{ "name": "athenz", "version": "1.0.49", "description": "A Pulumi provider dynamically bridged from athenz.", "attribution": "This Pulumi package is based on the [`athenz` Terraform Provider](https://github.com/athenz/terraform-provider-athenz).", "repository": "https://github.com/athenz/terraform-provider-athenz", "publisher": "athenz", "meta": { "moduleFormat": "(.*)(?:/[^/]*)" }, "language": { "csharp": { "compatibility": "tfbridge20", "liftSingleValueMethodReturns": true, "respectSchemaVersion": true }, "go": { "generateExtraInputTypes": true, "importBasePath": "github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz", "liftSingleValueMethodReturns": true, "respectSchemaVersion": true, "rootPackageName": "athenz" }, "java": { "basePackage": "", "buildFiles": "", "gradleNexusPublishPluginVersion": "", "gradleTest": "" }, "nodejs": { "compatibility": "tfbridge20", "disableUnionOutputTypes": true, "liftSingleValueMethodReturns": true, "packageDescription": "A Pulumi provider dynamically bridged from athenz.", "readme": "> This provider is a derived work of the [Terraform Provider](https://github.com/athenz/terraform-provider-athenz)\n> distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n> please consult the source [`terraform-provider-athenz` repo](https://github.com/athenz/terraform-provider-athenz/issues).", "respectSchemaVersion": true }, "python": { "compatibility": "tfbridge20", "pyproject": { "enabled": true }, "readme": "> This provider is a derived work of the [Terraform Provider](https://github.com/athenz/terraform-provider-athenz)\n> distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n> please consult the source [`terraform-provider-athenz` repo](https://github.com/athenz/terraform-provider-athenz/issues).", "respectSchemaVersion": true } }, "config": { "variables": { "cacert": { "type": "string", "description": "CA Certificate file path\n" }, "cert": { "type": "string", "description": "Athenz client certificate\n" }, "disableResourceOwnership": { "type": "boolean", "description": "Disable resource ownership feature\n" }, "groupMetaResourceState": { "type": "number", "description": "Default state for athenz.GroupMeta resources\n" }, "key": { "type": "string", "description": "Athenz client key\n" }, "resourceOwner": { "type": "string", "description": "Resource Owner Identity\n" }, "roleMetaResourceState": { "type": "number", "description": "Default state for athenz.RoleMeta resources\n" }, "zmsUrl": { "type": "string", "description": "Athenz API URL\n" } }, "defaults": [ "zmsUrl" ] }, "types": { "athenz:index/GroupMember:GroupMember": { "properties": { "expiration": { "type": "string", "description": "The expiration of the Athenz principal member. must be in this format: `--
::`\n\n\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name" ] }, "athenz:index/GroupMembersMember:GroupMembersMember": { "properties": { "expiration": { "type": "string", "description": "The expiration of the Athenz principal member. must be in this format: `--
::`\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "name" ] }, "athenz:index/GroupSettings:GroupSettings": { "properties": { "maxMembers": { "type": "number", "description": "Max number of principals in the group\n" }, "serviceExpiryDays": { "type": "number", "description": "All services in the role will have specified max expiry days\n" }, "userExpiryDays": { "type": "number", "description": "All user members in the role will have specified max expiry days\n" } }, "type": "object" }, "athenz:index/PolicyAssertion:PolicyAssertion": { "properties": { "action": { "type": "string", "description": "- The action is the domain administrator defined action available for the resource (e.g. read, write, delete).\n" }, "caseSensitive": { "type": "boolean", "description": "If true, action and resource will be case-sensitive.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyAssertionCondition:PolicyAssertionCondition" } }, "effect": { "type": "string", "description": "- The value effect must be either ALLOW or DENY.\n" }, "id": { "type": "number", "description": "The ID of this resource.\n" }, "resource": { "type": "string", "description": "- The resource is the YRN of the resource this assertion applies to. MUST provide fully qualified name: `:`\n" }, "role": { "type": "string", "description": "- The name of the role this assertion applies to. MUST be the role name only (without the prefix `:role`)\n" } }, "type": "object", "required": [ "action", "effect", "resource", "role" ], "language": { "nodejs": { "requiredOutputs": [ "action", "effect", "id", "resource", "role" ] } } }, "athenz:index/PolicyAssertionCondition:PolicyAssertionCondition": { "properties": { "enforcementstate": { "$ref": "#/types/athenz:index%2FPolicyAssertionConditionEnforcementstate:PolicyAssertionConditionEnforcementstate" }, "id": { "type": "number", "description": "The ID of this resource.\n" }, "instances": { "$ref": "#/types/athenz:index%2FPolicyAssertionConditionInstances:PolicyAssertionConditionInstances" }, "scopeall": { "$ref": "#/types/athenz:index%2FPolicyAssertionConditionScopeall:PolicyAssertionConditionScopeall" }, "scopeaws": { "$ref": "#/types/athenz:index%2FPolicyAssertionConditionScopeaws:PolicyAssertionConditionScopeaws" }, "scopeonprem": { "$ref": "#/types/athenz:index%2FPolicyAssertionConditionScopeonprem:PolicyAssertionConditionScopeonprem" } }, "type": "object", "required": [ "enforcementstate", "instances", "scopeall", "scopeaws", "scopeonprem" ], "language": { "nodejs": { "requiredOutputs": [ "enforcementstate", "id", "instances", "scopeall", "scopeaws", "scopeonprem" ] } } }, "athenz:index/PolicyAssertionConditionEnforcementstate:PolicyAssertionConditionEnforcementstate": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyAssertionConditionInstances:PolicyAssertionConditionInstances": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyAssertionConditionScopeall:PolicyAssertionConditionScopeall": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyAssertionConditionScopeaws:PolicyAssertionConditionScopeaws": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyAssertionConditionScopeonprem:PolicyAssertionConditionScopeonprem": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyVersionVersion:PolicyVersionVersion": { "properties": { "assertions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyVersionVersionAssertion:PolicyVersionVersionAssertion" }, "description": "- A set of assertions that govern usage of resources. where \\n\\n is \\n\\n \\n\\n to \\n\\n on \\n\\n.\n" }, "versionName": { "type": "string", "description": "- The version name.\n" } }, "type": "object", "required": [ "versionName" ] }, "athenz:index/PolicyVersionVersionAssertion:PolicyVersionVersionAssertion": { "properties": { "action": { "type": "string", "description": "- The action is the domain administrator defined action available for the resource (e.g. read, write, delete).\n" }, "caseSensitive": { "type": "boolean", "description": "If true, action and resource will be case-sensitive.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyVersionVersionAssertionCondition:PolicyVersionVersionAssertionCondition" } }, "effect": { "type": "string", "description": "- The value effect must be either ALLOW or DENY.\n" }, "id": { "type": "number", "description": "The ID of this resource.\n" }, "resource": { "type": "string", "description": "- The resource is the YRN of the resource this assertion applies to. MUST provide fully qualified name: `:`\n" }, "role": { "type": "string", "description": "- The name of the role this assertion applies to. MUST be the role name only (without the prefix `:role`).\n" } }, "type": "object", "required": [ "action", "effect", "resource", "role" ], "language": { "nodejs": { "requiredOutputs": [ "action", "effect", "id", "resource", "role" ] } } }, "athenz:index/PolicyVersionVersionAssertionCondition:PolicyVersionVersionAssertionCondition": { "properties": { "enforcementstate": { "$ref": "#/types/athenz:index%2FPolicyVersionVersionAssertionConditionEnforcementstate:PolicyVersionVersionAssertionConditionEnforcementstate" }, "id": { "type": "number", "description": "The ID of this resource.\n" }, "instances": { "$ref": "#/types/athenz:index%2FPolicyVersionVersionAssertionConditionInstances:PolicyVersionVersionAssertionConditionInstances" }, "scopeall": { "$ref": "#/types/athenz:index%2FPolicyVersionVersionAssertionConditionScopeall:PolicyVersionVersionAssertionConditionScopeall" }, "scopeaws": { "$ref": "#/types/athenz:index%2FPolicyVersionVersionAssertionConditionScopeaws:PolicyVersionVersionAssertionConditionScopeaws" }, "scopeonprem": { "$ref": "#/types/athenz:index%2FPolicyVersionVersionAssertionConditionScopeonprem:PolicyVersionVersionAssertionConditionScopeonprem" } }, "type": "object", "required": [ "enforcementstate", "instances", "scopeall", "scopeaws", "scopeonprem" ], "language": { "nodejs": { "requiredOutputs": [ "enforcementstate", "id", "instances", "scopeall", "scopeaws", "scopeonprem" ] } } }, "athenz:index/PolicyVersionVersionAssertionConditionEnforcementstate:PolicyVersionVersionAssertionConditionEnforcementstate": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyVersionVersionAssertionConditionInstances:PolicyVersionVersionAssertionConditionInstances": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyVersionVersionAssertionConditionScopeall:PolicyVersionVersionAssertionConditionScopeall": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyVersionVersionAssertionConditionScopeaws:PolicyVersionVersionAssertionConditionScopeaws": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/PolicyVersionVersionAssertionConditionScopeonprem:PolicyVersionVersionAssertionConditionScopeonprem": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "athenz:index/RoleMember:RoleMember": { "properties": { "expiration": { "type": "string", "description": "- The expiration time in UTC of the Athenz principal member. must be in this format: `--
::`\n" }, "name": { "type": "string", "description": "- The name of the Athenz principal member. must be in this format: `user. or . or :group.`.\n" }, "review": { "type": "string", "description": "- The review time in UTC of the Athenz principal member. must be in this format: `--
::`\n" } }, "type": "object", "required": [ "name" ] }, "athenz:index/RoleMembersMember:RoleMembersMember": { "properties": { "expiration": { "type": "string", "description": "- The expiration time in UTC of the Athenz principal member. must be in this format: `--
::`\n" }, "name": { "type": "string", "description": "- The name of the Athenz principal member. must be in this format: `user. or . or :group.`.\n" }, "review": { "type": "string", "description": "- The review time in UTC of the Athenz principal member. must be in this format: `--
::`\n" } }, "type": "object", "required": [ "name" ] }, "athenz:index/RoleSettings:RoleSettings": { "properties": { "certExpiryMins": { "type": "number", "description": "Certs issued for this role will have specified max timeout in mins\n" }, "groupExpiryDays": { "type": "number", "description": "all group members in the role will have specified max expiry days\n" }, "groupReviewDays": { "type": "number", "description": "all group members in the role will have specified max review reminder days\n" }, "maxMembers": { "type": "number", "description": "Max number of principals in the role\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the role will have specified max expiry days\n" }, "serviceReviewDays": { "type": "number", "description": "all service members in the role will have specified max review reminder days\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this role will have specified max timeout in mins\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the role will have specified max expiry days\n" }, "userReviewDays": { "type": "number", "description": "all user members in the role will have specified max review reminder days\n" } }, "type": "object" }, "athenz:index/SelfServeGroupMembersMember:SelfServeGroupMembersMember": { "properties": { "expiration": { "type": "string", "description": "- The expiration time in UTC of the Athenz principal member. must be in this format: `--
::`\n" }, "name": { "type": "string", "description": "- The name of the Athenz principal member. must be in this format: `user. or . or :group.`.\n" } }, "type": "object", "required": [ "name" ] }, "athenz:index/SelfServeRoleMembersMember:SelfServeRoleMembersMember": { "properties": { "expiration": { "type": "string", "description": "- The expiration time in UTC of the Athenz principal member. must be in this format: `--
::`\n" }, "name": { "type": "string", "description": "- The name of the Athenz principal member. must be in this format: `user. or . or :group.`.\n" }, "review": { "type": "string", "description": "- The review time in UTC of the Athenz principal member. must be in this format: `--
::`\n" } }, "type": "object", "required": [ "name" ] }, "athenz:index/ServicePublicKey:ServicePublicKey": { "properties": { "keyId": { "type": "string", "description": "- The key id.\n" }, "keyValue": { "type": "string", "description": "- The Key Value which must be a PEM encoded public key.\n" } }, "type": "object", "required": [ "keyId", "keyValue" ] }, "athenz:index/getGroupMember:getGroupMember": { "properties": { "expiration": { "type": "string" }, "name": { "type": "string" } }, "type": "object", "required": [ "name" ] }, "athenz:index/getGroupSettings:getGroupSettings": { "properties": { "maxMembers": { "type": "number", "description": "Max number of principals in the group\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the group will have specified max expiry days\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the group will have specified max expiry days\n" } }, "type": "object" }, "athenz:index/getPolicyAssertion:getPolicyAssertion": { "properties": { "action": { "type": "string" }, "caseSensitive": { "type": "boolean" }, "conditions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertionCondition:getPolicyAssertionCondition" } }, "effect": { "type": "string" }, "id": { "type": "number", "description": "The ID of this resource.\n" }, "resource": { "type": "string" }, "role": { "type": "string" } }, "type": "object", "required": [ "action", "conditions", "effect", "id", "resource", "role" ], "language": { "nodejs": { "requiredInputs": [ "action", "effect", "resource", "role" ] } } }, "athenz:index/getPolicyAssertionCondition:getPolicyAssertionCondition": { "properties": { "enforcementstates": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertionConditionEnforcementstate:getPolicyAssertionConditionEnforcementstate" } }, "ids": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertionConditionId:getPolicyAssertionConditionId" } }, "instances": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertionConditionInstance:getPolicyAssertionConditionInstance" } }, "scopealls": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertionConditionScopeall:getPolicyAssertionConditionScopeall" } }, "scopeaws": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertionConditionScopeaw:getPolicyAssertionConditionScopeaw" } }, "scopeonprems": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertionConditionScopeonprem:getPolicyAssertionConditionScopeonprem" } } }, "type": "object", "required": [ "enforcementstates", "ids", "instances", "scopealls", "scopeaws", "scopeonprems" ] }, "athenz:index/getPolicyAssertionConditionEnforcementstate:getPolicyAssertionConditionEnforcementstate": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ] }, "athenz:index/getPolicyAssertionConditionId:getPolicyAssertionConditionId": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ] }, "athenz:index/getPolicyAssertionConditionInstance:getPolicyAssertionConditionInstance": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ] }, "athenz:index/getPolicyAssertionConditionScopeall:getPolicyAssertionConditionScopeall": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ] }, "athenz:index/getPolicyAssertionConditionScopeaw:getPolicyAssertionConditionScopeaw": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ] }, "athenz:index/getPolicyAssertionConditionScopeonprem:getPolicyAssertionConditionScopeonprem": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ] }, "athenz:index/getPolicyVersionVersion:getPolicyVersionVersion": { "properties": { "assertions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertion:getPolicyVersionVersionAssertion" } }, "versionName": { "type": "string" } }, "type": "object", "required": [ "assertions", "versionName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertion:getPolicyVersionVersionAssertion": { "properties": { "action": { "type": "string" }, "caseSensitive": { "type": "boolean" }, "conditions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertionCondition:getPolicyVersionVersionAssertionCondition" } }, "effect": { "type": "string" }, "id": { "type": "number" }, "resource": { "type": "string" }, "role": { "type": "string" } }, "type": "object", "required": [ "action", "caseSensitive", "conditions", "effect", "id", "resource", "role" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertionCondition:getPolicyVersionVersionAssertionCondition": { "properties": { "enforcementstates": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertionConditionEnforcementstate:getPolicyVersionVersionAssertionConditionEnforcementstate" } }, "ids": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertionConditionId:getPolicyVersionVersionAssertionConditionId" } }, "instances": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertionConditionInstance:getPolicyVersionVersionAssertionConditionInstance" } }, "scopealls": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertionConditionScopeall:getPolicyVersionVersionAssertionConditionScopeall" } }, "scopeaws": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertionConditionScopeaw:getPolicyVersionVersionAssertionConditionScopeaw" } }, "scopeonprems": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersionAssertionConditionScopeonprem:getPolicyVersionVersionAssertionConditionScopeonprem" } } }, "type": "object", "required": [ "enforcementstates", "ids", "instances", "scopealls", "scopeaws", "scopeonprems" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertionConditionEnforcementstate:getPolicyVersionVersionAssertionConditionEnforcementstate": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertionConditionId:getPolicyVersionVersionAssertionConditionId": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertionConditionInstance:getPolicyVersionVersionAssertionConditionInstance": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertionConditionScopeall:getPolicyVersionVersionAssertionConditionScopeall": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertionConditionScopeaw:getPolicyVersionVersionAssertionConditionScopeaw": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getPolicyVersionVersionAssertionConditionScopeonprem:getPolicyVersionVersionAssertionConditionScopeonprem": { "properties": { "operator": { "type": "number" }, "value": { "type": "string" } }, "type": "object", "required": [ "operator", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "athenz:index/getRoleMember:getRoleMember": { "properties": { "expiration": { "type": "string" }, "name": { "type": "string" }, "review": { "type": "string" } }, "type": "object", "required": [ "name" ] }, "athenz:index/getRoleSettings:getRoleSettings": { "properties": { "certExpiryMins": { "type": "number", "description": "certs issued for this role will have specified max timeout in mins\n" }, "groupExpiryDays": { "type": "number", "description": "all group members in the role will have specified max expiry days\n" }, "groupReviewDays": { "type": "number", "description": "all group members in the role will have specified max review reminder days\n" }, "maxMembers": { "type": "number", "description": "Max number of principals in the role\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the role will have specified max expiry days\n" }, "serviceReviewDays": { "type": "number", "description": "all service members in the role will have specified max review reminder days\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this role will have specified max timeout in mins\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the role will have specified max expiry days\n" }, "userReviewDays": { "type": "number", "description": "all user members in the role will have specified max review reminder days\n" } }, "type": "object" }, "athenz:index/getRolesRole:getRolesRole": { "properties": { "auditEnabled": { "type": "boolean" }, "deleteProtection": { "type": "boolean" }, "description": { "type": "string" }, "domain": { "type": "string" }, "lastReviewedDate": { "type": "string", "description": "Last reviewed date for the role\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetRolesRoleMember:getRolesRoleMember" }, "description": "Athenz principal to be added as members\n" }, "name": { "type": "string" }, "notifyDetails": { "type": "string" }, "notifyRoles": { "type": "string" }, "principalDomainFilter": { "type": "string" }, "reviewEnabled": { "type": "boolean" }, "selfRenew": { "type": "boolean" }, "selfRenewMins": { "type": "number" }, "selfServe": { "type": "boolean" }, "settings": { "$ref": "#/types/athenz:index%2FgetRolesRoleSettings:getRolesRoleSettings", "description": "Advanced settings\n" }, "signAlgorithm": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "trust": { "type": "string", "description": "The domain, which this role is trusted to\n" }, "userAuthorityExpiration": { "type": "string" }, "userAuthorityFilter": { "type": "string" } }, "type": "object", "required": [ "domain", "name" ] }, "athenz:index/getRolesRoleMember:getRolesRoleMember": { "properties": { "expiration": { "type": "string" }, "name": { "type": "string" }, "review": { "type": "string" } }, "type": "object", "required": [ "name" ] }, "athenz:index/getRolesRoleSettings:getRolesRoleSettings": { "properties": { "certExpiryMins": { "type": "number" }, "groupExpiryDays": { "type": "number" }, "groupReviewDays": { "type": "number" }, "maxMembers": { "type": "number" }, "serviceExpiryDays": { "type": "number" }, "serviceReviewDays": { "type": "number" }, "tokenExpiryMins": { "type": "number" }, "userExpiryDays": { "type": "number" }, "userReviewDays": { "type": "number" } }, "type": "object" }, "athenz:index/getServicePublicKey:getServicePublicKey": { "properties": { "keyId": { "type": "string" }, "keyValue": { "type": "string" } }, "type": "object", "required": [ "keyId", "keyValue" ] } }, "provider": { "description": "The provider type for the athenz package. By default, resources use package-wide configuration\nsettings, however an explicit `Provider` instance may be created and passed during resource\nconstruction to achieve fine-grained programmatic control over provider settings. See the\n[documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.\n", "properties": { "cacert": { "type": "string", "description": "CA Certificate file path\n" }, "cert": { "type": "string", "description": "Athenz client certificate\n" }, "key": { "type": "string", "description": "Athenz client key\n" }, "resourceOwner": { "type": "string", "description": "Resource Owner Identity\n" }, "zmsUrl": { "type": "string", "description": "Athenz API URL\n" } }, "type": "object", "required": [ "zmsUrl" ], "inputProperties": { "cacert": { "type": "string", "description": "CA Certificate file path\n" }, "cert": { "type": "string", "description": "Athenz client certificate\n" }, "disableResourceOwnership": { "type": "boolean", "description": "Disable resource ownership feature\n" }, "groupMetaResourceState": { "type": "number", "description": "Default state for athenz.GroupMeta resources\n" }, "key": { "type": "string", "description": "Athenz client key\n" }, "resourceOwner": { "type": "string", "description": "Resource Owner Identity\n" }, "roleMetaResourceState": { "type": "number", "description": "Default state for athenz.RoleMeta resources\n" }, "zmsUrl": { "type": "string", "description": "Athenz API URL\n" } }, "requiredInputs": [ "zmsUrl" ] }, "resources": { "athenz:index/domainMeta:DomainMeta": { "description": "`athenz.DomainMeta` provides an Athenz domain meta resource.\n", "properties": { "applicationId": { "type": "string", "description": "associated application id\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "businessService": { "type": "string", "description": "associated business service with domain\n" }, "contacts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of domain contacts\n" }, "description": { "type": "string", "description": "description for the domain\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "domainMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "environment": { "type": "string", "description": "string specifying the environment this domain is used in (production, staging, etc.)\n" }, "groupExpiryDays": { "type": "number", "description": "all groups in the domain roles will have specified max expiry days\n" }, "memberPurgeExpiryDays": { "type": "number", "description": "purge role/group members with expiry date configured days in the past\n" }, "roleCertExpiryMins": { "type": "number", "description": "role certs issued for this domain will have specified max timeout in mins\n" }, "serviceCertExpiryMins": { "type": "number", "description": "service identity certs issued for this domain will have specified max timeout in mins\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the domain roles will have specified max expiry days\n" }, "slackChannel": { "type": "string", "description": "associated slack channel for notifications\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of domain tags\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this domain will have specified max timeout in mins\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the domain will have specified max expiry days\n" } }, "type": "object", "required": [ "domain", "domainMetaId" ], "inputProperties": { "applicationId": { "type": "string", "description": "associated application id\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "businessService": { "type": "string", "description": "associated business service with domain\n" }, "contacts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of domain contacts\n" }, "description": { "type": "string", "description": "description for the domain\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "domainMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "environment": { "type": "string", "description": "string specifying the environment this domain is used in (production, staging, etc.)\n" }, "groupExpiryDays": { "type": "number", "description": "all groups in the domain roles will have specified max expiry days\n" }, "memberPurgeExpiryDays": { "type": "number", "description": "purge role/group members with expiry date configured days in the past\n" }, "roleCertExpiryMins": { "type": "number", "description": "role certs issued for this domain will have specified max timeout in mins\n" }, "serviceCertExpiryMins": { "type": "number", "description": "service identity certs issued for this domain will have specified max timeout in mins\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the domain roles will have specified max expiry days\n" }, "slackChannel": { "type": "string", "description": "associated slack channel for notifications\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of domain tags\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this domain will have specified max timeout in mins\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the domain will have specified max expiry days\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainMeta resources.\n", "properties": { "applicationId": { "type": "string", "description": "associated application id\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "businessService": { "type": "string", "description": "associated business service with domain\n" }, "contacts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of domain contacts\n" }, "description": { "type": "string", "description": "description for the domain\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "domainMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "environment": { "type": "string", "description": "string specifying the environment this domain is used in (production, staging, etc.)\n" }, "groupExpiryDays": { "type": "number", "description": "all groups in the domain roles will have specified max expiry days\n" }, "memberPurgeExpiryDays": { "type": "number", "description": "purge role/group members with expiry date configured days in the past\n" }, "roleCertExpiryMins": { "type": "number", "description": "role certs issued for this domain will have specified max timeout in mins\n" }, "serviceCertExpiryMins": { "type": "number", "description": "service identity certs issued for this domain will have specified max timeout in mins\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the domain roles will have specified max expiry days\n" }, "slackChannel": { "type": "string", "description": "associated slack channel for notifications\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of domain tags\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this domain will have specified max timeout in mins\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the domain will have specified max expiry days\n" } }, "type": "object" } }, "athenz:index/group:Group": { "description": "---\n\n`athenz.Group` provides an Athenz group resource.\n\n## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.Group;\nimport com.pulumi.athenz.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var newgrp = new Group(\"newgrp\", GroupArgs.builder()\n .auditRef(\"create group\")\n .domain(\"some_domain\")\n .members( \n Map.of(\"name\", \"user.\"),\n Map.ofEntries(\n Map.entry(\"expiration\", \"2022-12-29 23:59:59\"),\n Map.entry(\"name\", \".\")\n ))\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"val1,val2\"),\n Map.entry(\"key2\", \"val3,val4\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n newgrp:\n type: athenz:Group\n properties:\n auditRef: create group\n domain: some_domain\n members:\n - name: user.\n - expiration: 2022-12-29 23:59:59\n name: .\n tags:\n key1: val1,val2\n key2: val3,val4\n```\n\n\n\n### Deprecated**\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst newgrp = new athenz.Group(\"newgrp\", {\n auditRef: \"create group\",\n domain: \"some_domain\",\n members: [\n \"user.\",\n \".\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nnewgrp = athenz.Group(\"newgrp\",\n audit_ref=\"create group\",\n domain=\"some_domain\",\n members=[\n \"user.\",\n \".\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var newgrp = new Athenz.Group(\"newgrp\", new()\n {\n AuditRef = \"create group\",\n Domain = \"some_domain\",\n Members = new[]\n {\n \"user.\",\n \".\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewGroup(ctx, \"newgrp\", &athenz.GroupArgs{\n\t\t\tAuditRef: pulumi.String(\"create group\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user.\"),\n\t\t\t\tpulumi.String(\".\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.Group;\nimport com.pulumi.athenz.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var newgrp = new Group(\"newgrp\", GroupArgs.builder()\n .auditRef(\"create group\")\n .domain(\"some_domain\")\n .members( \n \"user.\",\n \".\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n newgrp:\n type: athenz:Group\n properties:\n auditRef: create group\n domain: some_domain\n members:\n - user.\n - .\n```\n\n", "properties": { "auditEnabled": { "type": "boolean" }, "auditRef": { "type": "string" }, "deleteProtection": { "type": "boolean" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "groupId": { "type": "string" }, "lastReviewedDate": { "type": "string", "description": "The last reviewed timestamp for the group\n" }, "member": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FGroupMember:GroupMember" }, "description": "Users or services to be added as members with attribute\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "Users or services to be added as members\n", "deprecationMessage": "Deprecated" }, "name": { "type": "string", "description": "Name of the standard group role\n" }, "notifyDetails": { "type": "string" }, "notifyRoles": { "type": "string" }, "principalDomainFilter": { "type": "string" }, "reviewEnabled": { "type": "boolean" }, "selfRenew": { "type": "boolean" }, "selfRenewMins": { "type": "number" }, "selfServe": { "type": "boolean" }, "settings": { "$ref": "#/types/athenz:index%2FGroupSettings:GroupSettings", "description": "Advanced settings\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "userAuthorityExpiration": { "type": "string" }, "userAuthorityFilter": { "type": "string" } }, "type": "object", "required": [ "domain", "groupId", "name" ], "inputProperties": { "auditEnabled": { "type": "boolean" }, "auditRef": { "type": "string" }, "deleteProtection": { "type": "boolean" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "groupId": { "type": "string" }, "lastReviewedDate": { "type": "string", "description": "The last reviewed timestamp for the group\n" }, "member": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FGroupMember:GroupMember" }, "description": "Users or services to be added as members with attribute\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "Users or services to be added as members\n", "deprecationMessage": "Deprecated" }, "name": { "type": "string", "description": "Name of the standard group role\n" }, "notifyDetails": { "type": "string" }, "notifyRoles": { "type": "string" }, "principalDomainFilter": { "type": "string" }, "reviewEnabled": { "type": "boolean" }, "selfRenew": { "type": "boolean" }, "selfRenewMins": { "type": "number" }, "selfServe": { "type": "boolean" }, "settings": { "$ref": "#/types/athenz:index%2FGroupSettings:GroupSettings", "description": "Advanced settings\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "userAuthorityExpiration": { "type": "string" }, "userAuthorityFilter": { "type": "string" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "auditEnabled": { "type": "boolean" }, "auditRef": { "type": "string" }, "deleteProtection": { "type": "boolean" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "groupId": { "type": "string" }, "lastReviewedDate": { "type": "string", "description": "The last reviewed timestamp for the group\n" }, "member": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FGroupMember:GroupMember" }, "description": "Users or services to be added as members with attribute\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "Users or services to be added as members\n", "deprecationMessage": "Deprecated" }, "name": { "type": "string", "description": "Name of the standard group role\n" }, "notifyDetails": { "type": "string" }, "notifyRoles": { "type": "string" }, "principalDomainFilter": { "type": "string" }, "reviewEnabled": { "type": "boolean" }, "selfRenew": { "type": "boolean" }, "selfRenewMins": { "type": "number" }, "selfServe": { "type": "boolean" }, "settings": { "$ref": "#/types/athenz:index%2FGroupSettings:GroupSettings", "description": "Advanced settings\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "userAuthorityExpiration": { "type": "string" }, "userAuthorityFilter": { "type": "string" } }, "type": "object" } }, "athenz:index/groupMembers:GroupMembers": { "description": "---\n\n`athenz.GroupMembers` provides support for managing members of an existing athenz group\n\n## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst newgrp = new athenz.GroupMembers(\"newgrp\", {\n auditRef: \"create group\",\n domain: \"some_domain\",\n members: [\n {\n name: \"user.\",\n },\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \".\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nnewgrp = athenz.GroupMembers(\"newgrp\",\n audit_ref=\"create group\",\n domain=\"some_domain\",\n members=[\n {\n \"name\": \"user.\",\n },\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \".\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var newgrp = new Athenz.GroupMembers(\"newgrp\", new()\n {\n AuditRef = \"create group\",\n Domain = \"some_domain\",\n Members = new[]\n {\n new Athenz.Inputs.GroupMembersMemberArgs\n {\n Name = \"user.\",\n },\n new Athenz.Inputs.GroupMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \".\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewGroupMembers(ctx, \"newgrp\", &athenz.GroupMembersArgs{\n\t\t\tAuditRef: pulumi.String(\"create group\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tMembers: athenz.GroupMembersMemberArray{\n\t\t\t\t&athenz.GroupMembersMemberArgs{\n\t\t\t\t\tName: pulumi.String(\"user.\"),\n\t\t\t\t},\n\t\t\t\t&athenz.GroupMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\".\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.GroupMembers;\nimport com.pulumi.athenz.GroupMembersArgs;\nimport com.pulumi.athenz.inputs.GroupMembersMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var newgrp = new GroupMembers(\"newgrp\", GroupMembersArgs.builder()\n .auditRef(\"create group\")\n .domain(\"some_domain\")\n .members( \n GroupMembersMemberArgs.builder()\n .name(\"user.\")\n .build(),\n GroupMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\".\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n newgrp:\n type: athenz:GroupMembers\n properties:\n auditRef: create group\n domain: some_domain\n members:\n - name: user.\n - expiration: 2022-12-29 23:59:59\n name: .\n```\n\n", "properties": { "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "groupMembersId": { "type": "string" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FGroupMembersMember:GroupMembersMember" }, "description": "Users or services to be added as members with attribute\n" }, "name": { "type": "string", "description": "Name of the standard group role\n" } }, "type": "object", "required": [ "domain", "groupMembersId", "name" ], "inputProperties": { "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "groupMembersId": { "type": "string" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FGroupMembersMember:GroupMembersMember" }, "description": "Users or services to be added as members with attribute\n" }, "name": { "type": "string", "description": "Name of the standard group role\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupMembers resources.\n", "properties": { "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "groupMembersId": { "type": "string" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FGroupMembersMember:GroupMembersMember" }, "description": "Users or services to be added as members with attribute\n" }, "name": { "type": "string", "description": "Name of the standard group role\n" } }, "type": "object" } }, "athenz:index/groupMeta:GroupMeta": { "description": "## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst groupMeta = new athenz.GroupMeta(\"groupMeta\", {\n auditRef: \"update group meta\",\n deleteProtection: false,\n domain: \"some_domain\",\n maxMembers: 0,\n notifyRoles: \"notify details\",\n principalDomainFilter: \"user,home,+sports,-sports.dev\",\n reviewEnabled: false,\n selfRenew: false,\n selfRenewMins: 90,\n selfServe: true,\n serviceExpiryDays: 120,\n tags: {\n key1: \"val1,val2\",\n key2: \"val3,val4\",\n },\n userAuthorityExpiration: \"ElevatedClearance\",\n userAuthorityFilter: \"OnShore-US\",\n userExpiryDays: 90,\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\ngroup_meta = athenz.GroupMeta(\"groupMeta\",\n audit_ref=\"update group meta\",\n delete_protection=False,\n domain=\"some_domain\",\n max_members=0,\n notify_roles=\"notify details\",\n principal_domain_filter=\"user,home,+sports,-sports.dev\",\n review_enabled=False,\n self_renew=False,\n self_renew_mins=90,\n self_serve=True,\n service_expiry_days=120,\n tags={\n \"key1\": \"val1,val2\",\n \"key2\": \"val3,val4\",\n },\n user_authority_expiration=\"ElevatedClearance\",\n user_authority_filter=\"OnShore-US\",\n user_expiry_days=90)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var groupMeta = new Athenz.GroupMeta(\"groupMeta\", new()\n {\n AuditRef = \"update group meta\",\n DeleteProtection = false,\n Domain = \"some_domain\",\n MaxMembers = 0,\n NotifyRoles = \"notify details\",\n PrincipalDomainFilter = \"user,home,+sports,-sports.dev\",\n ReviewEnabled = false,\n SelfRenew = false,\n SelfRenewMins = 90,\n SelfServe = true,\n ServiceExpiryDays = 120,\n Tags = \n {\n { \"key1\", \"val1,val2\" },\n { \"key2\", \"val3,val4\" },\n },\n UserAuthorityExpiration = \"ElevatedClearance\",\n UserAuthorityFilter = \"OnShore-US\",\n UserExpiryDays = 90,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewGroupMeta(ctx, \"groupMeta\", &athenz.GroupMetaArgs{\n\t\t\tAuditRef: pulumi.String(\"update group meta\"),\n\t\t\tDeleteProtection: pulumi.Bool(false),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tMaxMembers: pulumi.Float64(0),\n\t\t\tNotifyRoles: pulumi.String(\"notify details\"),\n\t\t\tPrincipalDomainFilter: pulumi.String(\"user,home,+sports,-sports.dev\"),\n\t\t\tReviewEnabled: pulumi.Bool(false),\n\t\t\tSelfRenew: pulumi.Bool(false),\n\t\t\tSelfRenewMins: pulumi.Float64(90),\n\t\t\tSelfServe: pulumi.Bool(true),\n\t\t\tServiceExpiryDays: pulumi.Float64(120),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"val1,val2\"),\n\t\t\t\t\"key2\": pulumi.String(\"val3,val4\"),\n\t\t\t},\n\t\t\tUserAuthorityExpiration: pulumi.String(\"ElevatedClearance\"),\n\t\t\tUserAuthorityFilter: pulumi.String(\"OnShore-US\"),\n\t\t\tUserExpiryDays: pulumi.Float64(90),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.GroupMeta;\nimport com.pulumi.athenz.GroupMetaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var groupMeta = new GroupMeta(\"groupMeta\", GroupMetaArgs.builder()\n .auditRef(\"update group meta\")\n .deleteProtection(false)\n .domain(\"some_domain\")\n .maxMembers(0)\n .notifyRoles(\"notify details\")\n .principalDomainFilter(\"user,home,+sports,-sports.dev\")\n .reviewEnabled(false)\n .selfRenew(false)\n .selfRenewMins(90)\n .selfServe(true)\n .serviceExpiryDays(120)\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"val1,val2\"),\n Map.entry(\"key2\", \"val3,val4\")\n ))\n .userAuthorityExpiration(\"ElevatedClearance\")\n .userAuthorityFilter(\"OnShore-US\")\n .userExpiryDays(90)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groupMeta:\n type: athenz:GroupMeta\n properties:\n auditRef: update group meta\n deleteProtection: false\n domain: some_domain\n maxMembers: 0\n notifyRoles: notify details\n principalDomainFilter: user,home,+sports,-sports.dev\n reviewEnabled: false\n selfRenew: false\n selfRenewMins: 90\n selfServe: true\n serviceExpiryDays: 120\n tags:\n key1: val1,val2\n key2: val3,val4\n userAuthorityExpiration: ElevatedClearance\n userAuthorityFilter: OnShore-US\n userExpiryDays: 90\n```\n\n\n# athenz.GroupMeta (Resource)\n\n`athenz.GroupMeta` provides an Athenz group meta resource.\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the group\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled groups\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "groupMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "maxMembers": { "type": "number", "description": "maximum number of members allowed in the group\n" }, "name": { "type": "string", "description": "Name of the group\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled groups\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "resourceState": { "type": "number", "description": "Bitmask of resource state flags controlling group behavior when creating or destroying the resource. 0x01: create the group if not already present, 0x02: always delete the group when destroying the resource. Default value is -1 indicating to inherit the value defined at the provider configuration level.\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether group updates require another review and approval\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the group will have specified max expiry days\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of group tags\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the group will have specified max expiry days\n" } }, "type": "object", "required": [ "domain", "groupMetaId", "name" ], "inputProperties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the group\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled groups\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "groupMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "maxMembers": { "type": "number", "description": "maximum number of members allowed in the group\n" }, "name": { "type": "string", "description": "Name of the group\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled groups\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "resourceState": { "type": "number", "description": "Bitmask of resource state flags controlling group behavior when creating or destroying the resource. 0x01: create the group if not already present, 0x02: always delete the group when destroying the resource. Default value is -1 indicating to inherit the value defined at the provider configuration level.\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether group updates require another review and approval\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the group will have specified max expiry days\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of group tags\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the group will have specified max expiry days\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupMeta resources.\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the group\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled groups\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "groupMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "maxMembers": { "type": "number", "description": "maximum number of members allowed in the group\n" }, "name": { "type": "string", "description": "Name of the group\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled groups\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "resourceState": { "type": "number", "description": "Bitmask of resource state flags controlling group behavior when creating or destroying the resource. 0x01: create the group if not already present, 0x02: always delete the group when destroying the resource. Default value is -1 indicating to inherit the value defined at the provider configuration level.\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether group updates require another review and approval\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the group will have specified max expiry days\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of group tags\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the group will have specified max expiry days\n" } }, "type": "object" } }, "athenz:index/policy:Policy": { "description": "`athenz.Policy` provides an Athenz policy resource.\n\n## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst fooPolicy = new athenz.Policy(\"fooPolicy\", {\n assertions: [\n {\n action: \"some_action\",\n effect: \"ALLOW\",\n resource: \"some_domain:some_resource\",\n role: \"some_role_name\",\n },\n {\n action: \"SOME_ACTION\",\n caseSensitive: true,\n effect: \"ALLOW\",\n resource: \"some_domain:some_resource\",\n role: \"some_role_name\",\n },\n ],\n auditRef: \"create policy\",\n domain: \"some_domain\",\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nfoo_policy = athenz.Policy(\"fooPolicy\",\n assertions=[\n {\n \"action\": \"some_action\",\n \"effect\": \"ALLOW\",\n \"resource\": \"some_domain:some_resource\",\n \"role\": \"some_role_name\",\n },\n {\n \"action\": \"SOME_ACTION\",\n \"case_sensitive\": True,\n \"effect\": \"ALLOW\",\n \"resource\": \"some_domain:some_resource\",\n \"role\": \"some_role_name\",\n },\n ],\n audit_ref=\"create policy\",\n domain=\"some_domain\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var fooPolicy = new Athenz.Policy(\"fooPolicy\", new()\n {\n Assertions = new[]\n {\n new Athenz.Inputs.PolicyAssertionArgs\n {\n Action = \"some_action\",\n Effect = \"ALLOW\",\n Resource = \"some_domain:some_resource\",\n Role = \"some_role_name\",\n },\n new Athenz.Inputs.PolicyAssertionArgs\n {\n Action = \"SOME_ACTION\",\n CaseSensitive = true,\n Effect = \"ALLOW\",\n Resource = \"some_domain:some_resource\",\n Role = \"some_role_name\",\n },\n },\n AuditRef = \"create policy\",\n Domain = \"some_domain\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewPolicy(ctx, \"fooPolicy\", &athenz.PolicyArgs{\n\t\t\tAssertions: athenz.PolicyAssertionArray{\n\t\t\t\t&athenz.PolicyAssertionArgs{\n\t\t\t\t\tAction: pulumi.String(\"some_action\"),\n\t\t\t\t\tEffect: pulumi.String(\"ALLOW\"),\n\t\t\t\t\tResource: pulumi.String(\"some_domain:some_resource\"),\n\t\t\t\t\tRole: pulumi.String(\"some_role_name\"),\n\t\t\t\t},\n\t\t\t\t&athenz.PolicyAssertionArgs{\n\t\t\t\t\tAction: pulumi.String(\"SOME_ACTION\"),\n\t\t\t\t\tCaseSensitive: pulumi.Bool(true),\n\t\t\t\t\tEffect: pulumi.String(\"ALLOW\"),\n\t\t\t\t\tResource: pulumi.String(\"some_domain:some_resource\"),\n\t\t\t\t\tRole: pulumi.String(\"some_role_name\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAuditRef: pulumi.String(\"create policy\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.Policy;\nimport com.pulumi.athenz.PolicyArgs;\nimport com.pulumi.athenz.inputs.PolicyAssertionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooPolicy = new Policy(\"fooPolicy\", PolicyArgs.builder()\n .assertions( \n PolicyAssertionArgs.builder()\n .action(\"some_action\")\n .effect(\"ALLOW\")\n .resource(\"some_domain:some_resource\")\n .role(\"some_role_name\")\n .build(),\n PolicyAssertionArgs.builder()\n .action(\"SOME_ACTION\")\n .caseSensitive(true)\n .effect(\"ALLOW\")\n .resource(\"some_domain:some_resource\")\n .role(\"some_role_name\")\n .build())\n .auditRef(\"create policy\")\n .domain(\"some_domain\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooPolicy:\n type: athenz:Policy\n properties:\n assertions:\n - action: some_action\n effect: ALLOW\n resource: some_domain:some_resource\n role: some_role_name\n - action: SOME_ACTION\n caseSensitive: true\n effect: ALLOW\n resource: some_domain:some_resource\n role: some_role_name\n auditRef: create policy\n domain: some_domain\n```\n\n", "properties": { "assertions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyAssertion:PolicyAssertion" }, "description": "A set of assertions that govern usage of resources. where \\n\\n is \\n\\n \\n\\n to \\n\\n on \\n\\n.