README
¶
boundary_auth_method_oidc
Refer to the Terraform Registry for docs: boundary_auth_method_oidc.
Documentation
¶
Index ¶
- func AuthMethodOidc_GenerateConfigForImport(scope constructs.Construct, importToId *string, importFromId *string, ...) cdktf.ImportableResource
- func AuthMethodOidc_IsConstruct(x interface{}) *bool
- func AuthMethodOidc_IsTerraformElement(x interface{}) *bool
- func AuthMethodOidc_IsTerraformResource(x interface{}) *bool
- func AuthMethodOidc_TfResourceType() *string
- func NewAuthMethodOidc_Override(a AuthMethodOidc, scope constructs.Construct, id *string, ...)
- type AuthMethodOidc
- type AuthMethodOidcConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthMethodOidc_GenerateConfigForImport ¶
func AuthMethodOidc_GenerateConfigForImport(scope constructs.Construct, importToId *string, importFromId *string, provider cdktf.TerraformProvider) cdktf.ImportableResource
Generates CDKTF code for importing a AuthMethodOidc resource upon running "cdktf plan <stack-name>".
func AuthMethodOidc_IsConstruct ¶
func AuthMethodOidc_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func AuthMethodOidc_IsTerraformElement ¶
func AuthMethodOidc_IsTerraformElement(x interface{}) *bool
Experimental.
func AuthMethodOidc_IsTerraformResource ¶
func AuthMethodOidc_IsTerraformResource(x interface{}) *bool
Experimental.
func AuthMethodOidc_TfResourceType ¶
func AuthMethodOidc_TfResourceType() *string
func NewAuthMethodOidc_Override ¶
func NewAuthMethodOidc_Override(a AuthMethodOidc, scope constructs.Construct, id *string, config *AuthMethodOidcConfig)
Create a new {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc boundary_auth_method_oidc} Resource.
Types ¶
type AuthMethodOidc ¶
type AuthMethodOidc interface {
cdktf.TerraformResource
AccountClaimMaps() *[]*string
SetAccountClaimMaps(val *[]*string)
AccountClaimMapsInput() *[]*string
AllowedAudiences() *[]*string
SetAllowedAudiences(val *[]*string)
AllowedAudiencesInput() *[]*string
ApiUrlPrefix() *string
SetApiUrlPrefix(val *string)
ApiUrlPrefixInput() *string
CallbackUrl() *string
SetCallbackUrl(val *string)
CallbackUrlInput() *string
// Experimental.
CdktfStack() cdktf.TerraformStack
ClaimsScopes() *[]*string
SetClaimsScopes(val *[]*string)
ClaimsScopesInput() *[]*string
ClientId() *string
SetClientId(val *string)
ClientIdInput() *string
ClientSecret() *string
SetClientSecret(val *string)
ClientSecretHmac() *string
SetClientSecretHmac(val *string)
ClientSecretHmacInput() *string
ClientSecretInput() *string
// Experimental.
Connection() interface{}
// Experimental.
SetConnection(val interface{})
// Experimental.
ConstructNodeMetadata() *map[string]interface{}
// Experimental.
Count() interface{}
// Experimental.
SetCount(val interface{})
// Experimental.
DependsOn() *[]*string
// Experimental.
SetDependsOn(val *[]*string)
Description() *string
SetDescription(val *string)
DescriptionInput() *string
DisableDiscoveredConfigValidation() interface{}
SetDisableDiscoveredConfigValidation(val interface{})
DisableDiscoveredConfigValidationInput() interface{}
// Experimental.
ForEach() cdktf.ITerraformIterator
// Experimental.
SetForEach(val cdktf.ITerraformIterator)
// Experimental.
Fqn() *string
// Experimental.
FriendlyUniqueId() *string
Id() *string
IdpCaCerts() *[]*string
SetIdpCaCerts(val *[]*string)
IdpCaCertsInput() *[]*string
IsPrimaryForScope() interface{}
SetIsPrimaryForScope(val interface{})
IsPrimaryForScopeInput() interface{}
Issuer() *string
SetIssuer(val *string)
IssuerInput() *string
// Experimental.
Lifecycle() *cdktf.TerraformResourceLifecycle
// Experimental.
SetLifecycle(val *cdktf.TerraformResourceLifecycle)
MaxAge() *float64
SetMaxAge(val *float64)
MaxAgeInput() *float64
Name() *string
SetName(val *string)
NameInput() *string
// The tree node.
Node() constructs.Node
Prompts() *[]*string
SetPrompts(val *[]*string)
PromptsInput() *[]*string
// Experimental.
Provider() cdktf.TerraformProvider
// Experimental.
SetProvider(val cdktf.TerraformProvider)
// Experimental.
Provisioners() *[]interface{}
// Experimental.
