pulumi-oci 1.17.0a1702406535__py3-none-any.whl → 1.18.0a1702447417__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_oci/__init__.py +48 -0
- pulumi_oci/core/instance.py +7 -7
- pulumi_oci/database/__init__.py +1 -0
- pulumi_oci/database/autonomous_database.py +20 -1
- pulumi_oci/database/autonomous_database_saas_admin_user.py +479 -0
- pulumi_oci/datacatalog/_inputs.py +216 -0
- pulumi_oci/datacatalog/catalog.py +58 -0
- pulumi_oci/datacatalog/catalog_private_endpoint.py +58 -0
- pulumi_oci/datacatalog/get_catalog.py +28 -1
- pulumi_oci/datacatalog/get_catalog_private_endpoint.py +28 -1
- pulumi_oci/datacatalog/get_metastore.py +28 -1
- pulumi_oci/datacatalog/metastore.py +58 -0
- pulumi_oci/datacatalog/outputs.py +603 -0
- pulumi_oci/datasafe/_inputs.py +32 -0
- pulumi_oci/datasafe/database_security_config.py +7 -7
- pulumi_oci/datasafe/get_audit_events.py +1 -1
- pulumi_oci/datasafe/get_discovery_analytics.py +38 -1
- pulumi_oci/datasafe/get_report.py +1 -1
- pulumi_oci/datasafe/get_report_content.py +2 -2
- pulumi_oci/datasafe/get_report_definition.py +4 -4
- pulumi_oci/datasafe/get_sdm_masking_policy_difference.py +2 -2
- pulumi_oci/datasafe/get_sdm_masking_policy_differences.py +1 -1
- pulumi_oci/datasafe/get_security_assessment_findings.py +1 -1
- pulumi_oci/datasafe/get_sensitive_type.py +14 -1
- pulumi_oci/datasafe/get_sensitive_types.py +21 -1
- pulumi_oci/datasafe/get_user_assessment_profile_analytics.py +2 -2
- pulumi_oci/datasafe/get_user_assessment_user_analytics.py +2 -2
- pulumi_oci/datasafe/masking_policies_masking_column.py +2 -0
- pulumi_oci/datasafe/outputs.py +114 -24
- pulumi_oci/datasafe/report_definition.py +16 -16
- pulumi_oci/datasafe/sensitive_type.py +28 -0
- pulumi_oci/datasafe/sql_firewall_policy.py +103 -103
- pulumi_oci/goldengate/_inputs.py +28 -2
- pulumi_oci/goldengate/connection.py +77 -21
- pulumi_oci/goldengate/database_registration.py +7 -7
- pulumi_oci/goldengate/deployment.py +110 -7
- pulumi_oci/goldengate/get_connection.py +16 -2
- pulumi_oci/goldengate/get_database_registration.py +1 -1
- pulumi_oci/goldengate/get_deployment.py +41 -2
- pulumi_oci/goldengate/outputs.py +138 -11
- pulumi_oci/identity/__init__.py +3 -0
- pulumi_oci/identity/_inputs.py +862 -6
- pulumi_oci/identity/domains_identity_propagation_trust.py +3489 -0
- pulumi_oci/identity/domains_user.py +40 -41
- pulumi_oci/identity/get_domains_identity_propagation_trust.py +581 -0
- pulumi_oci/identity/get_domains_identity_propagation_trusts.py +310 -0
- pulumi_oci/identity/outputs.py +2625 -821
- pulumi_oci/logging/_inputs.py +17 -1
- pulumi_oci/logging/log.py +2 -0
- pulumi_oci/logging/outputs.py +35 -1
- pulumi_oci/meteringcomputation/__init__.py +7 -0
- pulumi_oci/meteringcomputation/_inputs.py +787 -0
- pulumi_oci/meteringcomputation/get_average_carbon_emission.py +121 -0
- pulumi_oci/meteringcomputation/get_clean_energy_usage.py +116 -0
- pulumi_oci/meteringcomputation/get_schedule.py +2 -2
- pulumi_oci/meteringcomputation/get_usage_carbon_emissions_config.py +119 -0
- pulumi_oci/meteringcomputation/get_usage_carbon_emissions_queries.py +136 -0
- pulumi_oci/meteringcomputation/get_usage_carbon_emissions_query.py +132 -0
- pulumi_oci/meteringcomputation/outputs.py +2410 -1149
- pulumi_oci/meteringcomputation/schedule.py +14 -14
- pulumi_oci/meteringcomputation/usage_carbon_emission.py +597 -0
- pulumi_oci/meteringcomputation/usage_carbon_emissions_query.py +282 -0
- pulumi_oci/opsi/__init__.py +4 -0
- pulumi_oci/opsi/_inputs.py +46 -0
- pulumi_oci/opsi/awr_hub.py +49 -22
- pulumi_oci/opsi/awr_hub_source.py +957 -0
- pulumi_oci/opsi/awr_hub_source_awrhubsources_management.py +248 -0
- pulumi_oci/opsi/get_awr_hub.py +14 -1
- pulumi_oci/opsi/get_awr_hub_source.py +391 -0
- pulumi_oci/opsi/get_awr_hub_sources.py +250 -0
- pulumi_oci/opsi/operations_insights_warehouse.py +7 -7
- pulumi_oci/opsi/outputs.py +319 -0
- pulumi_oci/optimizer/get_histories.py +18 -1
- pulumi_oci/optimizer/get_profile.py +11 -1
- pulumi_oci/optimizer/get_resource_action.py +22 -5
- pulumi_oci/optimizer/get_resource_actions.py +18 -1
- pulumi_oci/optimizer/outputs.py +7 -0
- pulumi_oci/optimizer/profile.py +20 -0
- {pulumi_oci-1.17.0a1702406535.dist-info → pulumi_oci-1.18.0a1702447417.dist-info}/METADATA +1 -1
- {pulumi_oci-1.17.0a1702406535.dist-info → pulumi_oci-1.18.0a1702447417.dist-info}/RECORD +82 -67
- {pulumi_oci-1.17.0a1702406535.dist-info → pulumi_oci-1.18.0a1702447417.dist-info}/WHEEL +0 -0
- {pulumi_oci-1.17.0a1702406535.dist-info → pulumi_oci-1.18.0a1702447417.dist-info}/top_level.txt +0 -0
|
@@ -0,0 +1,3489 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import copy
|
|
6
|
+
import warnings
|
|
7
|
+
import pulumi
|
|
8
|
+
import pulumi.runtime
|
|
9
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
10
|
+
from .. import _utilities
|
|
11
|
+
from . import outputs
|
|
12
|
+
from ._inputs import *
|
|
13
|
+
|
|
14
|
+
__all__ = ['DomainsIdentityPropagationTrustArgs', 'DomainsIdentityPropagationTrust']
|
|
15
|
+
|
|
16
|
+
@pulumi.input_type
|
|
17
|
+
class DomainsIdentityPropagationTrustArgs:
|
|
18
|
+
def __init__(__self__, *,
|
|
19
|
+
idcs_endpoint: pulumi.Input[str],
|
|
20
|
+
issuer: pulumi.Input[str],
|
|
21
|
+
schemas: pulumi.Input[Sequence[pulumi.Input[str]]],
|
|
22
|
+
type: pulumi.Input[str],
|
|
23
|
+
account_id: Optional[pulumi.Input[str]] = None,
|
|
24
|
+
active: Optional[pulumi.Input[bool]] = None,
|
|
25
|
+
allow_impersonation: Optional[pulumi.Input[bool]] = None,
|
|
26
|
+
attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
27
|
+
attributes: Optional[pulumi.Input[str]] = None,
|
|
28
|
+
authorization: Optional[pulumi.Input[str]] = None,
|
|
29
|
+
client_claim_name: Optional[pulumi.Input[str]] = None,
|
|
30
|
+
client_claim_values: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
31
|
+
clock_skew_seconds: Optional[pulumi.Input[int]] = None,
|
|
32
|
+
description: Optional[pulumi.Input[str]] = None,
|
|
33
|
+
impersonation_service_users: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]] = None,
|
|
34
|
+
keytab: Optional[pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs']] = None,
|
|
35
|
+
name: Optional[pulumi.Input[str]] = None,
|
|
36
|
+
oauth_clients: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
37
|
+
ocid: Optional[pulumi.Input[str]] = None,
|
|
38
|
+
public_certificate: Optional[pulumi.Input[str]] = None,
|
|
39
|
+
public_key_endpoint: Optional[pulumi.Input[str]] = None,
|
|
40
|
+
resource_type_schema_version: Optional[pulumi.Input[str]] = None,
|
|
41
|
+
subject_claim_name: Optional[pulumi.Input[str]] = None,
|
|
42
|
+
subject_mapping_attribute: Optional[pulumi.Input[str]] = None,
|
|
43
|
+
subject_type: Optional[pulumi.Input[str]] = None,
|
|
44
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]]] = None):
|
|
45
|
+
"""
|
|
46
|
+
The set of arguments for constructing a DomainsIdentityPropagationTrust resource.
|
|
47
|
+
:param pulumi.Input[str] idcs_endpoint: The basic endpoint for the identity domain
|
|
48
|
+
:param pulumi.Input[str] issuer: (Updatable) The issuer claim of the Identity provider.
|
|
49
|
+
|
|
50
|
+
**SCIM++ Properties:**
|
|
51
|
+
* type: string
|
|
52
|
+
* multiValued: false
|
|
53
|
+
* required: true
|
|
54
|
+
* mutability: readWrite
|
|
55
|
+
* returned: always
|
|
56
|
+
* caseExact: true
|
|
57
|
+
* idcsSearchable: true
|
|
58
|
+
* uniqueness: server
|
|
59
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] schemas: (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \\"enterprise\\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
|
|
60
|
+
|
|
61
|
+
**SCIM++ Properties:**
|
|
62
|
+
* caseExact: false
|
|
63
|
+
* idcsSearchable: false
|
|
64
|
+
* multiValued: true
|
|
65
|
+
* mutability: readWrite
|
|
66
|
+
* required: true
|
|
67
|
+
* returned: default
|
|
68
|
+
* type: string
|
|
69
|
+
* uniqueness: none
|
|
70
|
+
:param pulumi.Input[str] type: (Updatable) The type of the inbound token from the Identity cloud provider.
|
|
71
|
+
|
|
72
|
+
**SCIM++ Properties:**
|
|
73
|
+
* caseExact: true
|
|
74
|
+
* idcsSearchable: false
|
|
75
|
+
* required: true
|
|
76
|
+
* mutability: readWrite
|
|
77
|
+
* returned: default
|
|
78
|
+
* type: string
|
|
79
|
+
* multiValued: false
|
|
80
|
+
* uniqueness: none
|
|
81
|
+
|
|
82
|
+
|
|
83
|
+
** IMPORTANT **
|
|
84
|
+
Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
|
|
85
|
+
:param pulumi.Input[str] account_id: (Updatable) The Identity cloud provider service identifier, for example, the Azure Tenancy ID, AWS Account ID, or GCP Project ID.
|
|
86
|
+
|
|
87
|
+
**SCIM++ Properties:**
|
|
88
|
+
* type: string
|
|
89
|
+
* multiValued: false
|
|
90
|
+
* required: false
|
|
91
|
+
* mutability: readWrite
|
|
92
|
+
* returned: default
|
|
93
|
+
* caseExact: true
|
|
94
|
+
* idcsSearchable: true
|
|
95
|
+
* uniqueness: none
|
|
96
|
+
:param pulumi.Input[bool] active: (Updatable) If true, specifies that this Identity Propagation Trust is in an enabled state. The default value is false.
|
|
97
|
+
|
|
98
|
+
**SCIM++ Properties:**
|
|
99
|
+
* type: boolean
|
|
100
|
+
* multiValued: false
|
|
101
|
+
* required: false
|
|
102
|
+
* mutability: readWrite
|
|
103
|
+
* returned: default
|
|
104
|
+
* uniqueness: none
|
|
105
|
+
* idcsSearchable: true
|
|
106
|
+
:param pulumi.Input[bool] allow_impersonation: (Updatable) Allow customers to define whether the resulting token should contain the authenticated user as the subject or whether the token should impersonate another Application Principal in IAM.
|
|
107
|
+
|
|
108
|
+
**SCIM++ Properties:**
|
|
109
|
+
* type: boolean
|
|
110
|
+
* multiValued: false
|
|
111
|
+
* required: false
|
|
112
|
+
* mutability: readWrite
|
|
113
|
+
* returned: default
|
|
114
|
+
* uniqueness: none
|
|
115
|
+
* idcsSearchable: false
|
|
116
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] attribute_sets: (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
|
|
117
|
+
:param pulumi.Input[str] attributes: (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
|
|
118
|
+
:param pulumi.Input[str] authorization: (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
|
|
119
|
+
:param pulumi.Input[str] client_claim_name: (Updatable) The claim name that identifies to whom the JWT/SAML token is issued. If AWS, then \\"aud\\" or \\"client_id\\". If Azure, then \\"appid\\". If GCP, then \\"aud\\".
|
|
120
|
+
|
|
121
|
+
**SCIM++ Properties:**
|
|
122
|
+
* type: string
|
|
123
|
+
* multiValued: false
|
|
124
|
+
* required: false
|
|
125
|
+
* mutability: readWrite
|
|
126
|
+
* returned: default
|
|
127
|
+
* uniqueness: none
|
|
128
|
+
* idcsSearchable: false
|
|
129
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] client_claim_values: (Updatable) The value that corresponds to the client claim name used to identify to whom the token is issued.
|
|
130
|
+
|
|
131
|
+
**SCIM++ Properties:**
|
|
132
|
+
* type: string
|
|
133
|
+
* multiValued: true
|
|
134
|
+
* required: false
|
|
135
|
+
* mutability: readWrite
|
|
136
|
+
* returned: default
|
|
137
|
+
* uniqueness: none
|
|
138
|
+
* caseExact: true
|
|
139
|
+
* idcsSearchable: false
|
|
140
|
+
:param pulumi.Input[int] clock_skew_seconds: (Updatable) The clock skew (in secs) that's allowed for the token issue and expiry time.
|
|
141
|
+
|
|
142
|
+
**Added In:** 2308181911
|
|
143
|
+
|
|
144
|
+
**SCIM++ Properties:**
|
|
145
|
+
* caseExact: false
|
|
146
|
+
* idcsSearchable: false
|
|
147
|
+
* multiValued: false
|
|
148
|
+
* mutability: readWrite
|
|
149
|
+
* required: false
|
|
150
|
+
* returned: default
|
|
151
|
+
* type: integer
|
|
152
|
+
* uniqueness: none
|
|
153
|
+
:param pulumi.Input[str] description: (Updatable) The description of the Identity Propagation Trust.
|
|
154
|
+
|
|
155
|
+
**SCIM++ Properties:**
|
|
156
|
+
* type: string
|
|
157
|
+
* multiValued: false
|
|
158
|
+
* required: false
|
|
159
|
+
* mutability: readWrite
|
|
160
|
+
* returned: default
|
|
161
|
+
* uniqueness: none
|
|
162
|
+
* caseExact: false
|
|
163
|
+
* idcsSearchable: false
|
|
164
|
+
:param pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]] impersonation_service_users: (Updatable) The Impersonating Principal.
|
|
165
|
+
|
|
166
|
+
**SCIM++ Properties:**
|
|
167
|
+
* idcsCompositeKey: [rule, value]
|
|
168
|
+
* idcsSearchable: false
|
|
169
|
+
* multiValued: true
|
|
170
|
+
* mutability: readWrite
|
|
171
|
+
* required: false
|
|
172
|
+
* returned: request
|
|
173
|
+
* type: complex
|
|
174
|
+
* uniqueness: none
|
|
175
|
+
:param pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs'] keytab: (Updatable) The keytab stored in the tenancy's Vault. This is required if the identity propagation type is 'SPNEGO'.
|
|
176
|
+
|
|
177
|
+
**SCIM++ Properties:**
|
|
178
|
+
* idcsCompositeKey: [secretOcid]
|
|
179
|
+
* idcsSearchable: false
|
|
180
|
+
* multiValued: false
|
|
181
|
+
* mutability: readWrite
|
|
182
|
+
* required: false
|
|
183
|
+
* returned: default
|
|
184
|
+
* type: complex
|
|
185
|
+
* uniqueness: none
|
|
186
|
+
:param pulumi.Input[str] name: The name of the the Identity Propagation Trust.
|
|
187
|
+
|
|
188
|
+
**SCIM++ Properties:**
|
|
189
|
+
* type: string
|
|
190
|
+
* caseExact: false
|
|
191
|
+
* idcsSearchable: true
|
|
192
|
+
* multiValued: false
|
|
193
|
+
* required: true
|
|
194
|
+
* mutability: immutable
|
|
195
|
+
* returned: default
|
|
196
|
+
* uniqueness: none
|
|
197
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] oauth_clients: (Updatable) The value of all the authorized OAuth Clients.
|
|
198
|
+
|
|
199
|
+
**SCIM++ Properties:**
|
|
200
|
+
* idcsSearchable: false
|
|
201
|
+
* multiValued: true
|
|
202
|
+
* mutability: readWrite
|
|
203
|
+
* required: false
|
|
204
|
+
* returned: default
|
|
205
|
+
* type: string
|
|
206
|
+
* uniqueness: none
|
|
207
|
+
:param pulumi.Input[str] ocid: (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
|
|
208
|
+
|
|
209
|
+
**SCIM++ Properties:**
|
|
210
|
+
* caseExact: true
|
|
211
|
+
* idcsSearchable: true
|
|
212
|
+
* multiValued: false
|
|
213
|
+
* mutability: immutable
|
|
214
|
+
* required: false
|
|
215
|
+
* returned: default
|
|
216
|
+
* type: string
|
|
217
|
+
* uniqueness: global
|
|
218
|
+
:param pulumi.Input[str] public_certificate: (Updatable) Store the public key if public key cert.
|
|
219
|
+
|
|
220
|
+
**SCIM++ Properties:**
|
|
221
|
+
* type: string
|
|
222
|
+
* multiValued: false
|
|
223
|
+
* required: false
|
|
224
|
+
* mutability: readWrite
|
|
225
|
+
* returned: default
|
|
226
|
+
* uniqueness: none
|
|
227
|
+
* idcsSearchable: false
|
|
228
|
+
:param pulumi.Input[str] public_key_endpoint: (Updatable) The cloud provider's public key API of SAML and OIDC providers for signature validation.
|
|
229
|
+
|
|
230
|
+
**SCIM++ Properties:**
|
|
231
|
+
* type: string
|
|
232
|
+
* multiValued: false
|
|
233
|
+
* required: false
|
|
234
|
+
* mutability: readWrite
|
|
235
|
+
* returned: default
|
|
236
|
+
* uniqueness: none
|
|
237
|
+
* caseExact: false
|
|
238
|
+
* idcsSearchable: false
|
|
239
|
+
:param pulumi.Input[str] resource_type_schema_version: (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
|
|
240
|
+
:param pulumi.Input[str] subject_claim_name: (Updatable) Used for locating the subject claim from the incoming token.
|
|
241
|
+
|
|
242
|
+
**SCIM++ Properties:**
|
|
243
|
+
* type: string
|
|
244
|
+
* multiValued: false
|
|
245
|
+
* required: false
|
|
246
|
+
* mutability: readWrite
|
|
247
|
+
* returned: default
|
|
248
|
+
* uniqueness: none
|
|
249
|
+
* caseExact: true
|
|
250
|
+
* idcsSearchable: false
|
|
251
|
+
:param pulumi.Input[str] subject_mapping_attribute: (Updatable) Subject Mapping Attribute to which the value from subject claim name value would be used for identity lookup.
|
|
252
|
+
|
|
253
|
+
**SCIM++ Properties:**
|
|
254
|
+
* type: string
|
|
255
|
+
* multiValued: false
|
|
256
|
+
* idcsSearchable: false
|
|
257
|
+
* required: false
|
|
258
|
+
* mutability: readWrite
|
|
259
|
+
* returned: default
|
|
260
|
+
* uniqueness: none
|
|
261
|
+
:param pulumi.Input[str] subject_type: (Updatable) The type of the resource against which lookup will be made in the identity domain in IAM for the incoming subject claim value.
|
|
262
|
+
|
|
263
|
+
**SCIM++ Properties:**
|
|
264
|
+
* idcsSearchable: false
|
|
265
|
+
* multiValued: false
|
|
266
|
+
* mutability: readWrite
|
|
267
|
+
* required: false
|
|
268
|
+
* returned: default
|
|
269
|
+
* type: string
|
|
270
|
+
* uniqueness: none
|
|
271
|
+
:param pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]] tags: (Updatable) A list of tags on this resource.
|
|
272
|
+
|
|
273
|
+
**SCIM++ Properties:**
|
|
274
|
+
* idcsCompositeKey: [key, value]
|
|
275
|
+
* idcsSearchable: true
|
|
276
|
+
* multiValued: true
|
|
277
|
+
* mutability: readWrite
|
|
278
|
+
* required: false
|
|
279
|
+
* returned: request
|
|
280
|
+
* type: complex
|
|
281
|
+
* uniqueness: none
|
|
282
|
+
"""
|
|
283
|
+
pulumi.set(__self__, "idcs_endpoint", idcs_endpoint)
|
|
284
|
+
pulumi.set(__self__, "issuer", issuer)
|
|
285
|
+
pulumi.set(__self__, "schemas", schemas)
|
|
286
|
+
pulumi.set(__self__, "type", type)
|
|
287
|
+
if account_id is not None:
|
|
288
|
+
pulumi.set(__self__, "account_id", account_id)
|
|
289
|
+
if active is not None:
|
|
290
|
+
pulumi.set(__self__, "active", active)
|
|
291
|
+
if allow_impersonation is not None:
|
|
292
|
+
pulumi.set(__self__, "allow_impersonation", allow_impersonation)
|
|
293
|
+
if attribute_sets is not None:
|
|
294
|
+
pulumi.set(__self__, "attribute_sets", attribute_sets)
|
|
295
|
+
if attributes is not None:
|
|
296
|
+
pulumi.set(__self__, "attributes", attributes)
|
|
297
|
+
if authorization is not None:
|
|
298
|
+
pulumi.set(__self__, "authorization", authorization)
|
|
299
|
+
if client_claim_name is not None:
|
|
300
|
+
pulumi.set(__self__, "client_claim_name", client_claim_name)
|
|
301
|
+
if client_claim_values is not None:
|
|
302
|
+
pulumi.set(__self__, "client_claim_values", client_claim_values)
|
|
303
|
+
if clock_skew_seconds is not None:
|
|
304
|
+
pulumi.set(__self__, "clock_skew_seconds", clock_skew_seconds)
|
|
305
|
+
if description is not None:
|
|
306
|
+
pulumi.set(__self__, "description", description)
|
|
307
|
+
if impersonation_service_users is not None:
|
|
308
|
+
pulumi.set(__self__, "impersonation_service_users", impersonation_service_users)
|
|
309
|
+
if keytab is not None:
|
|
310
|
+
pulumi.set(__self__, "keytab", keytab)
|
|
311
|
+
if name is not None:
|
|
312
|
+
pulumi.set(__self__, "name", name)
|
|
313
|
+
if oauth_clients is not None:
|
|
314
|
+
pulumi.set(__self__, "oauth_clients", oauth_clients)
|
|
315
|
+
if ocid is not None:
|
|
316
|
+
pulumi.set(__self__, "ocid", ocid)
|
|
317
|
+
if public_certificate is not None:
|
|
318
|
+
pulumi.set(__self__, "public_certificate", public_certificate)
|
|
319
|
+
if public_key_endpoint is not None:
|
|
320
|
+
pulumi.set(__self__, "public_key_endpoint", public_key_endpoint)
|
|
321
|
+
if resource_type_schema_version is not None:
|
|
322
|
+
pulumi.set(__self__, "resource_type_schema_version", resource_type_schema_version)
|
|
323
|
+
if subject_claim_name is not None:
|
|
324
|
+
pulumi.set(__self__, "subject_claim_name", subject_claim_name)
|
|
325
|
+
if subject_mapping_attribute is not None:
|
|
326
|
+
pulumi.set(__self__, "subject_mapping_attribute", subject_mapping_attribute)
|
|
327
|
+
if subject_type is not None:
|
|
328
|
+
pulumi.set(__self__, "subject_type", subject_type)
|
|
329
|
+
if tags is not None:
|
|
330
|
+
pulumi.set(__self__, "tags", tags)
|
|
331
|
+
|
|
332
|
+
@property
|
|
333
|
+
@pulumi.getter(name="idcsEndpoint")
|
|
334
|
+
def idcs_endpoint(self) -> pulumi.Input[str]:
|
|
335
|
+
"""
|
|
336
|
+
The basic endpoint for the identity domain
|
|
337
|
+
"""
|
|
338
|
+
return pulumi.get(self, "idcs_endpoint")
|
|
339
|
+
|
|
340
|
+
@idcs_endpoint.setter
|
|
341
|
+
def idcs_endpoint(self, value: pulumi.Input[str]):
|
|
342
|
+
pulumi.set(self, "idcs_endpoint", value)
|
|
343
|
+
|
|
344
|
+
@property
|
|
345
|
+
@pulumi.getter
|
|
346
|
+
def issuer(self) -> pulumi.Input[str]:
|
|
347
|
+
"""
|
|
348
|
+
(Updatable) The issuer claim of the Identity provider.