\n" }, "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that policy belongs to\n" }, "name": { "type": "string", "description": "Name of the policy\n" }, "policyId": { "type": "string", "description": "The ID of this resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "domain", "name", "policyId" ], "inputProperties": { "assertions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyAssertion:PolicyAssertion" }, "description": "A set of assertions that govern usage of resources. where \\n\\n is \\n\\n \\n\\n to \\n\\n on \\n\\n.\n" }, "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that policy belongs to\n" }, "name": { "type": "string", "description": "Name of the policy\n" }, "policyId": { "type": "string", "description": "The ID of this resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "assertions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyAssertion:PolicyAssertion" }, "description": "A set of assertions that govern usage of resources. where \\n\\n is \\n\\n \\n\\n to \\n\\n on \\n\\n.\n" }, "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that policy belongs to\n" }, "name": { "type": "string", "description": "Name of the policy\n" }, "policyId": { "type": "string", "description": "The ID of this resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" } }, "athenz:index/policyVersion:PolicyVersion": { "description": "`athenz.PolicyVersion` provides an Athenz policy resource with all of its versions.\n\n## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst policyWithVersion = new athenz.PolicyVersion(\"policyWithVersion\", {\n activeVersion: \"version1\",\n auditRef: \"create policy\",\n domain: \"some_domain\",\n versions: [\n {\n assertions: [{\n action: \"*\",\n effect: \"ALLOW\",\n resource: \"some_domain:resource1\",\n role: \"role1\",\n }],\n versionName: \"version1\",\n },\n {\n assertions: [\n {\n action: \"*\",\n caseSensitive: true,\n effect: \"ALLOW\",\n resource: \"some_domain:RESOURCE2\",\n role: \"role2\",\n },\n {\n action: \"PLAY\",\n caseSensitive: true,\n effect: \"DENY\",\n resource: \"some_domain:resource2\",\n role: \"role2\",\n },\n ],\n versionName: \"version2\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\npolicy_with_version = athenz.PolicyVersion(\"policyWithVersion\",\n active_version=\"version1\",\n audit_ref=\"create policy\",\n domain=\"some_domain\",\n versions=[\n {\n \"assertions\": [{\n \"action\": \"*\",\n \"effect\": \"ALLOW\",\n \"resource\": \"some_domain:resource1\",\n \"role\": \"role1\",\n }],\n \"version_name\": \"version1\",\n },\n {\n \"assertions\": [\n {\n \"action\": \"*\",\n \"case_sensitive\": True,\n \"effect\": \"ALLOW\",\n \"resource\": \"some_domain:RESOURCE2\",\n \"role\": \"role2\",\n },\n {\n \"action\": \"PLAY\",\n \"case_sensitive\": True,\n \"effect\": \"DENY\",\n \"resource\": \"some_domain:resource2\",\n \"role\": \"role2\",\n },\n ],\n \"version_name\": \"version2\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var policyWithVersion = new Athenz.PolicyVersion(\"policyWithVersion\", new()\n {\n ActiveVersion = \"version1\",\n AuditRef = \"create policy\",\n Domain = \"some_domain\",\n Versions = new[]\n {\n new Athenz.Inputs.PolicyVersionVersionArgs\n {\n Assertions = new[]\n {\n new Athenz.Inputs.PolicyVersionVersionAssertionArgs\n {\n Action = \"*\",\n Effect = \"ALLOW\",\n Resource = \"some_domain:resource1\",\n Role = \"role1\",\n },\n },\n VersionName = \"version1\",\n },\n new Athenz.Inputs.PolicyVersionVersionArgs\n {\n Assertions = new[]\n {\n new Athenz.Inputs.PolicyVersionVersionAssertionArgs\n {\n Action = \"*\",\n CaseSensitive = true,\n Effect = \"ALLOW\",\n Resource = \"some_domain:RESOURCE2\",\n Role = \"role2\",\n },\n new Athenz.Inputs.PolicyVersionVersionAssertionArgs\n {\n Action = \"PLAY\",\n CaseSensitive = true,\n Effect = \"DENY\",\n Resource = \"some_domain:resource2\",\n Role = \"role2\",\n },\n },\n VersionName = \"version2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewPolicyVersion(ctx, \"policyWithVersion\", &athenz.PolicyVersionArgs{\n\t\t\tActiveVersion: pulumi.String(\"version1\"),\n\t\t\tAuditRef: pulumi.String(\"create policy\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tVersions: athenz.PolicyVersionVersionArray{\n\t\t\t\t&athenz.PolicyVersionVersionArgs{\n\t\t\t\t\tAssertions: athenz.PolicyVersionVersionAssertionArray{\n\t\t\t\t\t\t&athenz.PolicyVersionVersionAssertionArgs{\n\t\t\t\t\t\t\tAction: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tEffect: pulumi.String(\"ALLOW\"),\n\t\t\t\t\t\t\tResource: pulumi.String(\"some_domain:resource1\"),\n\t\t\t\t\t\t\tRole: pulumi.String(\"role1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVersionName: pulumi.String(\"version1\"),\n\t\t\t\t},\n\t\t\t\t&athenz.PolicyVersionVersionArgs{\n\t\t\t\t\tAssertions: athenz.PolicyVersionVersionAssertionArray{\n\t\t\t\t\t\t&athenz.PolicyVersionVersionAssertionArgs{\n\t\t\t\t\t\t\tAction: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tCaseSensitive: pulumi.Bool(true),\n\t\t\t\t\t\t\tEffect: pulumi.String(\"ALLOW\"),\n\t\t\t\t\t\t\tResource: pulumi.String(\"some_domain:RESOURCE2\"),\n\t\t\t\t\t\t\tRole: pulumi.String(\"role2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t&athenz.PolicyVersionVersionAssertionArgs{\n\t\t\t\t\t\t\tAction: pulumi.String(\"PLAY\"),\n\t\t\t\t\t\t\tCaseSensitive: pulumi.Bool(true),\n\t\t\t\t\t\t\tEffect: pulumi.String(\"DENY\"),\n\t\t\t\t\t\t\tResource: pulumi.String(\"some_domain:resource2\"),\n\t\t\t\t\t\t\tRole: pulumi.String(\"role2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVersionName: pulumi.String(\"version2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.PolicyVersion;\nimport com.pulumi.athenz.PolicyVersionArgs;\nimport com.pulumi.athenz.inputs.PolicyVersionVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var policyWithVersion = new PolicyVersion(\"policyWithVersion\", PolicyVersionArgs.builder()\n .activeVersion(\"version1\")\n .auditRef(\"create policy\")\n .domain(\"some_domain\")\n .versions( \n PolicyVersionVersionArgs.builder()\n .assertions(PolicyVersionVersionAssertionArgs.builder()\n .action(\"*\")\n .effect(\"ALLOW\")\n .resource(\"some_domain:resource1\")\n .role(\"role1\")\n .build())\n .versionName(\"version1\")\n .build(),\n PolicyVersionVersionArgs.builder()\n .assertions( \n PolicyVersionVersionAssertionArgs.builder()\n .action(\"*\")\n .caseSensitive(true)\n .effect(\"ALLOW\")\n .resource(\"some_domain:RESOURCE2\")\n .role(\"role2\")\n .build(),\n PolicyVersionVersionAssertionArgs.builder()\n .action(\"PLAY\")\n .caseSensitive(true)\n .effect(\"DENY\")\n .resource(\"some_domain:resource2\")\n .role(\"role2\")\n .build())\n .versionName(\"version2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policyWithVersion:\n type: athenz:PolicyVersion\n properties:\n activeVersion: version1\n auditRef: create policy\n domain: some_domain\n versions:\n - assertions:\n - action: '*'\n effect: ALLOW\n resource: some_domain:resource1\n role: role1\n versionName: version1\n - assertions:\n - action: '*'\n caseSensitive: true\n effect: ALLOW\n resource: some_domain:RESOURCE2\n role: role2\n - action: PLAY\n caseSensitive: true\n effect: DENY\n resource: some_domain:resource2\n role: role2\n versionName: version2\n```\n\n", "properties": { "activeVersion": { "type": "string", "description": "The active version of the policy. Must match one of the version name defined un the resource\n" }, "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that policy belongs to\n" }, "name": { "type": "string", "description": "Name of the policy\n" }, "policyVersionId": { "type": "string", "description": "The ID of this resource.\n" }, "versions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyVersionVersion:PolicyVersionVersion" }, "description": "- A set of policy versions\n" } }, "type": "object", "required": [ "activeVersion", "domain", "name", "policyVersionId", "versions" ], "inputProperties": { "activeVersion": { "type": "string", "description": "The active version of the policy. Must match one of the version name defined un the resource\n" }, "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that policy belongs to\n" }, "name": { "type": "string", "description": "Name of the policy\n" }, "policyVersionId": { "type": "string", "description": "The ID of this resource.\n" }, "versions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyVersionVersion:PolicyVersionVersion" }, "description": "- A set of policy versions\n" } }, "requiredInputs": [ "activeVersion", "domain", "versions" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyVersion resources.\n", "properties": { "activeVersion": { "type": "string", "description": "The active version of the policy. Must match one of the version name defined un the resource\n" }, "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that policy belongs to\n" }, "name": { "type": "string", "description": "Name of the policy\n" }, "policyVersionId": { "type": "string", "description": "The ID of this resource.\n" }, "versions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FPolicyVersionVersion:PolicyVersionVersion" }, "description": "- A set of policy versions\n" } }, "type": "object" } }, "athenz:index/role:Role": { "description": "`athenz.Role` provides an Athenz role resource.\n\n## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.Role;\nimport com.pulumi.athenz.RoleArgs;\nimport com.pulumi.athenz.inputs.RoleSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooRole = new Role(\"fooRole\", RoleArgs.builder()\n .auditRef(\"create role\")\n .domain(\"some_domain\")\n .members( \n Map.ofEntries(\n Map.entry(\"expiration\", \"2022-12-29 23:59:59\"),\n Map.entry(\"name\", \"domain1.user1\"),\n Map.entry(\"review\", \"2023-12-29 23:59:59\")\n ),\n Map.ofEntries(\n Map.entry(\"expiration\", \"2022-12-29 23:59:59\"),\n Map.entry(\"name\", \"domain2.user2\"),\n Map.entry(\"review\", \"2023-12-29 23:59:59\")\n ),\n Map.ofEntries(\n Map.entry(\"expiration\", \"2022-12-29 23:59:59\"),\n Map.entry(\"name\", \"domain3.user3\"),\n Map.entry(\"review\", \"2023-12-29 23:59:59\")\n ))\n .settings(RoleSettingsArgs.builder()\n .certExpiryMins(60)\n .groupExpiryDays(14)\n .groupReviewDays(14)\n .serviceExpiryDays(21)\n .serviceReviewDays(21)\n .tokenExpiryMins(60)\n .userExpiryDays(7)\n .userReviewDays(7)\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"val1,val2\"),\n Map.entry(\"key2\", \"val3,val4\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooRole:\n type: athenz:Role\n properties:\n auditRef: create role\n domain: some_domain\n members:\n - expiration: 2022-12-29 23:59:59\n name: domain1.user1\n review: 2023-12-29 23:59:59\n - expiration: 2022-12-29 23:59:59\n name: domain2.user2\n review: 2023-12-29 23:59:59\n - expiration: 2022-12-29 23:59:59\n name: domain3.user3\n review: 2023-12-29 23:59:59\n settings:\n certExpiryMins: 60\n groupExpiryDays: 14\n groupReviewDays: 14\n serviceExpiryDays: 21\n serviceReviewDays: 21\n tokenExpiryMins: 60\n userExpiryDays: 7\n userReviewDays: 7\n tags:\n key1: val1,val2\n key2: val3,val4\n```\n\n\n\n### Deprecated** (Please Use As Explained In The Second Example)\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst fooRole = new athenz.Role(\"fooRole\", {\n auditRef: \"create role\",\n domain: \"some_domain\",\n members: [\n \"domain1.user1\",\n \"domain2.user2\",\n ],\n tags: {\n key1: \"val1,val2\",\n key2: \"val3,val4\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nfoo_role = athenz.Role(\"fooRole\",\n audit_ref=\"create role\",\n domain=\"some_domain\",\n members=[\n \"domain1.user1\",\n \"domain2.user2\",\n ],\n tags={\n \"key1\": \"val1,val2\",\n \"key2\": \"val3,val4\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var fooRole = new Athenz.Role(\"fooRole\", new()\n {\n AuditRef = \"create role\",\n Domain = \"some_domain\",\n Members = new[]\n {\n \"domain1.user1\",\n \"domain2.user2\",\n },\n Tags = \n {\n { \"key1\", \"val1,val2\" },\n { \"key2\", \"val3,val4\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewRole(ctx, \"fooRole\", &athenz.RoleArgs{\n\t\t\tAuditRef: pulumi.String(\"create role\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"domain1.user1\"),\n\t\t\t\tpulumi.String(\"domain2.user2\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"val1,val2\"),\n\t\t\t\t\"key2\": pulumi.String(\"val3,val4\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.Role;\nimport com.pulumi.athenz.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooRole = new Role(\"fooRole\", RoleArgs.builder()\n .auditRef(\"create role\")\n .domain(\"some_domain\")\n .members( \n \"domain1.user1\",\n \"domain2.user2\")\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"val1,val2\"),\n Map.entry(\"key2\", \"val3,val4\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooRole:\n type: athenz:Role\n properties:\n auditRef: create role\n domain: some_domain\n members:\n - domain1.user1\n - domain2.user2\n tags:\n key1: val1,val2\n key2: val3,val4\n```\n\n\n## Example Delegated Role Usage\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst fooRole = new athenz.Role(\"fooRole\", {\n auditRef: \"create delegated role\",\n domain: \"some_domain\",\n trust: \"some_delegated_domain\",\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nfoo_role = athenz.Role(\"fooRole\",\n audit_ref=\"create delegated role\",\n domain=\"some_domain\",\n trust=\"some_delegated_domain\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var fooRole = new Athenz.Role(\"fooRole\", new()\n {\n AuditRef = \"create delegated role\",\n Domain = \"some_domain\",\n Trust = \"some_delegated_domain\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewRole(ctx, \"fooRole\", &athenz.RoleArgs{\n\t\t\tAuditRef: pulumi.String(\"create delegated role\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tTrust: pulumi.String(\"some_delegated_domain\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.Role;\nimport com.pulumi.athenz.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooRole = new Role(\"fooRole\", RoleArgs.builder()\n .auditRef(\"create delegated role\")\n .domain(\"some_domain\")\n .trust(\"some_delegated_domain\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooRole:\n type: athenz:Role\n properties:\n auditRef: create delegated role\n domain: some_domain\n trust: some_delegated_domain\n```\n\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the role\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled roles\n" }, "description": { "type": "string", "description": "description for the role\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "lastReviewedDate": { "type": "string", "description": "The last reviewed timestamp for the role\n" }, "member": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FRoleMember:RoleMember" }, "description": "A set of Athenz principal members\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "**Deprecated** use member attribute instead (Optional) List of Athenz principal members. must be in this format: `user. or . or :group.`.\n", "deprecationMessage": "Deprecated" }, "name": { "type": "string", "description": "Name of the role\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled roles\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether role updates require another review and approval\n" }, "roleId": { "type": "string", "description": "The ID of this resource.\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n" }, "settings": { "$ref": "#/types/athenz:index%2FRoleSettings:RoleSettings", "description": "A map of advanced settings with the following options\n" }, "signAlgorithm": { "type": "string", "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "- Map of tags. The key is the tag-name and value is the tag-values are represented as a string with a comma separator. e.g. key1 = \"val1,val2\", this will be converted to: key1 = [\"val1\", \"val2\"]\n" }, "trust": { "type": "string", "description": "The domain, which this role is trusted to.\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" } }, "type": "object", "required": [ "domain", "name", "roleId" ], "inputProperties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the role\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled roles\n" }, "description": { "type": "string", "description": "description for the role\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "lastReviewedDate": { "type": "string", "description": "The last reviewed timestamp for the role\n" }, "member": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FRoleMember:RoleMember" }, "description": "A set of Athenz principal members\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "**Deprecated** use member attribute instead (Optional) List of Athenz principal members. must be in this format: `user. or . or :group.`.\n", "deprecationMessage": "Deprecated" }, "name": { "type": "string", "description": "Name of the role\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled roles\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether role updates require another review and approval\n" }, "roleId": { "type": "string", "description": "The ID of this resource.