Resource Type: puppet_auth_rule

Defined in:

lib/puppet/type/puppet_auth_rule.rb

Providers:

ruby

Overview

Create or remove the rule.

Properties

• allow

  If the request’s authenticated name matches the parameter’s value, Puppet Server allows it.

• allow_unauthenticated

  Enable domain (default)

  Supported values:

  • true
  • false
• deny

  Refuses the request if the authenticated name matches - even if the rule contains an allow value that also matches.

• ensure (defaults to: present)

  Create or remove the rule.

  Supported values:

  • present
  • absent
• match_request_method

  Puppet Server applies that rule only to requests that use its value’s listed HTTP methods.

  Supported values:

  • get
  • post
  • put
  • delete
  • head
• match_request_path

  The parameter path can be a literal string or regular expression

• match_request_type

  Type of the perameter path. The parameter path can be a literal string or regular expression.

  Supported values:

  • regex
  • path
• sort_order (defaults to: 500)

  Sets the order in which Puppet Server evaluates the rule by prioritizing it on a numeric value between 1 and 399 (to be evaluated before default Puppet rules) or 601 to 998 (to be evaluated after Puppet), with lower-numbered values evaluated first.

  Supported values:

  • %r{\d+}

Parameters

• name (namevar)

  Unique string value identifies the rule to Puppet Server

• provider

  The specific backend to use for this ‘puppet_auth_rule` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.