|
|
349
|
+
|
|
350
|
+
**SCIM++ Properties:**
|
|
351
|
+
* type: string
|
|
352
|
+
* multiValued: false
|
|
353
|
+
* required: true
|
|
354
|
+
* mutability: readWrite
|
|
355
|
+
* returned: always
|
|
356
|
+
* caseExact: true
|
|
357
|
+
* idcsSearchable: true
|
|
358
|
+
* uniqueness: server
|
|
359
|
+
"""
|
|
360
|
+
return pulumi.get(self, "issuer")
|
|
361
|
+
|
|
362
|
+
@issuer.setter
|
|
363
|
+
def issuer(self, value: pulumi.Input[str]):
|
|
364
|
+
pulumi.set(self, "issuer", value)
|
|
365
|
+
|
|
366
|
+
@property
|
|
367
|
+
@pulumi.getter
|
|
368
|
+
def schemas(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
|
|
369
|
+
"""
|
|
370
|
+
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \\"enterprise\\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
|
|
371
|
+
|
|
372
|
+
**SCIM++ Properties:**
|
|
373
|
+
* caseExact: false
|
|
374
|
+
* idcsSearchable: false
|
|
375
|
+
* multiValued: true
|
|
376
|
+
* mutability: readWrite
|
|
377
|
+
* required: true
|
|
378
|
+
* returned: default
|
|
379
|
+
* type: string
|
|
380
|
+
* uniqueness: none
|
|
381
|
+
"""
|
|
382
|
+
return pulumi.get(self, "schemas")
|
|
383
|
+
|
|
384
|
+
@schemas.setter
|
|
385
|
+
def schemas(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]):
|
|
386
|
+
pulumi.set(self, "schemas", value)
|
|
387
|
+
|
|
388
|
+
@property
|
|
389
|
+
@pulumi.getter
|
|
390
|
+
def type(self) -> pulumi.Input[str]:
|
|
391
|
+
"""
|
|
392
|
+
(Updatable) The type of the inbound token from the Identity cloud provider.
|
|
393
|
+
|
|
394
|
+
**SCIM++ Properties:**
|
|
395
|
+
* caseExact: true
|
|
396
|
+
* idcsSearchable: false
|
|
397
|
+
* required: true
|
|
398
|
+
* mutability: readWrite
|
|
399
|
+
* returned: default
|
|
400
|
+
* type: string
|
|
401
|
+
* multiValued: false
|
|
402
|
+
* uniqueness: none
|
|
403
|
+
|
|
404
|
+
|
|
405
|
+
** IMPORTANT **
|
|
406
|
+
Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
|
|
407
|
+
"""
|
|
408
|
+
return pulumi.get(self, "type")
|
|
409
|
+
|
|
410
|
+
@type.setter
|
|
411
|
+
def type(self, value: pulumi.Input[str]):
|
|
412
|
+
pulumi.set(self, "type", value)
|
|
413
|
+
|
|
414
|
+
@property
|
|
415
|
+
@pulumi.getter(name="accountId")
|
|
416
|
+
def account_id(self) -> Optional[pulumi.Input[str]]:
|
|
417
|
+
"""
|
|
418
|
+
(Updatable) The Identity cloud provider service identifier, for example, the Azure Tenancy ID, AWS Account ID, or GCP Project ID.
|
|
419
|
+
|
|
420
|
+
**SCIM++ Properties:**
|
|
421
|
+
* type: string
|
|
422
|
+
* multiValued: false
|
|
423
|
+
* required: false
|
|
424
|
+
* mutability: readWrite
|
|
425
|
+
* returned: default
|
|
426
|
+
* caseExact: true
|
|
427
|
+
* idcsSearchable: true
|
|
428
|
+
* uniqueness: none
|
|
429
|
+
"""
|
|
430
|
+
return pulumi.get(self, "account_id")
|
|
431
|
+
|
|
432
|
+
@account_id.setter
|
|
433
|
+
def account_id(self, value: Optional[pulumi.Input[str]]):
|
|
434
|
+
pulumi.set(self, "account_id", value)
|
|
435
|
+
|
|
436
|
+
@property
|
|
437
|
+
@pulumi.getter
|
|
438
|
+
def active(self) -> Optional[pulumi.Input[bool]]:
|
|
439
|
+
"""
|
|
440
|
+
(Updatable) If true, specifies that this Identity Propagation Trust is in an enabled state. The default value is false.
|
|
441
|
+
|
|
442
|
+
**SCIM++ Properties:**
|
|
443
|
+
* type: boolean
|
|
444
|
+
* multiValued: false
|
|
445
|
+
* required: false
|
|
446
|
+
* mutability: readWrite
|
|
447
|
+
* returned: default
|
|
448
|
+
* uniqueness: none
|
|
449
|
+
* idcsSearchable: true
|
|
450
|
+
"""
|
|
451
|
+
return pulumi.get(self, "active")
|
|
452
|
+
|
|
453
|
+
@active.setter
|
|
454
|
+
def active(self, value: Optional[pulumi.Input[bool]]):
|
|
455
|
+
pulumi.set(self, "active", value)
|
|
456
|
+
|
|
457
|
+
@property
|
|
458
|
+
@pulumi.getter(name="allowImpersonation")
|
|
459
|
+
def allow_impersonation(self) -> Optional[pulumi.Input[bool]]:
|
|
460
|
+
"""
|
|
461
|
+
(Updatable) Allow customers to define whether the resulting token should contain the authenticated user as the subject or whether the token should impersonate another Application Principal in IAM.
|
|
462
|
+
|
|
463
|
+
**SCIM++ Properties:**
|
|
464
|
+
* type: boolean
|
|
465
|
+
* multiValued: false
|
|
466
|
+
* required: false
|
|
467
|
+
* mutability: readWrite
|
|
468
|
+
* returned: default
|
|
469
|
+
* uniqueness: none
|
|
470
|
+
* idcsSearchable: false
|
|
471
|
+
"""
|
|
472
|
+
return pulumi.get(self, "allow_impersonation")
|
|
473
|
+
|
|
474
|
+
@allow_impersonation.setter
|
|
475
|
+
def allow_impersonation(self, value: Optional[pulumi.Input[bool]]):
|
|
476
|
+
pulumi.set(self, "allow_impersonation", value)
|
|
477
|
+
|
|
478
|
+
@property
|
|
479
|
+
@pulumi.getter(name="attributeSets")
|
|
480
|
+
def attribute_sets(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
481
|
+
"""
|
|
482
|
+
(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
|
|
483
|
+
"""
|
|
484
|
+
return pulumi.get(self, "attribute_sets")
|
|
485
|
+
|
|
486
|
+
@attribute_sets.setter
|
|
487
|
+
def attribute_sets(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
488
|
+
pulumi.set(self, "attribute_sets", value)
|
|
489
|
+
|
|
490
|
+
@property
|
|
491
|
+
@pulumi.getter
|
|
492
|
+
def attributes(self) -> Optional[pulumi.Input[str]]:
|
|
493
|
+
"""
|
|
494
|
+
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
|
|
495
|
+
"""
|
|
496
|
+
return pulumi.get(self, "attributes")
|
|
497
|
+
|
|
498
|
+
@attributes.setter
|
|
499
|
+
def attributes(self, value: Optional[pulumi.Input[str]]):
|
|
500
|
+
pulumi.set(self, "attributes", value)
|
|
501
|
+
|
|
502
|
+
@property
|
|
503
|
+
@pulumi.getter
|
|
504
|
+
def authorization(self) -> Optional[pulumi.Input[str]]:
|
|
505
|
+
"""
|
|
506
|
+
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
|
|
507
|
+
"""
|
|
508
|
+
return pulumi.get(self, "authorization")
|
|
509
|
+
|
|
510
|
+
@authorization.setter
|
|
511
|
+
def authorization(self, value: Optional[pulumi.Input[str]]):
|
|
512
|
+
pulumi.set(self, "authorization", value)
|
|
513
|
+
|
|
514
|
+
@property
|
|
515
|
+
@pulumi.getter(name="clientClaimName")
|
|
516
|
+
def client_claim_name(self) -> Optional[pulumi.Input[str]]:
|
|
517
|
+
"""
|
|
518
|
+
(Updatable) The claim name that identifies to whom the JWT/SAML token is issued. If AWS, then \\"aud\\" or \\"client_id\\". If Azure, then \\"appid\\". If GCP, then \\"aud\\".
|
|
519
|
+
|
|
520
|
+
**SCIM++ Properties:**
|
|
521
|
+
* type: string
|
|
522
|
+
* multiValued: false
|
|
523
|
+
* required: false
|
|
524
|
+
* mutability: readWrite
|
|
525
|
+
* returned: default
|
|
526
|
+
* uniqueness: none
|
|
527
|
+
* idcsSearchable: false
|
|
528
|
+
"""
|
|
529
|
+
return pulumi.get(self, "client_claim_name")
|
|
530
|
+
|
|
531
|
+
@client_claim_name.setter
|
|
532
|
+
def client_claim_name(self, value: Optional[pulumi.Input[str]]):
|
|
533
|
+
pulumi.set(self, "client_claim_name", value)
|
|
534
|
+
|
|
535
|
+
@property
|
|
536
|
+
@pulumi.getter(name="clientClaimValues")
|
|
537
|
+
def client_claim_values(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
538
|
+
"""
|
|
539
|
+
(Updatable) The value that corresponds to the client claim name used to identify to whom the token is issued.
|
|
540
|
+
|
|
541
|
+
**SCIM++ Properties:**
|
|
542
|
+
* type: string
|
|
543
|
+
* multiValued: true
|
|
544
|
+
* required: false
|
|
545
|
+
* mutability: readWrite
|
|
546
|
+
* returned: default
|
|
547
|
+
* uniqueness: none
|
|
548
|
+
* caseExact: true
|
|
549
|
+
* idcsSearchable: false
|
|
550
|
+
"""
|
|
551
|
+
return pulumi.get(self, "client_claim_values")
|
|
552
|
+
|
|
553
|
+
@client_claim_values.setter
|
|
554
|
+
def client_claim_values(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
555
|
+
pulumi.set(self, "client_claim_values", value)
|
|
556
|
+
|
|
557
|
+
@property
|
|
558
|
+
@pulumi.getter(name="clockSkewSeconds")
|
|
559
|
+
def clock_skew_seconds(self) -> Optional[pulumi.Input[int]]:
|
|
560
|
+
"""
|
|
561
|
+
(Updatable) The clock skew (in secs) that's allowed for the token issue and expiry time.
|
|
562
|
+
|
|
563
|
+
**Added In:** 2308181911
|
|
564
|
+
|
|
565
|
+
**SCIM++ Properties:**
|
|
566
|
+
* caseExact: false
|
|
567
|
+
* idcsSearchable: false
|
|
568
|
+
* multiValued: false
|
|
569
|
+
* mutability: readWrite
|
|
570
|
+
* required: false
|
|
571
|
+
* returned: default
|
|
572
|
+
* type: integer
|
|
573
|
+
* uniqueness: none
|
|
574
|
+
"""
|
|
575
|
+
return pulumi.get(self, "clock_skew_seconds")
|
|
576
|
+
|
|
577
|
+
@clock_skew_seconds.setter
|
|
578
|
+
def clock_skew_seconds(self, value: Optional[pulumi.Input[int]]):
|
|
579
|
+
pulumi.set(self, "clock_skew_seconds", value)
|
|
580
|
+
|
|
581
|
+
@property
|
|
582
|
+
@pulumi.getter
|
|
583
|
+
def description(self) -> Optional[pulumi.Input[str]]:
|
|
584
|
+
"""
|
|
585
|
+
(Updatable) The description of the Identity Propagation Trust.
|
|
586
|
+
|
|
587
|
+
**SCIM++ Properties:**
|
|
588
|
+
* type: string
|
|
589
|
+
* multiValued: false
|
|
590
|
+
* required: false
|
|
591
|
+
* mutability: readWrite
|
|
592
|
+
* returned: default
|
|
593
|
+
* uniqueness: none
|
|
594
|
+
* caseExact: false
|
|
595
|
+
* idcsSearchable: false
|
|
596
|
+
"""
|
|
597
|
+
return pulumi.get(self, "description")
|
|
598
|
+
|
|
599
|
+
@description.setter
|
|
600
|
+
def description(self, value: Optional[pulumi.Input[str]]):
|
|
601
|
+
pulumi.set(self, "description", value)
|
|
602
|
+
|
|
603
|
+
@property
|
|
604
|
+
@pulumi.getter(name="impersonationServiceUsers")
|
|
605
|
+
def impersonation_service_users(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]]:
|
|
606
|
+
"""
|
|
607
|
+
(Updatable) The Impersonating Principal.
|
|
608
|
+
|
|
609
|
+
**SCIM++ Properties:**
|
|
610
|
+
* idcsCompositeKey: [rule, value]
|
|
611
|
+
* idcsSearchable: false
|
|
612
|
+
* multiValued: true
|
|
613
|
+
* mutability: readWrite
|
|
614
|
+
* required: false
|
|
615
|
+
* returned: request
|
|
616
|
+
* type: complex
|
|
617
|
+
* uniqueness: none
|
|
618
|
+
"""
|
|
619
|
+
return pulumi.get(self, "impersonation_service_users")
|
|
620
|
+
|
|
621
|
+
@impersonation_service_users.setter
|
|
622
|
+
def impersonation_service_users(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]]):
|
|
623
|
+
pulumi.set(self, "impersonation_service_users", value)
|
|
624
|
+
|
|
625
|
+
@property
|
|
626
|
+
@pulumi.getter
|
|
627
|
+
def keytab(self) -> Optional[pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs']]:
|
|
628
|
+
"""
|
|
629
|
+
(Updatable) The keytab stored in the tenancy's Vault. This is required if the identity propagation type is 'SPNEGO'.
|
|
630
|
+
|
|
631
|
+
**SCIM++ Properties:**
|
|
632
|
+
* idcsCompositeKey: [secretOcid]
|
|
633
|
+
* idcsSearchable: false
|
|
634
|
+
* multiValued: false
|
|
635
|
+
* mutability: readWrite
|
|
636
|
+
* required: false
|
|
637
|
+
* returned: default
|
|
638
|
+
* type: complex
|
|
639
|
+
* uniqueness: none
|
|
640
|
+
"""
|
|
641
|
+
return pulumi.get(self, "keytab")
|
|
642
|
+
|
|
643
|
+
@keytab.setter
|
|
644
|
+
def keytab(self, value: Optional[pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs']]):
|
|
645
|
+
pulumi.set(self, "keytab", value)
|
|
646
|
+
|
|
647
|
+
@property
|
|
648
|
+
@pulumi.getter
|
|
649
|
+
def name(self) -> Optional[pulumi.Input[str]]:
|
|
650
|
+
"""
|
|
651
|
+
The name of the the Identity Propagation Trust.
|
|
652
|
+
|
|
653
|
+
**SCIM++ Properties:**
|
|
654
|
+
* type: string
|
|
655
|
+
* caseExact: false
|
|
656
|
+
* idcsSearchable: true
|
|
657
|
+
* multiValued: false
|
|
658
|
+
* required: true
|
|
659
|
+
* mutability: immutable
|
|
660
|
+
* returned: default
|
|
661
|
+
* uniqueness: none
|
|
662
|
+
"""
|
|
663
|
+
return pulumi.get(self, "name")
|
|
664
|
+
|
|
665
|
+
@name.setter
|
|
666
|
+
def name(self, value: Optional[pulumi.Input[str]]):
|
|
667
|
+
pulumi.set(self, "name", value)
|
|
668
|
+
|
|
669
|
+
@property
|
|
670
|
+
@pulumi.getter(name="oauthClients")
|
|
671
|
+
def oauth_clients(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
672
|
+
"""
|
|
673
|
+
(Updatable) The value of all the authorized OAuth Clients.
|
|
674
|
+
|
|
675
|
+
**SCIM++ Properties:**
|
|
676
|
+
* idcsSearchable: false
|
|
677
|
+
* multiValued: true
|
|
678
|
+
* mutability: readWrite
|
|
679
|
+
* required: false
|
|
680
|
+
* returned: default
|
|
681
|
+
* type: string
|
|
682
|
+
* uniqueness: none
|
|
683
|
+
"""
|
|
684
|
+
return pulumi.get(self, "oauth_clients")
|
|
685
|
+
|
|
686
|
+
@oauth_clients.setter
|
|
687
|
+
def oauth_clients(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
688
|
+
pulumi.set(self, "oauth_clients", value)
|
|
689
|
+
|
|
690
|
+
@property
|
|
691
|
+
@pulumi.getter
|
|
692
|
+
def ocid(self) -> Optional[pulumi.Input[str]]:
|
|
693
|
+
"""
|
|
694
|
+
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
|
|
695
|
+
|
|
696
|
+
**SCIM++ Properties:**
|
|
697
|
+
* caseExact: true
|
|
698
|
+
* idcsSearchable: true
|
|
699
|
+
* multiValued: false
|
|
700
|
+
* mutability: immutable
|
|
701
|
+
* required: false
|
|
702
|
+
* returned: default
|
|
703
|
+
* type: string
|
|
704
|
+
* uniqueness: global
|
|
705
|
+
"""
|
|
706
|
+
return pulumi.get(self, "ocid")
|
|
707
|
+
|
|
708
|
+
@ocid.setter
|
|
709
|
+
def ocid(self, value: Optional[pulumi.Input[str]]):
|
|
710
|
+
pulumi.set(self, "ocid", value)
|
|
711
|
+
|
|
712
|
+
@property
|
|
713
|
+
@pulumi.getter(name="publicCertificate")
|
|
714
|
+
def public_certificate(self) -> Optional[pulumi.Input[str]]:
|
|
715
|
+
"""
|
|
716
|
+
(Updatable) Store the public key if public key cert.
|
|
717
|
+
|
|
718
|
+
**SCIM++ Properties:**
|
|
719
|
+
* type: string
|
|
720
|
+
* multiValued: false
|
|
721
|
+
* required: false
|
|
722
|
+
* mutability: readWrite
|
|
723
|
+
* returned: default
|
|
724
|
+
* uniqueness: none
|
|
725
|
+
* idcsSearchable: false
|
|
726
|
+
"""
|
|
727
|
+
return pulumi.get(self, "public_certificate")
|
|
728
|
+
|
|
729
|
+
@public_certificate.setter
|
|
730
|
+
def public_certificate(self, value: Optional[pulumi.Input[str]]):
|
|
731
|
+
pulumi.set(self, "public_certificate", value)
|
|
732
|
+
|
|
733
|
+
@property
|
|
734
|
+
@pulumi.getter(name="publicKeyEndpoint")
|
|
735
|
+
def public_key_endpoint(self) -> Optional[pulumi.Input[str]]:
|
|
736
|
+
"""
|
|
737
|
+
(Updatable) The cloud provider's public key API of SAML and OIDC providers for signature validation.
|
|
738
|
+
|
|
739
|
+
**SCIM++ Properties:**
|
|
740
|
+
* type: string
|
|
741
|
+
* multiValued: false
|
|
742
|
+
* required: false
|
|
743
|
+
* mutability: readWrite
|
|
744
|
+
* returned: default
|
|
745
|
+
* uniqueness: none
|
|
746
|
+
* caseExact: false
|
|
747
|
+
* idcsSearchable: false
|
|
748
|
+
"""
|
|
749
|
+
return pulumi.get(self, "public_key_endpoint")
|
|
750
|
+
|
|
751
|
+
@public_key_endpoint.setter
|
|
752
|
+
def public_key_endpoint(self, value: Optional[pulumi.Input[str]]):
|
|
753
|
+
pulumi.set(self, "public_key_endpoint", value)
|
|
754
|
+
|
|
755
|
+
@property
|
|
756
|
+
@pulumi.getter(name="resourceTypeSchemaVersion")
|
|
757
|
+
def resource_type_schema_version(self) -> Optional[pulumi.Input[str]]:
|
|
758
|
+
"""
|
|
759
|
+
(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
|
|
760
|
+
"""
|
|
761
|
+
return pulumi.get(self, "resource_type_schema_version")
|
|
762
|
+
|
|
763
|
+
@resource_type_schema_version.setter
|
|
764
|
+
def resource_type_schema_version(self, value: Optional[pulumi.Input[str]]):
|
|
765
|
+
pulumi.set(self, "resource_type_schema_version", value)
|
|
766
|
+
|
|
767
|
+
@property
|
|
768
|
+
@pulumi.getter(name="subjectClaimName")
|
|
769
|
+
def subject_claim_name(self) -> Optional[pulumi.Input[str]]:
|
|
770
|
+
"""
|
|
771
|
+
(Updatable) Used for locating the subject claim from the incoming token.
|
|
772
|
+
|
|
773
|
+
**SCIM++ Properties:**
|
|
774
|
+
* type: string
|
|
775
|
+
* multiValued: false
|
|
776
|
+
* required: false
|
|
777
|
+
* mutability: readWrite
|
|
778
|
+
* returned: default
|
|
779
|
+
* uniqueness: none
|
|
780
|
+
* caseExact: true
|
|
781
|
+
* idcsSearchable: false
|
|
782
|
+
"""
|
|
783
|
+
return pulumi.get(self, "subject_claim_name")
|
|
784
|
+
|
|
785
|
+
@subject_claim_name.setter
|
|
786
|
+
def subject_claim_name(self, value: Optional[pulumi.Input[str]]):
|
|
787
|
+
pulumi.set(self, "subject_claim_name", value)
|
|
788
|
+
|
|
789
|
+
@property
|
|
790
|
+
@pulumi.getter(name="subjectMappingAttribute")
|
|
791
|
+
def subject_mapping_attribute(self) -> Optional[pulumi.Input[str]]:
|
|
792
|
+
"""
|
|
793
|
+
(Updatable) Subject Mapping Attribute to which the value from subject claim name value would be used for identity lookup.
|
|
794
|
+
|
|
795
|
+
**SCIM++ Properties:**
|
|
796
|
+
* type: string
|
|
797
|
+
* multiValued: false
|
|
798
|
+
* idcsSearchable: false
|
|
799
|
+
* required: false
|
|
800
|
+
* mutability: readWrite
|
|
801
|
+
* returned: default
|
|
802
|
+
* uniqueness: none
|
|
803
|
+
"""
|
|
804
|
+
return pulumi.get(self, "subject_mapping_attribute")
|
|
805
|
+
|
|
806
|
+
@subject_mapping_attribute.setter
|
|
807
|
+
def subject_mapping_attribute(self, value: Optional[pulumi.Input[str]]):
|
|
808
|
+
pulumi.set(self, "subject_mapping_attribute", value)
|
|
809
|
+
|
|
810
|
+
@property
|
|
811
|
+
@pulumi.getter(name="subjectType")
|
|
812
|
+
def subject_type(self) -> Optional[pulumi.Input[str]]:
|
|
813
|
+
"""
|
|
814
|
+
(Updatable) The type of the resource against which lookup will be made in the identity domain in IAM for the incoming subject claim value.
|
|
815
|
+
|
|
816
|
+
**SCIM++ Properties:**
|
|
817
|
+
* idcsSearchable: false
|
|
818
|
+
* multiValued: false
|
|
819
|
+
* mutability: readWrite
|
|
820
|
+
* required: false
|
|
821
|
+
* returned: default
|
|
822
|
+
* type: string
|
|
823
|
+
* uniqueness: none
|
|
824
|
+
"""
|
|
825
|
+
return pulumi.get(self, "subject_type")
|
|
826
|
+
|
|
827
|
+
@subject_type.setter
|
|
828
|
+
def subject_type(self, value: Optional[pulumi.Input[str]]):
|
|
829
|
+
pulumi.set(self, "subject_type", value)
|
|
830
|
+
|
|
831
|
+
@property
|
|
832
|
+
@pulumi.getter
|
|
833
|
+
def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]]]:
|
|
834
|
+
"""
|
|
835
|
+
(Updatable) A list of tags on this resource.
