Documentation ¶
Index ¶
- type GetDefaultPolicyArgs
- type GetDefaultPolicyOutputArgs
- type GetDefaultPolicyResult
- type GetDefaultPolicyResultOutput
- func (GetDefaultPolicyResultOutput) ElementType() reflect.Type
- func (o GetDefaultPolicyResultOutput) Id() pulumi.StringOutput
- func (o GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutput() GetDefaultPolicyResultOutput
- func (o GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutputWithContext(ctx context.Context) GetDefaultPolicyResultOutput
- func (o GetDefaultPolicyResultOutput) Type() pulumi.StringOutput
- type GetPolicyArgs
- type GetPolicyOutputArgs
- type GetPolicyResult
- type GetPolicyResultOutput
- func (GetPolicyResultOutput) ElementType() reflect.Type
- func (o GetPolicyResultOutput) Id() pulumi.StringOutput
- func (o GetPolicyResultOutput) Name() pulumi.StringOutput
- func (o GetPolicyResultOutput) Status() pulumi.StringOutput
- func (o GetPolicyResultOutput) ToGetPolicyResultOutput() GetPolicyResultOutput
- func (o GetPolicyResultOutput) ToGetPolicyResultOutputWithContext(ctx context.Context) GetPolicyResultOutput
- func (o GetPolicyResultOutput) Type() pulumi.StringOutput
- type Mfa
- type MfaArgs
- type MfaArray
- type MfaArrayInput
- type MfaArrayOutput
- type MfaInput
- type MfaMap
- type MfaMapInput
- type MfaMapOutput
- type MfaOutput
- func (o MfaOutput) Description() pulumi.StringPtrOutput
- func (o MfaOutput) Duo() pulumi.StringMapOutput
- func (MfaOutput) ElementType() reflect.Type
- func (o MfaOutput) ExternalIdp() pulumi.StringMapOutput
- func (o MfaOutput) FidoU2f() pulumi.StringMapOutput
- func (o MfaOutput) FidoWebauthn() pulumi.StringMapOutput
- func (o MfaOutput) GoogleOtp() pulumi.StringMapOutput
- func (o MfaOutput) GroupsIncludeds() pulumi.StringArrayOutput
- func (o MfaOutput) Hotp() pulumi.StringMapOutput
- func (o MfaOutput) IsOie() pulumi.BoolPtrOutput
- func (o MfaOutput) Name() pulumi.StringOutput
- func (o MfaOutput) OktaCall() pulumi.StringMapOutput
- func (o MfaOutput) OktaEmail() pulumi.StringMapOutput
- func (o MfaOutput) OktaOtp() pulumi.StringMapOutput
- func (o MfaOutput) OktaPassword() pulumi.StringMapOutput
- func (o MfaOutput) OktaPush() pulumi.StringMapOutput
- func (o MfaOutput) OktaQuestion() pulumi.StringMapOutput
- func (o MfaOutput) OktaSms() pulumi.StringMapOutput
- func (o MfaOutput) OktaVerify() pulumi.StringMapOutput
- func (o MfaOutput) OnpremMfa() pulumi.StringMapOutput
- func (o MfaOutput) PhoneNumber() pulumi.StringMapOutput
- func (o MfaOutput) Priority() pulumi.IntPtrOutput
- func (o MfaOutput) RsaToken() pulumi.StringMapOutput
- func (o MfaOutput) SecurityQuestion() pulumi.StringMapOutput
- func (o MfaOutput) Status() pulumi.StringPtrOutput
- func (o MfaOutput) SymantecVip() pulumi.StringMapOutput
- func (o MfaOutput) ToMfaOutput() MfaOutput
- func (o MfaOutput) ToMfaOutputWithContext(ctx context.Context) MfaOutput
- func (o MfaOutput) Webauthn() pulumi.StringMapOutput
- func (o MfaOutput) YubikeyToken() pulumi.StringMapOutput
- type MfaState
- type Password
- type PasswordArgs
- type PasswordArray
- type PasswordArrayInput
- type PasswordArrayOutput
- type PasswordInput
- type PasswordMap
- type PasswordMapInput
- type PasswordMapOutput
- type PasswordOutput
- func (o PasswordOutput) AuthProvider() pulumi.StringPtrOutput
- func (o PasswordOutput) CallRecovery() pulumi.StringPtrOutput
- func (o PasswordOutput) Description() pulumi.StringPtrOutput
- func (PasswordOutput) ElementType() reflect.Type
- func (o PasswordOutput) EmailRecovery() pulumi.StringPtrOutput
- func (o PasswordOutput) GroupsIncludeds() pulumi.StringArrayOutput
- func (o PasswordOutput) Name() pulumi.StringOutput
- func (o PasswordOutput) PasswordAutoUnlockMinutes() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordDictionaryLookup() pulumi.BoolPtrOutput
- func (o PasswordOutput) PasswordExcludeFirstName() pulumi.BoolPtrOutput
- func (o PasswordOutput) PasswordExcludeLastName() pulumi.BoolPtrOutput
- func (o PasswordOutput) PasswordExcludeUsername() pulumi.BoolPtrOutput
- func (o PasswordOutput) PasswordExpireWarnDays() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordHistoryCount() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordLockoutNotificationChannels() pulumi.StringArrayOutput
- func (o PasswordOutput) PasswordMaxAgeDays() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordMaxLockoutAttempts() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordMinAgeMinutes() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordMinLength() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordMinLowercase() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordMinNumber() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordMinSymbol() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordMinUppercase() pulumi.IntPtrOutput
- func (o PasswordOutput) PasswordShowLockoutFailures() pulumi.BoolPtrOutput
- func (o PasswordOutput) Priority() pulumi.IntPtrOutput
- func (o PasswordOutput) QuestionMinLength() pulumi.IntPtrOutput
- func (o PasswordOutput) QuestionRecovery() pulumi.StringPtrOutput
- func (o PasswordOutput) RecoveryEmailToken() pulumi.IntPtrOutput
- func (o PasswordOutput) SkipUnlock() pulumi.BoolPtrOutput
- func (o PasswordOutput) SmsRecovery() pulumi.StringPtrOutput
- func (o PasswordOutput) Status() pulumi.StringPtrOutput
- func (o PasswordOutput) ToPasswordOutput() PasswordOutput
- func (o PasswordOutput) ToPasswordOutputWithContext(ctx context.Context) PasswordOutput
- type PasswordState
- type RuleIdpDiscovery
- type RuleIdpDiscoveryAppExclude
- type RuleIdpDiscoveryAppExcludeArgs
- func (RuleIdpDiscoveryAppExcludeArgs) ElementType() reflect.Type
- func (i RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput
- func (i RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeOutput
- type RuleIdpDiscoveryAppExcludeArray
- func (RuleIdpDiscoveryAppExcludeArray) ElementType() reflect.Type
- func (i RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput
- func (i RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeArrayOutput
- type RuleIdpDiscoveryAppExcludeArrayInput
- type RuleIdpDiscoveryAppExcludeArrayOutput
- func (RuleIdpDiscoveryAppExcludeArrayOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryAppExcludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryAppExcludeOutput
- func (o RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput
- func (o RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeArrayOutput
- type RuleIdpDiscoveryAppExcludeInput
- type RuleIdpDiscoveryAppExcludeOutput
- func (RuleIdpDiscoveryAppExcludeOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryAppExcludeOutput) Id() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryAppExcludeOutput) Name() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput
- func (o RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeOutput
- func (o RuleIdpDiscoveryAppExcludeOutput) Type() pulumi.StringOutput
- type RuleIdpDiscoveryAppInclude
- type RuleIdpDiscoveryAppIncludeArgs
- func (RuleIdpDiscoveryAppIncludeArgs) ElementType() reflect.Type
- func (i RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput
- func (i RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeOutput
- type RuleIdpDiscoveryAppIncludeArray
- func (RuleIdpDiscoveryAppIncludeArray) ElementType() reflect.Type
- func (i RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput
- func (i RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeArrayOutput
- type RuleIdpDiscoveryAppIncludeArrayInput
- type RuleIdpDiscoveryAppIncludeArrayOutput
- func (RuleIdpDiscoveryAppIncludeArrayOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryAppIncludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryAppIncludeOutput
- func (o RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput
- func (o RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeArrayOutput
- type RuleIdpDiscoveryAppIncludeInput
- type RuleIdpDiscoveryAppIncludeOutput
- func (RuleIdpDiscoveryAppIncludeOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryAppIncludeOutput) Id() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryAppIncludeOutput) Name() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput
- func (o RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeOutput
- func (o RuleIdpDiscoveryAppIncludeOutput) Type() pulumi.StringOutput
- type RuleIdpDiscoveryArgs
- type RuleIdpDiscoveryArray
- type RuleIdpDiscoveryArrayInput
- type RuleIdpDiscoveryArrayOutput
- func (RuleIdpDiscoveryArrayOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryOutput
- func (o RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutput() RuleIdpDiscoveryArrayOutput
- func (o RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryArrayOutput
- type RuleIdpDiscoveryInput
- type RuleIdpDiscoveryMap
- type RuleIdpDiscoveryMapInput
- type RuleIdpDiscoveryMapOutput
- func (RuleIdpDiscoveryMapOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryMapOutput) MapIndex(k pulumi.StringInput) RuleIdpDiscoveryOutput
- func (o RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutput() RuleIdpDiscoveryMapOutput
- func (o RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutputWithContext(ctx context.Context) RuleIdpDiscoveryMapOutput
- type RuleIdpDiscoveryOutput
- func (o RuleIdpDiscoveryOutput) AppExcludes() RuleIdpDiscoveryAppExcludeArrayOutput
- func (o RuleIdpDiscoveryOutput) AppIncludes() RuleIdpDiscoveryAppIncludeArrayOutput
- func (RuleIdpDiscoveryOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryOutput) IdpId() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryOutput) IdpType() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryOutput) Name() pulumi.StringOutput
- func (o RuleIdpDiscoveryOutput) NetworkConnection() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryOutput) NetworkExcludes() pulumi.StringArrayOutput
- func (o RuleIdpDiscoveryOutput) NetworkIncludes() pulumi.StringArrayOutput
- func (o RuleIdpDiscoveryOutput) PlatformIncludes() RuleIdpDiscoveryPlatformIncludeArrayOutput
- func (o RuleIdpDiscoveryOutput) PolicyId() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryOutput) Policyid() pulumi.StringPtrOutputdeprecated
- func (o RuleIdpDiscoveryOutput) Priority() pulumi.IntPtrOutput
- func (o RuleIdpDiscoveryOutput) Status() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutput() RuleIdpDiscoveryOutput
- func (o RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutputWithContext(ctx context.Context) RuleIdpDiscoveryOutput
- func (o RuleIdpDiscoveryOutput) UserIdentifierAttribute() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryOutput) UserIdentifierPatterns() RuleIdpDiscoveryUserIdentifierPatternArrayOutput
- func (o RuleIdpDiscoveryOutput) UserIdentifierType() pulumi.StringPtrOutput
- type RuleIdpDiscoveryPlatformInclude
- type RuleIdpDiscoveryPlatformIncludeArgs
- func (RuleIdpDiscoveryPlatformIncludeArgs) ElementType() reflect.Type
- func (i RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput
- func (i RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeOutput
- type RuleIdpDiscoveryPlatformIncludeArray
- func (RuleIdpDiscoveryPlatformIncludeArray) ElementType() reflect.Type
- func (i RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput
- func (i RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput
- type RuleIdpDiscoveryPlatformIncludeArrayInput
- type RuleIdpDiscoveryPlatformIncludeArrayOutput
- func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryPlatformIncludeOutput
- func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput
- func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput
- type RuleIdpDiscoveryPlatformIncludeInput
- type RuleIdpDiscoveryPlatformIncludeOutput
- func (RuleIdpDiscoveryPlatformIncludeOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryPlatformIncludeOutput) OsExpression() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryPlatformIncludeOutput) OsType() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput
- func (o RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeOutput
- func (o RuleIdpDiscoveryPlatformIncludeOutput) Type() pulumi.StringPtrOutput
- type RuleIdpDiscoveryState
- type RuleIdpDiscoveryUserIdentifierPattern
- type RuleIdpDiscoveryUserIdentifierPatternArgs
- func (RuleIdpDiscoveryUserIdentifierPatternArgs) ElementType() reflect.Type
- func (i RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput
- func (i RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput
- type RuleIdpDiscoveryUserIdentifierPatternArray
- func (RuleIdpDiscoveryUserIdentifierPatternArray) ElementType() reflect.Type
- func (i RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput
- func (i RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput
- type RuleIdpDiscoveryUserIdentifierPatternArrayInput
- type RuleIdpDiscoveryUserIdentifierPatternArrayOutput
- func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryUserIdentifierPatternOutput
- func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput
- func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput
- type RuleIdpDiscoveryUserIdentifierPatternInput
- type RuleIdpDiscoveryUserIdentifierPatternOutput
- func (RuleIdpDiscoveryUserIdentifierPatternOutput) ElementType() reflect.Type
- func (o RuleIdpDiscoveryUserIdentifierPatternOutput) MatchType() pulumi.StringPtrOutput
- func (o RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput
- func (o RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput
- func (o RuleIdpDiscoveryUserIdentifierPatternOutput) Value() pulumi.StringPtrOutput
- type RuleMfa
- type RuleMfaAppExclude
- type RuleMfaAppExcludeArgs
- type RuleMfaAppExcludeArray
- type RuleMfaAppExcludeArrayInput
- type RuleMfaAppExcludeArrayOutput
- func (RuleMfaAppExcludeArrayOutput) ElementType() reflect.Type
- func (o RuleMfaAppExcludeArrayOutput) Index(i pulumi.IntInput) RuleMfaAppExcludeOutput
- func (o RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutput() RuleMfaAppExcludeArrayOutput
- func (o RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutputWithContext(ctx context.Context) RuleMfaAppExcludeArrayOutput
- type RuleMfaAppExcludeInput
