Access
data class AccessIdentityProviderArgs(val accountId: Output<String>? = null, val configs: Output<List<AccessIdentityProviderConfigArgs>>? = null, val name: Output<String>? = null, val scimConfigs: Output<List<AccessIdentityProviderScimConfigArgs>>? = null, val type: Output<String>? = null, val zoneId: Output<String>? = null) : ConvertibleToJava<AccessIdentityProviderArgs>
Provides a Cloudflare Access Identity Provider resource. Identity Providers are used as an authentication or authorisation source within Access.
It's required that an
account_idorzone_idis provided and in most cases using either is fine. However, if you're using a scoped access token, you must provide the argument that matches the token's scope. For example, an access token that is scoped to the "example.com" zone needs to use thezone_idargument.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// one time pin
const pinLogin = new cloudflare.AccessIdentityProvider("pin_login", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "PIN login",
type: "onetimepin",
});
// oauth
const githubOauth = new cloudflare.AccessIdentityProvider("github_oauth", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "GitHub OAuth",
type: "github",
configs: [{
clientId: "example",
clientSecret: "secret_key",
}],
});
// saml
const jumpcloudSaml = new cloudflare.AccessIdentityProvider("jumpcloud_saml", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "JumpCloud SAML",
type: "saml",
configs: [{
issuerUrl: "jumpcloud",
ssoTargetUrl: "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
attributes: [
"email",
"username",
],
signRequest: false,
idpPublicCert: `MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o`,
}],
});
// okta
const okta = new cloudflare.AccessIdentityProvider("okta", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "Okta",
type: "okta",
configs: [{
clientId: "example",
clientSecret: "secret_key",
apiToken: "okta_api_token",
oktaAccount: "https://example.com",
}],
});Content copied to clipboard
import pulumi
import pulumi_cloudflare as cloudflare
# one time pin
pin_login = cloudflare.AccessIdentityProvider("pin_login",
account_id="f037e56e89293a057740de681ac9abbe",
name="PIN login",
type="onetimepin")
# oauth
github_oauth = cloudflare.AccessIdentityProvider("github_oauth",
account_id="f037e56e89293a057740de681ac9abbe",
name="GitHub OAuth",
type="github",
configs=[{
"client_id": "example",
"client_secret": "secret_key",
}])
# saml
jumpcloud_saml = cloudflare.AccessIdentityProvider("jumpcloud_saml",
account_id="f037e56e89293a057740de681ac9abbe",
name="JumpCloud SAML",
type="saml",
configs=[{
"issuer_url": "jumpcloud",
"sso_target_url": "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
"attributes": [
"email",
"username",
],
"sign_request": False,
"idp_public_cert": """MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o""",
}])
# okta
okta = cloudflare.AccessIdentityProvider("okta",
account_id="f037e56e89293a057740de681ac9abbe",
name="Okta",
type="okta",
configs=[{
"client_id": "example",
"client_secret": "secret_key",
"api_token": "okta_api_token",
"okta_account": "https://example.com",
}])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// one time pin
var pinLogin = new Cloudflare.AccessIdentityProvider("pin_login", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "PIN login",
Type = "onetimepin",
});
// oauth
var githubOauth = new Cloudflare.AccessIdentityProvider("github_oauth", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "GitHub OAuth",
Type = "github",
Configs = new[]
{
new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
{
ClientId = "example",
ClientSecret = "secret_key",
},
},
});
// saml
var jumpcloudSaml = new Cloudflare.AccessIdentityProvider("jumpcloud_saml", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "JumpCloud SAML",
Type = "saml",
Configs = new[]
{
new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
{
IssuerUrl = "jumpcloud",
SsoTargetUrl = "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
Attributes = new[]
{
"email",
"username",
},
SignRequest = false,
IdpPublicCert = @"MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o",
},
},
});
// okta
var okta = new Cloudflare.AccessIdentityProvider("okta", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "Okta",
Type = "okta",
Configs = new[]
{
new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
{
ClientId = "example",
ClientSecret = "secret_key",
ApiToken = "okta_api_token",
OktaAccount = "https://example.com",
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// one time pin
_, err := cloudflare.NewAccessIdentityProvider(ctx, "pin_login", &cloudflare.AccessIdentityProviderArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("PIN login"),
Type: pulumi.String("onetimepin"),
})
if err != nil {
return err
}
// oauth