|
|
836
|
+
|
|
837
|
+
**SCIM++ Properties:**
|
|
838
|
+
* idcsCompositeKey: [key, value]
|
|
839
|
+
* idcsSearchable: true
|
|
840
|
+
* multiValued: true
|
|
841
|
+
* mutability: readWrite
|
|
842
|
+
* required: false
|
|
843
|
+
* returned: request
|
|
844
|
+
* type: complex
|
|
845
|
+
* uniqueness: none
|
|
846
|
+
"""
|
|
847
|
+
return pulumi.get(self, "tags")
|
|
848
|
+
|
|
849
|
+
@tags.setter
|
|
850
|
+
def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]]]):
|
|
851
|
+
pulumi.set(self, "tags", value)
|
|
852
|
+
|
|
853
|
+
|
|
854
|
+
@pulumi.input_type
|
|
855
|
+
class _DomainsIdentityPropagationTrustState:
|
|
856
|
+
def __init__(__self__, *,
|
|
857
|
+
account_id: Optional[pulumi.Input[str]] = None,
|
|
858
|
+
active: Optional[pulumi.Input[bool]] = None,
|
|
859
|
+
allow_impersonation: Optional[pulumi.Input[bool]] = None,
|
|
860
|
+
attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
861
|
+
attributes: Optional[pulumi.Input[str]] = None,
|
|
862
|
+
authorization: Optional[pulumi.Input[str]] = None,
|
|
863
|
+
client_claim_name: Optional[pulumi.Input[str]] = None,
|
|
864
|
+
client_claim_values: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
865
|
+
clock_skew_seconds: Optional[pulumi.Input[int]] = None,
|
|
866
|
+
compartment_ocid: Optional[pulumi.Input[str]] = None,
|
|
867
|
+
delete_in_progress: Optional[pulumi.Input[bool]] = None,
|
|
868
|
+
description: Optional[pulumi.Input[str]] = None,
|
|
869
|
+
domain_ocid: Optional[pulumi.Input[str]] = None,
|
|
870
|
+
idcs_created_bies: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsCreatedByArgs']]]] = None,
|
|
871
|
+
idcs_endpoint: Optional[pulumi.Input[str]] = None,
|
|
872
|
+
idcs_last_modified_bies: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsLastModifiedByArgs']]]] = None,
|
|
873
|
+
idcs_last_upgraded_in_release: Optional[pulumi.Input[str]] = None,
|
|
874
|
+
idcs_prevented_operations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
875
|
+
impersonation_service_users: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]] = None,
|
|
876
|
+
issuer: Optional[pulumi.Input[str]] = None,
|
|
877
|
+
keytab: Optional[pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs']] = None,
|
|
878
|
+
metas: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustMetaArgs']]]] = None,
|
|
879
|
+
name: Optional[pulumi.Input[str]] = None,
|
|
880
|
+
oauth_clients: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
881
|
+
ocid: Optional[pulumi.Input[str]] = None,
|
|
882
|
+
public_certificate: Optional[pulumi.Input[str]] = None,
|
|
883
|
+
public_key_endpoint: Optional[pulumi.Input[str]] = None,
|
|
884
|
+
resource_type_schema_version: Optional[pulumi.Input[str]] = None,
|
|
885
|
+
schemas: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
886
|
+
subject_claim_name: Optional[pulumi.Input[str]] = None,
|
|
887
|
+
subject_mapping_attribute: Optional[pulumi.Input[str]] = None,
|
|
888
|
+
subject_type: Optional[pulumi.Input[str]] = None,
|
|
889
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]]] = None,
|
|
890
|
+
tenancy_ocid: Optional[pulumi.Input[str]] = None,
|
|
891
|
+
type: Optional[pulumi.Input[str]] = None):
|
|
892
|
+
"""
|
|
893
|
+
Input properties used for looking up and filtering DomainsIdentityPropagationTrust resources.
|
|
894
|
+
:param pulumi.Input[str] account_id: (Updatable) The Identity cloud provider service identifier, for example, the Azure Tenancy ID, AWS Account ID, or GCP Project ID.
|
|
895
|
+
|
|
896
|
+
**SCIM++ Properties:**
|
|
897
|
+
* type: string
|
|
898
|
+
* multiValued: false
|
|
899
|
+
* required: false
|
|
900
|
+
* mutability: readWrite
|
|
901
|
+
* returned: default
|
|
902
|
+
* caseExact: true
|
|
903
|
+
* idcsSearchable: true
|
|
904
|
+
* uniqueness: none
|
|
905
|
+
:param pulumi.Input[bool] active: (Updatable) If true, specifies that this Identity Propagation Trust is in an enabled state. The default value is false.
|
|
906
|
+
|
|
907
|
+
**SCIM++ Properties:**
|
|
908
|
+
* type: boolean
|
|
909
|
+
* multiValued: false
|
|
910
|
+
* required: false
|
|
911
|
+
* mutability: readWrite
|
|
912
|
+
* returned: default
|
|
913
|
+
* uniqueness: none
|
|
914
|
+
* idcsSearchable: true
|
|
915
|
+
:param pulumi.Input[bool] allow_impersonation: (Updatable) Allow customers to define whether the resulting token should contain the authenticated user as the subject or whether the token should impersonate another Application Principal in IAM.
|
|
916
|
+
|
|
917
|
+
**SCIM++ Properties:**
|
|
918
|
+
* type: boolean
|
|
919
|
+
* multiValued: false
|
|
920
|
+
* required: false
|
|
921
|
+
* mutability: readWrite
|
|
922
|
+
* returned: default
|
|
923
|
+
* uniqueness: none
|
|
924
|
+
* idcsSearchable: false
|
|
925
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] attribute_sets: (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
|
|
926
|
+
:param pulumi.Input[str] attributes: (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
|
|
927
|
+
:param pulumi.Input[str] authorization: (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
|
|
928
|
+
:param pulumi.Input[str] client_claim_name: (Updatable) The claim name that identifies to whom the JWT/SAML token is issued. If AWS, then \\"aud\\" or \\"client_id\\". If Azure, then \\"appid\\". If GCP, then \\"aud\\".
|
|
929
|
+
|
|
930
|
+
**SCIM++ Properties:**
|
|
931
|
+
* type: string
|
|
932
|
+
* multiValued: false
|
|
933
|
+
* required: false
|
|
934
|
+
* mutability: readWrite
|
|
935
|
+
* returned: default
|
|
936
|
+
* uniqueness: none
|
|
937
|
+
* idcsSearchable: false
|
|
938
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] client_claim_values: (Updatable) The value that corresponds to the client claim name used to identify to whom the token is issued.
|
|
939
|
+
|
|
940
|
+
**SCIM++ Properties:**
|
|
941
|
+
* type: string
|
|
942
|
+
* multiValued: true
|
|
943
|
+
* required: false
|
|
944
|
+
* mutability: readWrite
|
|
945
|
+
* returned: default
|
|
946
|
+
* uniqueness: none
|
|
947
|
+
* caseExact: true
|
|
948
|
+
* idcsSearchable: false
|
|
949
|
+
:param pulumi.Input[int] clock_skew_seconds: (Updatable) The clock skew (in secs) that's allowed for the token issue and expiry time.
|
|
950
|
+
|
|
951
|
+
**Added In:** 2308181911
|
|
952
|
+
|
|
953
|
+
**SCIM++ Properties:**
|
|
954
|
+
* caseExact: false
|
|
955
|
+
* idcsSearchable: false
|
|
956
|
+
* multiValued: false
|
|
957
|
+
* mutability: readWrite
|
|
958
|
+
* required: false
|
|
959
|
+
* returned: default
|
|
960
|
+
* type: integer
|
|
961
|
+
* uniqueness: none
|
|
962
|
+
:param pulumi.Input[str] compartment_ocid: (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
|
|
963
|
+
|
|
964
|
+
**SCIM++ Properties:**
|
|
965
|
+
* caseExact: false
|
|
966
|
+
* idcsSearchable: false
|
|
967
|
+
* multiValued: false
|
|
968
|
+
* mutability: readOnly
|
|
969
|
+
* required: false
|
|
970
|
+
* returned: default
|
|
971
|
+
* type: string
|
|
972
|
+
* uniqueness: none
|
|
973
|
+
:param pulumi.Input[bool] delete_in_progress: (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
|
|
974
|
+
|
|
975
|
+
**SCIM++ Properties:**
|
|
976
|
+
* caseExact: false
|
|
977
|
+
* idcsSearchable: true
|
|
978
|
+
* multiValued: false
|
|
979
|
+
* mutability: readOnly
|
|
980
|
+
* required: false
|
|
981
|
+
* returned: default
|
|
982
|
+
* type: boolean
|
|
983
|
+
* uniqueness: none
|
|
984
|
+
:param pulumi.Input[str] description: (Updatable) The description of the Identity Propagation Trust.
|
|
985
|
+
|
|
986
|
+
**SCIM++ Properties:**
|
|
987
|
+
* type: string
|
|
988
|
+
* multiValued: false
|
|
989
|
+
* required: false
|
|
990
|
+
* mutability: readWrite
|
|
991
|
+
* returned: default
|
|
992
|
+
* uniqueness: none
|
|
993
|
+
* caseExact: false
|
|
994
|
+
* idcsSearchable: false
|
|
995
|
+
:param pulumi.Input[str] domain_ocid: (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
|
|
996
|
+
|
|
997
|
+
**SCIM++ Properties:**
|
|
998
|
+
* caseExact: false
|
|
999
|
+
* idcsSearchable: false
|
|
1000
|
+
* multiValued: false
|
|
1001
|
+
* mutability: readOnly
|
|
1002
|
+
* required: false
|
|
1003
|
+
* returned: default
|
|
1004
|
+
* type: string
|
|
1005
|
+
* uniqueness: none
|
|
1006
|
+
:param pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsCreatedByArgs']]] idcs_created_bies: (Updatable) The User or App who created the Resource
|
|
1007
|
+
|
|
1008
|
+
**SCIM++ Properties:**
|
|
1009
|
+
* idcsSearchable: true
|
|
1010
|
+
* multiValued: false
|
|
1011
|
+
* mutability: readOnly
|
|
1012
|
+
* required: true
|
|
1013
|
+
* returned: default
|
|
1014
|
+
* type: complex
|
|
1015
|
+
:param pulumi.Input[str] idcs_endpoint: The basic endpoint for the identity domain
|
|
1016
|
+
:param pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsLastModifiedByArgs']]] idcs_last_modified_bies: (Updatable) The User or App who modified the Resource
|
|
1017
|
+
|
|
1018
|
+
**SCIM++ Properties:**
|
|
1019
|
+
* idcsSearchable: true
|
|
1020
|
+
* multiValued: false
|
|
1021
|
+
* mutability: readOnly
|
|
1022
|
+
* required: false
|
|
1023
|
+
* returned: default
|
|
1024
|
+
* type: complex
|
|
1025
|
+
:param pulumi.Input[str] idcs_last_upgraded_in_release: (Updatable) The release number when the resource was upgraded.
|
|
1026
|
+
|
|
1027
|
+
**SCIM++ Properties:**
|
|
1028
|
+
* caseExact: false
|
|
1029
|
+
* idcsSearchable: false
|
|
1030
|
+
* multiValued: false
|
|
1031
|
+
* mutability: readOnly
|
|
1032
|
+
* required: false
|
|
1033
|
+
* returned: request
|
|
1034
|
+
* type: string
|
|
1035
|
+
* uniqueness: none
|
|
1036
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] idcs_prevented_operations: (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
|
|
1037
|
+
|
|
1038
|
+
**SCIM++ Properties:**
|
|
1039
|
+
* idcsSearchable: false
|
|
1040
|
+
* multiValued: true
|
|
1041
|
+
* mutability: readOnly
|
|
1042
|
+
* required: false
|
|
1043
|
+
* returned: request
|
|
1044
|
+
* type: string
|
|
1045
|
+
* uniqueness: none
|
|
1046
|
+
:param pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]] impersonation_service_users: (Updatable) The Impersonating Principal.
|
|
1047
|
+
|
|
1048
|
+
**SCIM++ Properties:**
|
|
1049
|
+
* idcsCompositeKey: [rule, value]
|
|
1050
|
+
* idcsSearchable: false
|
|
1051
|
+
* multiValued: true
|
|
1052
|
+
* mutability: readWrite
|
|
1053
|
+
* required: false
|
|
1054
|
+
* returned: request
|
|
1055
|
+
* type: complex
|
|
1056
|
+
* uniqueness: none
|
|
1057
|
+
:param pulumi.Input[str] issuer: (Updatable) The issuer claim of the Identity provider.
|
|
1058
|
+
|
|
1059
|
+
**SCIM++ Properties:**
|
|
1060
|
+
* type: string
|
|
1061
|
+
* multiValued: false
|
|
1062
|
+
* required: true
|
|
1063
|
+
* mutability: readWrite
|
|
1064
|
+
* returned: always
|
|
1065
|
+
* caseExact: true
|
|
1066
|
+
* idcsSearchable: true
|
|
1067
|
+
* uniqueness: server
|
|
1068
|
+
:param pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs'] keytab: (Updatable) The keytab stored in the tenancy's Vault. This is required if the identity propagation type is 'SPNEGO'.
|
|
1069
|
+
|
|
1070
|
+
**SCIM++ Properties:**
|
|
1071
|
+
* idcsCompositeKey: [secretOcid]
|
|
1072
|
+
* idcsSearchable: false
|
|
1073
|
+
* multiValued: false
|
|
1074
|
+
* mutability: readWrite
|
|
1075
|
+
* required: false
|
|
1076
|
+
* returned: default
|
|
1077
|
+
* type: complex
|
|
1078
|
+
* uniqueness: none
|
|
1079
|
+
:param pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustMetaArgs']]] metas: (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
|
|
1080
|
+
|
|
1081
|
+
**SCIM++ Properties:**
|
|
1082
|
+
* caseExact: false
|
|
1083
|
+
* idcsSearchable: true
|
|
1084
|
+
* multiValued: false
|
|
1085
|
+
* mutability: readOnly
|
|
1086
|
+
* required: false
|
|
1087
|
+
* returned: default
|
|
1088
|
+
* idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
|
|
1089
|
+
* type: complex
|
|
1090
|
+
:param pulumi.Input[str] name: The name of the the Identity Propagation Trust.
|
|
1091
|
+
|
|
1092
|
+
**SCIM++ Properties:**
|
|
1093
|
+
* type: string
|
|
1094
|
+
* caseExact: false
|
|
1095
|
+
* idcsSearchable: true
|
|
1096
|
+
* multiValued: false
|
|
1097
|
+
* required: true
|
|
1098
|
+
* mutability: immutable
|
|
1099
|
+
* returned: default
|
|
1100
|
+
* uniqueness: none
|
|
1101
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] oauth_clients: (Updatable) The value of all the authorized OAuth Clients.
|
|
1102
|
+
|
|
1103
|
+
**SCIM++ Properties:**
|
|
1104
|
+
* idcsSearchable: false
|
|
1105
|
+
* multiValued: true
|
|
1106
|
+
* mutability: readWrite
|
|
1107
|
+
* required: false
|
|
1108
|
+
* returned: default
|
|
1109
|
+
* type: string
|
|
1110
|
+
* uniqueness: none
|
|
1111
|
+
:param pulumi.Input[str] ocid: (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
|
|
1112
|
+
|
|
1113
|
+
**SCIM++ Properties:**
|
|
1114
|
+
* caseExact: true
|
|
1115
|
+
* idcsSearchable: true
|
|
1116
|
+
* multiValued: false
|
|
1117
|
+
* mutability: immutable
|
|
1118
|
+
* required: false
|
|
1119
|
+
* returned: default
|
|
1120
|
+
* type: string
|
|
1121
|
+
* uniqueness: global
|
|
1122
|
+
:param pulumi.Input[str] public_certificate: (Updatable) Store the public key if public key cert.
|
|
1123
|
+
|
|
1124
|
+
**SCIM++ Properties:**
|
|
1125
|
+
* type: string
|
|
1126
|
+
* multiValued: false
|
|
1127
|
+
* required: false
|
|
1128
|
+
* mutability: readWrite
|
|
1129
|
+
* returned: default
|
|
1130
|
+
* uniqueness: none
|
|
1131
|
+
* idcsSearchable: false
|
|
1132
|
+
:param pulumi.Input[str] public_key_endpoint: (Updatable) The cloud provider's public key API of SAML and OIDC providers for signature validation.
|
|
1133
|
+
|
|
1134
|
+
**SCIM++ Properties:**
|
|
1135
|
+
* type: string
|
|
1136
|
+
* multiValued: false
|
|
1137
|
+
* required: false
|
|
1138
|
+
* mutability: readWrite
|
|
1139
|
+
* returned: default
|
|
1140
|
+
* uniqueness: none
|
|
1141
|
+
* caseExact: false
|
|
1142
|
+
* idcsSearchable: false
|
|
1143
|
+
:param pulumi.Input[str] resource_type_schema_version: (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
|
|
1144
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] schemas: (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \\"enterprise\\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
|
|
1145
|
+
|
|
1146
|
+
**SCIM++ Properties:**
|
|
1147
|
+
* caseExact: false
|
|
1148
|
+
* idcsSearchable: false
|
|
1149
|
+
* multiValued: true
|
|
1150
|
+
* mutability: readWrite
|
|
1151
|
+
* required: true
|
|
1152
|
+
* returned: default
|
|
1153
|
+
* type: string
|
|
1154
|
+
* uniqueness: none
|
|
1155
|
+
:param pulumi.Input[str] subject_claim_name: (Updatable) Used for locating the subject claim from the incoming token.
|
|
1156
|
+
|
|
1157
|
+
**SCIM++ Properties:**
|
|
1158
|
+
* type: string
|
|
1159
|
+
* multiValued: false
|
|
1160
|
+
* required: false
|
|
1161
|
+
* mutability: readWrite
|
|
1162
|
+
* returned: default
|
|
1163
|
+
* uniqueness: none
|
|
1164
|
+
* caseExact: true
|
|
1165
|
+
* idcsSearchable: false
|
|
1166
|
+
:param pulumi.Input[str] subject_mapping_attribute: (Updatable) Subject Mapping Attribute to which the value from subject claim name value would be used for identity lookup.
|
|
1167
|
+
|
|
1168
|
+
**SCIM++ Properties:**
|
|
1169
|
+
* type: string
|
|
1170
|
+
* multiValued: false
|
|
1171
|
+
* idcsSearchable: false
|
|
1172
|
+
* required: false
|
|
1173
|
+
* mutability: readWrite
|
|
1174
|
+
* returned: default
|
|
1175
|
+
* uniqueness: none
|
|
1176
|
+
:param pulumi.Input[str] subject_type: (Updatable) The type of the resource against which lookup will be made in the identity domain in IAM for the incoming subject claim value.
|
|
1177
|
+
|
|
1178
|
+
**SCIM++ Properties:**
|
|
1179
|
+
* idcsSearchable: false
|
|
1180
|
+
* multiValued: false
|
|
1181
|
+
* mutability: readWrite
|
|
1182
|
+
* required: false
|
|
1183
|
+
* returned: default
|
|
1184
|
+
* type: string
|
|
1185
|
+
* uniqueness: none
|
|
1186
|
+
:param pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]] tags: (Updatable) A list of tags on this resource.
|
|
1187
|
+
|
|
1188
|
+
**SCIM++ Properties:**
|
|
1189
|
+
* idcsCompositeKey: [key, value]
|
|
1190
|
+
* idcsSearchable: true
|
|
1191
|
+
* multiValued: true
|
|
1192
|
+
* mutability: readWrite
|
|
1193
|
+
* required: false
|
|
1194
|
+
* returned: request
|
|
1195
|
+
* type: complex
|
|
1196
|
+
* uniqueness: none
|
|
1197
|
+
:param pulumi.Input[str] tenancy_ocid: (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
|
|
1198
|
+
|
|
1199
|
+
**SCIM++ Properties:**
|
|
1200
|
+
* caseExact: false
|
|
1201
|
+
* idcsSearchable: false
|
|
1202
|
+
* multiValued: false
|
|
1203
|
+
* mutability: readOnly
|
|
1204
|
+
* required: false
|
|
1205
|
+
* returned: default
|
|
1206
|
+
* type: string
|
|
1207
|
+
* uniqueness: none
|
|
1208
|
+
:param pulumi.Input[str] type: (Updatable) The type of the inbound token from the Identity cloud provider.
|
|
1209
|
+
|
|
1210
|
+
**SCIM++ Properties:**
|
|
1211
|
+
* caseExact: true
|
|
1212
|
+
* idcsSearchable: false
|
|
1213
|
+
* required: true
|
|
1214
|
+
* mutability: readWrite
|
|
1215
|
+
* returned: default
|
|
1216
|
+
* type: string
|
|
1217
|
+
* multiValued: false
|
|
1218
|
+
* uniqueness: none
|
|
1219
|
+
|
|
1220
|
+
|
|
1221
|
+
** IMPORTANT **
|
|
1222
|
+
Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
|
|
1223
|
+
"""
|
|
1224
|
+
if account_id is not None:
|
|
1225
|
+
pulumi.set(__self__, "account_id", account_id)
|
|
1226
|
+
if active is not None:
|
|
1227
|
+
pulumi.set(__self__, "active", active)
|
|
1228
|
+
if allow_impersonation is not None:
|
|
1229
|
+
pulumi.set(__self__, "allow_impersonation", allow_impersonation)
|
|
1230
|
+
if attribute_sets is not None:
|
|
1231
|
+
pulumi.set(__self__, "attribute_sets", attribute_sets)
|
|
1232
|
+
if attributes is not None:
|
|
1233
|
+
pulumi.set(__self__, "attributes", attributes)
|
|
1234
|
+
if authorization is not None:
|
|
1235
|
+
pulumi.set(__self__, "authorization", authorization)
|
|
1236
|
+
if client_claim_name is not None:
|
|
1237
|
+
pulumi.set(__self__, "client_claim_name", client_claim_name)
|
|
1238
|
+
if client_claim_values is not None:
|
|
1239
|
+
pulumi.set(__self__, "client_claim_values", client_claim_values)
|
|
1240
|
+
if clock_skew_seconds is not None:
|
|
1241
|
+
pulumi.set(__self__, "clock_skew_seconds", clock_skew_seconds)
|
|
1242
|
+
if compartment_ocid is not None:
|
|
1243
|
+
pulumi.set(__self__, "compartment_ocid", compartment_ocid)
|
|
1244
|
+
if delete_in_progress is not None:
|
|
1245
|
+
pulumi.set(__self__, "delete_in_progress", delete_in_progress)
|
|
1246
|
+
if description is not None:
|
|
1247
|
+
pulumi.set(__self__, "description", description)
|
|
1248
|
+
if domain_ocid is not None:
|
|
1249
|
+
pulumi.set(__self__, "domain_ocid", domain_ocid)
|
|
1250
|
+
if idcs_created_bies is not None:
|
|
1251
|
+
pulumi.set(__self__, "idcs_created_bies", idcs_created_bies)
|
|
1252
|
+
if idcs_endpoint is not None:
|
|
1253
|
+
pulumi.set(__self__, "idcs_endpoint", idcs_endpoint)
|
|
1254
|
+
if idcs_last_modified_bies is not None:
|
|
1255
|
+
pulumi.set(__self__, "idcs_last_modified_bies", idcs_last_modified_bies)
|
|
1256
|
+
if idcs_last_upgraded_in_release is not None:
|
|
1257
|
+
pulumi.set(__self__, "idcs_last_upgraded_in_release", idcs_last_upgraded_in_release)
|
|
1258
|
+
if idcs_prevented_operations is not None:
|
|
1259
|
+
pulumi.set(__self__, "idcs_prevented_operations", idcs_prevented_operations)
|
|
1260
|
+
if impersonation_service_users is not None:
|
|
1261
|
+
pulumi.set(__self__, "impersonation_service_users", impersonation_service_users)
|
|
1262
|
+
if issuer is not None:
|
|
1263
|
+
pulumi.set(__self__, "issuer", issuer)
|
|
1264
|
+
if keytab is not None:
|
|
1265
|
+
pulumi.set(__self__, "keytab", keytab)
|
|
1266
|
+
if metas is not None:
|
|
1267
|
+
pulumi.set(__self__, "metas", metas)
|
|
1268
|
+
if name is not None:
|
|
1269
|
+
pulumi.set(__self__, "name", name)
|
|
1270
|
+
if oauth_clients is not None:
|
|
1271
|
+
pulumi.set(__self__, "oauth_clients", oauth_clients)
|
|
1272
|
+
if ocid is not None:
|
|
1273
|
+
pulumi.set(__self__, "ocid", ocid)
|
|
1274
|
+
if public_certificate is not None:
|
|
1275
|
+
pulumi.set(__self__, "public_certificate", public_certificate)
|
|
1276
|
+
if public_key_endpoint is not None:
|
|
1277
|
+
pulumi.set(__self__, "public_key_endpoint", public_key_endpoint)
|
|
1278
|
+
if resource_type_schema_version is not None:
|
|
1279
|
+
pulumi.set(__self__, "resource_type_schema_version", resource_type_schema_version)
|
|
1280
|
+
if schemas is not None:
|
|
1281
|
+
pulumi.set(__self__, "schemas", schemas)
|
|
1282
|
+
if subject_claim_name is not None:
|
|
1283
|
+
pulumi.set(__self__, "subject_claim_name", subject_claim_name)
|
|
1284
|
+
if subject_mapping_attribute is not None:
|
|
1285
|
+
pulumi.set(__self__, "subject_mapping_attribute", subject_mapping_attribute)
|
|
1286
|
+
if subject_type is not None:
|
|
1287
|
+
pulumi.set(__self__, "subject_type", subject_type)
|
|
1288
|
+
if tags is not None:
|
|
1289
|
+
pulumi.set(__self__, "tags", tags)
|
|
1290
|
+
if tenancy_ocid is not None:
|
|
1291
|
+
pulumi.set(__self__, "tenancy_ocid", tenancy_ocid)
|
|
1292
|
+
if type is not None:
|
|
1293
|
+
pulumi.set(__self__, "type", type)
|
|
1294
|
+
|
|
1295
|
+
@property
|
|
1296
|
+
@pulumi.getter(name="accountId")
|
|
1297
|
+
def account_id(self) -> Optional[pulumi.Input[str]]:
|
|
1298
|
+
"""
|
|
1299
|
+
(Updatable) The Identity cloud provider service identifier, for example, the Azure Tenancy ID, AWS Account ID, or GCP Project ID.