- type RuleMfaAppExcludeOutput
- func (RuleMfaAppExcludeOutput) ElementType() reflect.Type
- func (o RuleMfaAppExcludeOutput) Id() pulumi.StringPtrOutput
- func (o RuleMfaAppExcludeOutput) Name() pulumi.StringPtrOutput
- func (o RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutput() RuleMfaAppExcludeOutput
- func (o RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutputWithContext(ctx context.Context) RuleMfaAppExcludeOutput
- func (o RuleMfaAppExcludeOutput) Type() pulumi.StringOutput
- type RuleMfaAppInclude
- type RuleMfaAppIncludeArgs
- type RuleMfaAppIncludeArray
- type RuleMfaAppIncludeArrayInput
- type RuleMfaAppIncludeArrayOutput
- func (RuleMfaAppIncludeArrayOutput) ElementType() reflect.Type
- func (o RuleMfaAppIncludeArrayOutput) Index(i pulumi.IntInput) RuleMfaAppIncludeOutput
- func (o RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutput() RuleMfaAppIncludeArrayOutput
- func (o RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutputWithContext(ctx context.Context) RuleMfaAppIncludeArrayOutput
- type RuleMfaAppIncludeInput
- type RuleMfaAppIncludeOutput
- func (RuleMfaAppIncludeOutput) ElementType() reflect.Type
- func (o RuleMfaAppIncludeOutput) Id() pulumi.StringPtrOutput
- func (o RuleMfaAppIncludeOutput) Name() pulumi.StringPtrOutput
- func (o RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutput() RuleMfaAppIncludeOutput
- func (o RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutputWithContext(ctx context.Context) RuleMfaAppIncludeOutput
- func (o RuleMfaAppIncludeOutput) Type() pulumi.StringOutput
- type RuleMfaArgs
- type RuleMfaArray
- type RuleMfaArrayInput
- type RuleMfaArrayOutput
- type RuleMfaInput
- type RuleMfaMap
- type RuleMfaMapInput
- type RuleMfaMapOutput
- type RuleMfaOutput
- func (o RuleMfaOutput) AppExcludes() RuleMfaAppExcludeArrayOutput
- func (o RuleMfaOutput) AppIncludes() RuleMfaAppIncludeArrayOutput
- func (RuleMfaOutput) ElementType() reflect.Type
- func (o RuleMfaOutput) Enroll() pulumi.StringPtrOutput
- func (o RuleMfaOutput) Name() pulumi.StringOutput
- func (o RuleMfaOutput) NetworkConnection() pulumi.StringPtrOutput
- func (o RuleMfaOutput) NetworkExcludes() pulumi.StringArrayOutput
- func (o RuleMfaOutput) NetworkIncludes() pulumi.StringArrayOutput
- func (o RuleMfaOutput) PolicyId() pulumi.StringPtrOutput
- func (o RuleMfaOutput) Policyid() pulumi.StringPtrOutputdeprecated
- func (o RuleMfaOutput) Priority() pulumi.IntPtrOutput
- func (o RuleMfaOutput) Status() pulumi.StringPtrOutput
- func (o RuleMfaOutput) ToRuleMfaOutput() RuleMfaOutput
- func (o RuleMfaOutput) ToRuleMfaOutputWithContext(ctx context.Context) RuleMfaOutput
- func (o RuleMfaOutput) UsersExcludeds() pulumi.StringArrayOutput
- type RuleMfaState
- type RulePassword
- type RulePasswordArgs
- type RulePasswordArray
- type RulePasswordArrayInput
- type RulePasswordArrayOutput
- func (RulePasswordArrayOutput) ElementType() reflect.Type
- func (o RulePasswordArrayOutput) Index(i pulumi.IntInput) RulePasswordOutput
- func (o RulePasswordArrayOutput) ToRulePasswordArrayOutput() RulePasswordArrayOutput
- func (o RulePasswordArrayOutput) ToRulePasswordArrayOutputWithContext(ctx context.Context) RulePasswordArrayOutput
- type RulePasswordInput
- type RulePasswordMap
- type RulePasswordMapInput
- type RulePasswordMapOutput
- func (RulePasswordMapOutput) ElementType() reflect.Type
- func (o RulePasswordMapOutput) MapIndex(k pulumi.StringInput) RulePasswordOutput
- func (o RulePasswordMapOutput) ToRulePasswordMapOutput() RulePasswordMapOutput
- func (o RulePasswordMapOutput) ToRulePasswordMapOutputWithContext(ctx context.Context) RulePasswordMapOutput
- type RulePasswordOutput
- func (RulePasswordOutput) ElementType() reflect.Type
- func (o RulePasswordOutput) Name() pulumi.StringOutput
- func (o RulePasswordOutput) NetworkConnection() pulumi.StringPtrOutput
- func (o RulePasswordOutput) NetworkExcludes() pulumi.StringArrayOutput
- func (o RulePasswordOutput) NetworkIncludes() pulumi.StringArrayOutput
- func (o RulePasswordOutput) PasswordChange() pulumi.StringPtrOutput
- func (o RulePasswordOutput) PasswordReset() pulumi.StringPtrOutput
- func (o RulePasswordOutput) PasswordUnlock() pulumi.StringPtrOutput
- func (o RulePasswordOutput) PolicyId() pulumi.StringPtrOutput
- func (o RulePasswordOutput) Policyid() pulumi.StringPtrOutputdeprecated
- func (o RulePasswordOutput) Priority() pulumi.IntPtrOutput
- func (o RulePasswordOutput) Status() pulumi.StringPtrOutput
- func (o RulePasswordOutput) ToRulePasswordOutput() RulePasswordOutput
- func (o RulePasswordOutput) ToRulePasswordOutputWithContext(ctx context.Context) RulePasswordOutput
- func (o RulePasswordOutput) UsersExcludeds() pulumi.StringArrayOutput
- type RulePasswordState
- type RuleSignon
- type RuleSignonArgs
- type RuleSignonArray
- type RuleSignonArrayInput
- type RuleSignonArrayOutput
- func (RuleSignonArrayOutput) ElementType() reflect.Type
- func (o RuleSignonArrayOutput) Index(i pulumi.IntInput) RuleSignonOutput
- func (o RuleSignonArrayOutput) ToRuleSignonArrayOutput() RuleSignonArrayOutput
- func (o RuleSignonArrayOutput) ToRuleSignonArrayOutputWithContext(ctx context.Context) RuleSignonArrayOutput
- type RuleSignonFactorSequence
- type RuleSignonFactorSequenceArgs
- func (RuleSignonFactorSequenceArgs) ElementType() reflect.Type
- func (i RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput
- func (i RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutputWithContext(ctx context.Context) RuleSignonFactorSequenceOutput
- type RuleSignonFactorSequenceArray
- func (RuleSignonFactorSequenceArray) ElementType() reflect.Type
- func (i RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput
- func (i RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceArrayOutput
- type RuleSignonFactorSequenceArrayInput
- type RuleSignonFactorSequenceArrayOutput
- func (RuleSignonFactorSequenceArrayOutput) ElementType() reflect.Type
- func (o RuleSignonFactorSequenceArrayOutput) Index(i pulumi.IntInput) RuleSignonFactorSequenceOutput
- func (o RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput
- func (o RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceArrayOutput
- type RuleSignonFactorSequenceInput
- type RuleSignonFactorSequenceOutput
- func (RuleSignonFactorSequenceOutput) ElementType() reflect.Type
- func (o RuleSignonFactorSequenceOutput) PrimaryCriteriaFactorType() pulumi.StringOutput
- func (o RuleSignonFactorSequenceOutput) PrimaryCriteriaProvider() pulumi.StringOutput
- func (o RuleSignonFactorSequenceOutput) SecondaryCriterias() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
- func (o RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput
- func (o RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutputWithContext(ctx context.Context) RuleSignonFactorSequenceOutput
- type RuleSignonFactorSequenceSecondaryCriteria
- type RuleSignonFactorSequenceSecondaryCriteriaArgs
- func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ElementType() reflect.Type
- func (i RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput
- func (i RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput
- type RuleSignonFactorSequenceSecondaryCriteriaArray
- func (RuleSignonFactorSequenceSecondaryCriteriaArray) ElementType() reflect.Type
- func (i RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
- func (i RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
- type RuleSignonFactorSequenceSecondaryCriteriaArrayInput
- type RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
- func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ElementType() reflect.Type
- func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) Index(i pulumi.IntInput) RuleSignonFactorSequenceSecondaryCriteriaOutput
- func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
- func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
- type RuleSignonFactorSequenceSecondaryCriteriaInput
- type RuleSignonFactorSequenceSecondaryCriteriaOutput
- func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ElementType() reflect.Type
- func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) FactorType() pulumi.StringOutput
- func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) Provider() pulumi.StringOutput
- func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput
- func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput
- type RuleSignonInput
- type RuleSignonMap
- type RuleSignonMapInput
- type RuleSignonMapOutput
- func (RuleSignonMapOutput) ElementType() reflect.Type
- func (o RuleSignonMapOutput) MapIndex(k pulumi.StringInput) RuleSignonOutput
- func (o RuleSignonMapOutput) ToRuleSignonMapOutput() RuleSignonMapOutput
- func (o RuleSignonMapOutput) ToRuleSignonMapOutputWithContext(ctx context.Context) RuleSignonMapOutput
- type RuleSignonOutput
- func (o RuleSignonOutput) Access() pulumi.StringPtrOutput
- func (o RuleSignonOutput) Authtype() pulumi.StringPtrOutput
- func (o RuleSignonOutput) Behaviors() pulumi.StringArrayOutput
- func (RuleSignonOutput) ElementType() reflect.Type
- func (o RuleSignonOutput) FactorSequences() RuleSignonFactorSequenceArrayOutput
- func (o RuleSignonOutput) IdentityProvider() pulumi.StringPtrOutput
- func (o RuleSignonOutput) IdentityProviderIds() pulumi.StringArrayOutput
- func (o RuleSignonOutput) MfaLifetime() pulumi.IntPtrOutput
- func (o RuleSignonOutput) MfaPrompt() pulumi.StringPtrOutput
