
+
import pulumi_nomad as nomad
|
112
|
+
|
113
|
+
example = nomad.get_jwks()
|
114
|
+
```
|
115
|
+
"""
|
116
|
+
...
|
pulumi_nomad/outputs.py
CHANGED
@@ -67,6 +67,7 @@ __all__ = [
|
|
67
67
|
'GetJobTaskGroupTaskResult',
|
68
68
|
'GetJobTaskGroupTaskVolumeMountResult',
|
69
69
|
'GetJobTaskGroupVolumeResult',
|
70
|
+
'GetJwksKeyResult',
|
70
71
|
'GetNamespaceCapabilityResult',
|
71
72
|
'GetNamespaceNodePoolConfigResult',
|
72
73
|
'GetNodePoolSchedulerConfigResult',
|
@@ -83,22 +84,36 @@ class AclAuthMethodConfig(dict):
|
|
83
84
|
suggest = None
|
84
85
|
if key == "allowedRedirectUris":
|
85
86
|
suggest = "allowed_redirect_uris"
|
86
|
-
elif key == "oidcClientId":
|
87
|
-
suggest = "oidc_client_id"
|
88
|
-
elif key == "oidcClientSecret":
|
89
|
-
suggest = "oidc_client_secret"
|
90
|
-
elif key == "oidcDiscoveryUrl":
|
91
|
-
suggest = "oidc_discovery_url"
|
92
87
|
elif key == "boundAudiences":
|
93
88
|
suggest = "bound_audiences"
|
89
|
+
elif key == "boundIssuers":
|
90
|
+
suggest = "bound_issuers"
|
94
91
|
elif key == "claimMappings":
|
95
92
|
suggest = "claim_mappings"
|
93
|
+
elif key == "clockSkewLeeway":
|
94
|
+
suggest = "clock_skew_leeway"
|
96
95
|
elif key == "discoveryCaPems":
|
97
96
|
suggest = "discovery_ca_pems"
|
97
|
+
elif key == "expirationLeeway":
|
98
|
+
suggest = "expiration_leeway"
|
99
|
+
elif key == "jwksCaCert":
|
100
|
+
suggest = "jwks_ca_cert"
|
101
|
+
elif key == "jwksUrl":
|
102
|
+
suggest = "jwks_url"
|
103
|
+
elif key == "jwtValidationPubKeys":
|
104
|
+
suggest = "jwt_validation_pub_keys"
|
98
105
|
elif key == "listClaimMappings":
|
99
106
|
suggest = "list_claim_mappings"
|
107
|
+
elif key == "notBeforeLeeway":
|
108
|
+
suggest = "not_before_leeway"
|
109
|
+
elif key == "oidcClientId":
|
110
|
+
suggest = "oidc_client_id"
|
111
|
+
elif key == "oidcClientSecret":
|
112
|
+
suggest = "oidc_client_secret"
|
100
113
|
elif key == "oidcDisableUserinfo":
|
101
114
|
suggest = "oidc_disable_userinfo"
|
115
|
+
elif key == "oidcDiscoveryUrl":
|
116
|
+
suggest = "oidc_discovery_url"
|
102
117
|
elif key == "oidcScopes":
|
103
118
|
suggest = "oidc_scopes"
|
104
119
|
elif key == "signingAlgs":
|
@@ -116,56 +131,93 @@ class AclAuthMethodConfig(dict):
|
|
116
131
|
return super().get(key, default)
|
117
132
|
|
118
133
|
def __init__(__self__, *,
|
119
|
-
allowed_redirect_uris: Sequence[str],
|
120
|
-
oidc_client_id: str,
|
121
|
-
oidc_client_secret: str,
|
122
|
-
oidc_discovery_url: str,
|
134
|
+
allowed_redirect_uris: Optional[Sequence[str]] = None,
|
123
135
|
bound_audiences: Optional[Sequence[str]] = None,
|
136
|
+
bound_issuers: Optional[Sequence[str]] = None,
|
124
137
|
claim_mappings: Optional[Mapping[str, str]] = None,
|
138
|
+
clock_skew_leeway: Optional[str] = None,
|
125
139
|
discovery_ca_pems: Optional[Sequence[str]] = None,
|
140
|
+
expiration_leeway: Optional[str] = None,
|
141
|
+
jwks_ca_cert: Optional[str] = None,
|
142
|
+
jwks_url: Optional[str] = None,
|
143
|
+
jwt_validation_pub_keys: Optional[Sequence[str]] = None,
