Auth
Provides a resource for managing an Okta auth backend within Vault.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const example = new vault.okta.AuthBackend("example", {
description: "Demonstration of the Terraform Okta auth backend",
organization: "example",
token: "something that should be kept secret",
groups: [{
groupName: "foo",
policies: [
"one",
"two",
],
}],
users: [{
username: "bar",
groups: ["foo"],
}],
});Content copied to clipboard
import pulumi
import pulumi_vault as vault
example = vault.okta.AuthBackend("example",
description="Demonstration of the Terraform Okta auth backend",
organization="example",
token="something that should be kept secret",
groups=[vault.okta.AuthBackendGroupArgs(
group_name="foo",
policies=[
"one",
"two",
],
)],
users=[vault.okta.AuthBackendUserArgs(
username="bar",
groups=["foo"],
)])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var example = new Vault.Okta.AuthBackend("example", new()
{
Description = "Demonstration of the Terraform Okta auth backend",
Organization = "example",
Token = "something that should be kept secret",
Groups = new[]
{
new Vault.Okta.Inputs.AuthBackendGroupArgs
{
GroupName = "foo",
Policies = new[]
{
"one",
"two",
},
},
},
Users = new[]
{
new Vault.Okta.Inputs.AuthBackendUserArgs
{
Username = "bar",
Groups = new[]
{
"foo",
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/okta"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := okta.NewAuthBackend(ctx, "example", &okta.AuthBackendArgs{
Description: pulumi.String("Demonstration of the Terraform Okta auth backend"),
Organization: pulumi.String("example"),
Token: pulumi.String("something that should be kept secret"),
Groups: okta.AuthBackendGroupTypeArray{
&okta.AuthBackendGroupTypeArgs{
GroupName: pulumi.String("foo"),
Policies: pulumi.StringArray{
pulumi.String("one"),
pulumi.String("two"),
},
},
},
Users: okta.AuthBackendUserTypeArray{
&okta.AuthBackendUserTypeArgs{
Username: pulumi.String("bar"),
Groups: pulumi.StringArray{
pulumi.String("foo"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.okta.AuthBackend;
import com.pulumi.vault.okta.AuthBackendArgs;
import com.pulumi.vault.okta.inputs.AuthBackendGroupArgs;
import com.pulumi.vault.okta.inputs.AuthBackendUserArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AuthBackend("example", AuthBackendArgs.builder()
.description("Demonstration of the Terraform Okta auth backend")
.organization("example")
.token("something that should be kept secret")
.groups(AuthBackendGroupArgs.builder()
.groupName("foo")
.policies(
"one",
"two")
.build())
.users(AuthBackendUserArgs.builder()
.username("bar")
.groups("foo")
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: vault:okta:AuthBackend
properties:
description: Demonstration of the Terraform Okta auth backend
organization: example
token: something that should be kept secret
groups:
- groupName: foo
policies:
- one
- two
users:
- username: bar
groups:
- fooContent copied to clipboard
Import
Okta authentication backends can be imported using its path, e.g.
$ pulumi import vault:okta/authBackend:AuthBackend example oktaContent copied to clipboard
Properties
Link copied to clipboard
The mount accessor related to the auth mount. It is useful for integration with Identity Secrets Engine.
Link copied to clipboard
When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
Link copied to clipboard
The description of the auth backend
Link copied to clipboard
If set, opts out of mount migration on path updates. See here for more info on Mount Migration
Link copied to clipboard
Associate Okta groups with policies within Vault. See below for more details.
Link copied to clipboard
Maximum duration after which authentication will be expired See the documentation for info on valid duration formats.
Link copied to clipboard
The Okta organization. This will be the first part of the url https://XXX.okta.com
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Duration after which authentication will be expired. See the documentation for info on valid duration formats.
Link copied to clipboard
Associate Okta users with groups or policies within Vault. See below for more details.