|
|
1300
|
+
|
|
1301
|
+
**SCIM++ Properties:**
|
|
1302
|
+
* type: string
|
|
1303
|
+
* multiValued: false
|
|
1304
|
+
* required: false
|
|
1305
|
+
* mutability: readWrite
|
|
1306
|
+
* returned: default
|
|
1307
|
+
* caseExact: true
|
|
1308
|
+
* idcsSearchable: true
|
|
1309
|
+
* uniqueness: none
|
|
1310
|
+
"""
|
|
1311
|
+
return pulumi.get(self, "account_id")
|
|
1312
|
+
|
|
1313
|
+
@account_id.setter
|
|
1314
|
+
def account_id(self, value: Optional[pulumi.Input[str]]):
|
|
1315
|
+
pulumi.set(self, "account_id", value)
|
|
1316
|
+
|
|
1317
|
+
@property
|
|
1318
|
+
@pulumi.getter
|
|
1319
|
+
def active(self) -> Optional[pulumi.Input[bool]]:
|
|
1320
|
+
"""
|
|
1321
|
+
(Updatable) If true, specifies that this Identity Propagation Trust is in an enabled state. The default value is false.
|
|
1322
|
+
|
|
1323
|
+
**SCIM++ Properties:**
|
|
1324
|
+
* type: boolean
|
|
1325
|
+
* multiValued: false
|
|
1326
|
+
* required: false
|
|
1327
|
+
* mutability: readWrite
|
|
1328
|
+
* returned: default
|
|
1329
|
+
* uniqueness: none
|
|
1330
|
+
* idcsSearchable: true
|
|
1331
|
+
"""
|
|
1332
|
+
return pulumi.get(self, "active")
|
|
1333
|
+
|
|
1334
|
+
@active.setter
|
|
1335
|
+
def active(self, value: Optional[pulumi.Input[bool]]):
|
|
1336
|
+
pulumi.set(self, "active", value)
|
|
1337
|
+
|
|
1338
|
+
@property
|
|
1339
|
+
@pulumi.getter(name="allowImpersonation")
|
|
1340
|
+
def allow_impersonation(self) -> Optional[pulumi.Input[bool]]:
|
|
1341
|
+
"""
|
|
1342
|
+
(Updatable) Allow customers to define whether the resulting token should contain the authenticated user as the subject or whether the token should impersonate another Application Principal in IAM.
|
|
1343
|
+
|
|
1344
|
+
**SCIM++ Properties:**
|
|
1345
|
+
* type: boolean
|
|
1346
|
+
* multiValued: false
|
|
1347
|
+
* required: false
|
|
1348
|
+
* mutability: readWrite
|
|
1349
|
+
* returned: default
|
|
1350
|
+
* uniqueness: none
|
|
1351
|
+
* idcsSearchable: false
|
|
1352
|
+
"""
|
|
1353
|
+
return pulumi.get(self, "allow_impersonation")
|
|
1354
|
+
|
|
1355
|
+
@allow_impersonation.setter
|
|
1356
|
+
def allow_impersonation(self, value: Optional[pulumi.Input[bool]]):
|
|
1357
|
+
pulumi.set(self, "allow_impersonation", value)
|
|
1358
|
+
|
|
1359
|
+
@property
|
|
1360
|
+
@pulumi.getter(name="attributeSets")
|
|
1361
|
+
def attribute_sets(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
1362
|
+
"""
|
|
1363
|
+
(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
|
|
1364
|
+
"""
|
|
1365
|
+
return pulumi.get(self, "attribute_sets")
|
|
1366
|
+
|
|
1367
|
+
@attribute_sets.setter
|
|
1368
|
+
def attribute_sets(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
1369
|
+
pulumi.set(self, "attribute_sets", value)
|
|
1370
|
+
|
|
1371
|
+
@property
|
|
1372
|
+
@pulumi.getter
|
|
1373
|
+
def attributes(self) -> Optional[pulumi.Input[str]]:
|
|
1374
|
+
"""
|
|
1375
|
+
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
|
|
1376
|
+
"""
|
|
1377
|
+
return pulumi.get(self, "attributes")
|
|
1378
|
+
|
|
1379
|
+
@attributes.setter
|
|
1380
|
+
def attributes(self, value: Optional[pulumi.Input[str]]):
|
|
1381
|
+
pulumi.set(self, "attributes", value)
|
|
1382
|
+
|
|
1383
|
+
@property
|
|
1384
|
+
@pulumi.getter
|
|
1385
|
+
def authorization(self) -> Optional[pulumi.Input[str]]:
|
|
1386
|
+
"""
|
|
1387
|
+
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
|
|
1388
|
+
"""
|
|
1389
|
+
return pulumi.get(self, "authorization")
|
|
1390
|
+
|
|
1391
|
+
@authorization.setter
|
|
1392
|
+
def authorization(self, value: Optional[pulumi.Input[str]]):
|
|
1393
|
+
pulumi.set(self, "authorization", value)
|
|
1394
|
+
|
|
1395
|
+
@property
|
|
1396
|
+
@pulumi.getter(name="clientClaimName")
|
|
1397
|
+
def client_claim_name(self) -> Optional[pulumi.Input[str]]:
|
|
1398
|
+
"""
|
|
1399
|
+
(Updatable) The claim name that identifies to whom the JWT/SAML token is issued. If AWS, then \\"aud\\" or \\"client_id\\". If Azure, then \\"appid\\". If GCP, then \\"aud\\".
|
|
1400
|
+
|
|
1401
|
+
**SCIM++ Properties:**
|
|
1402
|
+
* type: string
|
|
1403
|
+
* multiValued: false
|
|
1404
|
+
* required: false
|
|
1405
|
+
* mutability: readWrite
|
|
1406
|
+
* returned: default
|
|
1407
|
+
* uniqueness: none
|
|
1408
|
+
* idcsSearchable: false
|
|
1409
|
+
"""
|
|
1410
|
+
return pulumi.get(self, "client_claim_name")
|
|
1411
|
+
|
|
1412
|
+
@client_claim_name.setter
|
|
1413
|
+
def client_claim_name(self, value: Optional[pulumi.Input[str]]):
|
|
1414
|
+
pulumi.set(self, "client_claim_name", value)
|
|
1415
|
+
|
|
1416
|
+
@property
|
|
1417
|
+
@pulumi.getter(name="clientClaimValues")
|
|
1418
|
+
def client_claim_values(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
1419
|
+
"""
|
|
1420
|
+
(Updatable) The value that corresponds to the client claim name used to identify to whom the token is issued.
|
|
1421
|
+
|
|
1422
|
+
**SCIM++ Properties:**
|
|
1423
|
+
* type: string
|
|
1424
|
+
* multiValued: true
|
|
1425
|
+
* required: false
|
|
1426
|
+
* mutability: readWrite
|
|
1427
|
+
* returned: default
|
|
1428
|
+
* uniqueness: none
|
|
1429
|
+
* caseExact: true
|
|
1430
|
+
* idcsSearchable: false
|
|
1431
|
+
"""
|
|
1432
|
+
return pulumi.get(self, "client_claim_values")
|
|
1433
|
+
|
|
1434
|
+
@client_claim_values.setter
|
|
1435
|
+
def client_claim_values(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
1436
|
+
pulumi.set(self, "client_claim_values", value)
|
|
1437
|
+
|
|
1438
|
+
@property
|
|
1439
|
+
@pulumi.getter(name="clockSkewSeconds")
|
|
1440
|
+
def clock_skew_seconds(self) -> Optional[pulumi.Input[int]]:
|
|
1441
|
+
"""
|
|
1442
|
+
(Updatable) The clock skew (in secs) that's allowed for the token issue and expiry time.
|
|
1443
|
+
|
|
1444
|
+
**Added In:** 2308181911
|
|
1445
|
+
|
|
1446
|
+
**SCIM++ Properties:**
|
|
1447
|
+
* caseExact: false
|
|
1448
|
+
* idcsSearchable: false
|
|
1449
|
+
* multiValued: false
|
|
1450
|
+
* mutability: readWrite
|
|
1451
|
+
* required: false
|
|
1452
|
+
* returned: default
|
|
1453
|
+
* type: integer
|
|
1454
|
+
* uniqueness: none
|
|
1455
|
+
"""
|
|
1456
|
+
return pulumi.get(self, "clock_skew_seconds")
|
|
1457
|
+
|
|
1458
|
+
@clock_skew_seconds.setter
|
|
1459
|
+
def clock_skew_seconds(self, value: Optional[pulumi.Input[int]]):
|
|
1460
|
+
pulumi.set(self, "clock_skew_seconds", value)
|
|
1461
|
+
|
|
1462
|
+
@property
|
|
1463
|
+
@pulumi.getter(name="compartmentOcid")
|
|
1464
|
+
def compartment_ocid(self) -> Optional[pulumi.Input[str]]:
|
|
1465
|
+
"""
|
|
1466
|
+
(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
|
|
1467
|
+
|
|
1468
|
+
**SCIM++ Properties:**
|
|
1469
|
+
* caseExact: false
|
|
1470
|
+
* idcsSearchable: false
|
|
1471
|
+
* multiValued: false
|
|
1472
|
+
* mutability: readOnly
|
|
1473
|
+
* required: false
|
|
1474
|
+
* returned: default
|
|
1475
|
+
* type: string
|
|
1476
|
+
* uniqueness: none
|
|
1477
|
+
"""
|
|
1478
|
+
return pulumi.get(self, "compartment_ocid")
|
|
1479
|
+
|
|
1480
|
+
@compartment_ocid.setter
|
|
1481
|
+
def compartment_ocid(self, value: Optional[pulumi.Input[str]]):
|
|
1482
|
+
pulumi.set(self, "compartment_ocid", value)
|
|
1483
|
+
|
|
1484
|
+
@property
|
|
1485
|
+
@pulumi.getter(name="deleteInProgress")
|
|
1486
|
+
def delete_in_progress(self) -> Optional[pulumi.Input[bool]]:
|
|
1487
|
+
"""
|
|
1488
|
+
(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
|
|
1489
|
+
|
|
1490
|
+
**SCIM++ Properties:**
|
|
1491
|
+
* caseExact: false
|
|
1492
|
+
* idcsSearchable: true
|
|
1493
|
+
* multiValued: false
|
|
1494
|
+
* mutability: readOnly
|
|
1495
|
+
* required: false
|
|
1496
|
+
* returned: default
|
|
1497
|
+
* type: boolean
|
|
1498
|
+
* uniqueness: none
|
|
1499
|
+
"""
|
|
1500
|
+
return pulumi.get(self, "delete_in_progress")
|
|
1501
|
+
|
|
1502
|
+
@delete_in_progress.setter
|
|
1503
|
+
def delete_in_progress(self, value: Optional[pulumi.Input[bool]]):
|
|
1504
|
+
pulumi.set(self, "delete_in_progress", value)
|
|
1505
|
+
|
|
1506
|
+
@property
|
|
1507
|
+
@pulumi.getter
|
|
1508
|
+
def description(self) -> Optional[pulumi.Input[str]]:
|
|
1509
|
+
"""
|
|
1510
|
+
(Updatable) The description of the Identity Propagation Trust.
|
|
1511
|
+
|
|
1512
|
+
**SCIM++ Properties:**
|
|
1513
|
+
* type: string
|
|
1514
|
+
* multiValued: false
|
|
1515
|
+
* required: false
|
|
1516
|
+
* mutability: readWrite
|
|
1517
|
+
* returned: default
|
|
1518
|
+
* uniqueness: none
|
|
1519
|
+
* caseExact: false
|
|
1520
|
+
* idcsSearchable: false
|
|
1521
|
+
"""
|
|
1522
|
+
return pulumi.get(self, "description")
|
|
1523
|
+
|
|
1524
|
+
@description.setter
|
|
1525
|
+
def description(self, value: Optional[pulumi.Input[str]]):
|
|
1526
|
+
pulumi.set(self, "description", value)
|
|
1527
|
+
|
|
1528
|
+
@property
|
|
1529
|
+
@pulumi.getter(name="domainOcid")
|
|
1530
|
+
def domain_ocid(self) -> Optional[pulumi.Input[str]]:
|
|
1531
|
+
"""
|
|
1532
|
+
(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
|
|
1533
|
+
|
|
1534
|
+
**SCIM++ Properties:**
|
|
1535
|
+
* caseExact: false
|
|
1536
|
+
* idcsSearchable: false
|
|
1537
|
+
* multiValued: false
|
|
1538
|
+
* mutability: readOnly
|
|
1539
|
+
* required: false
|
|
1540
|
+
* returned: default
|
|
1541
|
+
* type: string
|
|
1542
|
+
* uniqueness: none
|
|
1543
|
+
"""
|
|
1544
|
+
return pulumi.get(self, "domain_ocid")
|
|
1545
|
+
|
|
1546
|
+
@domain_ocid.setter
|
|
1547
|
+
def domain_ocid(self, value: Optional[pulumi.Input[str]]):
|
|
1548
|
+
pulumi.set(self, "domain_ocid", value)
|
|
1549
|
+
|
|
1550
|
+
@property
|
|
1551
|
+
@pulumi.getter(name="idcsCreatedBies")
|
|
1552
|
+
def idcs_created_bies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsCreatedByArgs']]]]:
|
|
1553
|
+
"""
|
|
1554
|
+
(Updatable) The User or App who created the Resource
|
|
1555
|
+
|
|
1556
|
+
**SCIM++ Properties:**
|
|
1557
|
+
* idcsSearchable: true
|
|
1558
|
+
* multiValued: false
|
|
1559
|
+
* mutability: readOnly
|
|
1560
|
+
* required: true
|
|
1561
|
+
* returned: default
|
|
1562
|
+
* type: complex
|
|
1563
|
+
"""
|
|
1564
|
+
return pulumi.get(self, "idcs_created_bies")
|
|
1565
|
+
|
|
1566
|
+
@idcs_created_bies.setter
|
|
1567
|
+
def idcs_created_bies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsCreatedByArgs']]]]):
|
|
1568
|
+
pulumi.set(self, "idcs_created_bies", value)
|
|
1569
|
+
|
|
1570
|
+
@property
|
|
1571
|
+
@pulumi.getter(name="idcsEndpoint")
|
|
1572
|
+
def idcs_endpoint(self) -> Optional[pulumi.Input[str]]:
|
|
1573
|
+
"""
|
|
1574
|
+
The basic endpoint for the identity domain
|
|
1575
|
+
"""
|
|
1576
|
+
return pulumi.get(self, "idcs_endpoint")
|
|
1577
|
+
|
|
1578
|
+
@idcs_endpoint.setter
|
|
1579
|
+
def idcs_endpoint(self, value: Optional[pulumi.Input[str]]):
|
|
1580
|
+
pulumi.set(self, "idcs_endpoint", value)
|
|
1581
|
+
|
|
1582
|
+
@property
|
|
1583
|
+
@pulumi.getter(name="idcsLastModifiedBies")
|
|
1584
|
+
def idcs_last_modified_bies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsLastModifiedByArgs']]]]:
|
|
1585
|
+
"""
|
|
1586
|
+
(Updatable) The User or App who modified the Resource
|
|
1587
|
+
|
|
1588
|
+
**SCIM++ Properties:**
|
|
1589
|
+
* idcsSearchable: true
|
|
1590
|
+
* multiValued: false
|
|
1591
|
+
* mutability: readOnly
|
|
1592
|
+
* required: false
|
|
1593
|
+
* returned: default
|
|
1594
|
+
* type: complex
|
|
1595
|
+
"""
|
|
1596
|
+
return pulumi.get(self, "idcs_last_modified_bies")
|
|
1597
|
+
|
|
1598
|
+
@idcs_last_modified_bies.setter
|
|
1599
|
+
def idcs_last_modified_bies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustIdcsLastModifiedByArgs']]]]):
|
|
1600
|
+
pulumi.set(self, "idcs_last_modified_bies", value)
|
|
1601
|
+
|
|
1602
|
+
@property
|
|
1603
|
+
@pulumi.getter(name="idcsLastUpgradedInRelease")
|
|
1604
|
+
def idcs_last_upgraded_in_release(self) -> Optional[pulumi.Input[str]]:
|
|
1605
|
+
"""
|
|
1606
|
+
(Updatable) The release number when the resource was upgraded.
|
|
1607
|
+
|
|
1608
|
+
**SCIM++ Properties:**
|
|
1609
|
+
* caseExact: false
|
|
1610
|
+
* idcsSearchable: false
|
|
1611
|
+
* multiValued: false
|
|
1612
|
+
* mutability: readOnly
|
|
1613
|
+
* required: false
|
|
1614
|
+
* returned: request
|
|
1615
|
+
* type: string
|
|
1616
|
+
* uniqueness: none
|
|
1617
|
+
"""
|
|
1618
|
+
return pulumi.get(self, "idcs_last_upgraded_in_release")
|
|
1619
|
+
|
|
1620
|
+
@idcs_last_upgraded_in_release.setter
|
|
1621
|
+
def idcs_last_upgraded_in_release(self, value: Optional[pulumi.Input[str]]):
|
|
1622
|
+
pulumi.set(self, "idcs_last_upgraded_in_release", value)
|
|
1623
|
+
|
|
1624
|
+
@property
|
|
1625
|
+
@pulumi.getter(name="idcsPreventedOperations")
|
|
1626
|
+
def idcs_prevented_operations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
1627
|
+
"""
|
|
1628
|
+
(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
|
|
1629
|
+
|
|
1630
|
+
**SCIM++ Properties:**
|
|
1631
|
+
* idcsSearchable: false
|
|
1632
|
+
* multiValued: true
|
|
1633
|
+
* mutability: readOnly
|
|
1634
|
+
* required: false
|
|
1635
|
+
* returned: request
|
|
1636
|
+
* type: string
|
|
1637
|
+
* uniqueness: none
|
|
1638
|
+
"""
|
|
1639
|
+
return pulumi.get(self, "idcs_prevented_operations")
|
|
1640
|
+
|
|
1641
|
+
@idcs_prevented_operations.setter
|
|
1642
|
+
def idcs_prevented_operations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
1643
|
+
pulumi.set(self, "idcs_prevented_operations", value)
|
|
1644
|
+
|
|
1645
|
+
@property
|
|
1646
|
+
@pulumi.getter(name="impersonationServiceUsers")
|
|
1647
|
+
def impersonation_service_users(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]]:
|
|
1648
|
+
"""
|
|
1649
|
+
(Updatable) The Impersonating Principal.
|
|
1650
|
+
|
|
1651
|
+
**SCIM++ Properties:**
|
|
1652
|
+
* idcsCompositeKey: [rule, value]
|
|
1653
|
+
* idcsSearchable: false
|
|
1654
|
+
* multiValued: true
|
|
1655
|
+
* mutability: readWrite
|
|
1656
|
+
* required: false
|
|
1657
|
+
* returned: request
|
|
1658
|
+
* type: complex
|
|
1659
|
+
* uniqueness: none
|
|
1660
|
+
"""
|
|
1661
|
+
return pulumi.get(self, "impersonation_service_users")
|
|
1662
|
+
|
|
1663
|
+
@impersonation_service_users.setter
|
|
1664
|
+
def impersonation_service_users(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]]):
|
|
1665
|
+
pulumi.set(self, "impersonation_service_users", value)
|
|
1666
|
+
|
|
1667
|
+
@property
|
|
1668
|
+
@pulumi.getter
|
|
1669
|
+
def issuer(self) -> Optional[pulumi.Input[str]]:
|
|
1670
|
+
"""
|
|
1671
|
+
(Updatable) The issuer claim of the Identity provider.
|
|
1672
|
+
|
|
1673
|
+
**SCIM++ Properties:**
|
|
1674
|
+
* type: string
|
|
1675
|
+
* multiValued: false
|
|
1676
|
+
* required: true
|
|
1677
|
+
* mutability: readWrite
|
|
1678
|
+
* returned: always
|
|
1679
|
+
* caseExact: true
|
|
1680
|
+
* idcsSearchable: true
|
|
1681
|
+
* uniqueness: server
|
|
1682
|
+
"""
|
|
1683
|
+
return pulumi.get(self, "issuer")
|
|
1684
|
+
|
|
1685
|
+
@issuer.setter
|
|
1686
|
+
def issuer(self, value: Optional[pulumi.Input[str]]):
|
|
1687
|
+
pulumi.set(self, "issuer", value)
|
|
1688
|
+
|
|
1689
|
+
@property
|
|
1690
|
+
@pulumi.getter
|
|
1691
|
+
def keytab(self) -> Optional[pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs']]:
|
|
1692
|
+
"""
|
|
1693
|
+
(Updatable) The keytab stored in the tenancy's Vault. This is required if the identity propagation type is 'SPNEGO'.
|
|
1694
|
+
|
|
1695
|
+
**SCIM++ Properties:**
|
|
1696
|
+
* idcsCompositeKey: [secretOcid]
|
|
1697
|
+
* idcsSearchable: false
|
|
1698
|
+
* multiValued: false
|
|
1699
|
+
* mutability: readWrite
|
|
1700
|
+
* required: false
|
|
1701
|
+
* returned: default
|
|
1702
|
+
* type: complex
|
|
1703
|
+
* uniqueness: none
|
|
1704
|
+
"""
|
|
1705
|
+
return pulumi.get(self, "keytab")
|
|
1706
|
+
|
|
1707
|
+
@keytab.setter
|
|
1708
|
+
def keytab(self, value: Optional[pulumi.Input['DomainsIdentityPropagationTrustKeytabArgs']]):
|
|
1709
|
+
pulumi.set(self, "keytab", value)
|
|
1710
|
+
|
|
1711
|
+
@property
|
|
1712
|
+
@pulumi.getter
|
|
1713
|
+
def metas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustMetaArgs']]]]:
|
|
1714
|
+
"""
|
|
1715
|
+
(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
|
|
1716
|
+
|
|
1717
|
+
**SCIM++ Properties:**
|
|
1718
|
+
* caseExact: false
|
|
1719
|
+
* idcsSearchable: true
|
|
1720
|
+
* multiValued: false
|
|
1721
|
+
* mutability: readOnly
|
|
1722
|
+
* required: false
|
|
1723
|
+
* returned: default
|
|
1724
|
+
* idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
|
|
1725
|
+
* type: complex
|
|
1726
|
+
"""
|
|
1727
|
+
return pulumi.get(self, "metas")
|
|
1728
|
+
|
|
1729
|
+
@metas.setter
|
|
1730
|
+
def metas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustMetaArgs']]]]):
|
|
1731
|
+
pulumi.set(self, "metas", value)
|
|
1732
|
+
|
|
1733
|
+
@property
|
|
1734
|
+
@pulumi.getter
|
|
1735
|
+
def name(self) -> Optional[pulumi.Input[str]]:
|
|
1736
|
+
"""
|
|
1737
|
+
The name of the the Identity Propagation Trust.