\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n" }, "settings": { "$ref": "#/types/athenz:index%2FRoleSettings:RoleSettings", "description": "A map of advanced settings with the following options\n" }, "signAlgorithm": { "type": "string", "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "- Map of tags. The key is the tag-name and value is the tag-values are represented as a string with a comma separator. e.g. key1 = \"val1,val2\", this will be converted to: key1 = [\"val1\", \"val2\"]\n" }, "trust": { "type": "string", "description": "The domain, which this role is trusted to.\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering Role resources.\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the role\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled roles\n" }, "description": { "type": "string", "description": "description for the role\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "lastReviewedDate": { "type": "string", "description": "The last reviewed timestamp for the role\n" }, "member": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FRoleMember:RoleMember" }, "description": "A set of Athenz principal members\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "**Deprecated** use member attribute instead (Optional) List of Athenz principal members. must be in this format: `user. or . or :group.`.\n", "deprecationMessage": "Deprecated" }, "name": { "type": "string", "description": "Name of the role\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled roles\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether role updates require another review and approval\n" }, "roleId": { "type": "string", "description": "The ID of this resource.\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n" }, "settings": { "$ref": "#/types/athenz:index%2FRoleSettings:RoleSettings", "description": "A map of advanced settings with the following options\n" }, "signAlgorithm": { "type": "string", "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "- Map of tags. The key is the tag-name and value is the tag-values are represented as a string with a comma separator. e.g. key1 = \"val1,val2\", this will be converted to: key1 = [\"val1\", \"val2\"]\n" }, "trust": { "type": "string", "description": "The domain, which this role is trusted to.\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" } }, "type": "object" } }, "athenz:index/roleMembers:RoleMembers": { "description": "`athenz.RoleMembers` provides an Athenz role resource.\n\n## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst fooRole = new athenz.RoleMembers(\"fooRole\", {\n auditRef: \"manage role membership\",\n domain: \"some_domain\",\n members: [\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain1.user1\",\n review: \"2023-12-29 23:59:59\",\n },\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain2.user2\",\n review: \"2023-12-29 23:59:59\",\n },\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain3.user3\",\n review: \"2023-12-29 23:59:59\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nfoo_role = athenz.RoleMembers(\"fooRole\",\n audit_ref=\"manage role membership\",\n domain=\"some_domain\",\n members=[\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain1.user1\",\n \"review\": \"2023-12-29 23:59:59\",\n },\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain2.user2\",\n \"review\": \"2023-12-29 23:59:59\",\n },\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain3.user3\",\n \"review\": \"2023-12-29 23:59:59\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var fooRole = new Athenz.RoleMembers(\"fooRole\", new()\n {\n AuditRef = \"manage role membership\",\n Domain = \"some_domain\",\n Members = new[]\n {\n new Athenz.Inputs.RoleMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain1.user1\",\n Review = \"2023-12-29 23:59:59\",\n },\n new Athenz.Inputs.RoleMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain2.user2\",\n Review = \"2023-12-29 23:59:59\",\n },\n new Athenz.Inputs.RoleMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain3.user3\",\n Review = \"2023-12-29 23:59:59\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewRoleMembers(ctx, \"fooRole\", &athenz.RoleMembersArgs{\n\t\t\tAuditRef: pulumi.String(\"manage role membership\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tMembers: athenz.RoleMembersMemberArray{\n\t\t\t\t&athenz.RoleMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain1.user1\"),\n\t\t\t\t\tReview: pulumi.String(\"2023-12-29 23:59:59\"),\n\t\t\t\t},\n\t\t\t\t&athenz.RoleMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain2.user2\"),\n\t\t\t\t\tReview: pulumi.String(\"2023-12-29 23:59:59\"),\n\t\t\t\t},\n\t\t\t\t&athenz.RoleMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain3.user3\"),\n\t\t\t\t\tReview: pulumi.String(\"2023-12-29 23:59:59\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.RoleMembers;\nimport com.pulumi.athenz.RoleMembersArgs;\nimport com.pulumi.athenz.inputs.RoleMembersMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooRole = new RoleMembers(\"fooRole\", RoleMembersArgs.builder()\n .auditRef(\"manage role membership\")\n .domain(\"some_domain\")\n .members( \n RoleMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain1.user1\")\n .review(\"2023-12-29 23:59:59\")\n .build(),\n RoleMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain2.user2\")\n .review(\"2023-12-29 23:59:59\")\n .build(),\n RoleMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain3.user3\")\n .review(\"2023-12-29 23:59:59\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooRole:\n type: athenz:RoleMembers\n properties:\n auditRef: manage role membership\n domain: some_domain\n members:\n - expiration: 2022-12-29 23:59:59\n name: domain1.user1\n review: 2023-12-29 23:59:59\n - expiration: 2022-12-29 23:59:59\n name: domain2.user2\n review: 2023-12-29 23:59:59\n - expiration: 2022-12-29 23:59:59\n name: domain3.user3\n review: 2023-12-29 23:59:59\n```\n\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FRoleMembersMember:RoleMembersMember" }, "description": "A set of Athenz principal members\n" }, "name": { "type": "string", "description": "Name of the role\n" }, "roleMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object", "required": [ "domain", "name", "roleMembersId" ], "inputProperties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FRoleMembersMember:RoleMembersMember" }, "description": "A set of Athenz principal members\n" }, "name": { "type": "string", "description": "Name of the role\n" }, "roleMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoleMembers resources.\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FRoleMembersMember:RoleMembersMember" }, "description": "A set of Athenz principal members\n" }, "name": { "type": "string", "description": "Name of the role\n" }, "roleMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object" } }, "athenz:index/roleMeta:RoleMeta": { "description": "## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst roleMeta = new athenz.RoleMeta(\"roleMeta\", {\n auditRef: \"update role meta\",\n certExpiryMins: 720,\n deleteProtection: false,\n description: \"meta role test description\",\n domain: \"some_domain\",\n groupExpiryDays: 90,\n groupReviewDays: 60,\n maxMembers: 250,\n notifyDetails: \"notify details\",\n notifyRoles: \"role1,role2\",\n principalDomainFilter: \"user,home,+sports,-sports.dev\",\n reviewEnabled: false,\n selfRenew: false,\n selfRenewMins: 90,\n selfServe: true,\n serviceExpiryDays: 90,\n serviceReviewDays: 120,\n signAlgorithm: \"ec\",\n tags: {\n key1: \"val1,val2\",\n key2: \"val3,val4\",\n },\n tokenExpiryMins: 360,\n userAuthorityExpiration: \"ElevatedClearance\",\n userAuthorityFilter: \"OnShore-US\",\n userExpiryDays: 90,\n userReviewDays: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nrole_meta = athenz.RoleMeta(\"roleMeta\",\n audit_ref=\"update role meta\",\n cert_expiry_mins=720,\n delete_protection=False,\n description=\"meta role test description\",\n domain=\"some_domain\",\n group_expiry_days=90,\n group_review_days=60,\n max_members=250,\n notify_details=\"notify details\",\n notify_roles=\"role1,role2\",\n principal_domain_filter=\"user,home,+sports,-sports.dev\",\n review_enabled=False,\n self_renew=False,\n self_renew_mins=90,\n self_serve=True,\n service_expiry_days=90,\n service_review_days=120,\n sign_algorithm=\"ec\",\n tags={\n \"key1\": \"val1,val2\",\n \"key2\": \"val3,val4\",\n },\n token_expiry_mins=360,\n user_authority_expiration=\"ElevatedClearance\",\n user_authority_filter=\"OnShore-US\",\n user_expiry_days=90,\n user_review_days=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var roleMeta = new Athenz.RoleMeta(\"roleMeta\", new()\n {\n AuditRef = \"update role meta\",\n CertExpiryMins = 720,\n DeleteProtection = false,\n Description = \"meta role test description\",\n Domain = \"some_domain\",\n GroupExpiryDays = 90,\n GroupReviewDays = 60,\n MaxMembers = 250,\n NotifyDetails = \"notify details\",\n NotifyRoles = \"role1,role2\",\n PrincipalDomainFilter = \"user,home,+sports,-sports.dev\",\n ReviewEnabled = false,\n SelfRenew = false,\n SelfRenewMins = 90,\n SelfServe = true,\n ServiceExpiryDays = 90,\n ServiceReviewDays = 120,\n SignAlgorithm = \"ec\",\n Tags = \n {\n { \"key1\", \"val1,val2\" },\n { \"key2\", \"val3,val4\" },\n },\n TokenExpiryMins = 360,\n UserAuthorityExpiration = \"ElevatedClearance\",\n UserAuthorityFilter = \"OnShore-US\",\n UserExpiryDays = 90,\n UserReviewDays = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewRoleMeta(ctx, \"roleMeta\", &athenz.RoleMetaArgs{\n\t\t\tAuditRef: pulumi.String(\"update role meta\"),\n\t\t\tCertExpiryMins: pulumi.Float64(720),\n\t\t\tDeleteProtection: pulumi.Bool(false),\n\t\t\tDescription: pulumi.String(\"meta role test description\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tGroupExpiryDays: pulumi.Float64(90),\n\t\t\tGroupReviewDays: pulumi.Float64(60),\n\t\t\tMaxMembers: pulumi.Float64(250),\n\t\t\tNotifyDetails: pulumi.String(\"notify details\"),\n\t\t\tNotifyRoles: pulumi.String(\"role1,role2\"),\n\t\t\tPrincipalDomainFilter: pulumi.String(\"user,home,+sports,-sports.dev\"),\n\t\t\tReviewEnabled: pulumi.Bool(false),\n\t\t\tSelfRenew: pulumi.Bool(false),\n\t\t\tSelfRenewMins: pulumi.Float64(90),\n\t\t\tSelfServe: pulumi.Bool(true),\n\t\t\tServiceExpiryDays: pulumi.Float64(90),\n\t\t\tServiceReviewDays: pulumi.Float64(120),\n\t\t\tSignAlgorithm: pulumi.String(\"ec\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"val1,val2\"),\n\t\t\t\t\"key2\": pulumi.String(\"val3,val4\"),\n\t\t\t},\n\t\t\tTokenExpiryMins: pulumi.Float64(360),\n\t\t\tUserAuthorityExpiration: pulumi.String(\"ElevatedClearance\"),\n\t\t\tUserAuthorityFilter: pulumi.String(\"OnShore-US\"),\n\t\t\tUserExpiryDays: pulumi.Float64(90),\n\t\t\tUserReviewDays: pulumi.Float64(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.RoleMeta;\nimport com.pulumi.athenz.RoleMetaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var roleMeta = new RoleMeta(\"roleMeta\", RoleMetaArgs.builder()\n .auditRef(\"update role meta\")\n .certExpiryMins(720)\n .deleteProtection(false)\n .description(\"meta role test description\")\n .domain(\"some_domain\")\n .groupExpiryDays(90)\n .groupReviewDays(60)\n .maxMembers(250)\n .notifyDetails(\"notify details\")\n .notifyRoles(\"role1,role2\")\n .principalDomainFilter(\"user,home,+sports,-sports.dev\")\n .reviewEnabled(false)\n .selfRenew(false)\n .selfRenewMins(90)\n .selfServe(true)\n .serviceExpiryDays(90)\n .serviceReviewDays(120)\n .signAlgorithm(\"ec\")\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"val1,val2\"),\n Map.entry(\"key2\", \"val3,val4\")\n ))\n .tokenExpiryMins(360)\n .userAuthorityExpiration(\"ElevatedClearance\")\n .userAuthorityFilter(\"OnShore-US\")\n .userExpiryDays(90)\n .userReviewDays(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n roleMeta:\n type: athenz:RoleMeta\n properties:\n auditRef: update role meta\n certExpiryMins: 720\n deleteProtection: false\n description: meta role test description\n domain: some_domain\n groupExpiryDays: 90\n groupReviewDays: 60\n maxMembers: 250\n notifyDetails: notify details\n notifyRoles: role1,role2\n principalDomainFilter: user,home,+sports,-sports.dev\n reviewEnabled: false\n selfRenew: false\n selfRenewMins: 90\n selfServe: true\n serviceExpiryDays: 90\n serviceReviewDays: 120\n signAlgorithm: ec\n tags:\n key1: val1,val2\n key2: val3,val4\n tokenExpiryMins: 360\n userAuthorityExpiration: ElevatedClearance\n userAuthorityFilter: OnShore-US\n userExpiryDays: 90\n userReviewDays: 60\n```\n\n\n# athenz.RoleMeta (Resource)\n\n`athenz.RoleMeta` provides an Athenz role meta resource.\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the role\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "certExpiryMins": { "type": "number", "description": "role certs issued for this role will have specified max timeout in minutes\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled roles\n" }, "description": { "type": "string", "description": "description for the role\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "groupExpiryDays": { "type": "number", "description": "all groups in the role will have specified max expiry days\n" }, "groupReviewDays": { "type": "number", "description": "all groups in the role will have specified review reminder days\n" }, "maxMembers": { "type": "number", "description": "maximum number of members allowed in the role\n" }, "name": { "type": "string", "description": "Name of the role\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled roles\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "resourceState": { "type": "number", "description": "Bitmask of resource state flags controlling role behavior when creating or destroying the resource. 0x01: create the role if not already present, 0x02: always delete the role when destroying the resource. Default value is -1 indicating to inherit the value defined at the provider configuration level\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether role updates require another review and approval\n" }, "roleMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the role will have specified max expiry days\n" }, "serviceReviewDays": { "type": "number", "description": "all services in the role will have specified review reminder days\n" }, "signAlgorithm": { "type": "string", "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of role tags\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this role will have specified max timeout in minutes\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the role will have specified max expiry days\n" }, "userReviewDays": { "type": "number", "description": "all user members in the role will have specified review reminder days\n" } }, "type": "object", "required": [ "domain", "name", "roleMetaId" ], "inputProperties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the role\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "certExpiryMins": { "type": "number", "description": "role certs issued for this role will have specified max timeout in minutes\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled roles\n" }, "description": { "type": "string", "description": "description for the role\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "groupExpiryDays": { "type": "number", "description": "all groups in the role will have specified max expiry days\n" }, "groupReviewDays": { "type": "number", "description": "all groups in the role will have specified review reminder days\n" }, "maxMembers": { "type": "number", "description": "maximum number of members allowed in the role\n" }, "name": { "type": "string", "description": "Name of the role\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled roles\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "resourceState": { "type": "number", "description": "Bitmask of resource state flags controlling role behavior when creating or destroying the resource. 0x01: create the role if not already present, 0x02: always delete the role when destroying the resource. Default value is -1 indicating to inherit the value defined at the provider configuration level\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether role updates require another review and approval\n" }, "roleMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the role will have specified max expiry days\n" }, "serviceReviewDays": { "type": "number", "description": "all services in the role will have specified review reminder days\n" }, "signAlgorithm": { "type": "string", "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of role tags\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this role will have specified max timeout in minutes\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the role will have specified max expiry days\n" }, "userReviewDays": { "type": "number", "description": "all user members in the role will have specified review reminder days\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoleMeta resources.