AccessIdentityProvider

Provides a Cloudflare Access Identity Provider resource. Identity Providers are used as an authentication or authorisation source within Access.

Example Usage

using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

class MyStack : Stack
{
    public MyStack()
    {
        // one time pin
        var pinLogin = new Cloudflare.AccessIdentityProvider("pinLogin", new Cloudflare.AccessIdentityProviderArgs
        {
            AccountId = "1d5fdc9e88c8a8c4518b068cd94331fe",
            Name = "PIN login",
            Type = "onetimepin",
        });
        // oauth
        var githubOauth = new Cloudflare.AccessIdentityProvider("githubOauth", new Cloudflare.AccessIdentityProviderArgs
        {
            AccountId = "1d5fdc9e88c8a8c4518b068cd94331fe",
            Configs = 
            {
                new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
                {
                    ClientId = "example",
                    ClientSecret = "secret_key",
                },
            },
            Name = "GitHub OAuth",
            Type = "github",
        });
        // saml
        var jumpcloudSaml = new Cloudflare.AccessIdentityProvider("jumpcloudSaml", new Cloudflare.AccessIdentityProviderArgs
        {
            AccountId = "1d5fdc9e88c8a8c4518b068cd94331fe",
            Configs = 
            {
                new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
                {
                    Attributes = 
                    {
                        "email",
                        "username",
                    },
                    IdpPublicCert = @"MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o
",
                    IssuerUrl = "jumpcloud",
                    SignRequest = false,
                    SsoTargetUrl = "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
                },
            },
            Name = "JumpCloud SAML",
            Type = "saml",
        });
    }

}

Coming soon!

import pulumi
import pulumi_cloudflare as cloudflare

# one time pin
pin_login = cloudflare.AccessIdentityProvider("pinLogin",
    account_id="1d5fdc9e88c8a8c4518b068cd94331fe",
    name="PIN login",
    type="onetimepin")
# oauth
github_oauth = cloudflare.AccessIdentityProvider("githubOauth",
    account_id="1d5fdc9e88c8a8c4518b068cd94331fe",
    configs=[{
        "client_id": "example",
        "client_secret": "secret_key",
    }],
    name="GitHub OAuth",
    type="github")
# saml
jumpcloud_saml = cloudflare.AccessIdentityProvider("jumpcloudSaml",
    account_id="1d5fdc9e88c8a8c4518b068cd94331fe",
    configs=[{
        "attributes": [
            "email",
            "username",
        ],
        "idpPublicCert": """MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o
""",
        "issuerUrl": "jumpcloud",
        "signRequest": False,
        "ssoTargetUrl": "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
    }],
    name="JumpCloud SAML",
    type="saml")

import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

// one time pin
const pinLogin = new cloudflare.AccessIdentityProvider("pin_login", {
    accountId: "1d5fdc9e88c8a8c4518b068cd94331fe",
    name: "PIN login",
    type: "onetimepin",
});
// oauth
const githubOauth = new cloudflare.AccessIdentityProvider("github_oauth", {
    accountId: "1d5fdc9e88c8a8c4518b068cd94331fe",
    configs: [{
        clientId: "example",
        clientSecret: "secret_key",
    }],
    name: "GitHub OAuth",
    type: "github",
});
// saml
const jumpcloudSaml = new cloudflare.AccessIdentityProvider("jumpcloud_saml", {
    accountId: "1d5fdc9e88c8a8c4518b068cd94331fe",
    configs: [{
        attributes: [
            "email",
            "username",
        ],
        idpPublicCert: `MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o`,
        issuerUrl: "jumpcloud",
        signRequest: false,
        ssoTargetUrl: "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
    }],
    name: "JumpCloud SAML",
    type: "saml",
});

Create a AccessIdentityProvider Resource

new AccessIdentityProvider(name: string, args: AccessIdentityProviderArgs, opts?: CustomResourceOptions);

def AccessIdentityProvider(resource_name, opts=None, account_id=None, configs=None, name=None, type=None, __props__=None);

func NewAccessIdentityProvider(ctx *Context, name string, args AccessIdentityProviderArgs, opts ...ResourceOption) (*AccessIdentityProvider, error)

public AccessIdentityProvider(string name, AccessIdentityProviderArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args AccessIdentityProviderArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AccessIdentityProviderArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AccessIdentityProviderArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

AccessIdentityProvider Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The AccessIdentityProvider resource accepts the following input properties:

AccountId string
Name string: Friendly name of the Access Identity Provider configuration.
Type string: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".
Configs List<AccessIdentityProviderConfigArgs>: Provider configuration from the [developer documentation][access_identity_provider_guide].

AccountId string
Name string: Friendly name of the Access Identity Provider configuration.
Type string: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".
Configs []AccessIdentityProviderConfig: Provider configuration from the [developer documentation][access_identity_provider_guide].

accountId string
name string: Friendly name of the Access Identity Provider configuration.
type string: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".
configs AccessIdentityProviderConfig[]: Provider configuration from the [developer documentation][access_identity_provider_guide].

account_id str
name str: Friendly name of the Access Identity Provider configuration.
type str: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".
configs List[AccessIdentityProviderConfig]: Provider configuration from the [developer documentation][access_identity_provider_guide].

Outputs

All input properties are implicitly available as output properties. Additionally, the AccessIdentityProvider resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

Look up an Existing AccessIdentityProvider Resource

Get an existing AccessIdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AccessIdentityProviderState, opts?: CustomResourceOptions): AccessIdentityProvider

static get(resource_name, id, opts=None, account_id=None, configs=None, name=None, type=None, __props__=None);

func GetAccessIdentityProvider(ctx *Context, name string, id IDInput, state *AccessIdentityProviderState, opts ...ResourceOption) (*AccessIdentityProvider, error)

public static AccessIdentityProvider Get(string name, Input<string> id, AccessIdentityProviderState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountId string
Configs List<AccessIdentityProviderConfigArgs>: Provider configuration from the [developer documentation][access_identity_provider_guide].
Name string: Friendly name of the Access Identity Provider configuration.
Type string: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".

AccountId string
Configs []AccessIdentityProviderConfig: Provider configuration from the [developer documentation][access_identity_provider_guide].
Name string: Friendly name of the Access Identity Provider configuration.
Type string: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".

accountId string
configs AccessIdentityProviderConfig[]: Provider configuration from the [developer documentation][access_identity_provider_guide].
name string: Friendly name of the Access Identity Provider configuration.
type string: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".

account_id str
configs List[AccessIdentityProviderConfig]: Provider configuration from the [developer documentation][access_identity_provider_guide].
name str: Friendly name of the Access Identity Provider configuration.
type str: The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".

Supporting Types

AccessIdentityProviderConfig

See the input and output API doc for this type.

Package Details

Repository: https://github.com/pulumi/pulumi-cloudflare
License: Apache-2.0
Notes: This Pulumi package is based on the cloudflare Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud