infisical-login

The infisical-login provider enables you to log in to Infisical using OpenID Connect or by providing static credentials. The provider will return a set of credentials that can be used to run Infisical CLI commands using the esc run command and also pull in secrets from Infisical using the infisical-secrets provider.

Example

values:
  infisical:
    login:
      fn::open::infisical-login:
        oidc:
          identityId: aaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

Configuring OIDC

To learn how to configure OpenID Connect (OIDC) between Pulumi Cloud and Infisical, see the OpenID Connect integration documentation.

Inputs

Property	Type	Description
`siteUrl`	string	[Optional] - The base URL of the Infisical instance you want to connect to. May be omitted if default US instance is used.
`oidc`	InfisicalLoginOIDC	[Optional] - OIDC configuration to log in to Infisical.
`static`	InfisicalLoginStatic	[Optional] - A static set of credentials to use to log in to Infisical.

InfisicalLoginOIDC

Property	Type	Description
`identityId`	string	The identityId of the Identity to assume.
`subjectAttributes`	string[]	[Optional] - Subject attributes to be included in the OIDC token. For more information see the OpenID subject customization documentation

InfisicalLoginStatic

On your Infisical Identity, add a new Auth method and select Universal Auth. Create a new Client secret and copy both the clientID and clientSecret from Universal Auth.

Property	Type	Description
`clientId`	string	The Universal Auth client id.
`clientSecret`	string	The Universal Auth client secret.

Outputs

Property	Type	Description
`siteUrl`	string	[Optional] - The base URL of the Infisical instance you authenticated to. May be omitted if default US instance was used.
`accessToken`	string	The access token to use for authentication.

infisical-login

On this page

On this page

Example

Configuring OIDC

Inputs

InfisicalLoginOIDC

InfisicalLoginStatic

Outputs

On this page

On this page