|
|
1738
|
+
|
|
1739
|
+
**SCIM++ Properties:**
|
|
1740
|
+
* type: string
|
|
1741
|
+
* caseExact: false
|
|
1742
|
+
* idcsSearchable: true
|
|
1743
|
+
* multiValued: false
|
|
1744
|
+
* required: true
|
|
1745
|
+
* mutability: immutable
|
|
1746
|
+
* returned: default
|
|
1747
|
+
* uniqueness: none
|
|
1748
|
+
"""
|
|
1749
|
+
return pulumi.get(self, "name")
|
|
1750
|
+
|
|
1751
|
+
@name.setter
|
|
1752
|
+
def name(self, value: Optional[pulumi.Input[str]]):
|
|
1753
|
+
pulumi.set(self, "name", value)
|
|
1754
|
+
|
|
1755
|
+
@property
|
|
1756
|
+
@pulumi.getter(name="oauthClients")
|
|
1757
|
+
def oauth_clients(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
1758
|
+
"""
|
|
1759
|
+
(Updatable) The value of all the authorized OAuth Clients.
|
|
1760
|
+
|
|
1761
|
+
**SCIM++ Properties:**
|
|
1762
|
+
* idcsSearchable: false
|
|
1763
|
+
* multiValued: true
|
|
1764
|
+
* mutability: readWrite
|
|
1765
|
+
* required: false
|
|
1766
|
+
* returned: default
|
|
1767
|
+
* type: string
|
|
1768
|
+
* uniqueness: none
|
|
1769
|
+
"""
|
|
1770
|
+
return pulumi.get(self, "oauth_clients")
|
|
1771
|
+
|
|
1772
|
+
@oauth_clients.setter
|
|
1773
|
+
def oauth_clients(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
1774
|
+
pulumi.set(self, "oauth_clients", value)
|
|
1775
|
+
|
|
1776
|
+
@property
|
|
1777
|
+
@pulumi.getter
|
|
1778
|
+
def ocid(self) -> Optional[pulumi.Input[str]]:
|
|
1779
|
+
"""
|
|
1780
|
+
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
|
|
1781
|
+
|
|
1782
|
+
**SCIM++ Properties:**
|
|
1783
|
+
* caseExact: true
|
|
1784
|
+
* idcsSearchable: true
|
|
1785
|
+
* multiValued: false
|
|
1786
|
+
* mutability: immutable
|
|
1787
|
+
* required: false
|
|
1788
|
+
* returned: default
|
|
1789
|
+
* type: string
|
|
1790
|
+
* uniqueness: global
|
|
1791
|
+
"""
|
|
1792
|
+
return pulumi.get(self, "ocid")
|
|
1793
|
+
|
|
1794
|
+
@ocid.setter
|
|
1795
|
+
def ocid(self, value: Optional[pulumi.Input[str]]):
|
|
1796
|
+
pulumi.set(self, "ocid", value)
|
|
1797
|
+
|
|
1798
|
+
@property
|
|
1799
|
+
@pulumi.getter(name="publicCertificate")
|
|
1800
|
+
def public_certificate(self) -> Optional[pulumi.Input[str]]:
|
|
1801
|
+
"""
|
|
1802
|
+
(Updatable) Store the public key if public key cert.
|
|
1803
|
+
|
|
1804
|
+
**SCIM++ Properties:**
|
|
1805
|
+
* type: string
|
|
1806
|
+
* multiValued: false
|
|
1807
|
+
* required: false
|
|
1808
|
+
* mutability: readWrite
|
|
1809
|
+
* returned: default
|
|
1810
|
+
* uniqueness: none
|
|
1811
|
+
* idcsSearchable: false
|
|
1812
|
+
"""
|
|
1813
|
+
return pulumi.get(self, "public_certificate")
|
|
1814
|
+
|
|
1815
|
+
@public_certificate.setter
|
|
1816
|
+
def public_certificate(self, value: Optional[pulumi.Input[str]]):
|
|
1817
|
+
pulumi.set(self, "public_certificate", value)
|
|
1818
|
+
|
|
1819
|
+
@property
|
|
1820
|
+
@pulumi.getter(name="publicKeyEndpoint")
|
|
1821
|
+
def public_key_endpoint(self) -> Optional[pulumi.Input[str]]:
|
|
1822
|
+
"""
|
|
1823
|
+
(Updatable) The cloud provider's public key API of SAML and OIDC providers for signature validation.
|
|
1824
|
+
|
|
1825
|
+
**SCIM++ Properties:**
|
|
1826
|
+
* type: string
|
|
1827
|
+
* multiValued: false
|
|
1828
|
+
* required: false
|
|
1829
|
+
* mutability: readWrite
|
|
1830
|
+
* returned: default
|
|
1831
|
+
* uniqueness: none
|
|
1832
|
+
* caseExact: false
|
|
1833
|
+
* idcsSearchable: false
|
|
1834
|
+
"""
|
|
1835
|
+
return pulumi.get(self, "public_key_endpoint")
|
|
1836
|
+
|
|
1837
|
+
@public_key_endpoint.setter
|
|
1838
|
+
def public_key_endpoint(self, value: Optional[pulumi.Input[str]]):
|
|
1839
|
+
pulumi.set(self, "public_key_endpoint", value)
|
|
1840
|
+
|
|
1841
|
+
@property
|
|
1842
|
+
@pulumi.getter(name="resourceTypeSchemaVersion")
|
|
1843
|
+
def resource_type_schema_version(self) -> Optional[pulumi.Input[str]]:
|
|
1844
|
+
"""
|
|
1845
|
+
(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
|
|
1846
|
+
"""
|
|
1847
|
+
return pulumi.get(self, "resource_type_schema_version")
|
|
1848
|
+
|
|
1849
|
+
@resource_type_schema_version.setter
|
|
1850
|
+
def resource_type_schema_version(self, value: Optional[pulumi.Input[str]]):
|
|
1851
|
+
pulumi.set(self, "resource_type_schema_version", value)
|
|
1852
|
+
|
|
1853
|
+
@property
|
|
1854
|
+
@pulumi.getter
|
|
1855
|
+
def schemas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
1856
|
+
"""
|
|
1857
|
+
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \\"enterprise\\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
|
|
1858
|
+
|
|
1859
|
+
**SCIM++ Properties:**
|
|
1860
|
+
* caseExact: false
|
|
1861
|
+
* idcsSearchable: false
|
|
1862
|
+
* multiValued: true
|
|
1863
|
+
* mutability: readWrite
|
|
1864
|
+
* required: true
|
|
1865
|
+
* returned: default
|
|
1866
|
+
* type: string
|
|
1867
|
+
* uniqueness: none
|
|
1868
|
+
"""
|
|
1869
|
+
return pulumi.get(self, "schemas")
|
|
1870
|
+
|
|
1871
|
+
@schemas.setter
|
|
1872
|
+
def schemas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
1873
|
+
pulumi.set(self, "schemas", value)
|
|
1874
|
+
|
|
1875
|
+
@property
|
|
1876
|
+
@pulumi.getter(name="subjectClaimName")
|
|
1877
|
+
def subject_claim_name(self) -> Optional[pulumi.Input[str]]:
|
|
1878
|
+
"""
|
|
1879
|
+
(Updatable) Used for locating the subject claim from the incoming token.
|
|
1880
|
+
|
|
1881
|
+
**SCIM++ Properties:**
|
|
1882
|
+
* type: string
|
|
1883
|
+
* multiValued: false
|
|
1884
|
+
* required: false
|
|
1885
|
+
* mutability: readWrite
|
|
1886
|
+
* returned: default
|
|
1887
|
+
* uniqueness: none
|
|
1888
|
+
* caseExact: true
|
|
1889
|
+
* idcsSearchable: false
|
|
1890
|
+
"""
|
|
1891
|
+
return pulumi.get(self, "subject_claim_name")
|
|
1892
|
+
|
|
1893
|
+
@subject_claim_name.setter
|
|
1894
|
+
def subject_claim_name(self, value: Optional[pulumi.Input[str]]):
|
|
1895
|
+
pulumi.set(self, "subject_claim_name", value)
|
|
1896
|
+
|
|
1897
|
+
@property
|
|
1898
|
+
@pulumi.getter(name="subjectMappingAttribute")
|
|
1899
|
+
def subject_mapping_attribute(self) -> Optional[pulumi.Input[str]]:
|
|
1900
|
+
"""
|
|
1901
|
+
(Updatable) Subject Mapping Attribute to which the value from subject claim name value would be used for identity lookup.
|
|
1902
|
+
|
|
1903
|
+
**SCIM++ Properties:**
|
|
1904
|
+
* type: string
|
|
1905
|
+
* multiValued: false
|
|
1906
|
+
* idcsSearchable: false
|
|
1907
|
+
* required: false
|
|
1908
|
+
* mutability: readWrite
|
|
1909
|
+
* returned: default
|
|
1910
|
+
* uniqueness: none
|
|
1911
|
+
"""
|
|
1912
|
+
return pulumi.get(self, "subject_mapping_attribute")
|
|
1913
|
+
|
|
1914
|
+
@subject_mapping_attribute.setter
|
|
1915
|
+
def subject_mapping_attribute(self, value: Optional[pulumi.Input[str]]):
|
|
1916
|
+
pulumi.set(self, "subject_mapping_attribute", value)
|
|
1917
|
+
|
|
1918
|
+
@property
|
|
1919
|
+
@pulumi.getter(name="subjectType")
|
|
1920
|
+
def subject_type(self) -> Optional[pulumi.Input[str]]:
|
|
1921
|
+
"""
|
|
1922
|
+
(Updatable) The type of the resource against which lookup will be made in the identity domain in IAM for the incoming subject claim value.
|
|
1923
|
+
|
|
1924
|
+
**SCIM++ Properties:**
|
|
1925
|
+
* idcsSearchable: false
|
|
1926
|
+
* multiValued: false
|
|
1927
|
+
* mutability: readWrite
|
|
1928
|
+
* required: false
|
|
1929
|
+
* returned: default
|
|
1930
|
+
* type: string
|
|
1931
|
+
* uniqueness: none
|
|
1932
|
+
"""
|
|
1933
|
+
return pulumi.get(self, "subject_type")
|
|
1934
|
+
|
|
1935
|
+
@subject_type.setter
|
|
1936
|
+
def subject_type(self, value: Optional[pulumi.Input[str]]):
|
|
1937
|
+
pulumi.set(self, "subject_type", value)
|
|
1938
|
+
|
|
1939
|
+
@property
|
|
1940
|
+
@pulumi.getter
|
|
1941
|
+
def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]]]:
|
|
1942
|
+
"""
|
|
1943
|
+
(Updatable) A list of tags on this resource.
|
|
1944
|
+
|
|
1945
|
+
**SCIM++ Properties:**
|
|
1946
|
+
* idcsCompositeKey: [key, value]
|
|
1947
|
+
* idcsSearchable: true
|
|
1948
|
+
* multiValued: true
|
|
1949
|
+
* mutability: readWrite
|
|
1950
|
+
* required: false
|
|
1951
|
+
* returned: request
|
|
1952
|
+
* type: complex
|
|
1953
|
+
* uniqueness: none
|
|
1954
|
+
"""
|
|
1955
|
+
return pulumi.get(self, "tags")
|
|
1956
|
+
|
|
1957
|
+
@tags.setter
|
|
1958
|
+
def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['DomainsIdentityPropagationTrustTagArgs']]]]):
|
|
1959
|
+
pulumi.set(self, "tags", value)
|
|
1960
|
+
|
|
1961
|
+
@property
|
|
1962
|
+
@pulumi.getter(name="tenancyOcid")
|
|
1963
|
+
def tenancy_ocid(self) -> Optional[pulumi.Input[str]]:
|
|
1964
|
+
"""
|
|
1965
|
+
(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
|
|
1966
|
+
|
|
1967
|
+
**SCIM++ Properties:**
|
|
1968
|
+
* caseExact: false
|
|
1969
|
+
* idcsSearchable: false
|
|
1970
|
+
* multiValued: false
|
|
1971
|
+
* mutability: readOnly
|
|
1972
|
+
* required: false
|
|
1973
|
+
* returned: default
|
|
1974
|
+
* type: string
|
|
1975
|
+
* uniqueness: none
|
|
1976
|
+
"""
|
|
1977
|
+
return pulumi.get(self, "tenancy_ocid")
|
|
1978
|
+
|
|
1979
|
+
@tenancy_ocid.setter
|
|
1980
|
+
def tenancy_ocid(self, value: Optional[pulumi.Input[str]]):
|
|
1981
|
+
pulumi.set(self, "tenancy_ocid", value)
|
|
1982
|
+
|
|
1983
|
+
@property
|
|
1984
|
+
@pulumi.getter
|
|
1985
|
+
def type(self) -> Optional[pulumi.Input[str]]:
|
|
1986
|
+
"""
|
|
1987
|
+
(Updatable) The type of the inbound token from the Identity cloud provider.
|
|
1988
|
+
|
|
1989
|
+
**SCIM++ Properties:**
|
|
1990
|
+
* caseExact: true
|
|
1991
|
+
* idcsSearchable: false
|
|
1992
|
+
* required: true
|
|
1993
|
+
* mutability: readWrite
|
|
1994
|
+
* returned: default
|
|
1995
|
+
* type: string
|
|
1996
|
+
* multiValued: false
|
|
1997
|
+
* uniqueness: none
|
|
1998
|
+
|
|
1999
|
+
|
|
2000
|
+
** IMPORTANT **
|
|
2001
|
+
Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
|
|
2002
|
+
"""
|
|
2003
|
+
return pulumi.get(self, "type")
|
|
2004
|
+
|
|
2005
|
+
@type.setter
|
|
2006
|
+
def type(self, value: Optional[pulumi.Input[str]]):
|
|
2007
|
+
pulumi.set(self, "type", value)
|
|
2008
|
+
|
|
2009
|
+
|
|
2010
|
+
class DomainsIdentityPropagationTrust(pulumi.CustomResource):
|
|
2011
|
+
@overload
|
|
2012
|
+
def __init__(__self__,
|
|
2013
|
+
resource_name: str,
|
|
2014
|
+
opts: Optional[pulumi.ResourceOptions] = None,
|
|
2015
|
+
account_id: Optional[pulumi.Input[str]] = None,
|
|
2016
|
+
active: Optional[pulumi.Input[bool]] = None,
|
|
2017
|
+
allow_impersonation: Optional[pulumi.Input[bool]] = None,
|
|
2018
|
+
attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2019
|
+
attributes: Optional[pulumi.Input[str]] = None,
|
|
2020
|
+
authorization: Optional[pulumi.Input[str]] = None,
|
|
2021
|
+
client_claim_name: Optional[pulumi.Input[str]] = None,
|
|
2022
|
+
client_claim_values: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2023
|
+
clock_skew_seconds: Optional[pulumi.Input[int]] = None,
|
|
2024
|
+
description: Optional[pulumi.Input[str]] = None,
|
|
2025
|
+
idcs_endpoint: Optional[pulumi.Input[str]] = None,
|
|
2026
|
+
impersonation_service_users: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]]] = None,
|
|
2027
|
+
issuer: Optional[pulumi.Input[str]] = None,
|
|
2028
|
+
keytab: Optional[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustKeytabArgs']]] = None,
|
|
2029
|
+
name: Optional[pulumi.Input[str]] = None,
|
|
2030
|
+
oauth_clients: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2031
|
+
ocid: Optional[pulumi.Input[str]] = None,
|
|
2032
|
+
public_certificate: Optional[pulumi.Input[str]] = None,
|
|
2033
|
+
public_key_endpoint: Optional[pulumi.Input[str]] = None,
|
|
2034
|
+
resource_type_schema_version: Optional[pulumi.Input[str]] = None,
|
|
2035
|
+
schemas: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2036
|
+
subject_claim_name: Optional[pulumi.Input[str]] = None,
|
|
2037
|
+
subject_mapping_attribute: Optional[pulumi.Input[str]] = None,
|
|
2038
|
+
subject_type: Optional[pulumi.Input[str]] = None,
|
|
2039
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustTagArgs']]]]] = None,
|
|
2040
|
+
type: Optional[pulumi.Input[str]] = None,
|
|
2041
|
+
__props__=None):
|
|
2042
|
+
"""
|
|
2043
|
+
This resource provides the Identity Propagation Trust resource in Oracle Cloud Infrastructure Identity Domains service.
|
|
2044
|
+
|
|
2045
|
+
Register a new Identity Propagation Trust configuration.
|
|
2046
|
+
|
|
2047
|
+
## Example Usage
|
|
2048
|
+
|
|
2049
|
+
```python
|
|
2050
|
+
import pulumi
|
|
2051
|
+
import pulumi_oci as oci
|
|
2052
|
+
|
|
2053
|
+
test_identity_propagation_trust = oci.identity.DomainsIdentityPropagationTrust("testIdentityPropagationTrust",
|
|
2054
|
+
idcs_endpoint=data["oci_identity_domain"]["test_domain"]["url"],
|
|
2055
|
+
issuer=var["identity_propagation_trust_issuer"],
|
|
2056
|
+
schemas=["urn:ietf:params:scim:schemas:oracle:idcs:IdentityPropagationTrust"],
|
|
2057
|
+
type=var["identity_propagation_trust_type"],
|
|
2058
|
+
account_id="accountId",
|
|
2059
|
+
active=var["identity_propagation_trust_active"],
|
|
2060
|
+
allow_impersonation=var["identity_propagation_trust_allow_impersonation"],
|
|
2061
|
+
attribute_sets=["all"],
|
|
2062
|
+
attributes="",
|
|
2063
|
+
authorization=var["identity_propagation_trust_authorization"],
|
|
2064
|
+
client_claim_name=var["identity_propagation_trust_client_claim_name"],
|
|
2065
|
+
client_claim_values=["clientClaimValues"],
|
|
2066
|
+
clock_skew_seconds=var["identity_propagation_trust_clock_skew_seconds"],
|
|
2067
|
+
description=var["identity_propagation_trust_description"],
|
|
2068
|
+
impersonation_service_users=[oci.identity.DomainsIdentityPropagationTrustImpersonationServiceUserArgs(
|
|
2069
|
+
rule=var["identity_propagation_trust_impersonation_service_users_rule"],
|
|
2070
|
+
value=oci_identity_domains_user["test_identity_propagation_trust_user"]["id"],
|
|
2071
|
+
ocid=var["identity_propagation_trust_impersonation_service_users_ocid"],
|
|
2072
|
+
)],
|
|
2073
|
+
keytab=oci.identity.DomainsIdentityPropagationTrustKeytabArgs(
|
|
2074
|
+
secret_ocid=var["identity_propagation_trust_keytab_secret_ocid"],
|
|
2075
|
+
secret_version=var["identity_propagation_trust_keytab_secret_version"],
|
|
2076
|
+
),
|
|
2077
|
+
oauth_clients=["oauthClients"],
|
|
2078
|
+
ocid=var["identity_propagation_trust_ocid"],
|
|
2079
|
+
public_certificate=var["identity_propagation_trust_public_certificate"],
|
|
2080
|
+
public_key_endpoint=var["identity_propagation_trust_public_key_endpoint"],
|
|
2081
|
+
resource_type_schema_version=var["identity_propagation_trust_resource_type_schema_version"],
|
|
2082
|
+
subject_claim_name=var["identity_propagation_trust_subject_claim_name"],
|
|
2083
|
+
subject_mapping_attribute=var["identity_propagation_trust_subject_mapping_attribute"],
|
|
2084
|
+
subject_type=var["identity_propagation_trust_subject_type"],
|
|
2085
|
+
tags=[oci.identity.DomainsIdentityPropagationTrustTagArgs(
|
|
2086
|
+
key=var["identity_propagation_trust_tags_key"],
|
|
2087
|
+
value=var["identity_propagation_trust_tags_value"],
|
|
2088
|
+
)])
|
|
2089
|
+
```
|
|
2090
|
+
|
|
2091
|
+
## Import
|
|
2092
|
+
|
|
2093
|
+
IdentityPropagationTrusts can be imported using the `id`, e.g.
|
|
2094
|
+
|
|
2095
|
+
```sh
|
|
2096
|
+
$ pulumi import oci:Identity/domainsIdentityPropagationTrust:DomainsIdentityPropagationTrust test_identity_propagation_trust "idcsEndpoint/{idcsEndpoint}/identityPropagationTrusts/{identityPropagationTrustId}"
|
|
2097
|
+
```
|
|
2098
|
+
|
|
2099
|
+
:param str resource_name: The name of the resource.
|
|
2100
|
+
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
2101
|
+
:param pulumi.Input[str] account_id: (Updatable) The Identity cloud provider service identifier, for example, the Azure Tenancy ID, AWS Account ID, or GCP Project ID.
|
|
2102
|
+
|
|
2103
|
+
**SCIM++ Properties:**
|
|
2104
|
+
* type: string
|
|
2105
|
+
* multiValued: false
|
|
2106
|
+
* required: false
|
|
2107
|
+
* mutability: readWrite
|
|
2108
|
+
* returned: default
|
|
2109
|
+
* caseExact: true
|
|
2110
|
+
* idcsSearchable: true
|
|
2111
|
+
* uniqueness: none
|
|
2112
|
+
:param pulumi.Input[bool] active: (Updatable) If true, specifies that this Identity Propagation Trust is in an enabled state. The default value is false.
|
|
2113
|
+
|
|
2114
|
+
**SCIM++ Properties:**
|
|
2115
|
+
* type: boolean
|
|
2116
|
+
* multiValued: false
|
|
2117
|
+
* required: false
|
|
2118
|
+
* mutability: readWrite
|
|
2119
|
+
* returned: default
|
|
2120
|
+
* uniqueness: none
|
|
2121
|
+
* idcsSearchable: true
|
|
2122
|
+
:param pulumi.Input[bool] allow_impersonation: (Updatable) Allow customers to define whether the resulting token should contain the authenticated user as the subject or whether the token should impersonate another Application Principal in IAM.
|
|
2123
|
+
|
|
2124
|
+
**SCIM++ Properties:**
|
|
2125
|
+
* type: boolean
|
|
2126
|
+
* multiValued: false
|
|
2127
|
+
* required: false
|
|
2128
|
+
* mutability: readWrite
|
|
2129
|
+
* returned: default
|
|
2130
|
+
* uniqueness: none
|
|
2131
|
+
* idcsSearchable: false
|
|
2132
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] attribute_sets: (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
|
|
2133
|
+
:param pulumi.Input[str] attributes: (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
|
|
2134
|
+
:param pulumi.Input[str] authorization: (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
|
|
2135
|
+
:param pulumi.Input[str] client_claim_name: (Updatable) The claim name that identifies to whom the JWT/SAML token is issued. If AWS, then \\"aud\\" or \\"client_id\\". If Azure, then \\"appid\\". If GCP, then \\"aud\\".
|
|
2136
|
+
|
|
2137
|
+
**SCIM++ Properties:**
|
|
2138
|
+
* type: string
|
|
2139
|
+
* multiValued: false
|
|
2140
|
+
* required: false
|
|
2141
|
+
* mutability: readWrite
|
|
2142
|
+
* returned: default
|
|
2143
|
+
* uniqueness: none
|
|
2144
|
+
* idcsSearchable: false
|
|
2145
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] client_claim_values: (Updatable) The value that corresponds to the client claim name used to identify to whom the token is issued.
|
|
2146
|
+
|
|
2147
|
+
**SCIM++ Properties:**
|
|
2148
|
+
* type: string
|
|
2149
|
+
* multiValued: true
|
|
2150
|
+
* required: false
|
|
2151
|
+
* mutability: readWrite
|
|
2152
|
+
* returned: default
|
|
2153
|
+
* uniqueness: none
|
|
2154
|
+
* caseExact: true
|
|
2155
|
+
* idcsSearchable: false
|
|
2156
|
+
:param pulumi.Input[int] clock_skew_seconds: (Updatable) The clock skew (in secs) that's allowed for the token issue and expiry time.
|
|
2157
|
+
|
|
2158
|
+
**Added In:** 2308181911
|
|
2159
|
+
|
|
2160
|
+
**SCIM++ Properties:**
|
|
2161
|
+
* caseExact: false
|
|
2162
|
+
* idcsSearchable: false
|
|
2163
|
+
* multiValued: false
|
|
2164
|
+
* mutability: readWrite
|
|
2165
|
+
* required: false
|
|
2166
|
+
* returned: default
|
|
2167
|
+
* type: integer
|
|
2168
|
+
* uniqueness: none
|
|
2169
|
+
:param pulumi.Input[str] description: (Updatable) The description of the Identity Propagation Trust.