|
126
144
|
list_claim_mappings: Optional[Mapping[str, str]] = None,
|
145
|
+
not_before_leeway: Optional[str] = None,
|
146
|
+
oidc_client_id: Optional[str] = None,
|
147
|
+
oidc_client_secret: Optional[str] = None,
|
127
148
|
oidc_disable_userinfo: Optional[bool] = None,
|
149
|
+
oidc_discovery_url: Optional[str] = None,
|
128
150
|
oidc_scopes: Optional[Sequence[str]] = None,
|
129
151
|
signing_algs: Optional[Sequence[str]] = None):
|
130
152
|
"""
|
131
153
|
:param Sequence[str] allowed_redirect_uris: `([]string: <optional>)` - A list of allowed values
|
132
154
|
that can be used for the redirect URI.
|
133
|
-
:param str oidc_client_id: `(string: <required>)` - The OAuth Client ID configured
|
134
|
-
with the OIDC provider.
|
135
|
-
:param str oidc_client_secret: `(string: <required>)` - The OAuth Client Secret
|
136
|
-
configured with the OIDC provider.
|
137
|
-
:param str oidc_discovery_url: `(string: <required>)` - The OIDC Discovery URL,
|
138
|
-
without any .well-known component (base path).
|
139
155
|
:param Sequence[str] bound_audiences: `([]string: <optional>)` - List of auth claims that are
|
140
156
|
valid for login.
|
141
|
-
:param
|
142
|
-
|
157
|
+
:param Sequence[str] bound_issuers: `([]string: <optional>)` - The value against which to match
|
158
|
+
the iss claim in a JWT.
|
159
|
+
:param Mapping[str, str] claim_mappings: Mappings of claims (key) that will be copied to a metadata field (value).
|
160
|
+
:param str clock_skew_leeway: `(string: <optional>)` - Duration of leeway when validating
|
161
|
+
all claims in the form of a time duration such as "5m" or "1h".
|
143
162
|
:param Sequence[str] discovery_ca_pems: `([]string: <optional>)` - PEM encoded CA certs for use
|
144
163
|
by the TLS client used to talk with the OIDC Discovery URL.
|
145
|
-
:param
|
146
|
-
|
164
|
+
:param str expiration_leeway: `(string: <optional>)` - Duration of leeway when validating
|
165
|
+
expiration of a JWT in the form of a time duration such as "5m" or "1h".
|
166
|
+
:param str jwks_ca_cert: `(string: <optional>)` - PEM encoded CA cert for use by the
|
167
|
+
TLS client used to talk with the JWKS server.
|
168
|
+
:param str jwks_url: `(string: <optional>)` - JSON Web Key Sets url for authenticating
|
169
|
+
signatures.
|
170
|
+
:param Sequence[str] jwt_validation_pub_keys: `([]string: <optional>)` - List of PEM-encoded
|
171
|
+
public keys to use to authenticate signatures locally.
|
172
|
+
:param Mapping[str, str] list_claim_mappings: Mappings of list claims (key) that will be copied to a metadata field (value).
|
173
|
+
:param str not_before_leeway: `(string: <optional>)` - Duration of leeway when validating
|
174
|
+
not before values of a token in the form of a time duration such as "5m" or "1h".
|
175
|
+
:param str oidc_client_id: `(string: <optional>)` - The OAuth Client ID configured
|
176
|
+
with the OIDC provider.
|
177
|
+
:param str oidc_client_secret: `(string: <optional>)` - The OAuth Client Secret
|
178
|
+
configured with the OIDC provider.
