pulumi-vault-kotlin/com.pulumi.vault.okta.kotlin/AuthBackendArgs

AuthBackendArgs

data class AuthBackendArgs(val baseUrl: Output<String>? = null, val bypassOktaMfa: Output<Boolean>? = null, val description: Output<String>? = null, val disableRemount: Output<Boolean>? = null, val groups: Output<List<AuthBackendGroupArgs>>? = null, val maxTtl: Output<String>? = null, val namespace: Output<String>? = null, val organization: Output<String>? = null, val path: Output<String>? = null, val token: Output<String>? = null, val tokenBoundCidrs: Output<List<String>>? = null, val tokenExplicitMaxTtl: Output<Int>? = null, val tokenMaxTtl: Output<Int>? = null, val tokenNoDefaultPolicy: Output<Boolean>? = null, val tokenNumUses: Output<Int>? = null, val tokenPeriod: Output<Int>? = null, val tokenPolicies: Output<List<String>>? = null, val tokenTtl: Output<Int>? = null, val tokenType: Output<String>? = null, val ttl: Output<String>? = null, val users: Output<List<AuthBackendUserArgs>>? = null) : ConvertibleToJava<AuthBackendArgs>

Provides a resource for managing an Okta auth backend within Vault.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const example = new vault.okta.AuthBackend("example", {
    description: "Demonstration of the Terraform Okta auth backend",
    organization: "example",
    token: "something that should be kept secret",
    groups: [{
        groupName: "foo",
        policies: [
            "one",
            "two",
        ],
    }],
    users: [{
        username: "bar",
        groups: ["foo"],
    }],
});

import pulumi
import pulumi_vault as vault
example = vault.okta.AuthBackend("example",
    description="Demonstration of the Terraform Okta auth backend",
    organization="example",
    token="something that should be kept secret",
    groups=[{
        "group_name": "foo",
        "policies": [
            "one",
            "two",
        ],
    }],
    users=[{
        "username": "bar",
        "groups": ["foo"],
    }])

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var example = new Vault.Okta.AuthBackend("example", new()
    {
        Description = "Demonstration of the Terraform Okta auth backend",
        Organization = "example",
        Token = "something that should be kept secret",
        Groups = new[]
        {
            new Vault.Okta.Inputs.AuthBackendGroupArgs
            {
                GroupName = "foo",
                Policies = new[]
                {
                    "one",
                    "two",
                },
            },
        },
        Users = new[]
        {
            new Vault.Okta.Inputs.AuthBackendUserArgs
            {
                Username = "bar",
                Groups = new[]
                {
                    "foo",
                },
            },
        },
    });
});

package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/okta"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := okta.NewAuthBackend(ctx, "example", &okta.AuthBackendArgs{
			Description:  pulumi.String("Demonstration of the Terraform Okta auth backend"),
			Organization: pulumi.String("example"),
			Token:        pulumi.String("something that should be kept secret"),
			Groups: okta.AuthBackendGroupTypeArray{
				&okta.AuthBackendGroupTypeArgs{
					GroupName: pulumi.String("foo"),
					Policies: pulumi.StringArray{
						pulumi.String("one"),
						pulumi.String("two"),
					},
				},
			},
			Users: okta.AuthBackendUserTypeArray{
				&okta.AuthBackendUserTypeArgs{
					Username: pulumi.String("bar"),
					Groups: pulumi.StringArray{
						pulumi.String("foo"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.okta.AuthBackend;
import com.pulumi.vault.okta.AuthBackendArgs;
import com.pulumi.vault.okta.inputs.AuthBackendGroupArgs;
import com.pulumi.vault.okta.inputs.AuthBackendUserArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new AuthBackend("example", AuthBackendArgs.builder()
            .description("Demonstration of the Terraform Okta auth backend")
            .organization("example")
            .token("something that should be kept secret")
            .groups(AuthBackendGroupArgs.builder()
                .groupName("foo")
                .policies(
                    "one",
                    "two")
                .build())
            .users(AuthBackendUserArgs.builder()
                .username("bar")
                .groups("foo")
                .build())
            .build());
    }
}

resources:
  example:
    type: vault:okta:AuthBackend
    properties:
      description: Demonstration of the Terraform Okta auth backend
      organization: example
      token: something that should be kept secret
      groups:
        - groupName: foo
          policies:
            - one
            - two
      users:
        - username: bar
          groups:
            - foo

Import

Okta authentication backends can be imported using its path, e.g.

$ pulumi import vault:okta/authBackend:AuthBackend example okta

Constructors

AuthBackendArgs

constructor(baseUrl: Output<String>? = null, bypassOktaMfa: Output<Boolean>? = null, description: Output<String>? = null, disableRemount: Output<Boolean>? = null, groups: Output<List<AuthBackendGroupArgs>>? = null, maxTtl: Output<String>? = null, namespace: Output<String>? = null, organization: Output<String>? = null, path: Output<String>? = null, token: Output<String>? = null, tokenBoundCidrs: Output<List<String>>? = null, tokenExplicitMaxTtl: Output<Int>? = null, tokenMaxTtl: Output<Int>? = null, tokenNoDefaultPolicy: Output<Boolean>? = null, tokenNumUses: Output<Int>? = null, tokenPeriod: Output<Int>? = null, tokenPolicies: Output<List<String>>? = null, tokenTtl: Output<Int>? = null, tokenType: Output<String>? = null, ttl: Output<String>? = null, users: Output<List<AuthBackendUserArgs>>? = null)

Properties

baseUrl

val baseUrl: Output<String>? = null

The Okta url. Examples: oktapreview.com, okta.com

bypassOktaMfa

val bypassOktaMfa: Output<Boolean>? = null

When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.

description

val description: Output<String>? = null

The description of the auth backend

disableRemount

val disableRemount: Output<Boolean>? = null

If set, opts out of mount migration on path updates. See here for more info on Mount Migration

groups

val groups: Output<List<AuthBackendGroupArgs>>? = null

Associate Okta groups with policies within Vault. See below for more details.

maxTtl

val ~~maxTtl~~: Output<String>? = null

Maximum duration after which authentication will be expired See the documentation for info on valid duration formats.

namespace

val namespace: Output<String>? = null

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

organization

val organization: Output<String>? = null

The Okta organization. This will be the first part of the url https://XXX.okta.com

path

val path: Output<String>? = null

Path to mount the Okta auth backend. Default to path okta.

token

val token: Output<String>? = null

The Okta API token. This is required to query Okta for user group membership. If this is not supplied only locally configured groups will be enabled.

tokenBoundCidrs