\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the role\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "certExpiryMins": { "type": "number", "description": "role certs issued for this role will have specified max timeout in minutes\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled roles\n" }, "description": { "type": "string", "description": "description for the role\n" }, "domain": { "type": "string", "description": "name of the domain\n" }, "groupExpiryDays": { "type": "number", "description": "all groups in the role will have specified max expiry days\n" }, "groupReviewDays": { "type": "number", "description": "all groups in the role will have specified review reminder days\n" }, "maxMembers": { "type": "number", "description": "maximum number of members allowed in the role\n" }, "name": { "type": "string", "description": "Name of the role\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled roles\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "resourceState": { "type": "number", "description": "Bitmask of resource state flags controlling role behavior when creating or destroying the resource. 0x01: create the role if not already present, 0x02: always delete the role when destroying the resource. Default value is -1 indicating to inherit the value defined at the provider configuration level\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether role updates require another review and approval\n" }, "roleMetaId": { "type": "string", "description": "The ID of this resource.\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n" }, "serviceExpiryDays": { "type": "number", "description": "all services in the role will have specified max expiry days\n" }, "serviceReviewDays": { "type": "number", "description": "all services in the role will have specified review reminder days\n" }, "signAlgorithm": { "type": "string", "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of role tags\n" }, "tokenExpiryMins": { "type": "number", "description": "tokens issued for this role will have specified max timeout in minutes\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" }, "userExpiryDays": { "type": "number", "description": "all user members in the role will have specified max expiry days\n" }, "userReviewDays": { "type": "number", "description": "all user members in the role will have specified review reminder days\n" } }, "type": "object" } }, "athenz:index/selfServeGroupMembers:SelfServeGroupMembers": { "description": "## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst fooGroup = new athenz.SelfServeGroupMembers(\"fooGroup\", {\n auditRef: \"manage group membership\",\n domain: \"some_domain\",\n members: [\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain1.user1\",\n },\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain2.user2\",\n },\n {\n name: \"domain3.user3\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nfoo_group = athenz.SelfServeGroupMembers(\"fooGroup\",\n audit_ref=\"manage group membership\",\n domain=\"some_domain\",\n members=[\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain1.user1\",\n },\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain2.user2\",\n },\n {\n \"name\": \"domain3.user3\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var fooGroup = new Athenz.SelfServeGroupMembers(\"fooGroup\", new()\n {\n AuditRef = \"manage group membership\",\n Domain = \"some_domain\",\n Members = new[]\n {\n new Athenz.Inputs.SelfServeGroupMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain1.user1\",\n },\n new Athenz.Inputs.SelfServeGroupMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain2.user2\",\n },\n new Athenz.Inputs.SelfServeGroupMembersMemberArgs\n {\n Name = \"domain3.user3\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewSelfServeGroupMembers(ctx, \"fooGroup\", &athenz.SelfServeGroupMembersArgs{\n\t\t\tAuditRef: pulumi.String(\"manage group membership\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tMembers: athenz.SelfServeGroupMembersMemberArray{\n\t\t\t\t&athenz.SelfServeGroupMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain1.user1\"),\n\t\t\t\t},\n\t\t\t\t&athenz.SelfServeGroupMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain2.user2\"),\n\t\t\t\t},\n\t\t\t\t&athenz.SelfServeGroupMembersMemberArgs{\n\t\t\t\t\tName: pulumi.String(\"domain3.user3\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.SelfServeGroupMembers;\nimport com.pulumi.athenz.SelfServeGroupMembersArgs;\nimport com.pulumi.athenz.inputs.SelfServeGroupMembersMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooGroup = new SelfServeGroupMembers(\"fooGroup\", SelfServeGroupMembersArgs.builder()\n .auditRef(\"manage group membership\")\n .domain(\"some_domain\")\n .members( \n SelfServeGroupMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain1.user1\")\n .build(),\n SelfServeGroupMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain2.user2\")\n .build(),\n SelfServeGroupMembersMemberArgs.builder()\n .name(\"domain3.user3\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooGroup:\n type: athenz:SelfServeGroupMembers\n properties:\n auditRef: manage group membership\n domain: some_domain\n members:\n - expiration: 2022-12-29 23:59:59\n name: domain1.user1\n - expiration: 2022-12-29 23:59:59\n name: domain2.user2\n - name: domain3.user3\n```\n\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FSelfServeGroupMembersMember:SelfServeGroupMembersMember" } }, "name": { "type": "string", "description": "Name of the group\n" }, "selfServeGroupMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object", "required": [ "domain", "name", "selfServeGroupMembersId" ], "inputProperties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FSelfServeGroupMembersMember:SelfServeGroupMembersMember" } }, "name": { "type": "string", "description": "Name of the group\n" }, "selfServeGroupMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering SelfServeGroupMembers resources.\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that group belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FSelfServeGroupMembersMember:SelfServeGroupMembersMember" } }, "name": { "type": "string", "description": "Name of the group\n" }, "selfServeGroupMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object" } }, "athenz:index/selfServeRoleMembers:SelfServeRoleMembers": { "description": "## Example Usage\n\nIMPORTANT NOTE: please do NOT use json syntax but only hcl syntax\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst fooRole = new athenz.SelfServeRoleMembers(\"fooRole\", {\n auditRef: \"manage role membership\",\n domain: \"some_domain\",\n members: [\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain1.user1\",\n review: \"2023-12-29 23:59:59\",\n },\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain2.user2\",\n review: \"2023-12-29 23:59:59\",\n },\n {\n expiration: \"2022-12-29 23:59:59\",\n name: \"domain3.user3\",\n review: \"2023-12-29 23:59:59\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nfoo_role = athenz.SelfServeRoleMembers(\"fooRole\",\n audit_ref=\"manage role membership\",\n domain=\"some_domain\",\n members=[\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain1.user1\",\n \"review\": \"2023-12-29 23:59:59\",\n },\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain2.user2\",\n \"review\": \"2023-12-29 23:59:59\",\n },\n {\n \"expiration\": \"2022-12-29 23:59:59\",\n \"name\": \"domain3.user3\",\n \"review\": \"2023-12-29 23:59:59\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var fooRole = new Athenz.SelfServeRoleMembers(\"fooRole\", new()\n {\n AuditRef = \"manage role membership\",\n Domain = \"some_domain\",\n Members = new[]\n {\n new Athenz.Inputs.SelfServeRoleMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain1.user1\",\n Review = \"2023-12-29 23:59:59\",\n },\n new Athenz.Inputs.SelfServeRoleMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain2.user2\",\n Review = \"2023-12-29 23:59:59\",\n },\n new Athenz.Inputs.SelfServeRoleMembersMemberArgs\n {\n Expiration = \"2022-12-29 23:59:59\",\n Name = \"domain3.user3\",\n Review = \"2023-12-29 23:59:59\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewSelfServeRoleMembers(ctx, \"fooRole\", &athenz.SelfServeRoleMembersArgs{\n\t\t\tAuditRef: pulumi.String(\"manage role membership\"),\n\t\t\tDomain: pulumi.String(\"some_domain\"),\n\t\t\tMembers: athenz.SelfServeRoleMembersMemberArray{\n\t\t\t\t&athenz.SelfServeRoleMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain1.user1\"),\n\t\t\t\t\tReview: pulumi.String(\"2023-12-29 23:59:59\"),\n\t\t\t\t},\n\t\t\t\t&athenz.SelfServeRoleMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain2.user2\"),\n\t\t\t\t\tReview: pulumi.String(\"2023-12-29 23:59:59\"),\n\t\t\t\t},\n\t\t\t\t&athenz.SelfServeRoleMembersMemberArgs{\n\t\t\t\t\tExpiration: pulumi.String(\"2022-12-29 23:59:59\"),\n\t\t\t\t\tName: pulumi.String(\"domain3.user3\"),\n\t\t\t\t\tReview: pulumi.String(\"2023-12-29 23:59:59\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.SelfServeRoleMembers;\nimport com.pulumi.athenz.SelfServeRoleMembersArgs;\nimport com.pulumi.athenz.inputs.SelfServeRoleMembersMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooRole = new SelfServeRoleMembers(\"fooRole\", SelfServeRoleMembersArgs.builder()\n .auditRef(\"manage role membership\")\n .domain(\"some_domain\")\n .members( \n SelfServeRoleMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain1.user1\")\n .review(\"2023-12-29 23:59:59\")\n .build(),\n SelfServeRoleMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain2.user2\")\n .review(\"2023-12-29 23:59:59\")\n .build(),\n SelfServeRoleMembersMemberArgs.builder()\n .expiration(\"2022-12-29 23:59:59\")\n .name(\"domain3.user3\")\n .review(\"2023-12-29 23:59:59\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooRole:\n type: athenz:SelfServeRoleMembers\n properties:\n auditRef: manage role membership\n domain: some_domain\n members:\n - expiration: 2022-12-29 23:59:59\n name: domain1.user1\n review: 2023-12-29 23:59:59\n - expiration: 2022-12-29 23:59:59\n name: domain2.user2\n review: 2023-12-29 23:59:59\n - expiration: 2022-12-29 23:59:59\n name: domain3.user3\n review: 2023-12-29 23:59:59\n```\n\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FSelfServeRoleMembersMember:SelfServeRoleMembersMember" } }, "name": { "type": "string", "description": "Name of the role\n" }, "selfServeRoleMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object", "required": [ "domain", "name", "selfServeRoleMembersId" ], "inputProperties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FSelfServeRoleMembersMember:SelfServeRoleMembersMember" } }, "name": { "type": "string", "description": "Name of the role\n" }, "selfServeRoleMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering SelfServeRoleMembers resources.\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "domain": { "type": "string", "description": "Name of the domain that role belongs to\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FSelfServeRoleMembersMember:SelfServeRoleMembersMember" } }, "name": { "type": "string", "description": "Name of the role\n" }, "selfServeRoleMembersId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object" } }, "athenz:index/service:Service": { "description": "`athenz.Service` provides an Athenz service resource.\n\n## Example Usage\n\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.Service;\nimport com.pulumi.athenz.ServiceArgs;\nimport com.pulumi.athenz.inputs.ServicePublicKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooService = new Service(\"fooService\", ServiceArgs.builder()\n .auditRef(\"create service\")\n .domain(\"some_domain\")\n .publicKeys(ServicePublicKeyArgs.builder()\n .key_id(\"v0\")\n .key_value(\"\"\"\n-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZCUhLc3TpvObhjdY8Hb\n/0zkfWAYSXLXaC9O1S8AXoM7/L70XY+9KL+1Iy7xYDTrbZB0tcolLwnnWHq5giZm\nUw3u6FGSl5ld4xpyqB02iK+cFSqS7KOLLH0p9gXRfxXiaqRiV2rKF0ThzrGox2cm\nDf/QoZllNdwIFGqkuRcEDvBnRTLWlEVV+1U12fyEsA1yvVb4F9RscZDYmiPRbhA+\ncLzqHKxX51dl6ek1x7AvUIM8js6WPIEfelyTRiUzXwOgIZbqvRHSPmFG0ZgZDjG3\nLlfy/E8K0QtCk3ki1y8Tga2I5k2hffx3DrHMnr14Zj3Br0T9RwiqJD7FoyTiD/ti\nxQIDAQAB\n-----END PUBLIC KEY-----\n\n \"\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooService:\n type: athenz:Service\n properties:\n auditRef: create service\n domain: some_domain\n publicKeys:\n - key_id: v0\n key_value: |+\n -----BEGIN PUBLIC KEY-----\n MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZCUhLc3TpvObhjdY8Hb\n /0zkfWAYSXLXaC9O1S8AXoM7/L70XY+9KL+1Iy7xYDTrbZB0tcolLwnnWHq5giZm\n Uw3u6FGSl5ld4xpyqB02iK+cFSqS7KOLLH0p9gXRfxXiaqRiV2rKF0ThzrGox2cm\n Df/QoZllNdwIFGqkuRcEDvBnRTLWlEVV+1U12fyEsA1yvVb4F9RscZDYmiPRbhA+\n cLzqHKxX51dl6ek1x7AvUIM8js6WPIEfelyTRiUzXwOgIZbqvRHSPmFG0ZgZDjG3\n Llfy/E8K0QtCk3ki1y8Tga2I5k2hffx3DrHMnr14Zj3Br0T9RwiqJD7FoyTiD/ti\n xQIDAQAB\n -----END PUBLIC KEY-----\n```\n\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "description": { "type": "string", "description": "A description of the service\n" }, "domain": { "type": "string", "description": "Name of the domain that service belongs to\n" }, "name": { "type": "string", "description": "Name of the service to be added to the domain\n" }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FServicePublicKey:ServicePublicKey" }, "description": "- Set of maps of public keys\n" }, "serviceId": { "type": "string", "description": "The ID of this resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "domain", "name", "serviceId" ], "inputProperties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "description": { "type": "string", "description": "A description of the service\n" }, "domain": { "type": "string", "description": "Name of the domain that service belongs to\n" }, "name": { "type": "string", "description": "Name of the service to be added to the domain\n" }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FServicePublicKey:ServicePublicKey" }, "description": "- Set of maps of public keys\n" }, "serviceId": { "type": "string", "description": "The ID of this resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering Service resources.\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "description": { "type": "string", "description": "A description of the service\n" }, "domain": { "type": "string", "description": "Name of the domain that service belongs to\n" }, "name": { "type": "string", "description": "Name of the service to be added to the domain\n" }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FServicePublicKey:ServicePublicKey" }, "description": "- Set of maps of public keys\n" }, "serviceId": { "type": "string", "description": "The ID of this resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" } }, "athenz:index/subDomain:SubDomain": { "description": "## Example Usage\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst subDomain_test = new athenz.SubDomain(\"subDomain-test\", {\n adminUsers: [\"user.someone\"],\n auditRef: \"create domain\",\n parentName: \"home.some_user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nsub_domain_test = athenz.SubDomain(\"subDomain-test\",\n admin_users=[\"user.someone\"],\n audit_ref=\"create domain\",\n parent_name=\"home.some_user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var subDomain_test = new Athenz.SubDomain(\"subDomain-test\", new()\n {\n AdminUsers = new[]\n {\n \"user.someone\",\n },\n AuditRef = \"create domain\",\n ParentName = \"home.some_user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewSubDomain(ctx, \"subDomain-test\", &athenz.SubDomainArgs{\n\t\t\tAdminUsers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user.someone\"),\n\t\t\t},\n\t\t\tAuditRef: pulumi.String(\"create domain\"),\n\t\t\tParentName: pulumi.String(\"home.some_user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.SubDomain;\nimport com.pulumi.athenz.SubDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var subDomain_test = new SubDomain(\"subDomain-test\", SubDomainArgs.builder()\n .adminUsers(\"user.someone\")\n .auditRef(\"create domain\")\n .parentName(\"home.some_user\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n subDomain-test:\n type: athenz:SubDomain\n properties:\n adminUsers:\n - user.someone\n auditRef: create domain\n parentName: home.some_user\n```\n\n", "properties": { "adminUsers": { "type": "array", "items": { "type": "string" }, "description": "list of domain administrators. must be in this format: `user. or .`.\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "name of the parent domain.\n" }, "parentName": { "type": "string", "description": "name of the parent domain.\n" }, "subDomainId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object", "required": [ "adminUsers", "name", "parentName", "subDomainId" ], "inputProperties": { "adminUsers": { "type": "array", "items": { "type": "string" }, "description": "list of domain administrators. must be in this format: `user. or .