|
147
179
|
:param bool oidc_disable_userinfo: `(bool: false)` - When set to `true`, Nomad will
|
148
180
|
not make a request to the identity provider to get OIDC `UserInfo`.
|
149
181
|
You may wish to set this if your identity provider doesn't send any
|
150
182
|
additional claims from the `UserInfo` endpoint.
|
183
|
+
:param str oidc_discovery_url: `(string: <optional>)` - The OIDC Discovery URL,
|
184
|
+
without any .well-known component (base path).
|
151
185
|
:param Sequence[str] oidc_scopes: `([]string: <optional>)` - List of OIDC scopes.
|
152
186
|
:param Sequence[str] signing_algs: `([]string: <optional>)` - A list of supported signing
|
153
187
|
algorithms.
|
154
188
|
"""
|
155
|
-
|
156
|
-
|
157
|
-
pulumi.set(__self__, "oidc_client_secret", oidc_client_secret)
|
158
|
-
pulumi.set(__self__, "oidc_discovery_url", oidc_discovery_url)
|
189
|
+
if allowed_redirect_uris is not None:
|
190
|
+
pulumi.set(__self__, "allowed_redirect_uris", allowed_redirect_uris)
|
159
191
|
if bound_audiences is not None:
|
160
192
|
pulumi.set(__self__, "bound_audiences", bound_audiences)
|
193
|
+
if bound_issuers is not None:
|
194
|
+
pulumi.set(__self__, "bound_issuers", bound_issuers)
|
161
195
|
if claim_mappings is not None:
|
162
196
|
pulumi.set(__self__, "claim_mappings", claim_mappings)
|
197
|
+
if clock_skew_leeway is not None:
|
198
|
+
pulumi.set(__self__, "clock_skew_leeway", clock_skew_leeway)
|
163
199
|
if discovery_ca_pems is not None:
|
164
200
|
pulumi.set(__self__, "discovery_ca_pems", discovery_ca_pems)
|
201
|
+
if expiration_leeway is not None:
|
202
|
+
pulumi.set(__self__, "expiration_leeway", expiration_leeway)
|
203
|
+
if jwks_ca_cert is not None:
|
204
|
+
pulumi.set(__self__, "jwks_ca_cert", jwks_ca_cert)
|
205
|
+
if jwks_url is not None:
|
206
|
+
pulumi.set(__self__, "jwks_url", jwks_url)
|
207
|
+
if jwt_validation_pub_keys is not None:
|
208
|
+
pulumi.set(__self__, "jwt_validation_pub_keys", jwt_validation_pub_keys)
|
165
209
|
if list_claim_mappings is not None:
|
166
210
|
pulumi.set(__self__, "list_claim_mappings", list_claim_mappings)
|
211
|
+
if not_before_leeway is not None:
|
212
|
+
pulumi.set(__self__, "not_before_leeway", not_before_leeway)
|
213
|
+
if oidc_client_id is not None:
|
214
|
+
pulumi.set(__self__, "oidc_client_id", oidc_client_id)
|
215
|
+
if oidc_client_secret is not None:
|
216
|
+
pulumi.set(__self__, "oidc_client_secret", oidc_client_secret)
|
167
217
|
if oidc_disable_userinfo is not None:
|
168
218
|
pulumi.set(__self__, "oidc_disable_userinfo", oidc_disable_userinfo)
|
219
|
+
if oidc_discovery_url is not None:
|
220
|
+
pulumi.set(__self__, "oidc_discovery_url", oidc_discovery_url)
|
169
221
|
if oidc_scopes is not None:
|
170
222
|
pulumi.set(__self__, "oidc_scopes", oidc_scopes)
|
171
223
|
if signing_algs is not None:
|
@@ -173,40 +225,13 @@ class AclAuthMethodConfig(dict):
|
|
173
225
|
|
174
226
|
@property
|
175
227
|
@pulumi.getter(name="allowedRedirectUris")
|
176
|
-
def allowed_redirect_uris(self) -> Sequence[str]:
|
228
|
+
def allowed_redirect_uris(self) -> Optional[Sequence[str]]:
|
177
229
|
"""
|
178
230
|
`([]string: <optional>)` - A list of allowed values
|
179
231
|
that can be used for the redirect URI.