- func (o RuleSignonOutput) MfaRememberDevice() pulumi.BoolPtrOutput
- func (o RuleSignonOutput) MfaRequired() pulumi.BoolPtrOutput
- func (o RuleSignonOutput) Name() pulumi.StringOutput
- func (o RuleSignonOutput) NetworkConnection() pulumi.StringPtrOutput
- func (o RuleSignonOutput) NetworkExcludes() pulumi.StringArrayOutput
- func (o RuleSignonOutput) NetworkIncludes() pulumi.StringArrayOutput
- func (o RuleSignonOutput) PolicyId() pulumi.StringPtrOutput
- func (o RuleSignonOutput) Policyid() pulumi.StringPtrOutputdeprecated
- func (o RuleSignonOutput) PrimaryFactor() pulumi.StringOutput
- func (o RuleSignonOutput) Priority() pulumi.IntPtrOutput
- func (o RuleSignonOutput) RiscLevel() pulumi.StringPtrOutput
- func (o RuleSignonOutput) SessionIdle() pulumi.IntPtrOutput
- func (o RuleSignonOutput) SessionLifetime() pulumi.IntPtrOutput
- func (o RuleSignonOutput) SessionPersistent() pulumi.BoolPtrOutput
- func (o RuleSignonOutput) Status() pulumi.StringPtrOutput
- func (o RuleSignonOutput) ToRuleSignonOutput() RuleSignonOutput
- func (o RuleSignonOutput) ToRuleSignonOutputWithContext(ctx context.Context) RuleSignonOutput
- func (o RuleSignonOutput) UsersExcludeds() pulumi.StringArrayOutput
- type RuleSignonState
- type Signon
- type SignonArgs
- type SignonArray
- type SignonArrayInput
- type SignonArrayOutput
- type SignonInput
- type SignonMap
- type SignonMapInput
- type SignonMapOutput
- type SignonOutput
- func (o SignonOutput) Description() pulumi.StringPtrOutput
- func (SignonOutput) ElementType() reflect.Type
- func (o SignonOutput) GroupsIncludeds() pulumi.StringArrayOutput
- func (o SignonOutput) Name() pulumi.StringOutput
- func (o SignonOutput) Priority() pulumi.IntPtrOutput
- func (o SignonOutput) Status() pulumi.StringPtrOutput
- func (o SignonOutput) ToSignonOutput() SignonOutput
- func (o SignonOutput) ToSignonOutputWithContext(ctx context.Context) SignonOutput
- type SignonState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GetDefaultPolicyArgs ¶
type GetDefaultPolicyArgs struct { // Type of policy to retrieve. Valid values: `OKTA_SIGN_ON`, `PASSWORD`, `MFA_ENROLL`, `IDP_DISCOVERY` // `"IDP_DISCOVERY"`, `"ACCESS_POLICY"` (**only available as a part of the Identity Engine**), `"PROFILE_ENROLLMENT"` (**only available as a part of the Identity Engine**) Type string `pulumi:"type"` }
A collection of arguments for invoking getDefaultPolicy.
type GetDefaultPolicyOutputArgs ¶ added in v3.2.0
type GetDefaultPolicyOutputArgs struct { // Type of policy to retrieve. Valid values: `OKTA_SIGN_ON`, `PASSWORD`, `MFA_ENROLL`, `IDP_DISCOVERY` // `"IDP_DISCOVERY"`, `"ACCESS_POLICY"` (**only available as a part of the Identity Engine**), `"PROFILE_ENROLLMENT"` (**only available as a part of the Identity Engine**) Type pulumi.StringInput `pulumi:"type"` }
A collection of arguments for invoking getDefaultPolicy.
func (GetDefaultPolicyOutputArgs) ElementType ¶ added in v3.2.0
func (GetDefaultPolicyOutputArgs) ElementType() reflect.Type
type GetDefaultPolicyResult ¶
type GetDefaultPolicyResult struct { // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // type of policy. Type string `pulumi:"type"` }
A collection of values returned by getDefaultPolicy.
func GetDefaultPolicy ¶
func GetDefaultPolicy(ctx *pulumi.Context, args *GetDefaultPolicyArgs, opts ...pulumi.InvokeOption) (*GetDefaultPolicyResult, error)
Use this data source to retrieve a default policy from Okta. This same thing can be achieved using the `policy.getPolicy` with default names, this is simply a shortcut.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{ Type: "PASSWORD", }, nil) if err != nil { return err } return nil }) }
```
type GetDefaultPolicyResultOutput ¶ added in v3.2.0
type GetDefaultPolicyResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getDefaultPolicy.
func GetDefaultPolicyOutput ¶ added in v3.2.0
func GetDefaultPolicyOutput(ctx *pulumi.Context, args GetDefaultPolicyOutputArgs, opts ...pulumi.InvokeOption) GetDefaultPolicyResultOutput
func (GetDefaultPolicyResultOutput) ElementType ¶ added in v3.2.0
func (GetDefaultPolicyResultOutput) ElementType() reflect.Type
func (GetDefaultPolicyResultOutput) Id ¶ added in v3.2.0
func (o GetDefaultPolicyResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutput ¶ added in v3.2.0
func (o GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutput() GetDefaultPolicyResultOutput
func (GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutputWithContext ¶ added in v3.2.0
func (o GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutputWithContext(ctx context.Context) GetDefaultPolicyResultOutput
func (GetDefaultPolicyResultOutput) Type ¶ added in v3.2.0
func (o GetDefaultPolicyResultOutput) Type() pulumi.StringOutput
type of policy.
