Use this resource to create a Nexus Security LDAP configuration.
resource "nexus_security_ldap" "example" {
auth_password = "t0ps3cr3t"
auth_realm = "EXAMPLE"
auth_schema = ""
auth_username = "admin"
connection_retry_delay_seconds = 1
connection_timeout_seconds = 1
group_base_dn = "ou=Group"
group_id_attribute = "cn"
group_member_attribute = "memberUid"
group_member_format = "uid=${username},ou=people,dc=example,dc=com"
group_object_class = "example"
group_subtree = true
host = "ldap.example.com"
ldap_groups_as_roles = true
max_incident_count = 1
name = "example-ldap"
port = 389
protocol = "LDAP"
search_base = "dc=example,dc=com"
user_base_dn = "ou=people"
user_email_address_attribute = "mail"
user_id_attribute = "uid"
user_ldap_filter = "(|(mail=*@example.com)(uid=dom*))"
user_member_of_attribute = "memberOf"
user_object_class = "posixGroup"
user_password_attribute = "exmaple"
user_real_name_attribute = "cn"
user_subtree = true
}
auth_schema
(String) Authentication scheme used for connecting to LDAP serverauth_username
(String) This must be a fully qualified username if simple authentication is used. Required if authScheme other than none.connection_retry_delay_seconds
(Number) How long to wait before retryingconnection_timeout_seconds
(Number) How long to wait before timeoutgroup_type
(String) Defines a type of groups used: static (a group contains a list of users) or dynamic (a user contains a list of groups). Required if ldapGroupsAsRoles is true.host
(String) LDAP server connection hostnamemax_incident_count
(Number) How many retry attemptsname
(String) LDAP server nameport
(Number) LDAP server connection port to useprotocol
(String) LDAP server connection Protocol to usesearch_base
(String) LDAP location to be added to the connection URLauth_password
(String, Sensitive) The password to bind with. Required if authScheme other than none.auth_realm
(String) The SASL realm to bind to. Required if authScheme is CRAM_MD5 or DIGEST_MD5group_base_dn
(String) The relative DN where group objects are found (e.g. ou=Group). This value will have the Search base DN value appended to form the full Group search base DN.group_id_attribute
(String) This field specifies the attribute of the Object class that defines the Group ID. Required if groupType is staticgroup_member_attribute
(String) LDAP attribute containing the usernames for the group. Required if groupType is staticgroup_member_format
(String) The format of user ID stored in the group member attribute. Required if groupType is staticgroup_object_class
(String) LDAP class for group objects. Required if groupType is staticgroup_subtree
(Boolean) Are groups located in structures below the group base DNldap_groups_as_roles
(Boolean) Denotes whether LDAP assigned roles are used as Nexus Repository Manager rolesuse_trust_store
(Boolean) Whether to use certificates stored in Nexus Repository Manager's truststoreuser_base_dn
(String) The relative DN where user objects are found (e.g. ou=people). This value will have the Search base DN value appended to form the full User search base DN.user_email_address_attribute
(String) This is used to find an email address given the user IDuser_id_attribute
(String) This is used to find a user given its user IDuser_ldap_filter
(String) LDAP search filter to limit user searchuser_member_of_attribute
(String) Set this to the attribute used to store the attribute which holds groups DN in the user object. Required if groupType is dynamicuser_object_class
(String) LDAP class for user objectsuser_password_attribute
(String) If this field is blank the user will be authenticated against a bind with the LDAP serveruser_real_name_attribute
(String) This is used to find a real name given the user IDuser_subtree
(Boolean) Are users located in structures below the user base DN?Import is supported using the following syntax:
# import using the name of ldap configuration
terraform import nexus_security_ldap.example example-ldap