|
180
232
|
"""
|
181
233
|
return pulumi.get(self, "allowed_redirect_uris")
|
182
234
|
|
183
|
-
@property
|
184
|
-
@pulumi.getter(name="oidcClientId")
|
185
|
-
def oidc_client_id(self) -> str:
|
186
|
-
"""
|
187
|
-
`(string: <required>)` - The OAuth Client ID configured
|
188
|
-
with the OIDC provider.
|
189
|
-
"""
|
190
|
-
return pulumi.get(self, "oidc_client_id")
|
191
|
-
|
192
|
-
@property
|
193
|
-
@pulumi.getter(name="oidcClientSecret")
|
194
|
-
def oidc_client_secret(self) -> str:
|
195
|
-
"""
|
196
|
-
`(string: <required>)` - The OAuth Client Secret
|
197
|
-
configured with the OIDC provider.
|
198
|
-
"""
|
199
|
-
return pulumi.get(self, "oidc_client_secret")
|
200
|
-
|
201
|
-
@property
|
202
|
-
@pulumi.getter(name="oidcDiscoveryUrl")
|
203
|
-
def oidc_discovery_url(self) -> str:
|
204
|
-
"""
|
205
|
-
`(string: <required>)` - The OIDC Discovery URL,
|
206
|
-
without any .well-known component (base path).
|
207
|
-
"""
|
208
|
-
return pulumi.get(self, "oidc_discovery_url")
|
209
|
-
|
210
235
|
@property
|
211
236
|
@pulumi.getter(name="boundAudiences")
|
212
237
|
def bound_audiences(self) -> Optional[Sequence[str]]:
|
@@ -216,15 +241,32 @@ class AclAuthMethodConfig(dict):
|
|
216
241
|
"""
|
217
242
|
return pulumi.get(self, "bound_audiences")
|
218
243
|
|
244
|
+
@property
|
245
|
+
@pulumi.getter(name="boundIssuers")
|
246
|
+
def bound_issuers(self) -> Optional[Sequence[str]]:
|
247
|
+
"""
|
248
|
+
`([]string: <optional>)` - The value against which to match
|
249
|
+
the iss claim in a JWT.
|
250
|
+
"""
|
251
|
+
return pulumi.get(self, "bound_issuers")
|
252
|
+
|
219
253
|
@property
|
220
254
|
@pulumi.getter(name="claimMappings")
|
221
255
|
def claim_mappings(self) -> Optional[Mapping[str, str]]:
|
222
256
|
"""
|
223
|
-
|
224
|
-
that will be copied to a metadata field (value).
|
257
|
+
Mappings of claims (key) that will be copied to a metadata field (value).
|
225
258
|
"""
|
226
259
|
return pulumi.get(self, "claim_mappings")
|
227
260
|
|
261
|
+
@property
|
262
|
+
@pulumi.getter(name="clockSkewLeeway")
|
263
|
+
def clock_skew_leeway(self) -> Optional[str]:
|
264
|
+
"""
|
265
|
+
`(string: <optional>)` - Duration of leeway when validating
|
266
|
+
all claims in the form of a time duration such as "5m" or "1h".
|
267
|
+
"""
|
268
|
+
return pulumi.get(self, "clock_skew_leeway")
|
269
|
+
|
228
270
|
@property
|
229
271
|
@pulumi.getter(name="discoveryCaPems")
|
230
272
|
def discovery_ca_pems(self) -> Optional[Sequence[str]]:
|
@@ -234,15 +276,77 @@ class AclAuthMethodConfig(dict):
|
|
234
276
|
"""
|
235
277
|
return pulumi.get(self, "discovery_ca_pems")
|
236
278
|
|
279
|
+
@property
|
280
|
+
@pulumi.getter(name="expirationLeeway")
|
281
|
+
def expiration_leeway(self) -> Optional[str]:
|
282
|
+
"""
|
283
|
+
`(string: <optional>)` - Duration of leeway when validating
|
284
|
+
expiration of a JWT in the form of a time duration such as "5m" or "1h".