|
|
2170
|
+
|
|
2171
|
+
**SCIM++ Properties:**
|
|
2172
|
+
* type: string
|
|
2173
|
+
* multiValued: false
|
|
2174
|
+
* required: false
|
|
2175
|
+
* mutability: readWrite
|
|
2176
|
+
* returned: default
|
|
2177
|
+
* uniqueness: none
|
|
2178
|
+
* caseExact: false
|
|
2179
|
+
* idcsSearchable: false
|
|
2180
|
+
:param pulumi.Input[str] idcs_endpoint: The basic endpoint for the identity domain
|
|
2181
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]] impersonation_service_users: (Updatable) The Impersonating Principal.
|
|
2182
|
+
|
|
2183
|
+
**SCIM++ Properties:**
|
|
2184
|
+
* idcsCompositeKey: [rule, value]
|
|
2185
|
+
* idcsSearchable: false
|
|
2186
|
+
* multiValued: true
|
|
2187
|
+
* mutability: readWrite
|
|
2188
|
+
* required: false
|
|
2189
|
+
* returned: request
|
|
2190
|
+
* type: complex
|
|
2191
|
+
* uniqueness: none
|
|
2192
|
+
:param pulumi.Input[str] issuer: (Updatable) The issuer claim of the Identity provider.
|
|
2193
|
+
|
|
2194
|
+
**SCIM++ Properties:**
|
|
2195
|
+
* type: string
|
|
2196
|
+
* multiValued: false
|
|
2197
|
+
* required: true
|
|
2198
|
+
* mutability: readWrite
|
|
2199
|
+
* returned: always
|
|
2200
|
+
* caseExact: true
|
|
2201
|
+
* idcsSearchable: true
|
|
2202
|
+
* uniqueness: server
|
|
2203
|
+
:param pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustKeytabArgs']] keytab: (Updatable) The keytab stored in the tenancy's Vault. This is required if the identity propagation type is 'SPNEGO'.
|
|
2204
|
+
|
|
2205
|
+
**SCIM++ Properties:**
|
|
2206
|
+
* idcsCompositeKey: [secretOcid]
|
|
2207
|
+
* idcsSearchable: false
|
|
2208
|
+
* multiValued: false
|
|
2209
|
+
* mutability: readWrite
|
|
2210
|
+
* required: false
|
|
2211
|
+
* returned: default
|
|
2212
|
+
* type: complex
|
|
2213
|
+
* uniqueness: none
|
|
2214
|
+
:param pulumi.Input[str] name: The name of the the Identity Propagation Trust.
|
|
2215
|
+
|
|
2216
|
+
**SCIM++ Properties:**
|
|
2217
|
+
* type: string
|
|
2218
|
+
* caseExact: false
|
|
2219
|
+
* idcsSearchable: true
|
|
2220
|
+
* multiValued: false
|
|
2221
|
+
* required: true
|
|
2222
|
+
* mutability: immutable
|
|
2223
|
+
* returned: default
|
|
2224
|
+
* uniqueness: none
|
|
2225
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] oauth_clients: (Updatable) The value of all the authorized OAuth Clients.
|
|
2226
|
+
|
|
2227
|
+
**SCIM++ Properties:**
|
|
2228
|
+
* idcsSearchable: false
|
|
2229
|
+
* multiValued: true
|
|
2230
|
+
* mutability: readWrite
|
|
2231
|
+
* required: false
|
|
2232
|
+
* returned: default
|
|
2233
|
+
* type: string
|
|
2234
|
+
* uniqueness: none
|
|
2235
|
+
:param pulumi.Input[str] ocid: (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
|
|
2236
|
+
|
|
2237
|
+
**SCIM++ Properties:**
|
|
2238
|
+
* caseExact: true
|
|
2239
|
+
* idcsSearchable: true
|
|
2240
|
+
* multiValued: false
|
|
2241
|
+
* mutability: immutable
|
|
2242
|
+
* required: false
|
|
2243
|
+
* returned: default
|
|
2244
|
+
* type: string
|
|
2245
|
+
* uniqueness: global
|
|
2246
|
+
:param pulumi.Input[str] public_certificate: (Updatable) Store the public key if public key cert.
|
|
2247
|
+
|
|
2248
|
+
**SCIM++ Properties:**
|
|
2249
|
+
* type: string
|
|
2250
|
+
* multiValued: false
|
|
2251
|
+
* required: false
|
|
2252
|
+
* mutability: readWrite
|
|
2253
|
+
* returned: default
|
|
2254
|
+
* uniqueness: none
|
|
2255
|
+
* idcsSearchable: false
|
|
2256
|
+
:param pulumi.Input[str] public_key_endpoint: (Updatable) The cloud provider's public key API of SAML and OIDC providers for signature validation.
|
|
2257
|
+
|
|
2258
|
+
**SCIM++ Properties:**
|
|
2259
|
+
* type: string
|
|
2260
|
+
* multiValued: false
|
|
2261
|
+
* required: false
|
|
2262
|
+
* mutability: readWrite
|
|
2263
|
+
* returned: default
|
|
2264
|
+
* uniqueness: none
|
|
2265
|
+
* caseExact: false
|
|
2266
|
+
* idcsSearchable: false
|
|
2267
|
+
:param pulumi.Input[str] resource_type_schema_version: (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
|
|
2268
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] schemas: (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \\"enterprise\\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
|
|
2269
|
+
|
|
2270
|
+
**SCIM++ Properties:**
|
|
2271
|
+
* caseExact: false
|
|
2272
|
+
* idcsSearchable: false
|
|
2273
|
+
* multiValued: true
|
|
2274
|
+
* mutability: readWrite
|
|
2275
|
+
* required: true
|
|
2276
|
+
* returned: default
|
|
2277
|
+
* type: string
|
|
2278
|
+
* uniqueness: none
|
|
2279
|
+
:param pulumi.Input[str] subject_claim_name: (Updatable) Used for locating the subject claim from the incoming token.
|
|
2280
|
+
|
|
2281
|
+
**SCIM++ Properties:**
|
|
2282
|
+
* type: string
|
|
2283
|
+
* multiValued: false
|
|
2284
|
+
* required: false
|
|
2285
|
+
* mutability: readWrite
|
|
2286
|
+
* returned: default
|
|
2287
|
+
* uniqueness: none
|
|
2288
|
+
* caseExact: true
|
|
2289
|
+
* idcsSearchable: false
|
|
2290
|
+
:param pulumi.Input[str] subject_mapping_attribute: (Updatable) Subject Mapping Attribute to which the value from subject claim name value would be used for identity lookup.
|
|
2291
|
+
|
|
2292
|
+
**SCIM++ Properties:**
|
|
2293
|
+
* type: string
|
|
2294
|
+
* multiValued: false
|
|
2295
|
+
* idcsSearchable: false
|
|
2296
|
+
* required: false
|
|
2297
|
+
* mutability: readWrite
|
|
2298
|
+
* returned: default
|
|
2299
|
+
* uniqueness: none
|
|
2300
|
+
:param pulumi.Input[str] subject_type: (Updatable) The type of the resource against which lookup will be made in the identity domain in IAM for the incoming subject claim value.
|
|
2301
|
+
|
|
2302
|
+
**SCIM++ Properties:**
|
|
2303
|
+
* idcsSearchable: false
|
|
2304
|
+
* multiValued: false
|
|
2305
|
+
* mutability: readWrite
|
|
2306
|
+
* required: false
|
|
2307
|
+
* returned: default
|
|
2308
|
+
* type: string
|
|
2309
|
+
* uniqueness: none
|
|
2310
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustTagArgs']]]] tags: (Updatable) A list of tags on this resource.
|
|
2311
|
+
|
|
2312
|
+
**SCIM++ Properties:**
|
|
2313
|
+
* idcsCompositeKey: [key, value]
|
|
2314
|
+
* idcsSearchable: true
|
|
2315
|
+
* multiValued: true
|
|
2316
|
+
* mutability: readWrite
|
|
2317
|
+
* required: false
|
|
2318
|
+
* returned: request
|
|
2319
|
+
* type: complex
|
|
2320
|
+
* uniqueness: none
|
|
2321
|
+
:param pulumi.Input[str] type: (Updatable) The type of the inbound token from the Identity cloud provider.
|
|
2322
|
+
|
|
2323
|
+
**SCIM++ Properties:**
|
|
2324
|
+
* caseExact: true
|
|
2325
|
+
* idcsSearchable: false
|
|
2326
|
+
* required: true
|
|
2327
|
+
* mutability: readWrite
|
|
2328
|
+
* returned: default
|
|
2329
|
+
* type: string
|
|
2330
|
+
* multiValued: false
|
|
2331
|
+
* uniqueness: none
|
|
2332
|
+
|
|
2333
|
+
|
|
2334
|
+
** IMPORTANT **
|
|
2335
|
+
Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
|
|
2336
|
+
"""
|
|
2337
|
+
...
|
|
2338
|
+
@overload
|
|
2339
|
+
def __init__(__self__,
|
|
2340
|
+
resource_name: str,
|
|
2341
|
+
args: DomainsIdentityPropagationTrustArgs,
|
|
2342
|
+
opts: Optional[pulumi.ResourceOptions] = None):
|
|
2343
|
+
"""
|
|
2344
|
+
This resource provides the Identity Propagation Trust resource in Oracle Cloud Infrastructure Identity Domains service.
|
|
2345
|
+
|
|
2346
|
+
Register a new Identity Propagation Trust configuration.
|
|
2347
|
+
|
|
2348
|
+
## Example Usage
|
|
2349
|
+
|
|
2350
|
+
```python
|
|
2351
|
+
import pulumi
|
|
2352
|
+
import pulumi_oci as oci
|
|
2353
|
+
|
|
2354
|
+
test_identity_propagation_trust = oci.identity.DomainsIdentityPropagationTrust("testIdentityPropagationTrust",
|
|
2355
|
+
idcs_endpoint=data["oci_identity_domain"]["test_domain"]["url"],
|
|
2356
|
+
issuer=var["identity_propagation_trust_issuer"],
|
|
2357
|
+
schemas=["urn:ietf:params:scim:schemas:oracle:idcs:IdentityPropagationTrust"],
|
|
2358
|
+
type=var["identity_propagation_trust_type"],
|
|
2359
|
+
account_id="accountId",
|
|
2360
|
+
active=var["identity_propagation_trust_active"],
|
|
2361
|
+
allow_impersonation=var["identity_propagation_trust_allow_impersonation"],
|
|
2362
|
+
attribute_sets=["all"],
|
|
2363
|
+
attributes="",
|
|
2364
|
+
authorization=var["identity_propagation_trust_authorization"],
|
|
2365
|
+
client_claim_name=var["identity_propagation_trust_client_claim_name"],
|
|
2366
|
+
client_claim_values=["clientClaimValues"],
|
|
2367
|
+
clock_skew_seconds=var["identity_propagation_trust_clock_skew_seconds"],
|
|
2368
|
+
description=var["identity_propagation_trust_description"],
|
|
2369
|
+
impersonation_service_users=[oci.identity.DomainsIdentityPropagationTrustImpersonationServiceUserArgs(
|
|
2370
|
+
rule=var["identity_propagation_trust_impersonation_service_users_rule"],
|
|
2371
|
+
value=oci_identity_domains_user["test_identity_propagation_trust_user"]["id"],
|
|
2372
|
+
ocid=var["identity_propagation_trust_impersonation_service_users_ocid"],
|
|
2373
|
+
)],
|
|
2374
|
+
keytab=oci.identity.DomainsIdentityPropagationTrustKeytabArgs(
|
|
2375
|
+
secret_ocid=var["identity_propagation_trust_keytab_secret_ocid"],
|
|
2376
|
+
secret_version=var["identity_propagation_trust_keytab_secret_version"],
|
|
2377
|
+
),
|
|
2378
|
+
oauth_clients=["oauthClients"],
|
|
2379
|
+
ocid=var["identity_propagation_trust_ocid"],
|
|
2380
|
+
public_certificate=var["identity_propagation_trust_public_certificate"],
|
|
2381
|
+
public_key_endpoint=var["identity_propagation_trust_public_key_endpoint"],
|
|
2382
|
+
resource_type_schema_version=var["identity_propagation_trust_resource_type_schema_version"],
|
|
2383
|
+
subject_claim_name=var["identity_propagation_trust_subject_claim_name"],
|
|
2384
|
+
subject_mapping_attribute=var["identity_propagation_trust_subject_mapping_attribute"],
|
|
2385
|
+
subject_type=var["identity_propagation_trust_subject_type"],
|
|
2386
|
+
tags=[oci.identity.DomainsIdentityPropagationTrustTagArgs(
|
|
2387
|
+
key=var["identity_propagation_trust_tags_key"],
|
|
2388
|
+
value=var["identity_propagation_trust_tags_value"],
|
|
2389
|
+
)])
|
|
2390
|
+
```
|
|
2391
|
+
|
|
2392
|
+
## Import
|
|
2393
|
+
|
|
2394
|
+
IdentityPropagationTrusts can be imported using the `id`, e.g.
|
|
2395
|
+
|
|
2396
|
+
```sh
|
|
2397
|
+
$ pulumi import oci:Identity/domainsIdentityPropagationTrust:DomainsIdentityPropagationTrust test_identity_propagation_trust "idcsEndpoint/{idcsEndpoint}/identityPropagationTrusts/{identityPropagationTrustId}"
|
|
2398
|
+
```
|
|
2399
|
+
|
|
2400
|
+
:param str resource_name: The name of the resource.
|
|
2401
|
+
:param DomainsIdentityPropagationTrustArgs args: The arguments to use to populate this resource's properties.
|
|
2402
|
+
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
2403
|
+
"""
|
|
2404
|
+
...
|
|
2405
|
+
def __init__(__self__, resource_name: str, *args, **kwargs):
|
|
2406
|
+
resource_args, opts = _utilities.get_resource_args_opts(DomainsIdentityPropagationTrustArgs, pulumi.ResourceOptions, *args, **kwargs)
|
|
2407
|
+
if resource_args is not None:
|
|
2408
|
+
__self__._internal_init(resource_name, opts, **resource_args.__dict__)
|
|
2409
|
+
else:
|
|
2410
|
+
__self__._internal_init(resource_name, *args, **kwargs)
|
|
2411
|
+
|
|
2412
|
+
def _internal_init(__self__,
|
|
2413
|
+
resource_name: str,
|
|
2414
|
+
opts: Optional[pulumi.ResourceOptions] = None,
|
|
2415
|
+
account_id: Optional[pulumi.Input[str]] = None,
|
|
2416
|
+
active: Optional[pulumi.Input[bool]] = None,
|
|
2417
|
+
allow_impersonation: Optional[pulumi.Input[bool]] = None,
|
|
2418
|
+
attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2419
|
+
attributes: Optional[pulumi.Input[str]] = None,
|
|
2420
|
+
authorization: Optional[pulumi.Input[str]] = None,
|
|
2421
|
+
client_claim_name: Optional[pulumi.Input[str]] = None,
|
|
2422
|
+
client_claim_values: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2423
|
+
clock_skew_seconds: Optional[pulumi.Input[int]] = None,
|
|
2424
|
+
description: Optional[pulumi.Input[str]] = None,
|
|
2425
|
+
idcs_endpoint: Optional[pulumi.Input[str]] = None,
|
|
2426
|
+
impersonation_service_users: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]]] = None,
|
|
2427
|
+
issuer: Optional[pulumi.Input[str]] = None,
|
|
2428
|
+
keytab: Optional[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustKeytabArgs']]] = None,
|
|
2429
|
+
name: Optional[pulumi.Input[str]] = None,
|
|
2430
|
+
oauth_clients: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2431
|
+
ocid: Optional[pulumi.Input[str]] = None,
|
|
2432
|
+
public_certificate: Optional[pulumi.Input[str]] = None,
|
|
2433
|
+
public_key_endpoint: Optional[pulumi.Input[str]] = None,
|
|
2434
|
+
resource_type_schema_version: Optional[pulumi.Input[str]] = None,
|
|
2435
|
+
schemas: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2436
|
+
subject_claim_name: Optional[pulumi.Input[str]] = None,
|
|
2437
|
+
subject_mapping_attribute: Optional[pulumi.Input[str]] = None,
|
|
2438
|
+
subject_type: Optional[pulumi.Input[str]] = None,
|
|
2439
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustTagArgs']]]]] = None,
|
|
2440
|
+
type: Optional[pulumi.Input[str]] = None,
|
|
2441
|
+
__props__=None):
|
|
2442
|
+
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
|
2443
|
+
if not isinstance(opts, pulumi.ResourceOptions):
|
|
2444
|
+
raise TypeError('Expected resource options to be a ResourceOptions instance')
|
|
2445
|
+
if opts.id is None:
|
|
2446
|
+
if __props__ is not None:
|
|
2447
|
+
raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
|
|
2448
|
+
__props__ = DomainsIdentityPropagationTrustArgs.__new__(DomainsIdentityPropagationTrustArgs)
|
|
2449
|
+
|
|
2450
|
+
__props__.__dict__["account_id"] = account_id
|
|
2451
|
+
__props__.__dict__["active"] = active
|
|
2452
|
+
__props__.__dict__["allow_impersonation"] = allow_impersonation
|
|
2453
|
+
__props__.__dict__["attribute_sets"] = attribute_sets
|
|
2454
|
+
__props__.__dict__["attributes"] = attributes
|
|
2455
|
+
__props__.__dict__["authorization"] = authorization
|
|
2456
|
+
__props__.__dict__["client_claim_name"] = client_claim_name
|
|
2457
|
+
__props__.__dict__["client_claim_values"] = client_claim_values
|
|
2458
|
+
__props__.__dict__["clock_skew_seconds"] = clock_skew_seconds
|
|
2459
|
+
__props__.__dict__["description"] = description
|
|
2460
|
+
if idcs_endpoint is None and not opts.urn:
|
|
2461
|
+
raise TypeError("Missing required property 'idcs_endpoint'")
|
|
2462
|
+
__props__.__dict__["idcs_endpoint"] = idcs_endpoint
|
|
2463
|
+
__props__.__dict__["impersonation_service_users"] = impersonation_service_users
|
|
2464
|
+
if issuer is None and not opts.urn:
|
|
2465
|
+
raise TypeError("Missing required property 'issuer'")
|
|
2466
|
+
__props__.__dict__["issuer"] = issuer
|
|
2467
|
+
__props__.__dict__["keytab"] = keytab
|
|
2468
|
+
__props__.__dict__["name"] = name
|
|
2469
|
+
__props__.__dict__["oauth_clients"] = oauth_clients
|
|
2470
|
+
__props__.__dict__["ocid"] = ocid
|
|
2471
|
+
__props__.__dict__["public_certificate"] = public_certificate
|
|
2472
|
+
__props__.__dict__["public_key_endpoint"] = public_key_endpoint
|
|
2473
|
+
__props__.__dict__["resource_type_schema_version"] = resource_type_schema_version
|
|
2474
|
+
if schemas is None and not opts.urn:
|
|
2475
|
+
raise TypeError("Missing required property 'schemas'")
|
|
2476
|
+
__props__.__dict__["schemas"] = schemas
|
|
2477
|
+
__props__.__dict__["subject_claim_name"] = subject_claim_name
|
|
2478
|
+
__props__.__dict__["subject_mapping_attribute"] = subject_mapping_attribute
|
|
2479
|
+
__props__.__dict__["subject_type"] = subject_type
|
|
2480
|
+
__props__.__dict__["tags"] = tags
|
|
2481
|
+
if type is None and not opts.urn:
|
|
2482
|
+
raise TypeError("Missing required property 'type'")
|
|
2483
|
+
__props__.__dict__["type"] = type
|
|
2484
|
+
__props__.__dict__["compartment_ocid"] = None
|
|
2485
|
+
__props__.__dict__["delete_in_progress"] = None
|
|
2486
|
+
__props__.__dict__["domain_ocid"] = None
|
|
2487
|
+
__props__.__dict__["idcs_created_bies"] = None
|
|
2488
|
+
__props__.__dict__["idcs_last_modified_bies"] = None
|
|
2489
|
+
__props__.__dict__["idcs_last_upgraded_in_release"] = None
|
|
2490
|
+
__props__.__dict__["idcs_prevented_operations"] = None
|
|
2491
|
+
__props__.__dict__["metas"] = None
|
|
2492
|
+
__props__.__dict__["tenancy_ocid"] = None
|
|
2493
|
+
super(DomainsIdentityPropagationTrust, __self__).__init__(
|
|
2494
|
+
'oci:Identity/domainsIdentityPropagationTrust:DomainsIdentityPropagationTrust',
|
|
2495
|
+
resource_name,
|
|
2496
|
+
__props__,
|
|
2497
|
+
opts)
|
|
2498
|
+
|
|
2499
|
+
@staticmethod
|
|
2500
|
+
def get(resource_name: str,
|
|
2501
|
+
id: pulumi.Input[str],
|
|
2502
|
+
opts: Optional[pulumi.ResourceOptions] = None,
|
|
2503
|
+
account_id: Optional[pulumi.Input[str]] = None,
|
|
2504
|
+
active: Optional[pulumi.Input[bool]] = None,
|
|
2505
|
+
allow_impersonation: Optional[pulumi.Input[bool]] = None,
|
|
2506
|
+
attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2507
|
+
attributes: Optional[pulumi.Input[str]] = None,
|
|
2508
|
+
authorization: Optional[pulumi.Input[str]] = None,
|
|
2509
|
+
client_claim_name: Optional[pulumi.Input[str]] = None,
|
|
2510
|
+
client_claim_values: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2511
|
+
clock_skew_seconds: Optional[pulumi.Input[int]] = None,
|
|
2512
|
+
compartment_ocid: Optional[pulumi.Input[str]] = None,
|
|
2513
|
+
delete_in_progress: Optional[pulumi.Input[bool]] = None,
|
|
2514
|
+
description: Optional[pulumi.Input[str]] = None,
|
|
2515
|
+
domain_ocid: Optional[pulumi.Input[str]] = None,
|
|
2516
|
+
idcs_created_bies: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustIdcsCreatedByArgs']]]]] = None,
|
|
2517
|
+
idcs_endpoint: Optional[pulumi.Input[str]] = None,
|
|
2518
|
+
idcs_last_modified_bies: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustIdcsLastModifiedByArgs']]]]] = None,
|
|
2519
|
+
idcs_last_upgraded_in_release: Optional[pulumi.Input[str]] = None,
|
|
2520
|
+
idcs_prevented_operations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2521
|
+
impersonation_service_users: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]]] = None,
|
|
2522
|
+
issuer: Optional[pulumi.Input[str]] = None,
|
|
2523
|
+
keytab: Optional[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustKeytabArgs']]] = None,
|
|
2524
|
+
metas: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustMetaArgs']]]]] = None,
|
|
2525
|
+
name: Optional[pulumi.Input[str]] = None,
|
|
2526
|
+
oauth_clients: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2527
|
+
ocid: Optional[pulumi.Input[str]] = None,
|
|
2528
|
+
public_certificate: Optional[pulumi.Input[str]] = None,
|
|
2529
|
+
public_key_endpoint: Optional[pulumi.Input[str]] = None,
|
|
2530
|
+
resource_type_schema_version: Optional[pulumi.Input[str]] = None,
|
|
2531
|
+
schemas: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
2532
|
+
subject_claim_name: Optional[pulumi.Input[str]] = None,
|
|
2533
|
+
subject_mapping_attribute: Optional[pulumi.Input[str]] = None,
|
|
2534
|
+
subject_type: Optional[pulumi.Input[str]] = None,
|
|
2535
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustTagArgs']]]]] = None,
|
|
2536
|
+
tenancy_ocid: Optional[pulumi.Input[str]] = None,
|
|
2537
|
+
type: Optional[pulumi.Input[str]] = None) -> 'DomainsIdentityPropagationTrust':
|
|
2538
|
+
"""
|
|
2539
|
+
Get an existing DomainsIdentityPropagationTrust resource's state with the given name, id, and optional extra
|
|
2540
|
+
properties used to qualify the lookup.
|
|
2541
|
+
|
|
2542
|
+
:param str resource_name: The unique name of the resulting resource.
|
|
2543
|
+
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
|
2544
|
+
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
2545
|
+
:param pulumi.Input[str] account_id: (Updatable) The Identity cloud provider service identifier, for example, the Azure Tenancy ID, AWS Account ID, or GCP Project ID.
|
|
2546
|
+
|
|
2547
|
+
**SCIM++ Properties:**
|
|
2548
|
+
* type: string
|
|
2549
|
+
* multiValued: false
|
|
2550
|
+
* required: false
|
|
2551
|
+
* mutability: readWrite
|
|
2552
|
+
* returned: default
|
|
2553
|
+
* caseExact: true
|
|
2554
|
+
* idcsSearchable: true
|
|
2555
|
+
* uniqueness: none
|
|
2556
|
+
:param pulumi.Input[bool] active: (Updatable) If true, specifies that this Identity Propagation Trust is in an enabled state. The default value is false.