`.\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "name of the parent domain.\n" }, "parentName": { "type": "string", "description": "name of the parent domain.\n" }, "subDomainId": { "type": "string", "description": "The ID of this resource.\n" } }, "requiredInputs": [ "adminUsers", "parentName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubDomain resources.\n", "properties": { "adminUsers": { "type": "array", "items": { "type": "string" }, "description": "list of domain administrators. must be in this format: `user. or .`.\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "name of the parent domain.\n" }, "parentName": { "type": "string", "description": "name of the parent domain.\n" }, "subDomainId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object" } }, "athenz:index/topLevelDomain:TopLevelDomain": { "description": "## Example Usage\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst athenzTopLevelDomain_test = new athenz.TopLevelDomain(\"athenzTopLevelDomain-test\", {\n adminUsers: [\"user.someone\"],\n auditRef: \"create domain\",\n ypmId: \"some_positive_integer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nathenz_top_level_domain_test = athenz.TopLevelDomain(\"athenzTopLevelDomain-test\",\n admin_users=[\"user.someone\"],\n audit_ref=\"create domain\",\n ypm_id=\"some_positive_integer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var athenzTopLevelDomain_test = new Athenz.TopLevelDomain(\"athenzTopLevelDomain-test\", new()\n {\n AdminUsers = new[]\n {\n \"user.someone\",\n },\n AuditRef = \"create domain\",\n YpmId = \"some_positive_integer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewTopLevelDomain(ctx, \"athenzTopLevelDomain-test\", &athenz.TopLevelDomainArgs{\n\t\t\tAdminUsers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user.someone\"),\n\t\t\t},\n\t\t\tAuditRef: pulumi.String(\"create domain\"),\n\t\t\tYpmId: pulumi.Float64(\"some_positive_integer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.TopLevelDomain;\nimport com.pulumi.athenz.TopLevelDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var athenzTopLevelDomain_test = new TopLevelDomain(\"athenzTopLevelDomain-test\", TopLevelDomainArgs.builder()\n .adminUsers(\"user.someone\")\n .auditRef(\"create domain\")\n .ypmId(\"some_positive_integer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n athenzTopLevelDomain-test:\n type: athenz:TopLevelDomain\n properties:\n adminUsers:\n - user.someone\n auditRef: create domain\n ypmId: some_positive_integer\n```\n\n", "properties": { "adminUsers": { "type": "array", "items": { "type": "string" }, "description": "list of domain administrators. must be in this format: `user. or .`.\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "name of the domain.\n" }, "topLevelDomainId": { "type": "string", "description": "The ID of this resource.\n" }, "ypmId": { "type": "number", "description": "- associated product id. must be a positive integer.\n" } }, "type": "object", "required": [ "adminUsers", "name", "topLevelDomainId", "ypmId" ], "inputProperties": { "adminUsers": { "type": "array", "items": { "type": "string" }, "description": "list of domain administrators. must be in this format: `user. or .`.\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "name of the domain.\n" }, "topLevelDomainId": { "type": "string", "description": "The ID of this resource.\n" }, "ypmId": { "type": "number", "description": "- associated product id. must be a positive integer.\n" } }, "requiredInputs": [ "adminUsers", "ypmId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopLevelDomain resources.\n", "properties": { "adminUsers": { "type": "array", "items": { "type": "string" }, "description": "list of domain administrators. must be in this format: `user. or .`.\n" }, "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "name of the domain.\n" }, "topLevelDomainId": { "type": "string", "description": "The ID of this resource.\n" }, "ypmId": { "type": "number", "description": "- associated product id. must be a positive integer.\n" } }, "type": "object" } }, "athenz:index/userDomain:UserDomain": { "description": "## Example Usage\n\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst athenzUserDomain_test = new athenz.UserDomain(\"athenzUserDomain-test\", {auditRef: \"create domain\"});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nathenz_user_domain_test = athenz.UserDomain(\"athenzUserDomain-test\", audit_ref=\"create domain\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() => \n{\n var athenzUserDomain_test = new Athenz.UserDomain(\"athenzUserDomain-test\", new()\n {\n AuditRef = \"create domain\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athenz.NewUserDomain(ctx, \"athenzUserDomain-test\", &athenz.UserDomainArgs{\n\t\t\tAuditRef: pulumi.String(\"create domain\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.UserDomain;\nimport com.pulumi.athenz.UserDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var athenzUserDomain_test = new UserDomain(\"athenzUserDomain-test\", UserDomainArgs.builder()\n .auditRef(\"create domain\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n athenzUserDomain-test:\n type: athenz:UserDomain\n properties:\n auditRef: create domain\n```\n\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "user id which will be the domain name.\n" }, "userDomainId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object", "required": [ "name", "userDomainId" ], "inputProperties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "user id which will be the domain name.\n" }, "userDomainId": { "type": "string", "description": "The ID of this resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering UserDomain resources.\n", "properties": { "auditRef": { "type": "string", "description": "string containing audit specification or ticket number.\n" }, "name": { "type": "string", "description": "user id which will be the domain name.\n" }, "userDomainId": { "type": "string", "description": "The ID of this resource.\n" } }, "type": "object" } } }, "functions": { "athenz:index/getAllDomainDetails:getAllDomainDetails": { "description": "`athenz.getAllDomainDetails` provides full details about a specific Athenz domain (top-level domain/ subdomain/ personal domain)\n\nNote: It can be useful for import \n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst config = new pulumi.Config();\nconst domainName = config.require(\"domainName\");\nconst domain_test = athenz.getAllDomainDetails({\n name: domainName,\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nconfig = pulumi.Config()\ndomain_name = config.require(\"domainName\")\ndomain_test = athenz.get_all_domain_details(name=domain_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domainName = config.Require(\"domainName\");\n var domain_test = Athenz.GetAllDomainDetails.Invoke(new()\n {\n Name = domainName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomainName := cfg.Require(\"domainName\")\n\t\t_, err := athenz.GetAllDomainDetails(ctx, \u0026athenz.GetAllDomainDetailsArgs{\n\t\t\tName: domainName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.AthenzFunctions;\nimport com.pulumi.athenz.inputs.GetAllDomainDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domainName = config.get(\"domainName\");\n final var domain-test = AthenzFunctions.getAllDomainDetails(GetAllDomainDetailsArgs.builder()\n .name(domainName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domainName:\n type: string\nvariables:\n domain-test:\n fn::invoke:\n function: athenz:getAllDomainDetails\n arguments:\n name: ${domainName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAllDomainDetails.\n", "properties": { "applicationId": { "type": "string" }, "awsAccountId": { "type": "string" }, "azureClient": { "type": "string" }, "azureSubscription": { "type": "string" }, "azureTenant": { "type": "string" }, "businessService": { "type": "string" }, "contacts": { "type": "object", "additionalProperties": { "type": "string" } }, "description": { "type": "string" }, "environment": { "type": "string" }, "gcpProjectId": { "type": "string" }, "gcpProjectNumber": { "type": "string" }, "groupExpiryDays": { "type": "number" }, "groupLists": { "type": "array", "items": { "type": "string" } }, "id": { "type": "string" }, "memberPurgeExpiryDays": { "type": "number" }, "name": { "type": "string", "description": "The name of the specific Athenz domain. Must be fully qualified name.\n" }, "org": { "type": "string" }, "policyLists": { "type": "array", "items": { "type": "string" } }, "roleCertExpiryMins": { "type": "number" }, "roleLists": { "type": "array", "items": { "type": "string" } }, "serviceCertExpiryMins": { "type": "number" }, "serviceExpiryDays": { "type": "number" }, "serviceLists": { "type": "array", "items": { "type": "string" } }, "slackChannel": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tokenExpiryMins": { "type": "number" }, "userAuthorityFilter": { "type": "string" }, "userExpiryDays": { "type": "number" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getAllDomainDetails.\n", "properties": { "applicationId": { "type": "string" }, "awsAccountId": { "type": "string" }, "azureClient": { "type": "string" }, "azureSubscription": { "type": "string" }, "azureTenant": { "type": "string" }, "businessService": { "type": "string" }, "contacts": { "additionalProperties": { "type": "string" }, "type": "object" }, "description": { "type": "string" }, "environment": { "type": "string" }, "gcpProjectId": { "type": "string" }, "gcpProjectNumber": { "type": "string" }, "groupExpiryDays": { "type": "number" }, "groupLists": { "items": { "type": "string" }, "type": "array" }, "id": { "type": "string" }, "memberPurgeExpiryDays": { "type": "number" }, "name": { "type": "string" }, "org": { "type": "string" }, "policyLists": { "items": { "type": "string" }, "type": "array" }, "roleCertExpiryMins": { "type": "number" }, "roleLists": { "items": { "type": "string" }, "type": "array" }, "serviceCertExpiryMins": { "type": "number" }, "serviceExpiryDays": { "type": "number" }, "serviceLists": { "items": { "type": "string" }, "type": "array" }, "slackChannel": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "tokenExpiryMins": { "type": "number" }, "userAuthorityFilter": { "type": "string" }, "userExpiryDays": { "type": "number" } }, "required": [ "id", "name" ], "type": "object" } }, "athenz:index/getDomain:getDomain": { "description": "`athenz.getDomain` provides details about a specific Athenz domain (top-level domain/ sub domain/ personal domain)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst config = new pulumi.Config();\nconst domainName = config.require(\"domainName\");\nconst domain_test = athenz.getDomain({\n name: domainName,\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nconfig = pulumi.Config()\ndomain_name = config.require(\"domainName\")\ndomain_test = athenz.get_domain(name=domain_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domainName = config.Require(\"domainName\");\n var domain_test = Athenz.GetDomain.Invoke(new()\n {\n Name = domainName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomainName := cfg.Require(\"domainName\")\n\t\t_, err := athenz.GetDomain(ctx, \u0026athenz.GetDomainArgs{\n\t\t\tName: domainName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.AthenzFunctions;\nimport com.pulumi.athenz.inputs.GetDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domainName = config.get(\"domainName\");\n final var domain-test = AthenzFunctions.getDomain(GetDomainArgs.builder()\n .name(domainName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domainName:\n type: string\nvariables:\n domain-test:\n fn::invoke:\n function: athenz:getDomain\n arguments:\n name: ${domainName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDomain.\n", "properties": { "id": { "type": "string", "description": "The ID of this resource.\n" }, "name": { "type": "string", "description": "- The name of the specific Athenz domain. must be fully qualified name.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getDomain.\n", "properties": { "id": { "description": "The ID of this resource.\n", "type": "string" }, "name": { "description": "- The name of the specific Athenz domain. must be fully qualified name.\n", "type": "string" } }, "required": [ "id", "name" ], "type": "object" } }, "athenz:index/getGroup:getGroup": { "description": "`athenz.Group` provides details about a specific Athenz group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst config = new pulumi.Config();\nconst groupName = config.require(\"groupName\");\nconst selected = athenz.getGroup({\n name: groupName,\n domain: \"some_domain\",\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nconfig = pulumi.Config()\ngroup_name = config.require(\"groupName\")\nselected = athenz.get_group(name=group_name,\n domain=\"some_domain\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var groupName = config.Require(\"groupName\");\n var selected = Athenz.GetGroup.Invoke(new()\n {\n Name = groupName,\n Domain = \"some_domain\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tgroupName := cfg.Require(\"groupName\")\n\t\t_, err := athenz.LookupGroup(ctx, \u0026athenz.LookupGroupArgs{\n\t\t\tName: groupName,\n\t\t\tDomain: \"some_domain\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.AthenzFunctions;\nimport com.pulumi.athenz.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var groupName = config.get(\"groupName\");\n final var selected = AthenzFunctions.getGroup(GetGroupArgs.builder()\n .name(groupName)\n .domain(\"some_domain\")\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n groupName:\n type: string\nvariables:\n selected:\n fn::invoke:\n function: athenz:getGroup\n arguments:\n name: ${groupName}\n domain: some_domain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the group\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled groups\n" }, "domain": { "type": "string", "description": "- The Athenz domain name.\n" }, "id": { "type": "string", "description": "The ID of this resource.\n" }, "lastReviewedDate": { "type": "string", "description": "Last reviewed date for the group\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetGroupMember:getGroupMember" }, "description": "Users or services to be added as members\n" }, "name": { "type": "string", "description": "- The name of the specific Athenz group.\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled groups\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether group updates require another review and approval\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.\n" }, "settings": { "$ref": "#/types/athenz:index%2FgetGroupSettings:getGroupSettings", "description": "Advanced settings\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of group tags\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" } }, "type": "object", "required": [ "domain", "name" ] }, "outputs": { "description": "A collection of values returned by getGroup.\n", "properties": { "auditEnabled": { "description": "audit enabled flag for the group\n", "type": "boolean" }, "deleteProtection": { "description": "If true, ask for delete confirmation in audit and review enabled groups\n", "type": "boolean" }, "domain": { "description": "- The Athenz domain name.\n", "type": "string" }, "id": { "description": "The ID of this resource.\n", "type": "string" }, "lastReviewedDate": { "description": "Last reviewed date for the group\n", "type": "string" }, "members": { "description": "Users or services to be added as members\n", "items": { "$ref": "#/types/athenz:index%2FgetGroupMember:getGroupMember" }, "type": "array" }, "name": { "description": "- The name of the specific Athenz group.\n", "type": "string" }, "notifyDetails": { "description": "Set of instructions included in notifications for review and audit enabled groups\n", "type": "string" }, "notifyRoles": { "description": "comma seperated list of roles whose members should be notified for member review/approval\n", "type": "string" }, "principalDomainFilter": { "description": "comma seperated list of domains to enforce principal membership\n", "type": "string" }, "reviewEnabled": { "description": "Flag indicates whether group updates require another review and approval\n", "type": "boolean" }, "selfRenew": { "description": "Flag indicates whether to allow expired members to renew their membership\n", "type": "boolean" }, "selfRenewMins": { "description": "Number of minutes members can renew their membership if self review option is enabled\n", "type": "number" }, "selfServe": { "description": "Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.