Fork me on GitHub

Module identity

@pulumi/openstack > identity

Index

identity/getAuthScope.ts identity/getEndpoint.ts identity/getGroup.ts identity/getProject.ts identity/getRole.ts identity/getUser.ts identity/project.ts identity/role.ts identity/roleAssignment.ts identity/user.ts

class Project

Manages a V3 Project resource within OpenStack Keystone.

Note: You must have admin privileges in your OpenStack cloud to use this resource.

constructor

new Project(name: string, args?: ProjectArgs, opts?: pulumi.CustomResourceOptions)

Create a Project resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProjectState): Project

Get an existing Project resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;

A description of the project.

property domainId

public domainId: pulumi.Output<string>;

The domain this project belongs to.

property enabled

public enabled: pulumi.Output<boolean | undefined>;

Whether the project is enabled or disabled. Valid values are true and false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property isDomain

public isDomain: pulumi.Output<boolean | undefined>;

Whether this project is a domain. Valid values are true and false.

property name

public name: pulumi.Output<string>;

The name of the project.

property parentId

public parentId: pulumi.Output<string>;

The parent of this project.

property region

public region: pulumi.Output<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new User.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Role

Manages a V3 Role resource within OpenStack Keystone.

Note: You must have admin privileges in your OpenStack cloud to use this resource.

constructor

new Role(name: string, args?: RoleArgs, opts?: pulumi.CustomResourceOptions)

Create a Role resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RoleState): Role

Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property domainId

public domainId: pulumi.Output<string>;

The domain the role belongs to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the role.

property region

public region: pulumi.Output<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new Role.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class RoleAssignment

Manages a V3 Role assignment within OpenStack Keystone.

Note: You must have admin privileges in your OpenStack cloud to use this resource.

constructor

new RoleAssignment(name: string, args: RoleAssignmentArgs, opts?: pulumi.CustomResourceOptions)

Create a RoleAssignment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RoleAssignmentState): RoleAssignment

Get an existing RoleAssignment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property domainId

public domainId: pulumi.Output<string | undefined>;

The domain to assign the role in.

property groupId

public groupId: pulumi.Output<string | undefined>;

The group to assign the role to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property projectId

public projectId: pulumi.Output<string | undefined>;

The project to assign the role in.

property roleId

public roleId: pulumi.Output<string>;

The role to assign.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userId

public userId: pulumi.Output<string | undefined>;

The user to assign the role to.

class User

Manages a V3 User resource within OpenStack Keystone.

Note: You must have admin privileges in your OpenStack cloud to use this resource.

constructor

new User(name: string, args?: UserArgs, opts?: pulumi.CustomResourceOptions)

Create a User resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserState): User

Get an existing User resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property defaultProjectId

public defaultProjectId: pulumi.Output<string>;

The default project this user belongs to.

property description

public description: pulumi.Output<string | undefined>;

A description of the user.

property domainId

public domainId: pulumi.Output<string>;

The domain this user belongs to.

property enabled

public enabled: pulumi.Output<boolean | undefined>;

Whether the user is enabled or disabled. Valid values are true and false.

property extra

public extra: pulumi.Output<{ ... } | undefined>;

Free-form key/value pairs of extra information.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ignoreChangePasswordUponFirstUse

public ignoreChangePasswordUponFirstUse: pulumi.Output<boolean | undefined>;

User will not have to change their password upon first use. Valid values are true and false.

property ignoreLockoutFailureAttempts

public ignoreLockoutFailureAttempts: pulumi.Output<boolean | undefined>;

User will not have a failure lockout placed on their account. Valid values are true and false.

property ignorePasswordExpiry

public ignorePasswordExpiry: pulumi.Output<boolean | undefined>;

User’s password will not expire. Valid values are true and false.

property multiFactorAuthEnabled

public multiFactorAuthEnabled: pulumi.Output<boolean | undefined>;

Whether to enable multi-factor authentication. Valid values are true and false.

property multiFactorAuthRules

public multiFactorAuthRules: pulumi.Output<{ ... }[] | undefined>;

A multi-factor authentication rule. The structure is documented below. Please see the Ocata release notes for more information on how to use mulit-factor rules.

property name

public name: pulumi.Output<string>;

The name of the user.

property password

public password: pulumi.Output<string | undefined>;

The password for the user.

property region

public region: pulumi.Output<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new User.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

function getAuthScope

getAuthScope(args: GetAuthScopeArgs, opts?: pulumi.InvokeOptions): Promise<GetAuthScopeResult>

Use this data source to get authentication information about the current auth scope in use. This can be used as self-discovery or introspection of the username or project name currently in use.

function getEndpoint

getEndpoint(args?: GetEndpointArgs, opts?: pulumi.InvokeOptions): Promise<GetEndpointResult>

Use this data source to get the ID of an OpenStack endpoint.

Note: This usually requires admin privileges.

function getGroup

getGroup(args: GetGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetGroupResult>

Use this data source to get the ID of an OpenStack group.