type GetPolicyArgs ¶
type GetPolicyArgs struct { // Name of policy to retrieve. Name string `pulumi:"name"` // Type of policy to retrieve. See https://developer.okta.com/docs/reference/api/policy/#policy-object for valid values. Currently: // - All: Type string `pulumi:"type"` }
A collection of arguments for invoking getPolicy.
type GetPolicyOutputArgs ¶ added in v3.2.0
type GetPolicyOutputArgs struct { // Name of policy to retrieve. Name pulumi.StringInput `pulumi:"name"` // Type of policy to retrieve. See https://developer.okta.com/docs/reference/api/policy/#policy-object for valid values. Currently: // - All: Type pulumi.StringInput `pulumi:"type"` }
A collection of arguments for invoking getPolicy.
func (GetPolicyOutputArgs) ElementType ¶ added in v3.2.0
func (GetPolicyOutputArgs) ElementType() reflect.Type
type GetPolicyResult ¶
type GetPolicyResult struct { // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // name of policy. Name string `pulumi:"name"` Status string `pulumi:"status"` // type of policy. Type string `pulumi:"type"` }
A collection of values returned by getPolicy.
func GetPolicy ¶
func GetPolicy(ctx *pulumi.Context, args *GetPolicyArgs, opts ...pulumi.InvokeOption) (*GetPolicyResult, error)
Use this data source to retrieve a policy from Okta.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := policy.GetPolicy(ctx, &policy.GetPolicyArgs{ Name: "Password Policy Example", Type: "PASSWORD", }, nil) if err != nil { return err } return nil }) }
```
type GetPolicyResultOutput ¶ added in v3.2.0
type GetPolicyResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getPolicy.
func GetPolicyOutput ¶ added in v3.2.0
func GetPolicyOutput(ctx *pulumi.Context, args GetPolicyOutputArgs, opts ...pulumi.InvokeOption) GetPolicyResultOutput
func (GetPolicyResultOutput) ElementType ¶ added in v3.2.0
func (GetPolicyResultOutput) ElementType() reflect.Type
func (GetPolicyResultOutput) Id ¶ added in v3.2.0
func (o GetPolicyResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetPolicyResultOutput) Name ¶ added in v3.2.0
func (o GetPolicyResultOutput) Name() pulumi.StringOutput
name of policy.
func (GetPolicyResultOutput) Status ¶ added in v3.3.0
func (o GetPolicyResultOutput) Status() pulumi.StringOutput
func (GetPolicyResultOutput) ToGetPolicyResultOutput ¶ added in v3.2.0
func (o GetPolicyResultOutput) ToGetPolicyResultOutput() GetPolicyResultOutput
func (GetPolicyResultOutput) ToGetPolicyResultOutputWithContext ¶ added in v3.2.0
func (o GetPolicyResultOutput) ToGetPolicyResultOutputWithContext(ctx context.Context) GetPolicyResultOutput
func (GetPolicyResultOutput) Type ¶ added in v3.2.0
func (o GetPolicyResultOutput) Type() pulumi.StringOutput
type of policy.
type Mfa ¶
type Mfa struct { pulumi.CustomResourceState // Policy Description. Description pulumi.StringPtrOutput `pulumi:"description"` // DUO MFA policy settings (✓ Classic, ✓ OIE). Duo pulumi.StringMapOutput `pulumi:"duo"` // External IDP MFA policy settings (✓ OIE). ExternalIdp pulumi.StringMapOutput `pulumi:"externalIdp"` // Fido U2F MFA policy settings (✓ Classic). FidoU2f pulumi.StringMapOutput `pulumi:"fidoU2f"` // Fido Web Authn MFA policy settings (✓ Classic). FidoWebauthn pulumi.StringMapOutput `pulumi:"fidoWebauthn"` // Google OTP MFA policy settings (✓ Classic, ✓ OIE). GoogleOtp pulumi.StringMapOutput `pulumi:"googleOtp"` // List of Group IDs to Include. GroupsIncludeds pulumi.StringArrayOutput `pulumi:"groupsIncludeds"` // HMAC-based One-Time Password MFA policy settings (✓ Classic). Hotp pulumi.StringMapOutput `pulumi:"hotp"` // Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`) // > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature. IsOie pulumi.BoolPtrOutput `pulumi:"isOie"` // Policy Name. Name pulumi.StringOutput `pulumi:"name"` // Okta Call MFA policy settings (✓ Classic). OktaCall pulumi.StringMapOutput `pulumi:"oktaCall"` // Okta Email MFA policy settings (✓ Classic, ✓ OIE). OktaEmail pulumi.StringMapOutput `pulumi:"oktaEmail"` // Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic). OktaOtp pulumi.StringMapOutput `pulumi:"oktaOtp"` // Okta Password MFA policy settings (✓ Classic, ✓ OIE). OktaPassword