This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.

identityplatform¶

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-gcp repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-google repo.

class pulumi_gcp.identityplatform.DefaultSupportedIdpConfig(resource_name, opts=None, client_id=None, client_secret=None, enabled=None, idp_id=None, project=None, __props__=None, __name__=None, __opts__=None)¶

Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.

You must enable the Google Identity Platform in the marketplace prior to using this resource.

import pulumi
import pulumi_gcp as gcp

idp_config = gcp.identityplatform.DefaultSupportedIdpConfig("idpConfig",
    client_id="client-id",
    client_secret="secret",
    enabled=True,
    idp_id="playgames.google.com")

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – OAuth client ID
client_secret (pulumi.Input[str]) – OAuth client secret
enabled (pulumi.Input[bool]) – If this IDP allows the user to sign in
idp_id (pulumi.Input[str]) – ID of the IDP. Possible values include:

* `apple.com`
* `facebook.com`
* `gc.apple.com`
* `github.com`
* `google.com`
* `linkedin.com`
* `microsoft.com`
* `playgames.google.com`
* `twitter.com`
* `yahoo.com`

Parameters: project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

client_id: pulumi.Output[str] = None¶: OAuth client ID

client_secret: pulumi.Output[str] = None¶: OAuth client secret

enabled: pulumi.Output[bool] = None¶: If this IDP allows the user to sign in

idp_id: pulumi.Output[str] = None¶

ID of the IDP. Possible values include:

apple.com
facebook.com
gc.apple.com
github.com
google.com
linkedin.com
microsoft.com
playgames.google.com
twitter.com
yahoo.com

name: pulumi.Output[str] = None¶: The name of the DefaultSupportedIdpConfig resource

project: pulumi.Output[str] = None¶: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

static get(resource_name, id, opts=None, client_id=None, client_secret=None, enabled=None, idp_id=None, name=None, project=None)¶

Get an existing DefaultSupportedIdpConfig resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – OAuth client ID
client_secret (pulumi.Input[str]) – OAuth client secret
enabled (pulumi.Input[bool]) – If this IDP allows the user to sign in
idp_id (pulumi.Input[str]) – ID of the IDP. Possible values include:

* `apple.com`
* `facebook.com`
* `gc.apple.com`
* `github.com`
* `google.com`
* `linkedin.com`
* `microsoft.com`
* `playgames.google.com`
* `twitter.com`
* `yahoo.com`

Parameters

name (pulumi.Input[str]) – The name of the DefaultSupportedIdpConfig resource
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_gcp.identityplatform.InboundSamlConfig(resource_name, opts=None, display_name=None, enabled=None, idp_config=None, name=None, project=None, sp_config=None, __props__=None, __name__=None, __opts__=None)¶

Inbound SAML configuration for a Identity Toolkit project.

You must enable the Google Identity Platform in the marketplace prior to using this resource.

import pulumi
import pulumi_gcp as gcp

saml_config = gcp.identityplatform.InboundSamlConfig("samlConfig",
    display_name="Display Name",
    idp_config={
        "idpEntityId": "tf-idp",
        "signRequest": True,
        "ssoUrl": "https://example.com",
        "idp_certificates": [{
            "x509Certificate": (lambda path: open(path).read())("test-fixtures/rsa_cert.pem"),
        }],
    },
    sp_config={
        "spEntityId": "tf-sp",
        "callbackUri": "https://example.com",
    })

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
idp_config (pulumi.Input[dict]) – SAML IdP configuration when the project acts as the relying party Structure is documented below.
name (pulumi.Input[str]) – The name of the InboundSamlConfig resource. Must start with ‘saml.’ and can only have alphanumeric characters, hyphens, underscores or periods. The part after ‘saml.’ must also start with a lowercase letter, end with an alphanumeric character, and have at least 2 characters.
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
sp_config (pulumi.Input[dict]) – SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. Structure is documented below.

The idp_config object supports the following:

idpCertificates (pulumi.Input[list]) - The IdP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
idpEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities
signRequest (pulumi.Input[bool]) - Indicates if outbounding SAMLRequest should be signed.
ssoUrl (pulumi.Input[str]) - URL to send Authentication request to.