Note: This usually requires admin privileges.

function getProject

getProject(args?: GetProjectArgs, opts?: pulumi.InvokeOptions): Promise<GetProjectResult>

Use this data source to get the ID of an OpenStack project.

function getRole

getRole(args: GetRoleArgs, opts?: pulumi.InvokeOptions): Promise<GetRoleResult>

Use this data source to get the ID of an OpenStack role.

function getUser

getUser(args?: GetUserArgs, opts?: pulumi.InvokeOptions): Promise<GetUserResult>

Use this data source to get the ID of an OpenStack user.

interface GetAuthScopeArgs

A collection of arguments for invoking getAuthScope.

property name

name: string;

The name of the scope. This is an arbitrary name which is only used as a unique identifier so an actual token isn’t used as the ID.

property region

region?: string;

The region in which to obtain the V3 Identity client. A Identity client is needed to retrieve tokens IDs. If omitted, the region argument of the provider is used.

interface GetAuthScopeResult

A collection of values returned by getAuthScope.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property projectDomainId

projectDomainId: string;

The domain ID of the project.

property projectDomainName

projectDomainName: string;

The domain name of the project.

property projectId

projectId: string;

The project ID of the scope.

property projectName

projectName: string;

The project name of the scope.

property region

region: string;

property roles

roles: { ... }[];

A list of roles in the current scope. See reference below.

property userDomainId

userDomainId: string;

The domain ID of the user.

property userDomainName

userDomainName: string;

The domain name of the user.

property userId

userId: string;

The user ID the of the scope.

property userName

userName: string;

The username of the scope.

interface GetEndpointArgs

A collection of arguments for invoking getEndpoint.

property interface

interface?: string;

The endpoint interface. Valid values are public, internal, and admin. Default value is public

property region

region?: string;

The region the endpoint is located in.

property serviceId

serviceId?: string;

The service id this endpoint belongs to.

property serviceName

serviceName?: string;

The service name of the endpoint.

interface GetEndpointResult

A collection of values returned by getEndpoint.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property region

region: string;

The region the endpoint is located in.

property url

url: string;

The endpoint URL

interface GetGroupArgs

A collection of arguments for invoking getGroup.

property domainId

domainId?: string;

The domain the group belongs to.

property name

name: string;

The name of the group.

property region

region?: string;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used.

interface GetGroupResult

A collection of values returned by getGroup.

property domainId

domainId: string;

See Argument Reference above.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property region

region: string;

See Argument Reference above.

interface GetProjectArgs

A collection of arguments for invoking getProject.

property domainId

domainId?: string;

The domain this project belongs to.

property enabled

enabled?: boolean;

Whether the project is enabled or disabled. Valid values are true and false.

property isDomain

isDomain?: boolean;

Whether this project is a domain. Valid values are true and false.

property name

name?: string;

The name of the project.

property parentId

parentId?: string;

The parent of this project.

property region

region?: string;

interface GetProjectResult

A collection of values returned by getProject.

property description

description: string;

The description of the project.

property domainId

domainId: string;

See Argument Reference above.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property region

region: string;

The region the project is located in.

interface GetRoleArgs

A collection of arguments for invoking getRole.

property domainId

domainId?: string;

The domain the role belongs to.

property name

name: string;

The name of the role.

property region

region?: string;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used.

interface GetRoleResult

A collection of values returned by getRole.

property domainId

domainId: string;

See Argument Reference above.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property region

region: string;

See Argument Reference above.

interface GetUserArgs

A collection of arguments for invoking getUser.

property domainId

domainId?: string;

The domain this user belongs to.

property enabled

enabled?: boolean;

Whether the user is enabled or disabled. Valid values are true and false.

property idpId

idpId?: string;

The identity provider ID of the user.

property name

name?: string;

The name of the user.

property passwordExpiresAt

passwordExpiresAt?: string;

Query for expired passwords. See the OpenStack API docs for more information on the query format.

property protocolId

protocolId?: string;

The protocol ID of the user.

property region

region?: string;

property uniqueId

uniqueId?: string;

The unique ID of the user.

interface GetUserResult

A collection of values returned by getUser.

property defaultProjectId

defaultProjectId: string;

See Argument Reference above.

property domainId

domainId: string;

See Argument Reference above.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property region

region: string;

The region the user is located in.

interface ProjectArgs

The set of arguments for constructing a Project resource.

property description

description?: pulumi.Input<string>;

A description of the project.

property domainId

domainId?: pulumi.Input<string>;

The domain this project belongs to.

property enabled

enabled?: pulumi.Input<boolean>;

Whether the project is enabled or disabled. Valid values are true and false.

property isDomain

isDomain?: pulumi.Input<boolean>;

Whether this project is a domain. Valid values are true and false.

property name

name?: pulumi.Input<string>;

The name of the project.

property parentId

parentId?: pulumi.Input<string>;

The parent of this project.

property region

region?: pulumi.Input<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new User.

interface ProjectState

Input properties used for looking up and filtering Project resources.

property description

description?: pulumi.Input<string>;

A description of the project.

property domainId

domainId?: pulumi.Input<string>;

The domain this project belongs to.

property enabled

enabled?: pulumi.Input<boolean>;

