github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/iot/authorizer.go

// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***

package iot

import (
	"context"
	"reflect"

	"errors"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

// Creates and manages an AWS IoT Authorizer.
//
// ## Example Usage
//
// <!--Start PulumiCodeChooser -->
// ```go
// package main
//
// import (
//
//	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot"
//	"github.com/pulumi/pulumi-std/sdk/go/std"
//	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
//	func main() {
//		pulumi.Run(func(ctx *pulumi.Context) error {
//			invokeFile, err := std.File(ctx, &std.FileArgs{
//				Input: "test-fixtures/iot-authorizer-signing-key.pem",
//			}, nil)
//			if err != nil {
//				return err
//			}
//			_, err = iot.NewAuthorizer(ctx, "example", &iot.AuthorizerArgs{
//				Name:                  pulumi.String("example"),
//				AuthorizerFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),
//				SigningDisabled:       pulumi.Bool(false),
//				Status:                pulumi.String("ACTIVE"),
//				TokenKeyName:          pulumi.String("Token-Header"),
//				TokenSigningPublicKeys: pulumi.StringMap{
//					"Key1": invokeFile.Result,
//				},
//			})
//			if err != nil {
//				return err
//			}
//			return nil
//		})
//	}
//
// ```
// <!--End PulumiCodeChooser -->
//
// ## Import
//
// Using `pulumi import`, import IOT Authorizers using the name. For example:
//
// ```sh
// $ pulumi import aws:iot/authorizer:Authorizer example example
// ```
type Authorizer struct {
	pulumi.CustomResourceState

	// The ARN of the authorizer.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The ARN of the authorizer's Lambda function.
	AuthorizerFunctionArn pulumi.StringOutput `pulumi:"authorizerFunctionArn"`
	// Specifies whether the HTTP caching is enabled or not. Default: `false`.
	EnableCachingForHttp pulumi.BoolPtrOutput `pulumi:"enableCachingForHttp"`
	// The name of the authorizer.
	Name pulumi.StringOutput `pulumi:"name"`
	// Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.
	SigningDisabled pulumi.BoolPtrOutput `pulumi:"signingDisabled"`
	// The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.
	TokenKeyName pulumi.StringPtrOutput `pulumi:"tokenKeyName"`
	// The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.
	TokenSigningPublicKeys pulumi.StringMapOutput `pulumi:"tokenSigningPublicKeys"`
}

// NewAuthorizer registers a new resource with the given unique name, arguments, and options.
func NewAuthorizer(ctx *pulumi.Context,
	name string, args *AuthorizerArgs, opts ...pulumi.ResourceOption) (*Authorizer, error) {
	if args == nil {
		return nil, errors.New("missing one or more required arguments")
	}

	if args.AuthorizerFunctionArn == nil {
		return nil, errors.New("invalid value for required argument 'AuthorizerFunctionArn'")
	}
	if args.TokenSigningPublicKeys != nil {
		args.TokenSigningPublicKeys = pulumi.ToSecret(args.TokenSigningPublicKeys).(pulumi.StringMapInput)
	}
	secrets := pulumi.AdditionalSecretOutputs([]string{
		"tokenSigningPublicKeys",
	})
	opts = append(opts, secrets)
	opts = internal.PkgResourceDefaultOpts(opts)
	var resource Authorizer
	err := ctx.RegisterResource("aws:iot/authorizer:Authorizer", name, args, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// GetAuthorizer gets an existing Authorizer resource's state with the given name, ID, and optional
// state properties that are used to uniquely qualify the lookup (nil if not required).
func GetAuthorizer(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizerState, opts ...pulumi.ResourceOption) (*Authorizer, error) {
	var resource Authorizer
	err := ctx.ReadResource("aws:iot/authorizer:Authorizer", name, id, state, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// Input properties used for looking up and filtering Authorizer resources.
type authorizerState struct {
	// The ARN of the authorizer.
	Arn *string `pulumi:"arn"`
	// The ARN of the authorizer's Lambda function.
	AuthorizerFunctionArn *string `pulumi:"authorizerFunctionArn"`
	// Specifies whether the HTTP caching is enabled or not. Default: `false`.
	EnableCachingForHttp *bool `pulumi:"enableCachingForHttp"`
	// The name of the authorizer.
	Name *string `pulumi:"name"`
	// Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.
	SigningDisabled *bool `pulumi:"signingDisabled"`
	// The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.
	Status *string `pulumi:"status"`
	// The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.
	TokenKeyName *string `pulumi:"tokenKeyName"`
	// The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.
	TokenSigningPublicKeys map[string]string `pulumi:"tokenSigningPublicKeys"`
}