|
285
|
+
"""
|
286
|
+
return pulumi.get(self, "expiration_leeway")
|
287
|
+
|
288
|
+
@property
|
289
|
+
@pulumi.getter(name="jwksCaCert")
|
290
|
+
def jwks_ca_cert(self) -> Optional[str]:
|
291
|
+
"""
|
292
|
+
`(string: <optional>)` - PEM encoded CA cert for use by the
|
293
|
+
TLS client used to talk with the JWKS server.
|
294
|
+
"""
|
295
|
+
return pulumi.get(self, "jwks_ca_cert")
|
296
|
+
|
297
|
+
@property
|
298
|
+
@pulumi.getter(name="jwksUrl")
|
299
|
+
def jwks_url(self) -> Optional[str]:
|
300
|
+
"""
|
301
|
+
`(string: <optional>)` - JSON Web Key Sets url for authenticating
|
302
|
+
signatures.
|
303
|
+
"""
|
304
|
+
return pulumi.get(self, "jwks_url")
|
305
|
+
|
306
|
+
@property
|
307
|
+
@pulumi.getter(name="jwtValidationPubKeys")
|
308
|
+
def jwt_validation_pub_keys(self) -> Optional[Sequence[str]]:
|
309
|
+
"""
|
310
|
+
`([]string: <optional>)` - List of PEM-encoded
|
311
|
+
public keys to use to authenticate signatures locally.
|
312
|
+
"""
|
313
|
+
return pulumi.get(self, "jwt_validation_pub_keys")
|
314
|
+
|
237
315
|
@property
|
238
316
|
@pulumi.getter(name="listClaimMappings")
|
239
317
|
def list_claim_mappings(self) -> Optional[Mapping[str, str]]:
|
240
318
|
"""
|
241
|
-
|
242
|
-
claims (key) that will be copied to a metadata field (value).
|
319
|
+
Mappings of list claims (key) that will be copied to a metadata field (value).
|
243
320
|
"""
|
244
321
|
return pulumi.get(self, "list_claim_mappings")
|
245
322
|
|
323
|
+
@property
|
324
|
+
@pulumi.getter(name="notBeforeLeeway")
|
325
|
+
def not_before_leeway(self) -> Optional[str]:
|
326
|
+
"""
|
327
|
+
`(string: <optional>)` - Duration of leeway when validating
|
328
|
+
not before values of a token in the form of a time duration such as "5m" or "1h".
|
329
|
+
"""
|
330
|
+
return pulumi.get(self, "not_before_leeway")
|
331
|
+
|
332
|
+
@property
|
333
|
+
@pulumi.getter(name="oidcClientId")
|
334
|
+
def oidc_client_id(self) -> Optional[str]:
|
335
|
+
"""
|
336
|
+
`(string: <optional>)` - The OAuth Client ID configured
|
337
|
+
with the OIDC provider.
|
338
|
+
"""
|
339
|
+
return pulumi.get(self, "oidc_client_id")
|
340
|
+
|
341
|
+
@property
|
342
|
+
@pulumi.getter(name="oidcClientSecret")
|
343
|
+
def oidc_client_secret(self) -> Optional[str]:
|
344
|
+
"""
|
345
|
+
`(string: <optional>)` - The OAuth Client Secret
|
346
|
+
configured with the OIDC provider.
