Resource Type: sensu_ldap_auth
Summary
Manages Sensu LDAP auth.Overview
Autorequires:
Package[sensu-go-cli]Service[sensu-backend]Sensuctl_configure[puppet]Sensu_api_validator[sensu]Sensu_user[admin]
Examples:
Add a LDAP auth
sensu_ldap_auth { 'openldap':
ensure => 'present',
servers => [
{
'host' => '127.0.0.1',
'port' => 389,
'binding' => {
'user_dn' => 'cn=binder,dc=acme,dc=org',
'password' => 'P@ssw0rd!'
},
'group_search' => {
'base_dn' => 'dc=acme,dc=org',
},
'user_search' => {
'base_dn' => 'dc=acme,dc=org',
},
},
],
}Add an LDAP auth that uses memberOf attribute by omitting group_search
sensu_ldap_auth { 'openldap':
ensure => 'present',
servers => [
{
'host' => '127.0.0.1',
'port' => 389,
'binding' => {
'user_dn' => 'cn=binder,dc=acme,dc=org',
'password' => 'P@ssw0rd!'
},
'user_search' => {
'base_dn' => 'dc=acme,dc=org',
},
},
],
}Properties
-
ensure
(defaults to: present)
The basic property that the resource should be in.
Supported values:- present
- absent
-
groups_prefix
The prefix added to all LDAP groups.
-
servers
LDAP servers as Array of Hashes
Keys:
- host: required
- port: required
- group_search: optional (omit to use memberOf)
- user_search: required
- binding: optional Hash
- insecure: default is
false - security: default is
tls - trusted_ca_file: default is
"" - client_cert_file: default is
"" - client_key_file: default is
"" - default_upn_domain: default is
""
group_search keys:
- base_dn: required
- attribute: default is
member - name_attribute: default is
cn - object_class: default is
groupOfNames
user_search Keys:
- base_dn: required
- attribute: default is
uid - name_attribute: default is
cn - object_class: default is
person
binding keys:
- user_dn: required
- password: required
-
username_prefix
The prefix added to all LDAP usernames.
Parameters
-
name (namevar)
The name of the LDAP auth.
-
provider
The specific backend to use for this
sensu_ldap_authresource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.