The sp_config object supports the following:

callbackUri (pulumi.Input[str]) - Callback URI where responses from IDP are handled. Must start with https://.
spCertificates (pulumi.Input[list]) - - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
spEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities.

display_name: pulumi.Output[str] = None¶: Human friendly display name.

enabled: pulumi.Output[bool] = None¶: If this config allows users to sign in with the provider.

idp_config: pulumi.Output[dict] = None¶

SAML IdP configuration when the project acts as the relying party Structure is documented below.

idpCertificates (list) - The IdP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (str) - - The x509 certificate
idpEntityId (str) - Unique identifier for all SAML entities
signRequest (bool) - Indicates if outbounding SAMLRequest should be signed.
ssoUrl (str) - URL to send Authentication request to.

name: pulumi.Output[str] = None¶: The name of the InboundSamlConfig resource. Must start with ‘saml.’ and can only have alphanumeric characters, hyphens, underscores or periods. The part after ‘saml.’ must also start with a lowercase letter, end with an alphanumeric character, and have at least 2 characters.

project: pulumi.Output[str] = None¶: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

sp_config: pulumi.Output[dict] = None¶

SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. Structure is documented below.

callbackUri (str) - Callback URI where responses from IDP are handled. Must start with https://.
spCertificates (list) - - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (str) - - The x509 certificate
spEntityId (str) - Unique identifier for all SAML entities.

static get(resource_name, id, opts=None, display_name=None, enabled=None, idp_config=None, name=None, project=None, sp_config=None)¶

Get an existing InboundSamlConfig resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
idp_config (pulumi.Input[dict]) – SAML IdP configuration when the project acts as the relying party Structure is documented below.
name (pulumi.Input[str]) – The name of the InboundSamlConfig resource. Must start with ‘saml.’ and can only have alphanumeric characters, hyphens, underscores or periods. The part after ‘saml.’ must also start with a lowercase letter, end with an alphanumeric character, and have at least 2 characters.
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
sp_config (pulumi.Input[dict]) – SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. Structure is documented below.

The idp_config object supports the following:

idpCertificates (pulumi.Input[list]) - The IdP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
idpEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities
signRequest (pulumi.Input[bool]) - Indicates if outbounding SAMLRequest should be signed.
ssoUrl (pulumi.Input[str]) - URL to send Authentication request to.

The sp_config object supports the following:

callbackUri (pulumi.Input[str]) - Callback URI where responses from IDP are handled. Must start with https://.
spCertificates (pulumi.Input[list]) - - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
spEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_gcp.identityplatform.OauthIdpConfig(resource_name, opts=None, client_id=None, client_secret=None, display_name=None, enabled=None, issuer=None, name=None, project=None, __props__=None, __name__=None, __opts__=None)¶

OIDC IdP configuration for a Identity Toolkit project.

You must enable the Google Identity Platform in the marketplace prior to using this resource.

import pulumi
import pulumi_gcp as gcp

oauth_idp_config = gcp.identityplatform.OauthIdpConfig("oauthIdpConfig",
    client_id="client-id",
    client_secret="secret",
    display_name="Display Name",
    enabled=True,
    issuer="issuer")

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – The client id of an OAuth client.
client_secret (pulumi.Input[str]) – The client secret of the OAuth client, to enable OIDC code flow.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
issuer (pulumi.Input[str]) – For OIDC Idps, the issuer identifier.
name (pulumi.Input[str]) – The name of the OauthIdpConfig. Must start with oidc..
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

client_id: pulumi.Output[str] = None¶: The client id of an OAuth client.

client_secret: pulumi.Output[str] = None¶: The client secret of the OAuth client, to enable OIDC code flow.

display_name: pulumi.Output[str] = None¶: Human friendly display name.

enabled: pulumi.Output[bool] = None¶: If this config allows users to sign in with the provider.

issuer: pulumi.Output[str] = None¶: For OIDC Idps, the issuer identifier.

name: pulumi.Output[str] = None¶: The name of the OauthIdpConfig. Must start with oidc..

project: pulumi.Output[str] = None¶: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

static get(resource_name, id, opts=None, client_id=None, client_secret=None, display_name=None, enabled=None, issuer=None, name=None, project=None)¶

Get an existing OauthIdpConfig resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – The client id of an OAuth client.
client_secret (pulumi.Input[str]) – The client secret of the OAuth client, to enable OIDC code flow.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
issuer (pulumi.Input[str]) – For OIDC Idps, the issuer identifier.
name (pulumi.Input[str]) – The name of the OauthIdpConfig. Must start with oidc..
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_gcp.identityplatform.Tenant(resource_name, opts=None, allow_password_signup=None, disable_auth=None, display_name=None, enable_email_link_signin=None, project=None, __props__=None, __name__=None, __opts__=None)¶

Tenant configuration in a multi-tenant project.