|
347
|
+
"""
|
348
|
+
return pulumi.get(self, "oidc_client_secret")
|
349
|
+
|
246
350
|
@property
|
247
351
|
@pulumi.getter(name="oidcDisableUserinfo")
|
248
352
|
def oidc_disable_userinfo(self) -> Optional[bool]:
|
@@ -254,6 +358,15 @@ class AclAuthMethodConfig(dict):
|
|
254
358
|
"""
|
255
359
|
return pulumi.get(self, "oidc_disable_userinfo")
|
256
360
|
|
361
|
+
@property
|
362
|
+
@pulumi.getter(name="oidcDiscoveryUrl")
|
363
|
+
def oidc_discovery_url(self) -> Optional[str]:
|
364
|
+
"""
|
365
|
+
`(string: <optional>)` - The OIDC Discovery URL,
|
366
|
+
without any .well-known component (base path).
|
367
|
+
"""
|
368
|
+
return pulumi.get(self, "oidc_discovery_url")
|
369
|
+
|
257
370
|
@property
|
258
371
|
@pulumi.getter(name="oidcScopes")
|
259
372
|
def oidc_scopes(self) -> Optional[Sequence[str]]:
|
@@ -2485,6 +2598,79 @@ class GetJobTaskGroupVolumeResult(dict):
|
|
2485
2598
|
return pulumi.get(self, "type")
|
2486
2599
|
|
2487
2600
|
|
2601
|
+
@pulumi.output_type
|
2602
|
+
class GetJwksKeyResult(dict):
|
2603
|
+
def __init__(__self__, *,
|
2604
|
+
algorithm: str,
|
2605
|
+
exponent: str,
|
2606
|
+
key_id: str,
|
2607
|
+
key_type: str,
|
2608
|
+
key_use: str,
|
2609
|
+
modulus: str):
|
2610
|
+
"""
|
2611
|
+
:param str algorithm: `(string)` - JWK field `alg`
|
2612
|
+
:param str exponent: `(string)` - JWK field `e`
|
2613
|
+
:param str key_id: `(string)` - JWK field `kid`
|
2614
|
+
:param str key_type: `(string)` - JWK field `kty`
|
2615
|
+
:param str key_use: `(string)` - JWK field `use`
|
2616
|
+
:param str modulus: `(string)` - JWK field `n`
|
2617
|
+
"""
|
2618
|
+
pulumi.set(__self__, "algorithm", algorithm)
|
2619
|
+
pulumi.set(__self__, "exponent", exponent)
|
2620
|
+
pulumi.set(__self__, "key_id", key_id)
|
2621
|
+
pulumi.set(__self__, "key_type", key_type)
|
2622
|
+
pulumi.set(__self__, "key_use", key_use)
|
2623
|
+
pulumi.set(__self__, "modulus", modulus)
|
2624
|
+
|
2625
|
+
@property
|
2626
|
+
@pulumi.getter
|
2627
|
+
def algorithm(self) -> str:
|
2628
|
+
"""
|
2629
|
+
`(string)` - JWK field `alg`
|
2630
|
+
"""
|
2631
|
+
return pulumi.get(self, "algorithm")
|
2632
|
+
|
2633
|
+
@property
|
2634
|
+
@pulumi.getter
|
2635
|
+
def exponent(self) -> str:
|
2636
|
+
"""
|
2637
|
+
`(string)` - JWK field `e`
|
2638
|
+
"""
|
2639
|
+
return pulumi.get(self, "exponent")
|
2640
|
+
|
2641
|
+
@property
|
2642
|
+