type AuthorizerState struct {
	// The ARN of the authorizer.
	Arn pulumi.StringPtrInput
	// The ARN of the authorizer's Lambda function.
	AuthorizerFunctionArn pulumi.StringPtrInput
	// Specifies whether the HTTP caching is enabled or not. Default: `false`.
	EnableCachingForHttp pulumi.BoolPtrInput
	// The name of the authorizer.
	Name pulumi.StringPtrInput
	// Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.
	SigningDisabled pulumi.BoolPtrInput
	// The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.
	Status pulumi.StringPtrInput
	// The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.
	TokenKeyName pulumi.StringPtrInput
	// The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.
	TokenSigningPublicKeys pulumi.StringMapInput
}

func (AuthorizerState) ElementType() reflect.Type {
	return reflect.TypeOf((*authorizerState)(nil)).Elem()
}

type authorizerArgs struct {
	// The ARN of the authorizer's Lambda function.
	AuthorizerFunctionArn string `pulumi:"authorizerFunctionArn"`
	// Specifies whether the HTTP caching is enabled or not. Default: `false`.
	EnableCachingForHttp *bool `pulumi:"enableCachingForHttp"`
	// The name of the authorizer.
	Name *string `pulumi:"name"`
	// Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.
	SigningDisabled *bool `pulumi:"signingDisabled"`
	// The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.
	Status *string `pulumi:"status"`
	// The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.
	TokenKeyName *string `pulumi:"tokenKeyName"`
	// The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.
	TokenSigningPublicKeys map[string]string `pulumi:"tokenSigningPublicKeys"`
}

// The set of arguments for constructing a Authorizer resource.
type AuthorizerArgs struct {
	// The ARN of the authorizer's Lambda function.
	AuthorizerFunctionArn pulumi.StringInput
	// Specifies whether the HTTP caching is enabled or not. Default: `false`.
	EnableCachingForHttp pulumi.BoolPtrInput
	// The name of the authorizer.
	Name pulumi.StringPtrInput
	// Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.
	SigningDisabled pulumi.BoolPtrInput
	// The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.
	Status pulumi.StringPtrInput
	// The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.
	TokenKeyName pulumi.StringPtrInput
	// The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.
	TokenSigningPublicKeys pulumi.StringMapInput
}

func (AuthorizerArgs) ElementType() reflect.Type {
	return reflect.TypeOf((*authorizerArgs)(nil)).Elem()
}

type AuthorizerInput interface {
	pulumi.Input

	ToAuthorizerOutput() AuthorizerOutput
	ToAuthorizerOutputWithContext(ctx context.Context) AuthorizerOutput
}

func (*Authorizer) ElementType() reflect.Type {
	return reflect.TypeOf((**Authorizer)(nil)).Elem()
}

func (i *Authorizer) ToAuthorizerOutput() AuthorizerOutput {
	return i.ToAuthorizerOutputWithContext(context.Background())
}

func (i *Authorizer) ToAuthorizerOutputWithContext(ctx context.Context) AuthorizerOutput {
	return pulumi.ToOutputWithContext(ctx, i).(AuthorizerOutput)
}

// AuthorizerArrayInput is an input type that accepts AuthorizerArray and AuthorizerArrayOutput values.
// You can construct a concrete instance of `AuthorizerArrayInput` via:
//
//	AuthorizerArray{ AuthorizerArgs{...} }
type AuthorizerArrayInput interface {
	pulumi.Input

	ToAuthorizerArrayOutput() AuthorizerArrayOutput
	ToAuthorizerArrayOutputWithContext(context.Context) AuthorizerArrayOutput
}

type AuthorizerArray []AuthorizerInput

func (AuthorizerArray) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*Authorizer)(nil)).Elem()
}

func (i AuthorizerArray) ToAuthorizerArrayOutput() AuthorizerArrayOutput {
	return i.ToAuthorizerArrayOutputWithContext(context.Background())
}

func (i AuthorizerArray) ToAuthorizerArrayOutputWithContext(ctx context.Context) AuthorizerArrayOutput {
	return pulumi.ToOutputWithContext(ctx, i).(AuthorizerArrayOutput)
}

// AuthorizerMapInput is an input type that accepts AuthorizerMap and AuthorizerMapOutput values.
// You can construct a concrete instance of `AuthorizerMapInput` via:
//
//	AuthorizerMap{ "key": AuthorizerArgs{...} }
type AuthorizerMapInput interface {
	pulumi.Input

