import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * Starting with Consul 1.5.0, the `consul.AclAuthMethod` resource can be used to managed [Consul ACL auth methods](https://www.consul.io/docs/acl/auth-methods). * * ## Example Usage * * Define a `kubernetes` auth method: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const minikube = new consul.AclAuthMethod("minikube", { * name: "minikube", * type: "kubernetes", * description: "dev minikube cluster", * configJson: JSON.stringify({ * Host: "https://192.0.2.42:8443", * CACert: `-----BEGIN CERTIFICATE----- * ...-----END CERTIFICATE----- * `, * ServiceAccountJWT: "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...", * }), * }); * ``` * * Define a `jwt` auth method: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const oidc = new consul.AclAuthMethod("oidc", { * name: "auth0", * type: "oidc", * maxTokenTtl: "5m", * configJson: JSON.stringify({ * AllowedRedirectURIs: [ * "http://localhost:8550/oidc/callback", * "http://localhost:8500/ui/oidc/callback", * ], * BoundAudiences: ["V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt"], * ClaimMappings: { * "http://example.com/first_name": "first_name", * "http://example.com/last_name": "last_name", * }, * ListClaimMappings: { * "http://consul.com/groups": "groups", * }, * OIDCClientID: "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt", * OIDCClientSecret: "...(omitted)...", * OIDCDiscoveryURL: "https://my-corp-app-name.auth0.com/", * }), * }); * ``` */ export declare class AclAuthMethod extends pulumi.CustomResource { /** * Get an existing AclAuthMethod resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: AclAuthMethodState, opts?: pulumi.CustomResourceOptions): AclAuthMethod; /** * Returns true if the given object is an instance of AclAuthMethod. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is AclAuthMethod; /** * The raw configuration for this ACL auth method. * * @deprecated The config attribute is deprecated, please use `configJson` instead. */ readonly config: pulumi.Output<{ [key: string]: string; } | undefined>; /** * The raw configuration for this ACL auth method. */ readonly configJson: pulumi.Output; /** * A free form human readable description of the auth method. */ readonly description: pulumi.Output; /** * An optional name to use instead of the name attribute when displaying information about this auth method. */ readonly displayName: pulumi.Output; /** * The maximum life of any token created by this auth method. **This attribute is required and must be set to a nonzero for the OIDC auth method.** */ readonly maxTokenTtl: pulumi.Output; /** * The name of the ACL auth method. */ readonly name: pulumi.Output; /** * The namespace in which to create the auth method. */ readonly namespace: pulumi.Output; /** * A set of rules that control which namespace tokens created via this auth method will be created within. */ readonly namespaceRules: pulumi.Output; /** * The partition the ACL auth method is associated with. */ readonly partition: pulumi.Output; /** * The kind of token that this auth method produces. This can be either 'local' or 'global'. */ readonly tokenLocality: pulumi.Output; /** * The type of the ACL auth method. */ readonly type: pulumi.Output; /** * Create a AclAuthMethod resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AclAuthMethodArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering AclAuthMethod resources. */ export interface AclAuthMethodState { /** * The raw configuration for this ACL auth method. * * @deprecated The config attribute is deprecated, please use `configJson` instead. */ config?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The raw configuration for this ACL auth method. */ configJson?: pulumi.Input; /** * A free form human readable description of the auth method. */ description?: pulumi.Input; /** * An optional name to use instead of the name attribute when displaying information about this auth method. */ displayName?: pulumi.Input; /** * The maximum life of any token created by this auth method. **This attribute is required and must be set to a nonzero for the OIDC auth method.** */ maxTokenTtl?: pulumi.Input; /** * The name of the ACL auth method. */ name?: pulumi.Input; /** * The namespace in which to create the auth method. */ namespace?: pulumi.Input; /** * A set of rules that control which namespace tokens created via this auth method will be created within. */ namespaceRules?: pulumi.Input[]>; /** * The partition the ACL auth method is associated with. */ partition?: pulumi.Input; /** * The kind of token that this auth method produces. This can be either 'local' or 'global'. */ tokenLocality?: pulumi.Input; /** * The type of the ACL auth method. */ type?: pulumi.Input; } /** * The set of arguments for constructing a AclAuthMethod resource. */ export interface AclAuthMethodArgs { /** * The raw configuration for this ACL auth method. * * @deprecated The config attribute is deprecated, please use `configJson` instead. */ config?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The raw configuration for this ACL auth method. */ configJson?: pulumi.Input; /** * A free form human readable description of the auth method. */ description?: pulumi.Input; /** * An optional name to use instead of the name attribute when displaying information about this auth method. */ displayName?: pulumi.Input; /** * The maximum life of any token created by this auth method. **This attribute is required and must be set to a nonzero for the OIDC auth method.** */ maxTokenTtl?: pulumi.Input; /** * The name of the ACL auth method. */ name?: pulumi.Input; /** * The namespace in which to create the auth method. */ namespace?: pulumi.Input; /** * A set of rules that control which namespace tokens created via this auth method will be created within. */ namespaceRules?: pulumi.Input[]>; /** * The partition the ACL auth method is associated with. */ partition?: pulumi.Input; /** * The kind of token that this auth method produces. This can be either 'local' or 'global'. */ tokenLocality?: pulumi.Input; /** * The type of the ACL auth method. */ type: pulumi.Input; }