_, err = cloudflare.NewAccessIdentityProvider(ctx, "github_oauth", &cloudflare.AccessIdentityProviderArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("GitHub OAuth"),
Type: pulumi.String("github"),
Configs: cloudflare.AccessIdentityProviderConfigArray{
&cloudflare.AccessIdentityProviderConfigArgs{
ClientId: pulumi.String("example"),
ClientSecret: pulumi.String("secret_key"),
},
},
})
if err != nil {
return err
}
// saml
_, err = cloudflare.NewAccessIdentityProvider(ctx, "jumpcloud_saml", &cloudflare.AccessIdentityProviderArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("JumpCloud SAML"),
Type: pulumi.String("saml"),
Configs: cloudflare.AccessIdentityProviderConfigArray{
&cloudflare.AccessIdentityProviderConfigArgs{
IssuerUrl: pulumi.String("jumpcloud"),
SsoTargetUrl: pulumi.String("https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess"),
Attributes: pulumi.StringArray{
pulumi.String("email"),
pulumi.String("username"),
},
SignRequest: pulumi.Bool(false),
IdpPublicCert: pulumi.String("MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg\nuTnQyuOqPuHbnN83d/2l1NSYKCbHt24o"),
},
},
})
if err != nil {
return err
}
// okta
_, err = cloudflare.NewAccessIdentityProvider(ctx, "okta", &cloudflare.AccessIdentityProviderArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("Okta"),
Type: pulumi.String("okta"),
Configs: cloudflare.AccessIdentityProviderConfigArray{
&cloudflare.AccessIdentityProviderConfigArgs{
ClientId: pulumi.String("example"),
ClientSecret: pulumi.String("secret_key"),
ApiToken: pulumi.String("okta_api_token"),
OktaAccount: pulumi.String("https://example.com"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.AccessIdentityProvider;
import com.pulumi.cloudflare.AccessIdentityProviderArgs;
import com.pulumi.cloudflare.inputs.AccessIdentityProviderConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// one time pin
var pinLogin = new AccessIdentityProvider("pinLogin", AccessIdentityProviderArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("PIN login")
.type("onetimepin")
.build());
// oauth
var githubOauth = new AccessIdentityProvider("githubOauth", AccessIdentityProviderArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("GitHub OAuth")
.type("github")
.configs(AccessIdentityProviderConfigArgs.builder()
.clientId("example")
.clientSecret("secret_key")
.build())
.build());
// saml
var jumpcloudSaml = new AccessIdentityProvider("jumpcloudSaml", AccessIdentityProviderArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("JumpCloud SAML")
.type("saml")
.configs(AccessIdentityProviderConfigArgs.builder()
.issuerUrl("jumpcloud")
.ssoTargetUrl("https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess")
.attributes(
"email",
"username")
.signRequest(false)
.idpPublicCert("""
MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o """)
.build())
.build());
// okta
var okta = new AccessIdentityProvider("okta", AccessIdentityProviderArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("Okta")
.type("okta")
.configs(AccessIdentityProviderConfigArgs.builder()
.clientId("example")
.clientSecret("secret_key")
.apiToken("okta_api_token")
.oktaAccount("https://example.com")
.build())
.build());
}
}Content copied to clipboard
resources:
# one time pin
pinLogin:
type: cloudflare:AccessIdentityProvider
name: pin_login
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: PIN login
type: onetimepin
# oauth
githubOauth:
type: cloudflare:AccessIdentityProvider
name: github_oauth
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: GitHub OAuth
type: github
configs:
- clientId: example
clientSecret: secret_key
# saml
jumpcloudSaml:
type: cloudflare:AccessIdentityProvider
name: jumpcloud_saml
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: JumpCloud SAML
type: saml
configs:
- issuerUrl: jumpcloud
ssoTargetUrl: https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess
attributes:
- email
- username
signRequest: false
idpPublicCert: |-
MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o
# okta
okta:
type: cloudflare:AccessIdentityProvider
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: Okta
type: okta
configs:
- clientId: example
clientSecret: secret_key
apiToken: okta_api_token
oktaAccount: https://example.comContent copied to clipboard
Import
$ pulumi import cloudflare:index/accessIdentityProvider:AccessIdentityProvider example <account_id>/<identity_provider_id>Content copied to clipboard
Constructors
Link copied to clipboard
constructor(accountId: Output<String>? = null, configs: Output<List<AccessIdentityProviderConfigArgs>>? = null, name: Output<String>? = null, scimConfigs: Output<List<AccessIdentityProviderScimConfigArgs>>? = null, type: Output<String>? = null, zoneId: Output<String>? = null)
Properties
Link copied to clipboard
Provider configuration from the developer documentation.
Link copied to clipboard
Configuration for SCIM settings for a given IDP.