	ToAuthorizerMapOutput() AuthorizerMapOutput
	ToAuthorizerMapOutputWithContext(context.Context) AuthorizerMapOutput
}

type AuthorizerMap map[string]AuthorizerInput

func (AuthorizerMap) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*Authorizer)(nil)).Elem()
}

func (i AuthorizerMap) ToAuthorizerMapOutput() AuthorizerMapOutput {
	return i.ToAuthorizerMapOutputWithContext(context.Background())
}

func (i AuthorizerMap) ToAuthorizerMapOutputWithContext(ctx context.Context) AuthorizerMapOutput {
	return pulumi.ToOutputWithContext(ctx, i).(AuthorizerMapOutput)
}

type AuthorizerOutput struct{ *pulumi.OutputState }

func (AuthorizerOutput) ElementType() reflect.Type {
	return reflect.TypeOf((**Authorizer)(nil)).Elem()
}

func (o AuthorizerOutput) ToAuthorizerOutput() AuthorizerOutput {
	return o
}

func (o AuthorizerOutput) ToAuthorizerOutputWithContext(ctx context.Context) AuthorizerOutput {
	return o
}

// The ARN of the authorizer.
func (o AuthorizerOutput) Arn() pulumi.StringOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput)
}

// The ARN of the authorizer's Lambda function.
func (o AuthorizerOutput) AuthorizerFunctionArn() pulumi.StringOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.StringOutput { return v.AuthorizerFunctionArn }).(pulumi.StringOutput)
}

// Specifies whether the HTTP caching is enabled or not. Default: `false`.
func (o AuthorizerOutput) EnableCachingForHttp() pulumi.BoolPtrOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.BoolPtrOutput { return v.EnableCachingForHttp }).(pulumi.BoolPtrOutput)
}

// The name of the authorizer.
func (o AuthorizerOutput) Name() pulumi.StringOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput)
}

// Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.
func (o AuthorizerOutput) SigningDisabled() pulumi.BoolPtrOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.BoolPtrOutput { return v.SigningDisabled }).(pulumi.BoolPtrOutput)
}

// The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.
func (o AuthorizerOutput) Status() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.StringPtrOutput { return v.Status }).(pulumi.StringPtrOutput)
}

// The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.
func (o AuthorizerOutput) TokenKeyName() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.StringPtrOutput { return v.TokenKeyName }).(pulumi.StringPtrOutput)
}

// The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.
func (o AuthorizerOutput) TokenSigningPublicKeys() pulumi.StringMapOutput {
	return o.ApplyT(func(v *Authorizer) pulumi.StringMapOutput { return v.TokenSigningPublicKeys }).(pulumi.StringMapOutput)
}

type AuthorizerArrayOutput struct{ *pulumi.OutputState }

func (AuthorizerArrayOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*Authorizer)(nil)).Elem()
}

func (o AuthorizerArrayOutput) ToAuthorizerArrayOutput() AuthorizerArrayOutput {
	return o
}

func (o AuthorizerArrayOutput) ToAuthorizerArrayOutputWithContext(ctx context.Context) AuthorizerArrayOutput {
	return o
}

func (o AuthorizerArrayOutput) Index(i pulumi.IntInput) AuthorizerOutput {
	return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Authorizer {
		return vs[0].([]*Authorizer)[vs[1].(int)]
	}).(AuthorizerOutput)
}

type AuthorizerMapOutput struct{ *pulumi.OutputState }

func (AuthorizerMapOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*Authorizer)(nil)).Elem()
}

func (o AuthorizerMapOutput) ToAuthorizerMapOutput() AuthorizerMapOutput {
	return o
}

func (o AuthorizerMapOutput) ToAuthorizerMapOutputWithContext(ctx context.Context) AuthorizerMapOutput {
	return o
}

func (o AuthorizerMapOutput) MapIndex(k pulumi.StringInput) AuthorizerOutput {
	return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Authorizer {
		return vs[0].(map[string]*Authorizer)[vs[1].(string)]
	}).(AuthorizerOutput)
}

func init() {
	pulumi.RegisterInputType(reflect.TypeOf((*AuthorizerInput)(nil)).Elem(), &Authorizer{})
	pulumi.RegisterInputType(reflect.TypeOf((*AuthorizerArrayInput)(nil)).Elem(), AuthorizerArray{})
	pulumi.RegisterInputType(reflect.TypeOf((*AuthorizerMapInput)(nil)).Elem(), AuthorizerMap{})
	pulumi.RegisterOutputType(AuthorizerOutput{})
	pulumi.RegisterOutputType(AuthorizerArrayOutput{})
	pulumi.RegisterOutputType(AuthorizerMapOutput{})
}