You must enable the Google Identity Platform in the marketplace prior to using this resource.

You must enable multi-tenancy via the Cloud Console prior to creating tenants.

import pulumi
import pulumi_gcp as gcp

tenant = gcp.identityplatform.Tenant("tenant",
    allow_password_signup=True,
    display_name="tenant")

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
allow_password_signup (pulumi.Input[bool]) – Whether to allow email/password user authentication.
disable_auth (pulumi.Input[bool]) – Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
display_name (pulumi.Input[str]) – Human friendly display name of the tenant.
enable_email_link_signin (pulumi.Input[bool]) – Whether to enable email link user authentication.
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

allow_password_signup: pulumi.Output[bool] = None¶: Whether to allow email/password user authentication.

disable_auth: pulumi.Output[bool] = None¶: Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.

display_name: pulumi.Output[str] = None¶: Human friendly display name of the tenant.

enable_email_link_signin: pulumi.Output[bool] = None¶: Whether to enable email link user authentication.

name: pulumi.Output[str] = None¶: The name of the tenant that is generated by the server

project: pulumi.Output[str] = None¶: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

static get(resource_name, id, opts=None, allow_password_signup=None, disable_auth=None, display_name=None, enable_email_link_signin=None, name=None, project=None)¶

Get an existing Tenant resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
allow_password_signup (pulumi.Input[bool]) – Whether to allow email/password user authentication.
disable_auth (pulumi.Input[bool]) – Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
display_name (pulumi.Input[str]) – Human friendly display name of the tenant.
enable_email_link_signin (pulumi.Input[bool]) – Whether to enable email link user authentication.
name (pulumi.Input[str]) – The name of the tenant that is generated by the server
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_gcp.identityplatform.TenantDefaultSupportedIdpConfig(resource_name, opts=None, client_id=None, client_secret=None, enabled=None, idp_id=None, project=None, tenant=None, __props__=None, __name__=None, __opts__=None)¶

Configurations options for the tenant for authenticating with a the standard set of Identity Toolkit-trusted IDPs.

You must enable the Google Identity Platform in the marketplace prior to using this resource.

import pulumi
import pulumi_gcp as gcp

tenant = gcp.identityplatform.Tenant("tenant", display_name="tenant")
idp_config = gcp.identityplatform.TenantDefaultSupportedIdpConfig("idpConfig",
    enabled=True,
    tenant=tenant.name,
    idp_id="playgames.google.com",
    client_id="my-client-id",
    client_secret="secret")

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – OAuth client ID
client_secret (pulumi.Input[str]) – OAuth client secret
enabled (pulumi.Input[bool]) – If this IDP allows the user to sign in
idp_id (pulumi.Input[str]) – ID of the IDP. Possible values include:

* `apple.com`
* `facebook.com`
* `gc.apple.com`
* `github.com`
* `google.com`
* `linkedin.com`
* `microsoft.com`
* `playgames.google.com`
* `twitter.com`
* `yahoo.com`

Parameters

project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tenant (pulumi.Input[str]) – The name of the tenant where this DefaultSupportedIdpConfig resource exists

client_id: pulumi.Output[str] = None¶: OAuth client ID

client_secret: pulumi.Output[str] = None¶: OAuth client secret

enabled: pulumi.Output[bool] = None¶: If this IDP allows the user to sign in

idp_id: pulumi.Output[str] = None¶

ID of the IDP. Possible values include:

apple.com
facebook.com
gc.apple.com
github.com
google.com
linkedin.com
microsoft.com
playgames.google.com
twitter.com
yahoo.com

name: pulumi.Output[str] = None¶: The name of the default supported IDP config resource

project: pulumi.Output[str] = None¶: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

tenant: pulumi.Output[str] = None¶: The name of the tenant where this DefaultSupportedIdpConfig resource exists

static get(resource_name, id, opts=None, client_id=None, client_secret=None, enabled=None, idp_id=None, name=None, project=None, tenant=None)¶