SetProvisioners(val *[]interface{})
// Experimental.
RawOverrides() interface{}
ScopeId() *string
SetScopeId(val *string)
ScopeIdInput() *string
SigningAlgorithms() *[]*string
SetSigningAlgorithms(val *[]*string)
SigningAlgorithmsInput() *[]*string
State() *string
SetState(val *string)
StateInput() *string
// Experimental.
TerraformGeneratorMetadata() *cdktf.TerraformProviderGeneratorMetadata
// Experimental.
TerraformMetaArguments() *map[string]interface{}
// Experimental.
TerraformResourceType() *string
Type() *string
SetType(val *string)
TypeInput() *string
// Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
// Experimental.
AddMoveTarget(moveTarget *string)
// Experimental.
AddOverride(path *string, value interface{})
// Experimental.
GetAnyMapAttribute(terraformAttribute *string) *map[string]interface{}
// Experimental.
GetBooleanAttribute(terraformAttribute *string) cdktf.IResolvable
// Experimental.
GetBooleanMapAttribute(terraformAttribute *string) *map[string]*bool
// Experimental.
GetListAttribute(terraformAttribute *string) *[]*string
// Experimental.
GetNumberAttribute(terraformAttribute *string) *float64
// Experimental.
GetNumberListAttribute(terraformAttribute *string) *[]*float64
// Experimental.
GetNumberMapAttribute(terraformAttribute *string) *map[string]*float64
// Experimental.
GetStringAttribute(terraformAttribute *string) *string
// Experimental.
GetStringMapAttribute(terraformAttribute *string) *map[string]*string
// Experimental.
HasResourceMove() interface{}
// Experimental.
ImportFrom(id *string, provider cdktf.TerraformProvider)
// Experimental.
InterpolationForAttribute(terraformAttribute *string) cdktf.IResolvable
// Move the resource corresponding to "id" to this resource.
//
// Note that the resource being moved from must be marked as moved using it's instance function.
// Experimental.
MoveFromId(id *string)
// Moves this resource to the target resource given by moveTarget.
// Experimental.
MoveTo(moveTarget *string, index interface{})
// Moves this resource to the resource corresponding to "id".
// Experimental.
MoveToId(id *string)
// Overrides the auto-generated logical ID with a specific ID.
// Experimental.
OverrideLogicalId(newLogicalId *string)
ResetAccountClaimMaps()
ResetAllowedAudiences()
ResetApiUrlPrefix()
ResetCallbackUrl()
ResetClaimsScopes()
ResetClientId()
ResetClientSecret()
ResetClientSecretHmac()
ResetDescription()
ResetDisableDiscoveredConfigValidation()
ResetIdpCaCerts()
ResetIsPrimaryForScope()
ResetIssuer()
ResetMaxAge()
ResetName()
// Resets a previously passed logical Id to use the auto-generated logical id again.
// Experimental.
ResetOverrideLogicalId()
ResetPrompts()
ResetSigningAlgorithms()
ResetState()
ResetType()
SynthesizeAttributes() *map[string]interface{}
SynthesizeHclAttributes() *map[string]interface{}
// Experimental.
ToHclTerraform() interface{}
// Experimental.
ToMetadata() interface{}
// Returns a string representation of this construct.
ToString() *string
// Adds this resource to the terraform JSON output.
// Experimental.
ToTerraform() interface{}
}
Represents a {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc boundary_auth_method_oidc}.
func NewAuthMethodOidc ¶
func NewAuthMethodOidc(scope constructs.Construct, id *string, config *AuthMethodOidcConfig) AuthMethodOidc
Create a new {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc boundary_auth_method_oidc} Resource.
type AuthMethodOidcConfig ¶
type AuthMethodOidcConfig struct {
// Experimental.
Connection interface{} `field:"optional" json:"connection" yaml:"connection"`
// Experimental.
Count interface{} `field:"optional" json:"count" yaml:"count"`
// Experimental.
DependsOn *[]cdktf.ITerraformDependable `field:"optional" json:"dependsOn" yaml:"dependsOn"`
// Experimental.
ForEach cdktf.ITerraformIterator `field:"optional" json:"forEach" yaml:"forEach"`
// Experimental.
Lifecycle *cdktf.TerraformResourceLifecycle `field:"optional" json:"lifecycle" yaml:"lifecycle"`
// Experimental.
Provider cdktf.TerraformProvider `field:"optional" json:"provider" yaml:"provider"`
// Experimental.