@pulumi.getter(name="keyId")
|
2643
|
+
def key_id(self) -> str:
|
2644
|
+
"""
|
2645
|
+
`(string)` - JWK field `kid`
|
2646
|
+
"""
|
2647
|
+
return pulumi.get(self, "key_id")
|
2648
|
+
|
2649
|
+
@property
|
2650
|
+
@pulumi.getter(name="keyType")
|
2651
|
+
def key_type(self) -> str:
|
2652
|
+
"""
|
2653
|
+
`(string)` - JWK field `kty`
|
2654
|
+
"""
|
2655
|
+
return pulumi.get(self, "key_type")
|
2656
|
+
|
2657
|
+
@property
|
2658
|
+
@pulumi.getter(name="keyUse")
|
2659
|
+
def key_use(self) -> str:
|
2660
|
+
"""
|
2661
|
+
`(string)` - JWK field `use`
|
2662
|
+
"""
|
2663
|
+
return pulumi.get(self, "key_use")
|
2664
|
+
|
2665
|
+
@property
|
2666
|
+
@pulumi.getter
|
2667
|
+
def modulus(self) -> str:
|
2668
|
+
"""
|
2669
|
+
`(string)` - JWK field `n`
|
2670
|
+
"""
|
2671
|
+
return pulumi.get(self, "modulus")
|
2672
|
+
|
2673
|
+
|
2488
2674
|
@pulumi.output_type
|
2489
2675
|
class GetNamespaceCapabilityResult(dict):
|
2490
2676
|
def __init__(__self__, *,
|
pulumi_nomad/pulumi-plugin.json
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
pulumi_nomad/__init__.py,sha256=
|
2
|
-
pulumi_nomad/_inputs.py,sha256=
|
1
|
+
pulumi_nomad/__init__.py,sha256=1DS6wdOPeFhuGq-lUYG1tHqsPNoxIJT2IWHBlaNeRCA,4356
|
2
|
+
pulumi_nomad/_inputs.py,sha256=vCHfuLKuontI__DkRj7tRlGMlfEpiiTVvx5ieYGWCck,74772
|
3
3
|
pulumi_nomad/_utilities.py,sha256=b6gJn0IIeM1t6Q7EVjqw3yhuGyP-uENQhtL5yp7aHR8,9248
|
4
|
-
pulumi_nomad/acl_auth_method.py,sha256=
|
4
|
+
pulumi_nomad/acl_auth_method.py,sha256=A1HpNX3lM7bl7vwuGTdItg4OER4ZApLEoU0o_vEqf2Q,23704
|
5
5
|
pulumi_nomad/acl_binding_rule.py,sha256=7YZsOVUoabSUsThSiusJBju9S5kYcQGAclPqqRjj3PY,16396
|
6
6
|
pulumi_nomad/acl_policy.py,sha256=xN0klfhu-e5EPhKsaofxnj96m3TPTthsdtRbHW4Xr2Y,12176
|
7
7
|
pulumi_nomad/acl_role.py,sha256=AzyAijJ-05LPP71sGis0paEqTI9wjVjj9EnTAN1Ln7A,10526
|
@@ -17,9 +17,10 @@ pulumi_nomad/get_acl_token.py,sha256=Z-sznln3wmpih3XeANG6A_8EgS6NwrwPp3_FDd677Zg
|
|
17
17
|
pulumi_nomad/get_acl_tokens.py,sha256=7f6JcqS6QIXlnVWp3EEsMD0QsNRMlAA9YBnYRmYpuV4,3419
|
18
18
|
pulumi_nomad/get_allocations.py,sha256=QJzyhCmSr4-GQ9XeYw2TMU0GfvC8_n1-mC4oiIOghrU,5350
|
19
19
|
pulumi_nomad/get_datacenters.py,sha256=Zr-3UV3zvv67rtUuljCdWxLKmbBG8RFx_EP_UitlxJs,4647
|
20
|
-
pulumi_nomad/get_deployments.py,sha256=
|
20
|
+
pulumi_nomad/get_deployments.py,sha256=bM56LXbFeiVFQGn8WkVuk5ebmrwkzPN7LS2eFI61k5U,3005
|
21
21
|