\n", "type": "boolean" }, "settings": { "$ref": "#/types/athenz:index%2FgetGroupSettings:getGroupSettings", "description": "Advanced settings\n" }, "tags": { "additionalProperties": { "type": "string" }, "description": "map of group tags\n", "type": "object" }, "userAuthorityExpiration": { "description": "expiration enforced by a user authority configured attribute\n", "type": "string" }, "userAuthorityFilter": { "description": "membership filtered based on user authority configured attributes\n", "type": "string" } }, "required": [ "domain", "id", "name" ], "type": "object" } }, "athenz:index/getPolicy:getPolicy": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst config = new pulumi.Config();\nconst policyName = config.require(\"policyName\");\nconst selected = athenz.getPolicy({\n name: policyName,\n domain: \"some_domain\",\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nconfig = pulumi.Config()\npolicy_name = config.require(\"policyName\")\nselected = athenz.get_policy(name=policy_name,\n domain=\"some_domain\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var policyName = config.Require(\"policyName\");\n var selected = Athenz.GetPolicy.Invoke(new()\n {\n Name = policyName,\n Domain = \"some_domain\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tpolicyName := cfg.Require(\"policyName\")\n\t\t_, err := athenz.LookupPolicy(ctx, \u0026athenz.LookupPolicyArgs{\n\t\t\tName: policyName,\n\t\t\tDomain: \"some_domain\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.AthenzFunctions;\nimport com.pulumi.athenz.inputs.GetPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var policyName = config.get(\"policyName\");\n final var selected = AthenzFunctions.getPolicy(GetPolicyArgs.builder()\n .name(policyName)\n .domain(\"some_domain\")\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n policyName:\n type: string\nvariables:\n selected:\n fn::invoke:\n function: athenz:getPolicy\n arguments:\n name: ${policyName}\n domain: some_domain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPolicy.\n", "properties": { "assertions": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertion:getPolicyAssertion" } }, "domain": { "type": "string", "description": "- The Athenz domain name.\n" }, "id": { "type": "string", "description": "The ID of this resource.\n" }, "name": { "type": "string", "description": "- The name of the specific Athenz policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "domain", "name" ] }, "outputs": { "description": "A collection of values returned by getPolicy.\n", "properties": { "assertions": { "items": { "$ref": "#/types/athenz:index%2FgetPolicyAssertion:getPolicyAssertion" }, "type": "array" }, "domain": { "description": "- The Athenz domain name.\n", "type": "string" }, "id": { "description": "The ID of this resource.\n", "type": "string" }, "name": { "description": "- The name of the specific Athenz policy.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "domain", "id", "name" ], "type": "object" } }, "athenz:index/getPolicyVersion:getPolicyVersion": { "description": "`athenz.PolicyVersion` provides details about a specific Athenz policy with all its versions.\n\n", "inputs": { "description": "A collection of arguments for invoking getPolicyVersion.\n", "properties": { "auditRef": { "type": "string" }, "domain": { "type": "string", "description": "Name of the domain that policy belongs to\n" }, "id": { "type": "string", "description": "The ID of this resource.\n" }, "name": { "type": "string", "description": "Name of the policy\n" } }, "type": "object", "required": [ "domain", "name" ] }, "outputs": { "description": "A collection of values returned by getPolicyVersion.\n", "properties": { "activeVersion": { "description": "The policy version that will be active\n", "type": "string" }, "auditRef": { "type": "string" }, "domain": { "description": "Name of the domain that policy belongs to\n", "type": "string" }, "id": { "description": "The ID of this resource.\n", "type": "string" }, "name": { "description": "Name of the policy\n", "type": "string" }, "versions": { "items": { "$ref": "#/types/athenz:index%2FgetPolicyVersionVersion:getPolicyVersionVersion" }, "type": "array" } }, "required": [ "activeVersion", "domain", "id", "name", "versions" ], "type": "object" } }, "athenz:index/getRole:getRole": { "description": "`athenz.Role` provides details about a specific Athenz role.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst config = new pulumi.Config();\nconst roleName = config.require(\"roleName\");\nconst selected = athenz.getRole({\n name: roleName,\n domain: \"some_domain\",\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nconfig = pulumi.Config()\nrole_name = config.require(\"roleName\")\nselected = athenz.get_role(name=role_name,\n domain=\"some_domain\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var roleName = config.Require(\"roleName\");\n var selected = Athenz.GetRole.Invoke(new()\n {\n Name = roleName,\n Domain = \"some_domain\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\troleName := cfg.Require(\"roleName\")\n\t\t_, err := athenz.LookupRole(ctx, \u0026athenz.LookupRoleArgs{\n\t\t\tName: roleName,\n\t\t\tDomain: \"some_domain\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.AthenzFunctions;\nimport com.pulumi.athenz.inputs.GetRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var roleName = config.get(\"roleName\");\n final var selected = AthenzFunctions.getRole(GetRoleArgs.builder()\n .name(roleName)\n .domain(\"some_domain\")\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n roleName:\n type: string\nvariables:\n selected:\n fn::invoke:\n function: athenz:getRole\n arguments:\n name: ${roleName}\n domain: some_domain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRole.\n", "properties": { "auditEnabled": { "type": "boolean", "description": "audit enabled flag for the role\n" }, "deleteProtection": { "type": "boolean", "description": "If true, ask for delete confirmation in audit and review enabled roles\n" }, "description": { "type": "string", "description": "description for the role\n" }, "domain": { "type": "string", "description": "- The Athenz domain name.\n" }, "id": { "type": "string", "description": "The ID of this resource.\n" }, "lastReviewedDate": { "type": "string", "description": "Last reviewed date for the role\n" }, "members": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetRoleMember:getRoleMember" }, "description": "Athenz principal to be added as members\n" }, "name": { "type": "string", "description": "- The name of the specific Athenz role.\n" }, "notifyDetails": { "type": "string", "description": "Set of instructions included in notifications for review and audit enabled roles\n" }, "notifyRoles": { "type": "string", "description": "comma seperated list of roles whose members should be notified for member review/approval\n" }, "principalDomainFilter": { "type": "string", "description": "comma seperated list of domains to enforce principal membership\n" }, "reviewEnabled": { "type": "boolean", "description": "Flag indicates whether role updates require another review and approval\n" }, "selfRenew": { "type": "boolean", "description": "Flag indicates whether to allow expired members to renew their membership\n" }, "selfRenewMins": { "type": "number", "description": "Number of minutes members can renew their membership if self review option is enabled\n" }, "selfServe": { "type": "boolean", "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n" }, "settings": { "$ref": "#/types/athenz:index%2FgetRoleSettings:getRoleSettings", "description": "Advanced settings\n" }, "signAlgorithm": { "type": "string", "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of role tags\n" }, "trust": { "type": "string", "description": "The domain, which this role is trusted to\n" }, "userAuthorityExpiration": { "type": "string", "description": "expiration enforced by a user authority configured attribute\n" }, "userAuthorityFilter": { "type": "string", "description": "membership filtered based on user authority configured attributes\n" } }, "type": "object", "required": [ "domain", "name" ] }, "outputs": { "description": "A collection of values returned by getRole.\n", "properties": { "auditEnabled": { "description": "audit enabled flag for the role\n", "type": "boolean" }, "deleteProtection": { "description": "If true, ask for delete confirmation in audit and review enabled roles\n", "type": "boolean" }, "description": { "description": "description for the role\n", "type": "string" }, "domain": { "description": "- The Athenz domain name.\n", "type": "string" }, "id": { "description": "The ID of this resource.\n", "type": "string" }, "lastReviewedDate": { "description": "Last reviewed date for the role\n", "type": "string" }, "members": { "description": "Athenz principal to be added as members\n", "items": { "$ref": "#/types/athenz:index%2FgetRoleMember:getRoleMember" }, "type": "array" }, "name": { "description": "- The name of the specific Athenz role.\n", "type": "string" }, "notifyDetails": { "description": "Set of instructions included in notifications for review and audit enabled roles\n", "type": "string" }, "notifyRoles": { "description": "comma seperated list of roles whose members should be notified for member review/approval\n", "type": "string" }, "principalDomainFilter": { "description": "comma seperated list of domains to enforce principal membership\n", "type": "string" }, "reviewEnabled": { "description": "Flag indicates whether role updates require another review and approval\n", "type": "boolean" }, "selfRenew": { "description": "Flag indicates whether to allow expired members to renew their membership\n", "type": "boolean" }, "selfRenewMins": { "description": "Number of minutes members can renew their membership if self review option is enabled\n", "type": "number" }, "selfServe": { "description": "Flag indicates whether role allows self-service. Users can add themselves in the role, but it has to be approved by domain admins to be effective.\n", "type": "boolean" }, "settings": { "$ref": "#/types/athenz:index%2FgetRoleSettings:getRoleSettings", "description": "Advanced settings\n" }, "signAlgorithm": { "description": "sign algorithm to be used for tokens issued for this role: rsa or ec\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "map of role tags\n", "type": "object" }, "trust": { "description": "The domain, which this role is trusted to\n", "type": "string" }, "userAuthorityExpiration": { "description": "expiration enforced by a user authority configured attribute\n", "type": "string" }, "userAuthorityFilter": { "description": "membership filtered based on user authority configured attributes\n", "type": "string" } }, "required": [ "domain", "id", "name" ], "type": "object" } }, "athenz:index/getRoles:getRoles": { "description": "`athenz.getRoles` This Data Source you can get the list of all roles in a domain with an optional flag to include members\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst config = new pulumi.Config();\nconst tagKey = config.require(\"tagKey\");\nconst tagValue = config.require(\"tagValue\");\nconst selected = athenz.getRoles({\n domain: \"some_domain\",\n tagKey: tagKey,\n tagValue: tagValue,\n includeMembers: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nconfig = pulumi.Config()\ntag_key = config.require(\"tagKey\")\ntag_value = config.require(\"tagValue\")\nselected = athenz.get_roles(domain=\"some_domain\",\n tag_key=tag_key,\n tag_value=tag_value,\n include_members=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var tagKey = config.Require(\"tagKey\");\n var tagValue = config.Require(\"tagValue\");\n var selected = Athenz.GetRoles.Invoke(new()\n {\n Domain = \"some_domain\",\n TagKey = tagKey,\n TagValue = tagValue,\n IncludeMembers = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\ttagKey := cfg.Require(\"tagKey\")\n\t\ttagValue := cfg.Require(\"tagValue\")\n\t\t_, err := athenz.GetRoles(ctx, \u0026athenz.GetRolesArgs{\n\t\t\tDomain: \"some_domain\",\n\t\t\tTagKey: pulumi.StringRef(tagKey),\n\t\t\tTagValue: pulumi.StringRef(tagValue),\n\t\t\tIncludeMembers: pulumi.BoolRef(false),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.AthenzFunctions;\nimport com.pulumi.athenz.inputs.GetRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var tagKey = config.get(\"tagKey\");\n final var tagValue = config.get(\"tagValue\");\n final var selected = AthenzFunctions.getRoles(GetRolesArgs.builder()\n .domain(\"some_domain\")\n .tagKey(tagKey)\n .tagValue(tagValue)\n .includeMembers(false)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n tagKey:\n type: string\n tagValue:\n type: string\nvariables:\n selected:\n fn::invoke:\n function: athenz:getRoles\n arguments:\n domain: some_domain\n tagKey: ${tagKey}\n tagValue: ${tagValue}\n includeMembers: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRoles.\n", "properties": { "domain": { "type": "string", "description": "- The Athenz domain name.\n" }, "id": { "type": "string", "description": "The ID of this resource.\n" }, "includeMembers": { "type": "boolean", "description": "If true - return list of members in the role.\n" }, "roles": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetRolesRole:getRolesRole" } }, "tagKey": { "type": "string", "description": "Query all roles that have a given tag*key.\n" }, "tagValue": { "type": "string", "description": "- Query all roles that have a given tag*key AND tag*value.\n" } }, "type": "object", "required": [ "domain" ] }, "outputs": { "description": "A collection of values returned by getRoles.\n", "properties": { "domain": { "description": "- The Athenz domain name.\n", "type": "string" }, "id": { "description": "The ID of this resource.\n", "type": "string" }, "includeMembers": { "description": "If true - return list of members in the role.\n", "type": "boolean" }, "roles": { "items": { "$ref": "#/types/athenz:index%2FgetRolesRole:getRolesRole" }, "type": "array" }, "tagKey": { "description": "Query all roles that have a given tag*key.\n", "type": "string" }, "tagValue": { "description": "- Query all roles that have a given tag*key AND tag*value.\n", "type": "string" } }, "required": [ "domain", "id" ], "type": "object" } }, "athenz:index/getService:getService": { "description": "`athenz.Service` provides details about a specific Athenz service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as athenz from \"@pulumi/athenz\";\n\nconst config = new pulumi.Config();\nconst serviceName = config.require(\"serviceName\");\nconst selected = athenz.getService({\n name: serviceName,\n domain: some_domain,\n});\n```\n```python\nimport pulumi\nimport pulumi_athenz as athenz\n\nconfig = pulumi.Config()\nservice_name = config.require(\"serviceName\")\nselected = athenz.get_service(name=service_name,\n domain=some_domain)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Athenz = Pulumi.Athenz;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var serviceName = config.Require(\"serviceName\");\n var selected = Athenz.GetService.Invoke(new()\n {\n Name = serviceName,\n Domain = some_domain,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tserviceName := cfg.Require(\"serviceName\")\n\t\t_, err := athenz.LookupService(ctx, \u0026athenz.LookupServiceArgs{\n\t\t\tName: serviceName,\n\t\t\tDomain: some_domain,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.athenz.AthenzFunctions;\nimport com.pulumi.athenz.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var serviceName = config.get(\"serviceName\");\n final var selected = AthenzFunctions.getService(GetServiceArgs.builder()\n .name(serviceName)\n .domain(some_domain)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n serviceName:\n type: string\nvariables:\n selected:\n fn::invoke:\n function: athenz:getService\n arguments:\n name: ${serviceName}\n domain: ${some_domain}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "description": { "type": "string", "description": "A description of the service\n" }, "domain": { "type": "string", "description": "- The Athenz domain name.\n" }, "id": { "type": "string", "description": "The ID of this resource.\n" }, "name": { "type": "string", "description": "- The name of the specific Athenz service.\n" }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/athenz:index%2FgetServicePublicKey:getServicePublicKey" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "domain", "name" ] }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "description": { "description": "A description of the service\n", "type": "string" }, "domain": { "description": "- The Athenz domain name.\n", "type": "string" }, "id": { "description": "The ID of this resource.\n", "type": "string" }, "name": { "description": "- The name of the specific Athenz service.\n", "type": "string" }, "publicKeys": { "items": { "$ref": "#/types/athenz:index%2FgetServicePublicKey:getServicePublicKey" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "domain", "id", "name" ], "type": "object" } } }, "parameterization": { "baseProvider": { "name": "terraform-provider", "version": "0.10.0" }, "parameter": "eyJyZW1vdGUiOnsidXJsIjoicmVnaXN0cnkub3BlbnRvZnUub3JnL2F0aGVuei9hdGhlbnoiLCJ2ZXJzaW9uIjoiMS4wLjQ5In19" } }