Provisioners *[]interface{} `field:"optional" json:"provisioners" yaml:"provisioners"`
// The scope ID.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#scope_id AuthMethodOidc#scope_id}
ScopeId *string `field:"required" json:"scopeId" yaml:"scopeId"`
// Account claim maps for the to_claim of sub.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#account_claim_maps AuthMethodOidc#account_claim_maps}
AccountClaimMaps *[]*string `field:"optional" json:"accountClaimMaps" yaml:"accountClaimMaps"`
// Audiences for which the provider responses will be allowed.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#allowed_audiences AuthMethodOidc#allowed_audiences}
AllowedAudiences *[]*string `field:"optional" json:"allowedAudiences" yaml:"allowedAudiences"`
// The API prefix to use when generating callback URLs for the provider.
//
// Should be set to an address at which the provider can reach back to the controller.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#api_url_prefix AuthMethodOidc#api_url_prefix}
ApiUrlPrefix *string `field:"optional" json:"apiUrlPrefix" yaml:"apiUrlPrefix"`
// The URL that should be provided to the IdP for callbacks.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#callback_url AuthMethodOidc#callback_url}
CallbackUrl *string `field:"optional" json:"callbackUrl" yaml:"callbackUrl"`
// Claims scopes.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#claims_scopes AuthMethodOidc#claims_scopes}
ClaimsScopes *[]*string `field:"optional" json:"claimsScopes" yaml:"claimsScopes"`
// The client ID assigned to this auth method from the provider.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#client_id AuthMethodOidc#client_id}
ClientId *string `field:"optional" json:"clientId" yaml:"clientId"`
// The secret key assigned to this auth method from the provider.
//
// Once set, only the hash will be kept and the original value can be removed from configuration.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#client_secret AuthMethodOidc#client_secret}
ClientSecret *string `field:"optional" json:"clientSecret" yaml:"clientSecret"`
// The HMAC of the client secret returned by the Boundary controller, which is used for comparison after initial setting of the value.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#client_secret_hmac AuthMethodOidc#client_secret_hmac}
ClientSecretHmac *string `field:"optional" json:"clientSecretHmac" yaml:"clientSecretHmac"`
// The auth method description.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#description AuthMethodOidc#description}
Description *string `field:"optional" json:"description" yaml:"description"`
// Disables validation logic ensuring that the OIDC provider's information from its discovery endpoint matches the information here.
//
// The validation is only performed at create or update time.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#disable_discovered_config_validation AuthMethodOidc#disable_discovered_config_validation}
DisableDiscoveredConfigValidation interface{} `field:"optional" json:"disableDiscoveredConfigValidation" yaml:"disableDiscoveredConfigValidation"`
// A list of CA certificates to trust when validating the IdP's token signatures.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#idp_ca_certs AuthMethodOidc#idp_ca_certs}
IdpCaCerts *[]*string `field:"optional" json:"idpCaCerts" yaml:"idpCaCerts"`
// When true, makes this auth method the primary auth method for the scope in which it resides.
//
// The primary auth method for a scope means the user will be automatically created when they login using an OIDC account.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#is_primary_for_scope AuthMethodOidc#is_primary_for_scope}
IsPrimaryForScope interface{} `field:"optional" json:"isPrimaryForScope" yaml:"isPrimaryForScope"`
// The issuer corresponding to the provider, which must match the issuer field in generated tokens.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#issuer AuthMethodOidc#issuer}
Issuer *string `field:"optional" json:"issuer" yaml:"issuer"`
// The max age to provide to the provider, indicating how much time is allowed to have passed since the last authentication before the user is challenged again.
//
// A value of 0 sets an immediate requirement for all users to reauthenticate, and an unset maxAge results in a Terraform value of -1 and the default TTL of the chosen OIDC will be used.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#max_age AuthMethodOidc#max_age}
MaxAge *float64 `field:"optional" json:"maxAge" yaml:"maxAge"`
// The auth method name. Defaults to the resource name.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#name AuthMethodOidc#name}
Name *string `field:"optional" json:"name" yaml:"name"`
// The prompts passed to the identity provider to determine whether to prompt the end-user for reauthentication, account selection or consent.
//
// Please note the values passed are case-sensitive. The valid values are: `none`, `login`, `consent` and `select_account`.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#prompts AuthMethodOidc#prompts}
Prompts *[]*string `field:"optional" json:"prompts" yaml:"prompts"`
// Allowed signing algorithms for the provider's issued tokens.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#signing_algorithms AuthMethodOidc#signing_algorithms}
SigningAlgorithms *[]*string `field:"optional" json:"signingAlgorithms" yaml:"signingAlgorithms"`
// Can be one of 'inactive', 'active-private', or 'active-public'. Currently automatically set to active-public.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#state AuthMethodOidc#state}
State *string `field:"optional" json:"state" yaml:"state"`
// The type of auth method; hardcoded.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/boundary/1.2.0/docs/resources/auth_method_oidc#type AuthMethodOidc#type}
Type *string `field:"optional" json:"type" yaml:"type"`
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.