|
|
2557
|
+
|
|
2558
|
+
**SCIM++ Properties:**
|
|
2559
|
+
* type: boolean
|
|
2560
|
+
* multiValued: false
|
|
2561
|
+
* required: false
|
|
2562
|
+
* mutability: readWrite
|
|
2563
|
+
* returned: default
|
|
2564
|
+
* uniqueness: none
|
|
2565
|
+
* idcsSearchable: true
|
|
2566
|
+
:param pulumi.Input[bool] allow_impersonation: (Updatable) Allow customers to define whether the resulting token should contain the authenticated user as the subject or whether the token should impersonate another Application Principal in IAM.
|
|
2567
|
+
|
|
2568
|
+
**SCIM++ Properties:**
|
|
2569
|
+
* type: boolean
|
|
2570
|
+
* multiValued: false
|
|
2571
|
+
* required: false
|
|
2572
|
+
* mutability: readWrite
|
|
2573
|
+
* returned: default
|
|
2574
|
+
* uniqueness: none
|
|
2575
|
+
* idcsSearchable: false
|
|
2576
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] attribute_sets: (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
|
|
2577
|
+
:param pulumi.Input[str] attributes: (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
|
|
2578
|
+
:param pulumi.Input[str] authorization: (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
|
|
2579
|
+
:param pulumi.Input[str] client_claim_name: (Updatable) The claim name that identifies to whom the JWT/SAML token is issued. If AWS, then \\"aud\\" or \\"client_id\\". If Azure, then \\"appid\\". If GCP, then \\"aud\\".
|
|
2580
|
+
|
|
2581
|
+
**SCIM++ Properties:**
|
|
2582
|
+
* type: string
|
|
2583
|
+
* multiValued: false
|
|
2584
|
+
* required: false
|
|
2585
|
+
* mutability: readWrite
|
|
2586
|
+
* returned: default
|
|
2587
|
+
* uniqueness: none
|
|
2588
|
+
* idcsSearchable: false
|
|
2589
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] client_claim_values: (Updatable) The value that corresponds to the client claim name used to identify to whom the token is issued.
|
|
2590
|
+
|
|
2591
|
+
**SCIM++ Properties:**
|
|
2592
|
+
* type: string
|
|
2593
|
+
* multiValued: true
|
|
2594
|
+
* required: false
|
|
2595
|
+
* mutability: readWrite
|
|
2596
|
+
* returned: default
|
|
2597
|
+
* uniqueness: none
|
|
2598
|
+
* caseExact: true
|
|
2599
|
+
* idcsSearchable: false
|
|
2600
|
+
:param pulumi.Input[int] clock_skew_seconds: (Updatable) The clock skew (in secs) that's allowed for the token issue and expiry time.
|
|
2601
|
+
|
|
2602
|
+
**Added In:** 2308181911
|
|
2603
|
+
|
|
2604
|
+
**SCIM++ Properties:**
|
|
2605
|
+
* caseExact: false
|
|
2606
|
+
* idcsSearchable: false
|
|
2607
|
+
* multiValued: false
|
|
2608
|
+
* mutability: readWrite
|
|
2609
|
+
* required: false
|
|
2610
|
+
* returned: default
|
|
2611
|
+
* type: integer
|
|
2612
|
+
* uniqueness: none
|
|
2613
|
+
:param pulumi.Input[str] compartment_ocid: (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
|
|
2614
|
+
|
|
2615
|
+
**SCIM++ Properties:**
|
|
2616
|
+
* caseExact: false
|
|
2617
|
+
* idcsSearchable: false
|
|
2618
|
+
* multiValued: false
|
|
2619
|
+
* mutability: readOnly
|
|
2620
|
+
* required: false
|
|
2621
|
+
* returned: default
|
|
2622
|
+
* type: string
|
|
2623
|
+
* uniqueness: none
|
|
2624
|
+
:param pulumi.Input[bool] delete_in_progress: (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
|
|
2625
|
+
|
|
2626
|
+
**SCIM++ Properties:**
|
|
2627
|
+
* caseExact: false
|
|
2628
|
+
* idcsSearchable: true
|
|
2629
|
+
* multiValued: false
|
|
2630
|
+
* mutability: readOnly
|
|
2631
|
+
* required: false
|
|
2632
|
+
* returned: default
|
|
2633
|
+
* type: boolean
|
|
2634
|
+
* uniqueness: none
|
|
2635
|
+
:param pulumi.Input[str] description: (Updatable) The description of the Identity Propagation Trust.
|
|
2636
|
+
|
|
2637
|
+
**SCIM++ Properties:**
|
|
2638
|
+
* type: string
|
|
2639
|
+
* multiValued: false
|
|
2640
|
+
* required: false
|
|
2641
|
+
* mutability: readWrite
|
|
2642
|
+
* returned: default
|
|
2643
|
+
* uniqueness: none
|
|
2644
|
+
* caseExact: false
|
|
2645
|
+
* idcsSearchable: false
|
|
2646
|
+
:param pulumi.Input[str] domain_ocid: (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
|
|
2647
|
+
|
|
2648
|
+
**SCIM++ Properties:**
|
|
2649
|
+
* caseExact: false
|
|
2650
|
+
* idcsSearchable: false
|
|
2651
|
+
* multiValued: false
|
|
2652
|
+
* mutability: readOnly
|
|
2653
|
+
* required: false
|
|
2654
|
+
* returned: default
|
|
2655
|
+
* type: string
|
|
2656
|
+
* uniqueness: none
|
|
2657
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustIdcsCreatedByArgs']]]] idcs_created_bies: (Updatable) The User or App who created the Resource
|
|
2658
|
+
|
|
2659
|
+
**SCIM++ Properties:**
|
|
2660
|
+
* idcsSearchable: true
|
|
2661
|
+
* multiValued: false
|
|
2662
|
+
* mutability: readOnly
|
|
2663
|
+
* required: true
|
|
2664
|
+
* returned: default
|
|
2665
|
+
* type: complex
|
|
2666
|
+
:param pulumi.Input[str] idcs_endpoint: The basic endpoint for the identity domain
|
|
2667
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustIdcsLastModifiedByArgs']]]] idcs_last_modified_bies: (Updatable) The User or App who modified the Resource
|
|
2668
|
+
|
|
2669
|
+
**SCIM++ Properties:**
|
|
2670
|
+
* idcsSearchable: true
|
|
2671
|
+
* multiValued: false
|
|
2672
|
+
* mutability: readOnly
|
|
2673
|
+
* required: false
|
|
2674
|
+
* returned: default
|
|
2675
|
+
* type: complex
|
|
2676
|
+
:param pulumi.Input[str] idcs_last_upgraded_in_release: (Updatable) The release number when the resource was upgraded.
|
|
2677
|
+
|
|
2678
|
+
**SCIM++ Properties:**
|
|
2679
|
+
* caseExact: false
|
|
2680
|
+
* idcsSearchable: false
|
|
2681
|
+
* multiValued: false
|
|
2682
|
+
* mutability: readOnly
|
|
2683
|
+
* required: false
|
|
2684
|
+
* returned: request
|
|
2685
|
+
* type: string
|
|
2686
|
+
* uniqueness: none
|
|
2687
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] idcs_prevented_operations: (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
|
|
2688
|
+
|
|
2689
|
+
**SCIM++ Properties:**
|
|
2690
|
+
* idcsSearchable: false
|
|
2691
|
+
* multiValued: true
|
|
2692
|
+
* mutability: readOnly
|
|
2693
|
+
* required: false
|
|
2694
|
+
* returned: request
|
|
2695
|
+
* type: string
|
|
2696
|
+
* uniqueness: none
|
|
2697
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustImpersonationServiceUserArgs']]]] impersonation_service_users: (Updatable) The Impersonating Principal.
|
|
2698
|
+
|
|
2699
|
+
**SCIM++ Properties:**
|
|
2700
|
+
* idcsCompositeKey: [rule, value]
|
|
2701
|
+
* idcsSearchable: false
|
|
2702
|
+
* multiValued: true
|
|
2703
|
+
* mutability: readWrite
|
|
2704
|
+
* required: false
|
|
2705
|
+
* returned: request
|
|
2706
|
+
* type: complex
|
|
2707
|
+
* uniqueness: none
|
|
2708
|
+
:param pulumi.Input[str] issuer: (Updatable) The issuer claim of the Identity provider.
|
|
2709
|
+
|
|
2710
|
+
**SCIM++ Properties:**
|
|
2711
|
+
* type: string
|
|
2712
|
+
* multiValued: false
|
|
2713
|
+
* required: true
|
|
2714
|
+
* mutability: readWrite
|
|
2715
|
+
* returned: always
|
|
2716
|
+
* caseExact: true
|
|
2717
|
+
* idcsSearchable: true
|
|
2718
|
+
* uniqueness: server
|
|
2719
|
+
:param pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustKeytabArgs']] keytab: (Updatable) The keytab stored in the tenancy's Vault. This is required if the identity propagation type is 'SPNEGO'.
|
|
2720
|
+
|
|
2721
|
+
**SCIM++ Properties:**
|
|
2722
|
+
* idcsCompositeKey: [secretOcid]
|
|
2723
|
+
* idcsSearchable: false
|
|
2724
|
+
* multiValued: false
|
|
2725
|
+
* mutability: readWrite
|
|
2726
|
+
* required: false
|
|
2727
|
+
* returned: default
|
|
2728
|
+
* type: complex
|
|
2729
|
+
* uniqueness: none
|
|
2730
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustMetaArgs']]]] metas: (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
|
|
2731
|
+
|
|
2732
|
+
**SCIM++ Properties:**
|
|
2733
|
+
* caseExact: false
|
|
2734
|
+
* idcsSearchable: true
|
|
2735
|
+
* multiValued: false
|
|
2736
|
+
* mutability: readOnly
|
|
2737
|
+
* required: false
|
|
2738
|
+
* returned: default
|
|
2739
|
+
* idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
|
|
2740
|
+
* type: complex
|
|
2741
|
+
:param pulumi.Input[str] name: The name of the the Identity Propagation Trust.
|
|
2742
|
+
|
|
2743
|
+
**SCIM++ Properties:**
|
|
2744
|
+
* type: string
|
|
2745
|
+
* caseExact: false
|
|
2746
|
+
* idcsSearchable: true
|
|
2747
|
+
* multiValued: false
|
|
2748
|
+
* required: true
|
|
2749
|
+
* mutability: immutable
|
|
2750
|
+
* returned: default
|
|
2751
|
+
* uniqueness: none
|
|
2752
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] oauth_clients: (Updatable) The value of all the authorized OAuth Clients.
|
|
2753
|
+
|
|
2754
|
+
**SCIM++ Properties:**
|
|
2755
|
+
* idcsSearchable: false
|
|
2756
|
+
* multiValued: true
|
|
2757
|
+
* mutability: readWrite
|
|
2758
|
+
* required: false
|
|
2759
|
+
* returned: default
|
|
2760
|
+
* type: string
|
|
2761
|
+
* uniqueness: none
|
|
2762
|
+
:param pulumi.Input[str] ocid: (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
|
|
2763
|
+
|
|
2764
|
+
**SCIM++ Properties:**
|
|
2765
|
+
* caseExact: true
|
|
2766
|
+
* idcsSearchable: true
|
|
2767
|
+
* multiValued: false
|
|
2768
|
+
* mutability: immutable
|
|
2769
|
+
* required: false
|
|
2770
|
+
* returned: default
|
|
2771
|
+
* type: string
|
|
2772
|
+
* uniqueness: global
|
|
2773
|
+
:param pulumi.Input[str] public_certificate: (Updatable) Store the public key if public key cert.
|
|
2774
|
+
|
|
2775
|
+
**SCIM++ Properties:**
|
|
2776
|
+
* type: string
|
|
2777
|
+
* multiValued: false
|
|
2778
|
+
* required: false
|
|
2779
|
+
* mutability: readWrite
|
|
2780
|
+
* returned: default
|
|
2781
|
+
* uniqueness: none
|
|
2782
|
+
* idcsSearchable: false
|
|
2783
|
+
:param pulumi.Input[str] public_key_endpoint: (Updatable) The cloud provider's public key API of SAML and OIDC providers for signature validation.
|
|
2784
|
+
|
|
2785
|
+
**SCIM++ Properties:**
|
|
2786
|
+
* type: string
|
|
2787
|
+
* multiValued: false
|
|
2788
|
+
* required: false
|
|
2789
|
+
* mutability: readWrite
|
|
2790
|
+
* returned: default
|
|
2791
|
+
* uniqueness: none
|
|
2792
|
+
* caseExact: false
|
|
2793
|
+
* idcsSearchable: false
|
|
2794
|
+
:param pulumi.Input[str] resource_type_schema_version: (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
|
|
2795
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] schemas: (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \\"enterprise\\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
|
|
2796
|
+
|
|
2797
|
+
**SCIM++ Properties:**
|
|
2798
|
+
* caseExact: false
|
|
2799
|
+
* idcsSearchable: false
|
|
2800
|
+
* multiValued: true
|
|
2801
|
+
* mutability: readWrite
|
|
2802
|
+
* required: true
|
|
2803
|
+
* returned: default
|
|
2804
|
+
* type: string
|
|
2805
|
+
* uniqueness: none
|
|
2806
|
+
:param pulumi.Input[str] subject_claim_name: (Updatable) Used for locating the subject claim from the incoming token.
|
|
2807
|
+
|
|
2808
|
+
**SCIM++ Properties:**
|
|
2809
|
+
* type: string
|
|
2810
|
+
* multiValued: false
|
|
2811
|
+
* required: false
|
|
2812
|
+
* mutability: readWrite
|
|
2813
|
+
* returned: default
|
|
2814
|
+
* uniqueness: none
|
|
2815
|
+
* caseExact: true
|
|
2816
|
+
* idcsSearchable: false
|
|
2817
|
+
:param pulumi.Input[str] subject_mapping_attribute: (Updatable) Subject Mapping Attribute to which the value from subject claim name value would be used for identity lookup.
|
|
2818
|
+
|
|
2819
|
+
**SCIM++ Properties:**
|
|
2820
|
+
* type: string
|
|
2821
|
+
* multiValued: false
|
|
2822
|
+
* idcsSearchable: false
|
|
2823
|
+
* required: false
|
|
2824
|
+
* mutability: readWrite
|
|
2825
|
+
* returned: default
|
|
2826
|
+
* uniqueness: none
|
|
2827
|
+
:param pulumi.Input[str] subject_type: (Updatable) The type of the resource against which lookup will be made in the identity domain in IAM for the incoming subject claim value.
|
|
2828
|
+
|
|
2829
|
+
**SCIM++ Properties:**
|
|
2830
|
+
* idcsSearchable: false
|
|
2831
|
+
* multiValued: false
|
|
2832
|
+
* mutability: readWrite
|
|
2833
|
+
* required: false
|
|
2834
|
+
* returned: default
|
|
2835
|
+
* type: string
|
|
2836
|
+
* uniqueness: none
|
|
2837
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['DomainsIdentityPropagationTrustTagArgs']]]] tags: (Updatable) A list of tags on this resource.
|
|
2838
|
+
|
|
2839
|
+
**SCIM++ Properties:**
|
|
2840
|
+
* idcsCompositeKey: [key, value]
|
|
2841
|
+
* idcsSearchable: true
|
|
2842
|
+
* multiValued: true
|
|
2843
|
+
* mutability: readWrite
|
|
2844
|
+
* required: false
|
|
2845
|
+
* returned: request
|
|
2846
|
+
* type: complex
|
|
2847
|
+
* uniqueness: none
|
|
2848
|
+
:param pulumi.Input[str] tenancy_ocid: (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
|
|
2849
|
+
|
|
2850
|
+
**SCIM++ Properties:**
|
|
2851
|
+
* caseExact: false
|
|
2852
|
+
* idcsSearchable: false
|
|
2853
|
+
* multiValued: false
|
|
2854
|
+
* mutability: readOnly
|
|
2855
|
+
* required: false
|
|
2856
|
+
* returned: default
|
|
2857
|
+
* type: string
|
|
2858
|
+
* uniqueness: none
|
|
2859
|
+
:param pulumi.Input[str] type: (Updatable) The type of the inbound token from the Identity cloud provider.
|
|
2860
|
+
|
|
2861
|
+
**SCIM++ Properties:**
|
|
2862
|
+
* caseExact: true
|
|
2863
|
+
* idcsSearchable: false
|
|
2864
|
+
* required: true
|
|
2865
|
+
* mutability: readWrite
|
|
2866
|
+
* returned: default
|
|
2867
|
+
* type: string
|
|
2868
|
+
* multiValued: false
|
|
2869
|
+
* uniqueness: none
|
|
2870
|
+
|
|
2871
|
+
|
|
2872
|
+
** IMPORTANT **
|
|
2873
|
+
Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
|
|
2874
|
+
"""
|
|
2875
|
+
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
|
2876
|
+
|
|
2877
|
+
__props__ = _DomainsIdentityPropagationTrustState.__new__(_DomainsIdentityPropagationTrustState)
|
|
2878
|
+
|
|
2879
|
+
__props__.__dict__["account_id"] = account_id
|
|
2880
|
+
__props__.__dict__["active"] = active
|
|
2881
|
+
__props__.__dict__["allow_impersonation"] = allow_impersonation
|
|
2882
|
+
__props__.__dict__["attribute_sets"] = attribute_sets
|
|
2883
|
+
__props__.__dict__["attributes"] = attributes
|
|
2884
|
+
__props__.__dict__["authorization"] = authorization
|
|
2885
|
+
__props__.__dict__["client_claim_name"] = client_claim_name
|
|
2886
|
+
__props__.__dict__["client_claim_values"] = client_claim_values
|
|
2887
|
+
__props__.__dict__["clock_skew_seconds"] = clock_skew_seconds
|
|
2888
|
+
__props__.__dict__["compartment_ocid"] = compartment_ocid
|
|
2889
|
+
__props__.__dict__["delete_in_progress"] = delete_in_progress
|
|
2890
|
+
__props__.__dict__["description"] = description
|
|
2891
|
+
__props__.__dict__["domain_ocid"] = domain_ocid
|
|
2892
|
+
__props__.__dict__["idcs_created_bies"] = idcs_created_bies
|
|
2893
|
+
__props__.__dict__["idcs_endpoint"] = idcs_endpoint
|
|
2894
|
+
__props__.__dict__["idcs_last_modified_bies"] = idcs_last_modified_bies
|
|
2895
|
+
__props__.__dict__["idcs_last_upgraded_in_release"] = idcs_last_upgraded_in_release
|
|
2896
|
+
__props__.__dict__["idcs_prevented_operations"] = idcs_prevented_operations
|
|
2897
|
+
__props__.__dict__["impersonation_service_users"] = impersonation_service_users
|
|
2898
|
+
__props__.__dict__["issuer"] = issuer
|
|
2899
|
+
__props__.__dict__["keytab"] = keytab
|
|
2900
|
+
__props__.__dict__["metas"] = metas
|
|
2901
|
+
__props__.__dict__["name"] = name
|
|
2902
|
+
__props__.__dict__["oauth_clients"] = oauth_clients
|
|
2903
|
+
__props__.__dict__["ocid"] = ocid
|
|
2904
|
+
__props__.__dict__["public_certificate"] = public_certificate
|
|
2905
|
+
__props__.__dict__["public_key_endpoint"] = public_key_endpoint
|
|
2906
|
+
__props__.__dict__["resource_type_schema_version"] = resource_type_schema_version
|
|
2907
|
+
__props__.__dict__["schemas"] = schemas
|
|
2908
|
+
__props__.__dict__["subject_claim_name"] = subject_claim_name
|
|
2909
|
+
__props__.__dict__["subject_mapping_attribute"] = subject_mapping_attribute
|
|
2910
|
+
__props__.__dict__["subject_type"] = subject_type
|
|
2911
|
+
__props__.__dict__["tags"] = tags
|
|
2912
|
+
__props__.__dict__["tenancy_ocid"] = tenancy_ocid
|
|
2913
|
+
__props__.__dict__["type"] = type
|
|
2914
|
+
return DomainsIdentityPropagationTrust(resource_name, opts=opts, __props__=__props__)
|
|
2915
|
+
|
|
2916
|
+
@property
|
|
2917
|
+
@pulumi.getter(name="accountId")
|
|
2918
|
+
def account_id(self) -> pulumi.Output[str]:
|
|
2919
|
+
"""
|
|
2920
|
+
(Updatable) The Identity cloud provider service identifier, for example, the Azure Tenancy ID, AWS Account ID, or GCP Project ID.
|
|
2921
|
+
|
|
2922
|
+
**SCIM++ Properties:**
|
|
2923
|
+
* type: string
|
|
2924
|
+
* multiValued: false
|
|
2925
|
+
* required: false
|
|
2926
|
+
* mutability: readWrite
|
|
2927
|
+
* returned: default
|
|
2928
|
+
* caseExact: true
|
|
2929
|
+
* idcsSearchable: true
|
|
2930
|
+
* uniqueness: none
|
|
2931
|
+
"""
|
|
2932
|
+
return pulumi.get(self, "account_id")
|
|
2933
|
+
|
|
2934
|
+
@property
|
|
2935
|
+
@pulumi.getter
|
|
2936
|
+
def active(self) -> pulumi.Output[bool]:
|
|
2937
|
+
"""
|
|
2938
|
+
(Updatable) If true, specifies that this Identity Propagation Trust is in an enabled state. The default value is false.
|
|
2939
|
+
|
|
2940
|
+
**SCIM++ Properties:**
|
|
2941
|
+
* type: boolean
|
|
2942
|
+
* multiValued: false
|
|
2943
|
+
* required: false
|
|
2944
|
+
* mutability: readWrite
|
|
2945
|
+
* returned: default
|
|
2946
|
+
* uniqueness: none
|
|
2947
|
+
* idcsSearchable: true
|
|
2948
|
+
"""
|
|
2949
|
+
return pulumi.get(self, "active")
|
|
2950
|
+
|
|
2951
|
+
@property
|
|
2952
|
+
@pulumi.getter(name="allowImpersonation")
|
|
2953
|
+
def allow_impersonation(self) -> pulumi.Output[bool]:
|
|
2954
|
+
"""
|
|
2955
|
+
(Updatable) Allow customers to define whether the resulting token should contain the authenticated user as the subject or whether the token should impersonate another Application Principal in IAM.
|
|
2956
|
+
|
|
2957
|
+
**SCIM++ Properties:**
|
|
2958
|
+
* type: boolean
|
|
2959
|
+
* multiValued: false
|
|
2960
|
+
* required: false
|
|
2961
|
+
* mutability: readWrite
|
|
2962
|
+
* returned: default
|
|
2963
|
+
* uniqueness: none
|
|
2964
|
+
* idcsSearchable: false
|
|
2965
|
+
"""
|
|
2966
|
+
return pulumi.get(self, "allow_impersonation")
|
|
2967
|
+
|
|
2968
|
+
@property
|
|
2969
|
+
@pulumi.getter(name="attributeSets")
|
|
2970
|
+
def attribute_sets(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
|
2971
|
+
"""
|
|
2972
|
+
(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
|
|
2973
|
+
"""
|
|
2974
|
+
return pulumi.get(self, "attribute_sets")
|
|
2975
|
+
|
|
2976
|
+
@property
|
|
2977
|
+
@pulumi.getter
|
|
2978
|
+
def attributes(self) -> pulumi.Output[Optional[str]]:
|
|
2979
|
+
"""
|
|
2980
|
+
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
|
|
2981
|
+
"""
|
|
2982
|
+
return pulumi.get(self, "attributes")
|
|
2983
|
+
|
|
2984
|
+
@property
|
|
2985
|
+
@pulumi.getter
|
|
2986
|
+
def authorization(self) -> pulumi.Output[Optional[str]]:
|
|
2987
|
+
"""
|
|
2988
|
+
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
|
|
2989
|
+
"""
|
|
2990
|
+
return pulumi.get(self, "authorization")
|
|
2991
|
+
|
|
2992
|
+
@property
|
|
2993
|
+
@pulumi.getter(name="clientClaimName")
|
|
2994
|
+
def client_claim_name(self) -> pulumi.Output[str]:
|
|
2995
|
+
"""
|
|
2996
|
+
(Updatable) The claim name that identifies to whom the JWT/SAML token is issued. If AWS, then \\"aud\\" or \\"client_id\\". If Azure, then \\"appid\\". If GCP, then \\"aud\\".