pulumi_nomad/get_job.py,sha256=i-VSx6jQV2y6U-pct1XqP9DO7_Bvdpe2Nej_Un0CggE,13404
|
22
22
|
pulumi_nomad/get_job_parser.py,sha256=seb5mrC1Mr3siKwi21_Jz9IMu4zcTZl0GUo8k4NZBi4,4001
|
23
|
+
pulumi_nomad/get_jwks.py,sha256=kB9_sGxWA_wlNBngSuFxGneD2Cr7jkZ_NwJtduRjxng,3441
|
23
24
|
pulumi_nomad/get_namespace.py,sha256=9adN4SkbcVBpdZHfurTwItlCOfT_AxIYtg6ed8J6q6g,5344
|
24
25
|
pulumi_nomad/get_namespaces.py,sha256=8xnI7fTuBlgmTK984IRrJYGn9RA6-YoPdKF8WvJoGdk,3561
|
25
26
|
pulumi_nomad/get_node_pool.py,sha256=ZdTbZ52F9WC6sXOuQLDcbN1DH8j29qc1Wr-wLze7Wp4,4427
|
@@ -35,9 +36,9 @@ pulumi_nomad/get_volumes.py,sha256=bxPF8gchK6FhEJcySOi5cnxg0e0bn7xnTvk-2D36vxI,5
|
|
35
36
|
pulumi_nomad/job.py,sha256=DJ525lS2XkxkgKd3-TkIJCrTLba-NhWPjdo8KwKIgRk,51951
|
36
37
|
pulumi_nomad/namespace.py,sha256=3ROS7Fdhbl08fMGk2IGxeC3SMpdbxK_q8y90uil1wf0,20505
|
37
38
|
pulumi_nomad/node_pool.py,sha256=OftrmHc1WUaEVnYxjsZDit1sPv_-d2mvflestKGUfVo,13126
|
38
|
-
pulumi_nomad/outputs.py,sha256=
|
39
|
+
pulumi_nomad/outputs.py,sha256=cAKFJWjG72zUx8G4wHtmHoXSv7xsFGtpcI7m4pr3ivg,102555
|
39
40
|
pulumi_nomad/provider.py,sha256=kXiczhVPifjDrveY1h4jz1sqGvu8ahRNbh-f3QLDuew,21549
|
40
|
-
pulumi_nomad/pulumi-plugin.json,sha256=
|
41
|
+
pulumi_nomad/pulumi-plugin.json,sha256=5vYTa-YhTw9elg8GWxi0a_vDTrYjW5zEdH8oXg_42kk,64
|
41
42
|
pulumi_nomad/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
42
43
|
pulumi_nomad/quote_specification.py,sha256=KPx5UE35CwbDACT_orhck4wD0czzJCWPWmlldfKq5tk,12113
|
43
44
|
pulumi_nomad/scheduler_config.py,sha256=i8ek-d_x7b6PVnL4e0l-06fdVbKyzEzB51kMAIBDbVw,14110
|
@@ -48,7 +49,7 @@ pulumi_nomad/config/__init__.py,sha256=cfY0smRZD3fDVc93ZIAxEl_IM2pynmXB52n3Ahzi0
|
|
48
49
|
pulumi_nomad/config/__init__.pyi,sha256=xqQrj9Co22MZN1IMoQwefoce6b6zI5nQfuA4L_uqw3Q,1865
|
49
50
|
pulumi_nomad/config/outputs.py,sha256=EJXQtJx8CPqK4-XlVBLC4rbjzI1AVUBUrOjFgyxwtuk,1003
|
50
51
|
pulumi_nomad/config/vars.py,sha256=pNNlDdaVJeMKr6TPOOJ4wW-_KPneYFizgpPjUIxa9rU,3432
|
51
|
-
pulumi_nomad-2.
|
52
|
-
pulumi_nomad-2.
|
53
|
-
pulumi_nomad-2.
|
54
|
-
pulumi_nomad-2.
|
52
|
+
pulumi_nomad-2.3.0.dist-info/METADATA,sha256=9_dvOhq6ScSkP-NK1EZRIhi8mg7WmDXF_RFizWFkqYY,4719
|
53
|
+
pulumi_nomad-2.3.0.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
|
54
|
+
pulumi_nomad-2.3.0.dist-info/top_level.txt,sha256=1JxoZWssmXqN-8vVDXtedeoWtI703uNWUOzlm8Byv-o,13
|
55
|
+
pulumi_nomad-2.3.0.dist-info/RECORD,,
|
File without changes
|
File without changes
|