Whether the project is enabled or disabled. Valid values are true and false.

property isDomain

isDomain?: pulumi.Input<boolean>;

Whether this project is a domain. Valid values are true and false.

property name

name?: pulumi.Input<string>;

The name of the project.

property parentId

parentId?: pulumi.Input<string>;

The parent of this project.

property region

region?: pulumi.Input<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new User.

interface RoleArgs

The set of arguments for constructing a Role resource.

property domainId

domainId?: pulumi.Input<string>;

The domain the role belongs to.

property name

name?: pulumi.Input<string>;

The name of the role.

property region

region?: pulumi.Input<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new Role.

interface RoleAssignmentArgs

The set of arguments for constructing a RoleAssignment resource.

property domainId

domainId?: pulumi.Input<string>;

The domain to assign the role in.

property groupId

groupId?: pulumi.Input<string>;

The group to assign the role to.

property projectId

projectId?: pulumi.Input<string>;

The project to assign the role in.

property roleId

roleId: pulumi.Input<string>;

The role to assign.

property userId

userId?: pulumi.Input<string>;

The user to assign the role to.

interface RoleAssignmentState

Input properties used for looking up and filtering RoleAssignment resources.

property domainId

domainId?: pulumi.Input<string>;

The domain to assign the role in.

property groupId

groupId?: pulumi.Input<string>;

The group to assign the role to.

property projectId

projectId?: pulumi.Input<string>;

The project to assign the role in.

property roleId

roleId?: pulumi.Input<string>;

The role to assign.

property userId

userId?: pulumi.Input<string>;

The user to assign the role to.

interface RoleState

Input properties used for looking up and filtering Role resources.

property domainId

domainId?: pulumi.Input<string>;

The domain the role belongs to.

property name

name?: pulumi.Input<string>;

The name of the role.

property region

region?: pulumi.Input<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new Role.

interface UserArgs

The set of arguments for constructing a User resource.

property defaultProjectId

defaultProjectId?: pulumi.Input<string>;

The default project this user belongs to.

property description

description?: pulumi.Input<string>;

A description of the user.

property domainId

domainId?: pulumi.Input<string>;

The domain this user belongs to.

property enabled

enabled?: pulumi.Input<boolean>;

Whether the user is enabled or disabled. Valid values are true and false.

property extra

extra?: pulumi.Input<{ ... }>;

Free-form key/value pairs of extra information.

property ignoreChangePasswordUponFirstUse

ignoreChangePasswordUponFirstUse?: pulumi.Input<boolean>;

User will not have to change their password upon first use. Valid values are true and false.

property ignoreLockoutFailureAttempts

ignoreLockoutFailureAttempts?: pulumi.Input<boolean>;

User will not have a failure lockout placed on their account. Valid values are true and false.

property ignorePasswordExpiry

ignorePasswordExpiry?: pulumi.Input<boolean>;

User’s password will not expire. Valid values are true and false.

property multiFactorAuthEnabled

multiFactorAuthEnabled?: pulumi.Input<boolean>;

Whether to enable multi-factor authentication. Valid values are true and false.

property multiFactorAuthRules

multiFactorAuthRules?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A multi-factor authentication rule. The structure is documented below. Please see the Ocata release notes for more information on how to use mulit-factor rules.

property name

name?: pulumi.Input<string>;

The name of the user.

property password

password?: pulumi.Input<string>;

The password for the user.

property region

region?: pulumi.Input<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new User.

interface UserState

Input properties used for looking up and filtering User resources.

property defaultProjectId

defaultProjectId?: pulumi.Input<string>;

The default project this user belongs to.

property description

description?: pulumi.Input<string>;

A description of the user.

property domainId

domainId?: pulumi.Input<string>;

The domain this user belongs to.

property enabled

enabled?: pulumi.Input<boolean>;

Whether the user is enabled or disabled. Valid values are true and false.

property extra

extra?: pulumi.Input<{ ... }>;

Free-form key/value pairs of extra information.

property ignoreChangePasswordUponFirstUse

ignoreChangePasswordUponFirstUse?: pulumi.Input<boolean>;

User will not have to change their password upon first use. Valid values are true and false.

property ignoreLockoutFailureAttempts

ignoreLockoutFailureAttempts?: pulumi.Input<boolean>;

User will not have a failure lockout placed on their account. Valid values are true and false.

property ignorePasswordExpiry

ignorePasswordExpiry?: pulumi.Input<boolean>;

User’s password will not expire. Valid values are true and false.

property multiFactorAuthEnabled

multiFactorAuthEnabled?: pulumi.Input<boolean>;

Whether to enable multi-factor authentication. Valid values are true and false.

property multiFactorAuthRules

multiFactorAuthRules?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A multi-factor authentication rule. The structure is documented below. Please see the Ocata release notes for more information on how to use mulit-factor rules.

property name

name?: pulumi.Input<string>;

The name of the user.

property password

password?: pulumi.Input<string>;

The password for the user.

property region

region?: pulumi.Input<string>;

The region in which to obtain the V3 Keystone client. If omitted, the region argument of the provider is used. Changing this creates a new User.