|
|
2997
|
+
|
|
2998
|
+
**SCIM++ Properties:**
|
|
2999
|
+
* type: string
|
|
3000
|
+
* multiValued: false
|
|
3001
|
+
* required: false
|
|
3002
|
+
* mutability: readWrite
|
|
3003
|
+
* returned: default
|
|
3004
|
+
* uniqueness: none
|
|
3005
|
+
* idcsSearchable: false
|
|
3006
|
+
"""
|
|
3007
|
+
return pulumi.get(self, "client_claim_name")
|
|
3008
|
+
|
|
3009
|
+
@property
|
|
3010
|
+
@pulumi.getter(name="clientClaimValues")
|
|
3011
|
+
def client_claim_values(self) -> pulumi.Output[Sequence[str]]:
|
|
3012
|
+
"""
|
|
3013
|
+
(Updatable) The value that corresponds to the client claim name used to identify to whom the token is issued.
|
|
3014
|
+
|
|
3015
|
+
**SCIM++ Properties:**
|
|
3016
|
+
* type: string
|
|
3017
|
+
* multiValued: true
|
|
3018
|
+
* required: false
|
|
3019
|
+
* mutability: readWrite
|
|
3020
|
+
* returned: default
|
|
3021
|
+
* uniqueness: none
|
|
3022
|
+
* caseExact: true
|
|
3023
|
+
* idcsSearchable: false
|
|
3024
|
+
"""
|
|
3025
|
+
return pulumi.get(self, "client_claim_values")
|
|
3026
|
+
|
|
3027
|
+
@property
|
|
3028
|
+
@pulumi.getter(name="clockSkewSeconds")
|
|
3029
|
+
def clock_skew_seconds(self) -> pulumi.Output[int]:
|
|
3030
|
+
"""
|
|
3031
|
+
(Updatable) The clock skew (in secs) that's allowed for the token issue and expiry time.
|
|
3032
|
+
|
|
3033
|
+
**Added In:** 2308181911
|
|
3034
|
+
|
|
3035
|
+
**SCIM++ Properties:**
|
|
3036
|
+
* caseExact: false
|
|
3037
|
+
* idcsSearchable: false
|
|
3038
|
+
* multiValued: false
|
|
3039
|
+
* mutability: readWrite
|
|
3040
|
+
* required: false
|
|
3041
|
+
* returned: default
|
|
3042
|
+
* type: integer
|
|
3043
|
+
* uniqueness: none
|
|
3044
|
+
"""
|
|
3045
|
+
return pulumi.get(self, "clock_skew_seconds")
|
|
3046
|
+
|
|
3047
|
+
@property
|
|
3048
|
+
@pulumi.getter(name="compartmentOcid")
|
|
3049
|
+
def compartment_ocid(self) -> pulumi.Output[str]:
|
|
3050
|
+
"""
|
|
3051
|
+
(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
|
|
3052
|
+
|
|
3053
|
+
**SCIM++ Properties:**
|
|
3054
|
+
* caseExact: false
|
|
3055
|
+
* idcsSearchable: false
|
|
3056
|
+
* multiValued: false
|
|
3057
|
+
* mutability: readOnly
|
|
3058
|
+
* required: false
|
|
3059
|
+
* returned: default
|
|
3060
|
+
* type: string
|
|
3061
|
+
* uniqueness: none
|
|
3062
|
+
"""
|
|
3063
|
+
return pulumi.get(self, "compartment_ocid")
|
|
3064
|
+
|
|
3065
|
+
@property
|
|
3066
|
+
@pulumi.getter(name="deleteInProgress")
|
|
3067
|
+
def delete_in_progress(self) -> pulumi.Output[bool]:
|
|
3068
|
+
"""
|
|
3069
|
+
(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
|
|
3070
|
+
|
|
3071
|
+
**SCIM++ Properties:**
|
|
3072
|
+
* caseExact: false
|
|
3073
|
+
* idcsSearchable: true
|
|
3074
|
+
* multiValued: false
|
|
3075
|
+
* mutability: readOnly
|
|
3076
|
+
* required: false
|
|
3077
|
+
* returned: default
|
|
3078
|
+
* type: boolean
|
|
3079
|
+
* uniqueness: none
|
|
3080
|
+
"""
|
|
3081
|
+
return pulumi.get(self, "delete_in_progress")
|
|
3082
|
+
|
|
3083
|
+
@property
|
|
3084
|
+
@pulumi.getter
|
|
3085
|
+
def description(self) -> pulumi.Output[str]:
|
|
3086
|
+
"""
|
|
3087
|
+
(Updatable) The description of the Identity Propagation Trust.
|
|
3088
|
+
|
|
3089
|
+
**SCIM++ Properties:**
|
|
3090
|
+
* type: string
|
|
3091
|
+
* multiValued: false
|
|
3092
|
+
* required: false
|
|
3093
|
+
* mutability: readWrite
|
|
3094
|
+
* returned: default
|
|
3095
|
+
* uniqueness: none
|
|
3096
|
+
* caseExact: false
|
|
3097
|
+
* idcsSearchable: false
|
|
3098
|
+
"""
|
|
3099
|
+
return pulumi.get(self, "description")
|
|
3100
|
+
|
|
3101
|
+
@property
|
|
3102
|
+
@pulumi.getter(name="domainOcid")
|
|
3103
|
+
def domain_ocid(self) -> pulumi.Output[str]:
|
|
3104
|
+
"""
|
|
3105
|
+
(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
|
|
3106
|
+
|
|
3107
|
+
**SCIM++ Properties:**
|
|
3108
|
+
* caseExact: false
|
|
3109
|
+
* idcsSearchable: false
|
|
3110
|
+
* multiValued: false
|
|
3111
|
+
* mutability: readOnly
|
|
3112
|
+
* required: false
|
|
3113
|
+
* returned: default
|
|
3114
|
+
* type: string
|
|
3115
|
+
* uniqueness: none
|
|
3116
|
+
"""
|
|
3117
|
+
return pulumi.get(self, "domain_ocid")
|
|
3118
|
+
|
|
3119
|
+
@property
|
|
3120
|
+
@pulumi.getter(name="idcsCreatedBies")
|
|
3121
|
+
def idcs_created_bies(self) -> pulumi.Output[Sequence['outputs.DomainsIdentityPropagationTrustIdcsCreatedBy']]:
|
|
3122
|
+
"""
|
|
3123
|
+
(Updatable) The User or App who created the Resource
|
|
3124
|
+
|
|
3125
|
+
**SCIM++ Properties:**
|
|
3126
|
+
* idcsSearchable: true
|
|
3127
|
+
* multiValued: false
|
|
3128
|
+
* mutability: readOnly
|
|
3129
|
+
* required: true
|
|
3130
|
+
* returned: default
|
|
3131
|
+
* type: complex
|
|
3132
|
+
"""
|
|
3133
|
+
return pulumi.get(self, "idcs_created_bies")
|
|
3134
|
+
|
|
3135
|
+
@property
|
|
3136
|
+
@pulumi.getter(name="idcsEndpoint")
|
|
3137
|
+
def idcs_endpoint(self) -> pulumi.Output[str]:
|
|
3138
|
+
"""
|
|
3139
|
+
The basic endpoint for the identity domain
|
|
3140
|
+
"""
|
|
3141
|
+
return pulumi.get(self, "idcs_endpoint")
|
|
3142
|
+
|
|
3143
|
+
@property
|
|
3144
|
+
@pulumi.getter(name="idcsLastModifiedBies")
|
|
3145
|
+
def idcs_last_modified_bies(self) -> pulumi.Output[Sequence['outputs.DomainsIdentityPropagationTrustIdcsLastModifiedBy']]:
|
|
3146
|
+
"""
|
|
3147
|
+
(Updatable) The User or App who modified the Resource
|
|
3148
|
+
|
|
3149
|
+
**SCIM++ Properties:**
|
|
3150
|
+
* idcsSearchable: true
|
|
3151
|
+
* multiValued: false
|
|
3152
|
+
* mutability: readOnly
|
|
3153
|
+
* required: false
|
|
3154
|
+
* returned: default
|
|
3155
|
+
* type: complex
|
|
3156
|
+
"""
|
|
3157
|
+
return pulumi.get(self, "idcs_last_modified_bies")
|
|
3158
|
+
|
|
3159
|
+
@property
|
|
3160
|
+
@pulumi.getter(name="idcsLastUpgradedInRelease")
|
|
3161
|
+
def idcs_last_upgraded_in_release(self) -> pulumi.Output[str]:
|
|
3162
|
+
"""
|
|
3163
|
+
(Updatable) The release number when the resource was upgraded.
|
|
3164
|
+
|
|
3165
|
+
**SCIM++ Properties:**
|
|
3166
|
+
* caseExact: false
|
|
3167
|
+
* idcsSearchable: false
|
|
3168
|
+
* multiValued: false
|
|
3169
|
+
* mutability: readOnly
|
|
3170
|
+
* required: false
|
|
3171
|
+
* returned: request
|
|
3172
|
+
* type: string
|
|
3173
|
+
* uniqueness: none
|
|
3174
|
+
"""
|
|
3175
|
+
return pulumi.get(self, "idcs_last_upgraded_in_release")
|
|
3176
|
+
|
|
3177
|
+
@property
|
|
3178
|
+
@pulumi.getter(name="idcsPreventedOperations")
|
|
3179
|
+
def idcs_prevented_operations(self) -> pulumi.Output[Sequence[str]]:
|
|
3180
|
+
"""
|
|
3181
|
+
(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
|
|
3182
|
+
|
|
3183
|
+
**SCIM++ Properties:**
|
|
3184
|
+
* idcsSearchable: false
|
|
3185
|
+
* multiValued: true
|
|
3186
|
+
* mutability: readOnly
|
|
3187
|
+
* required: false
|
|
3188
|
+
* returned: request
|
|
3189
|
+
* type: string
|
|
3190
|
+
* uniqueness: none
|
|
3191
|
+
"""
|
|
3192
|
+
return pulumi.get(self, "idcs_prevented_operations")
|
|
3193
|
+
|
|
3194
|
+
@property
|
|
3195
|
+
@pulumi.getter(name="impersonationServiceUsers")
|
|
3196
|
+
def impersonation_service_users(self) -> pulumi.Output[Sequence['outputs.DomainsIdentityPropagationTrustImpersonationServiceUser']]:
|
|
3197
|
+
"""
|
|
3198
|
+
(Updatable) The Impersonating Principal.
|
|
3199
|
+
|
|
3200
|
+
**SCIM++ Properties:**
|
|
3201
|
+
* idcsCompositeKey: [rule, value]
|
|
3202
|
+
* idcsSearchable: false
|
|
3203
|
+
* multiValued: true
|
|
3204
|
+
* mutability: readWrite
|
|
3205
|
+
* required: false
|
|
3206
|
+
* returned: request
|
|
3207
|
+
* type: complex
|
|
3208
|
+
* uniqueness: none
|
|
3209
|
+
"""
|
|
3210
|
+
return pulumi.get(self, "impersonation_service_users")
|
|
3211
|
+
|
|
3212
|
+
@property
|
|
3213
|
+
@pulumi.getter
|
|
3214
|
+
def issuer(self) -> pulumi.Output[str]:
|
|
3215
|
+
"""
|
|
3216
|
+
(Updatable) The issuer claim of the Identity provider.
|
|
3217
|
+
|
|
3218
|
+
**SCIM++ Properties:**
|
|
3219
|
+
* type: string
|
|
3220
|
+
* multiValued: false
|
|
3221
|
+
* required: true
|
|
3222
|
+
* mutability: readWrite
|
|
3223
|
+
* returned: always
|
|
3224
|
+
* caseExact: true
|
|
3225
|
+
* idcsSearchable: true
|
|
3226
|
+
* uniqueness: server
|
|
3227
|
+
"""
|
|
3228
|
+
return pulumi.get(self, "issuer")
|
|
3229
|
+
|
|
3230
|
+
@property
|
|
3231
|
+
@pulumi.getter
|
|
3232
|
+
def keytab(self) -> pulumi.Output['outputs.DomainsIdentityPropagationTrustKeytab']:
|
|
3233
|
+
"""
|
|
3234
|
+
(Updatable) The keytab stored in the tenancy's Vault. This is required if the identity propagation type is 'SPNEGO'.
|
|
3235
|
+
|
|
3236
|
+
**SCIM++ Properties:**
|
|
3237
|
+
* idcsCompositeKey: [secretOcid]
|
|
3238
|
+
* idcsSearchable: false
|
|
3239
|
+
* multiValued: false
|
|
3240
|
+
* mutability: readWrite
|
|
3241
|
+
* required: false
|
|
3242
|
+
* returned: default
|
|
3243
|
+
* type: complex
|
|
3244
|
+
* uniqueness: none
|
|
3245
|
+
"""
|
|
3246
|
+
return pulumi.get(self, "keytab")
|
|
3247
|
+
|
|
3248
|
+
@property
|
|
3249
|
+
@pulumi.getter
|
|
3250
|
+
def metas(self) -> pulumi.Output[Sequence['outputs.DomainsIdentityPropagationTrustMeta']]:
|
|
3251
|
+
"""
|
|
3252
|
+
(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
|
|
3253
|
+
|
|
3254
|
+
**SCIM++ Properties:**
|
|
3255
|
+
* caseExact: false
|
|
3256
|
+
* idcsSearchable: true
|
|
3257
|
+
* multiValued: false
|
|
3258
|
+
* mutability: readOnly
|
|
3259
|
+
* required: false
|
|
3260
|
+
* returned: default
|
|
3261
|
+
* idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
|
|
3262
|
+
* type: complex
|
|
3263
|
+
"""
|
|
3264
|
+
return pulumi.get(self, "metas")
|
|
3265
|
+
|
|
3266
|
+
@property
|
|
3267
|
+
@pulumi.getter
|
|
3268
|
+
def name(self) -> pulumi.Output[str]:
|
|
3269
|
+
"""
|
|
3270
|
+
The name of the the Identity Propagation Trust.
|
|
3271
|
+
|
|
3272
|
+
**SCIM++ Properties:**
|
|
3273
|
+
* type: string
|
|
3274
|
+
* caseExact: false
|
|
3275
|
+
* idcsSearchable: true
|
|
3276
|
+
* multiValued: false
|
|
3277
|
+
* required: true
|
|
3278
|
+
* mutability: immutable
|
|
3279
|
+
* returned: default
|
|
3280
|
+
* uniqueness: none
|
|
3281
|
+
"""
|
|
3282
|
+
return pulumi.get(self, "name")
|
|
3283
|
+
|
|
3284
|
+
@property
|
|
3285
|
+
@pulumi.getter(name="oauthClients")
|
|
3286
|
+
def oauth_clients(self) -> pulumi.Output[Sequence[str]]:
|
|
3287
|
+
"""
|
|
3288
|
+
(Updatable) The value of all the authorized OAuth Clients.
|
|
3289
|
+
|
|
3290
|
+
**SCIM++ Properties:**
|
|
3291
|
+
* idcsSearchable: false
|
|
3292
|
+
* multiValued: true
|
|
3293
|
+
* mutability: readWrite
|
|
3294
|
+
* required: false
|
|
3295
|
+
* returned: default
|
|
3296
|
+
* type: string
|
|
3297
|
+
* uniqueness: none
|
|
3298
|
+
"""
|
|
3299
|
+
return pulumi.get(self, "oauth_clients")
|
|
3300
|
+
|
|
3301
|
+
@property
|
|
3302
|
+
@pulumi.getter
|
|
3303
|
+
def ocid(self) -> pulumi.Output[str]:
|
|
3304
|
+
"""
|
|
3305
|
+
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
|
|
3306
|
+
|
|
3307
|
+
**SCIM++ Properties:**
|
|
3308
|
+
* caseExact: true
|
|
3309
|
+
* idcsSearchable: true
|
|
3310
|
+
* multiValued: false
|
|
3311
|
+
* mutability: immutable
|
|
3312
|
+
* required: false
|
|
3313
|
+
* returned: default
|
|
3314
|
+
* type: string
|
|
3315
|
+
* uniqueness: global
|
|
3316
|
+
"""
|
|
3317
|
+
return pulumi.get(self, "ocid")
|
|
3318
|
+
|
|
3319
|
+
@property
|
|
3320
|
+
@pulumi.getter(name="publicCertificate")
|
|
3321
|
+
def public_certificate(self) -> pulumi.Output[str]:
|
|
3322
|
+
"""
|
|
3323
|
+
(Updatable) Store the public key if public key cert.
|
|
3324
|
+
|
|
3325
|
+
**SCIM++ Properties:**
|
|
3326
|
+
* type: string
|
|
3327
|
+
* multiValued: false
|
|
3328
|
+
* required: false
|
|
3329
|
+
* mutability: readWrite
|
|
3330
|
+
* returned: default
|
|
3331
|
+
* uniqueness: none
|
|
3332
|
+
* idcsSearchable: false
|
|
3333
|
+
"""
|
|
3334
|
+
return pulumi.get(self, "public_certificate")
|
|
3335
|
+
|
|
3336
|
+
@property
|
|
3337
|
+
@pulumi.getter(name="publicKeyEndpoint")
|
|
3338
|
+
def public_key_endpoint(self) -> pulumi.Output[str]:
|
|
3339
|
+
"""
|
|
3340
|
+
(Updatable) The cloud provider's public key API of SAML and OIDC providers for signature validation.
|
|
3341
|
+
|
|
3342
|
+
**SCIM++ Properties:**
|
|
3343
|
+
* type: string
|
|
3344
|
+
* multiValued: false
|
|
3345
|
+
* required: false
|
|
3346
|
+
* mutability: readWrite
|
|
3347
|
+
* returned: default
|
|
3348
|
+
* uniqueness: none
|
|
3349
|
+
* caseExact: false
|
|
3350
|
+
* idcsSearchable: false
|
|
3351
|
+
"""
|
|
3352
|
+
return pulumi.get(self, "public_key_endpoint")
|
|
3353
|
+
|
|
3354
|
+
@property
|
|
3355
|
+
@pulumi.getter(name="resourceTypeSchemaVersion")
|
|
3356
|
+
def resource_type_schema_version(self) -> pulumi.Output[Optional[str]]:
|
|
3357
|
+
"""
|
|
3358
|
+
(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
|
|
3359
|
+
"""
|
|
3360
|
+
return pulumi.get(self, "resource_type_schema_version")
|
|
3361
|
+
|
|
3362
|
+
@property
|
|
3363
|
+
@pulumi.getter
|
|
3364
|
+
def schemas(self) -> pulumi.Output[Sequence[str]]:
|
|
3365
|
+
"""
|
|
3366
|
+
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \\"enterprise\\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
|
|
3367
|
+
|
|
3368
|
+
**SCIM++ Properties:**
|
|
3369
|
+
* caseExact: false
|
|
3370
|
+
* idcsSearchable: false
|
|
3371
|
+
* multiValued: true
|
|
3372
|
+
* mutability: readWrite
|
|
3373
|
+
* required: true
|
|
3374
|
+
* returned: default
|
|
3375
|
+
* type: string
|
|
3376
|
+
* uniqueness: none
|
|
3377
|
+
"""
|
|
3378
|
+
return pulumi.get(self, "schemas")
|
|
3379
|
+
|
|
3380
|
+
@property
|
|
3381
|
+
@pulumi.getter(name="subjectClaimName")
|
|
3382
|
+
def subject_claim_name(self) -> pulumi.Output[str]:
|
|
3383
|
+
"""
|
|
3384
|
+
(Updatable) Used for locating the subject claim from the incoming token.
|
|
3385
|
+
|
|
3386
|
+
**SCIM++ Properties:**
|
|
3387
|
+
* type: string
|
|
3388
|
+
* multiValued: false
|
|
3389
|
+
* required: false
|
|
3390
|
+
* mutability: readWrite
|
|
3391
|
+
* returned: default
|
|
3392
|
+
* uniqueness: none
|
|
3393
|
+
* caseExact: true
|
|
3394
|
+
* idcsSearchable: false
|
|
3395
|
+
"""
|
|
3396
|
+
return pulumi.get(self, "subject_claim_name")
|
|
3397
|
+
|
|
3398
|
+
@property
|
|
3399
|
+
@pulumi.getter(name="subjectMappingAttribute")
|
|
3400
|
+
def subject_mapping_attribute(self) -> pulumi.Output[str]:
|
|
3401
|
+
"""
|
|
3402
|
+
(Updatable) Subject Mapping Attribute to which the value from subject claim name value would be used for identity lookup.
|
|
3403
|
+
|
|
3404
|
+
**SCIM++ Properties:**
|
|
3405
|
+
* type: string
|
|
3406
|
+
* multiValued: false
|
|
3407
|
+
* idcsSearchable: false
|
|
3408
|
+
* required: false
|
|
3409
|
+
* mutability: readWrite
|
|
3410
|
+
* returned: default
|
|
3411
|
+
* uniqueness: none
|
|
3412
|
+
"""
|
|
3413
|
+
return pulumi.get(self, "subject_mapping_attribute")
|
|
3414
|
+
|
|
3415
|
+
@property
|
|
3416
|
+
@pulumi.getter(name="subjectType")
|
|
3417
|
+
def subject_type(self) -> pulumi.Output[str]:
|
|
3418
|
+
"""
|
|
3419
|
+
(Updatable) The type of the resource against which lookup will be made in the identity domain in IAM for the incoming subject claim value.
|
|
3420
|
+
|
|
3421
|
+
**SCIM++ Properties:**
|
|
3422
|
+
* idcsSearchable: false
|
|
3423
|
+
* multiValued: false
|
|
3424
|
+
* mutability: readWrite
|
|
3425
|
+
* required: false
|
|
3426
|
+
* returned: default
|
|
3427
|
+
* type: string
|
|
3428
|
+
* uniqueness: none
|
|
3429
|
+
"""
|
|
3430
|
+
return pulumi.get(self, "subject_type")
|
|
3431
|
+
|
|
3432
|
+
@property
|
|
3433
|
+
@pulumi.getter
|
|
3434
|
+
def tags(self) -> pulumi.Output[Sequence['outputs.DomainsIdentityPropagationTrustTag']]:
|
|
3435
|
+
"""
|
|
3436
|
+
(Updatable) A list of tags on this resource.
|
|
3437
|
+
|
|
3438
|
+
**SCIM++ Properties:**
|
|
3439
|
+
* idcsCompositeKey: [key, value]
|
|
3440
|
+
* idcsSearchable: true
|
|
3441
|
+
* multiValued: true
|
|
3442
|
+
* mutability: readWrite
|
|
3443
|
+
* required: false
|
|
3444
|
+
* returned: request
|
|
3445
|
+
* type: complex
|
|
3446
|
+
* uniqueness: none
|
|
3447
|
+
"""
|
|
3448
|
+
return pulumi.get(self, "tags")
|
|
3449
|
+
|
|
3450
|
+
@property
|
|
3451
|
+
@pulumi.getter(name="tenancyOcid")
|
|
3452
|
+
def tenancy_ocid(self) -> pulumi.Output[str]:
|
|
3453
|
+
"""
|
|
3454
|
+
(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
|
|
3455
|
+
|
|
3456
|
+
**SCIM++ Properties:**
|
|
3457
|
+
* caseExact: false
|
|
3458
|
+
* idcsSearchable: false
|
|
3459
|
+
* multiValued: false
|
|
3460
|
+
* mutability: readOnly
|
|
3461
|
+
* required: false
|
|
3462
|
+
* returned: default
|
|
3463
|
+
* type: string
|
|
3464
|
+
* uniqueness: none
|
|
3465
|
+
"""
|
|
3466
|
+
return pulumi.get(self, "tenancy_ocid")
|
|
3467
|
+
|
|
3468
|
+
@property
|
|
3469
|
+
@pulumi.getter
|
|
3470
|
+
def type(self) -> pulumi.Output[str]:
|
|
3471
|
+
"""
|
|
3472
|
+
(Updatable) The type of the inbound token from the Identity cloud provider.
|
|
3473
|
+
|
|
3474
|
+
**SCIM++ Properties:**
|
|
3475
|
+
* caseExact: true
|
|
3476
|
+
* idcsSearchable: false
|
|
3477
|
+
* required: true
|
|
3478
|
+
* mutability: readWrite
|
|
3479
|
+
* returned: default
|
|
3480
|
+
* type: string
|
|
3481
|
+
* multiValued: false
|
|
3482
|
+
* uniqueness: none
|
|
3483
|
+
|
|
3484
|
+
|
|
3485
|
+
** IMPORTANT **
|
|
3486
|
+
Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
|
|
3487
|
+
"""
|
|
3488
|
+
return pulumi.get(self, "type")
|
|
3489
|
+
|