Resource Type: grafana_ldap_server

Defined in:
lib/puppet/type/grafana_ldap_server.rb

Overview

Manage Grafana LDAP servers for LDAP authentication.

Parameters

  • attributes

    Mapping LDAP attributes to their Grafana user-account-properties (optional)

  • bind_dn

    If the LDAP server requires authentication (i.e. non-anonymous), provide the distinguished-name (dn) here (optional)

  • bind_password

    If the LDAP server requires authentication (i.e. non-anonymous), provide the password (optional)

  • client_cert

    If the LDAP server requires certificate-based authentication, specify the client’s certificate (for TLS and SSL, optional)

  • client_key

    If the LDAP server requires certificate-based authentication, specify the client’s certificate (for TLS and SSL, optional)

  • group_search_base_dns

    The base-dn to be used when querying LDAP for group-accounts (optional)

  • group_search_filter

    A search-filter to be used when querying LDAP for group-accounts (optional)

  • group_search_filter_user_attribute

    The attribute to be used to locate matching user-accounts in the group (optional)

  • hosts

    The servers to perform LDAP authentication at

  • port (defaults to: 389)

    The port to connect at the LDAP servers (389 for TLS/plaintext, 636 for SSL [ldaps], optional)

  • root_ca_cert (defaults to: /etc/ssl/certs/ca-certificates.crt)

    The root ca-certificate to verify the LDAP server’s SSL certificate against (for TLS and SSL, optional)

  • search_base_dns (defaults to: [])

    The one or more base-dn to be used when querying LDAP for user-accounts (optional)

  • search_filter

    A search-filter to be used when querying LDAP for user-accounts (optional)

  • ssl_skip_verify (defaults to: false)

    Set to true to disable verification of the LDAP server’s SSL certificate (for TLS and SSL, optional)

    Supported values:
    • true
    • false
    • yes
    • no
  • start_tls (defaults to: true)

    Set to true if you want to perform LDAP via a TLS-connection (not meant to be for SSL, optional)

    Supported values:
    • true
    • false
    • yes
    • no
  • title

    A unique identified for this LDAP server.

  • use_ssl (defaults to: false)

    Set to true if you want to perform LDAP via a SSL-connection (not meant to be for TLS, optional)

    Supported values:
    • true
    • false
    • yes
    • no