Get an existing TenantDefaultSupportedIdpConfig resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – OAuth client ID
client_secret (pulumi.Input[str]) – OAuth client secret
enabled (pulumi.Input[bool]) – If this IDP allows the user to sign in
idp_id (pulumi.Input[str]) – ID of the IDP. Possible values include:

* `apple.com`
* `facebook.com`
* `gc.apple.com`
* `github.com`
* `google.com`
* `linkedin.com`
* `microsoft.com`
* `playgames.google.com`
* `twitter.com`
* `yahoo.com`

Parameters

name (pulumi.Input[str]) – The name of the default supported IDP config resource
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tenant (pulumi.Input[str]) – The name of the tenant where this DefaultSupportedIdpConfig resource exists

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_gcp.identityplatform.TenantInboundSamlConfig(resource_name, opts=None, display_name=None, enabled=None, idp_config=None, name=None, project=None, sp_config=None, tenant=None, __props__=None, __name__=None, __opts__=None)¶

Inbound SAML configuration for a Identity Toolkit tenant.

You must enable the Google Identity Platform in the marketplace prior to using this resource.

import pulumi
import pulumi_gcp as gcp

tenant = gcp.identityplatform.Tenant("tenant", display_name="tenant")
tenant_saml_config = gcp.identityplatform.TenantInboundSamlConfig("tenantSamlConfig",
    display_name="Display Name",
    tenant=tenant.name,
    idp_config={
        "idpEntityId": "tf-idp",
        "signRequest": True,
        "ssoUrl": "https://example.com",
        "idp_certificates": [{
            "x509Certificate": (lambda path: open(path).read())("test-fixtures/rsa_cert.pem"),
        }],
    },
    sp_config={
        "spEntityId": "tf-sp",
        "callbackUri": "https://example.com",
    })

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
idp_config (pulumi.Input[dict]) – SAML IdP configuration when the project acts as the relying party Structure is documented below.
name (pulumi.Input[str]) – The name of the InboundSamlConfig resource. Must start with ‘saml.’ and can only have alphanumeric characters, hyphens, underscores or periods. The part after ‘saml.’ must also start with a lowercase letter, end with an alphanumeric character, and have at least 2 characters.
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
sp_config (pulumi.Input[dict]) – SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. Structure is documented below.
tenant (pulumi.Input[str]) – The name of the tenant where this inbound SAML config resource exists

The idp_config object supports the following:

idpCertificates (pulumi.Input[list]) - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
idpEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities
signRequest (pulumi.Input[bool]) - Indicates if outbounding SAMLRequest should be signed.
ssoUrl (pulumi.Input[str]) - URL to send Authentication request to.

The sp_config object supports the following:

callbackUri (pulumi.Input[str]) - Callback URI where responses from IDP are handled. Must start with https://.
spCertificates (pulumi.Input[list]) - - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
spEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities.

display_name: pulumi.Output[str] = None¶: Human friendly display name.

enabled: pulumi.Output[bool] = None¶: If this config allows users to sign in with the provider.

idp_config: pulumi.Output[dict] = None¶

SAML IdP configuration when the project acts as the relying party Structure is documented below.

idpCertificates (list) - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (str) - - The x509 certificate
idpEntityId (str) - Unique identifier for all SAML entities
signRequest (bool) - Indicates if outbounding SAMLRequest should be signed.
ssoUrl (str) - URL to send Authentication request to.

name: pulumi.Output[str] = None¶: The name of the InboundSamlConfig resource. Must start with ‘saml.’ and can only have alphanumeric characters, hyphens, underscores or periods. The part after ‘saml.’ must also start with a lowercase letter, end with an alphanumeric character, and have at least 2 characters.

project: pulumi.Output[str] = None¶: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

sp_config: pulumi.Output[dict] = None¶

callbackUri (str) - Callback URI where responses from IDP are handled. Must start with https://.
spCertificates (list) - - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (str) - - The x509 certificate
spEntityId (str) - Unique identifier for all SAML entities.

tenant: pulumi.Output[str] = None¶: The name of the tenant where this inbound SAML config resource exists

static get(resource_name, id, opts=None, display_name=None, enabled=None, idp_config=None, name=None, project=None, sp_config=None, tenant=None)¶

Get an existing TenantInboundSamlConfig resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
idp_config (pulumi.Input[dict]) – SAML IdP configuration when the project acts as the relying party Structure is documented below.
name (pulumi.Input[str]) – The name of the InboundSamlConfig resource. Must start with ‘saml.’ and can only have alphanumeric characters, hyphens, underscores or periods. The part after ‘saml.’ must also start with a lowercase letter, end with an alphanumeric character, and have at least 2 characters.
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
sp_config (pulumi.Input[dict]) – SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. Structure is documented below.
tenant (pulumi.Input[str]) – The name of the tenant where this inbound SAML config resource exists

The idp_config object supports the following:

idpCertificates (pulumi.Input[list]) - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
idpEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities
signRequest (pulumi.Input[bool]) - Indicates if outbounding SAMLRequest should be signed.
ssoUrl (pulumi.Input[str]) - URL to send Authentication request to.

The sp_config object supports the following:

callbackUri (pulumi.Input[str]) - Callback URI where responses from IDP are handled. Must start with https://.
spCertificates (pulumi.Input[list]) - - The IDP’s certificate data to verify the signature in the SAMLResponse issued by the IDP. Structure is documented below.
- x509Certificate (pulumi.Input[str]) - - The x509 certificate
spEntityId (pulumi.Input[str]) - Unique identifier for all SAML entities.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_gcp.identityplatform.TenantOauthIdpConfig(resource_name, opts=None, client_id=None, client_secret=None, display_name=None, enabled=None, issuer=None, name=None, project=None, tenant=None, __props__=None, __name__=None, __opts__=None)¶

OIDC IdP configuration for a Identity Toolkit project within a tenant.

You must enable the Google Identity Platform in the marketplace prior to using this resource.

import pulumi
import pulumi_gcp as gcp

tenant = gcp.identityplatform.Tenant("tenant", display_name="tenant")
tenant_oauth_idp_config = gcp.identityplatform.TenantOauthIdpConfig("tenantOauthIdpConfig",
    tenant=tenant.name,
    display_name="Display Name",
    client_id="client-id",
    issuer="issuer",
    enabled=True,
    client_secret="secret")

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – The client id of an OAuth client.
client_secret (pulumi.Input[str]) – The client secret of the OAuth client, to enable OIDC code flow.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
issuer (pulumi.Input[str]) – For OIDC Idps, the issuer identifier.
name (pulumi.Input[str]) – The name of the OauthIdpConfig. Must start with oidc..
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tenant (pulumi.Input[str]) – The name of the tenant where this OIDC IDP configuration resource exists

client_id: pulumi.Output[str] = None¶: The client id of an OAuth client.

client_secret: pulumi.Output[str] = None¶: The client secret of the OAuth client, to enable OIDC code flow.

display_name: pulumi.Output[str] = None¶: Human friendly display name.

enabled: pulumi.Output[bool] = None¶: If this config allows users to sign in with the provider.

issuer: pulumi.Output[str] = None¶: For OIDC Idps, the issuer identifier.

name: pulumi.Output[str] = None¶: The name of the OauthIdpConfig. Must start with oidc..

project: pulumi.Output[str] = None¶: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

tenant: pulumi.Output[str] = None¶: The name of the tenant where this OIDC IDP configuration resource exists

static get(resource_name, id, opts=None, client_id=None, client_secret=None, display_name=None, enabled=None, issuer=None, name=None, project=None, tenant=None)¶

Get an existing TenantOauthIdpConfig resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
client_id (pulumi.Input[str]) – The client id of an OAuth client.
client_secret (pulumi.Input[str]) – The client secret of the OAuth client, to enable OIDC code flow.
display_name (pulumi.Input[str]) – Human friendly display name.
enabled (pulumi.Input[bool]) – If this config allows users to sign in with the provider.
issuer (pulumi.Input[str]) – For OIDC Idps, the issuer identifier.
name (pulumi.Input[str]) – The name of the OauthIdpConfig. Must start with oidc..
project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tenant (pulumi.Input[str]) – The name of the tenant where this OIDC IDP configuration resource exists

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

identityplatform¶

On This Page