pulumi.StringMapOutput `pulumi:"oktaPassword"` // Okta Push MFA policy settings (✓ Classic). OktaPush pulumi.StringMapOutput `pulumi:"oktaPush"` // Okta Question MFA policy settings (✓ Classic). OktaQuestion pulumi.StringMapOutput `pulumi:"oktaQuestion"` // Okta SMS MFA policy settings (✓ Classic). OktaSms pulumi.StringMapOutput `pulumi:"oktaSms"` // Okta Verify MFA policy settings (✓ OIE). OktaVerify pulumi.StringMapOutput `pulumi:"oktaVerify"` // On-Prem MFA MFA policy settings (✓ OIE). OnpremMfa pulumi.StringMapOutput `pulumi:"onpremMfa"` // Phone Number MFA policy settings (✓ OIE). PhoneNumber pulumi.StringMapOutput `pulumi:"phoneNumber"` // Priority of the policy. Priority pulumi.IntPtrOutput `pulumi:"priority"` // RSA Token MFA policy settings (✓ Classic, ✓ OIE). RsaToken pulumi.StringMapOutput `pulumi:"rsaToken"` // Security Question MFA policy settings (✓ OIE). SecurityQuestion pulumi.StringMapOutput `pulumi:"securityQuestion"` // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrOutput `pulumi:"status"` // Symantec VIP MFA policy settings (✓ Classic). SymantecVip pulumi.StringMapOutput `pulumi:"symantecVip"` // FIDO2 (WebAuthn) MFA policy settings (✓ OIE). Webauthn pulumi.StringMapOutput `pulumi:"webauthn"` // Yubikey Token MFA policy settings (✓ Classic, ✓ OIE). YubikeyToken pulumi.StringMapOutput `pulumi:"yubikeyToken"` }
Creates an MFA Policy.
This resource allows you to create and configure an MFA Policy.
> Requires Org Feature Flag `OKTA_MFA_POLICY`. Contact support to have this feature flag ***enabled***.
> Unless Org Feature Flag `ENG_ENABLE_OPTIONAL_PASSWORD_ENROLLMENT` is ***disabled*** `oktaPassword` or `oktaEmail` must be present and its `enroll` value set to `REQUIRED`. Contact support to have this feature flag ***disabled***.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := policy.NewMfa(ctx, "classicExample", &policy.MfaArgs{ Description: pulumi.String("Example MFA policy using Okta Classic engine with factors."), GroupsIncludeds: pulumi.StringArray{ data.Okta_group.Everyone.Id, }, IsOie: pulumi.Bool(false), OktaOtp: pulumi.StringMap{ "enroll": pulumi.String("REQUIRED"), }, OktaPassword: pulumi.StringMap{ "enroll": pulumi.String("REQUIRED"), }, Status: pulumi.String("ACTIVE"), }) if err != nil { return err } _, err = policy.NewMfa(ctx, "oieExample", &policy.MfaArgs{ Description: pulumi.String("Example MFA policy that uses Okta Identity Engine (OIE) with authenticators"), GroupsIncludeds: pulumi.StringArray{ data.Okta_group.Everyone.Id, }, IsOie: pulumi.Bool(true), OktaPassword: pulumi.StringMap{ "enroll": pulumi.String("REQUIRED"), }, OktaVerify: pulumi.StringMap{ "enroll": pulumi.String("REQUIRED"), }, Status: pulumi.String("ACTIVE"), }) if err != nil { return err } return nil }) }
```
## Import
An MFA Policy can be imported via the Okta ID.
```sh
$ pulumi import okta:policy/mfa:Mfa example <policy id>
```
func GetMfa ¶
func GetMfa(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MfaState, opts ...pulumi.ResourceOption) (*Mfa, error)
GetMfa gets an existing Mfa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMfa ¶
func NewMfa(ctx *pulumi.Context, name string, args *MfaArgs, opts ...pulumi.ResourceOption) (*Mfa, error)
NewMfa registers a new resource with the given unique name, arguments, and options.
func (*Mfa) ElementType ¶
func (*Mfa) ToMfaOutput ¶
type MfaArgs ¶
type MfaArgs struct { // Policy Description. Description pulumi.StringPtrInput // DUO MFA policy settings (✓ Classic, ✓ OIE). Duo pulumi.StringMapInput // External IDP MFA policy settings (✓ OIE). ExternalIdp pulumi.StringMapInput // Fido U2F MFA policy settings (✓ Classic). FidoU2f pulumi.StringMapInput // Fido Web Authn MFA policy settings (✓ Classic). FidoWebauthn pulumi.StringMapInput // Google OTP MFA policy settings (✓ Classic, ✓ OIE). GoogleOtp pulumi.StringMapInput // List of Group IDs to Include. GroupsIncludeds pulumi.StringArrayInput // HMAC-based One-Time Password MFA policy settings (✓ Classic). Hotp pulumi.StringMapInput // Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`) // > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature. IsOie pulumi.BoolPtrInput // Policy Name. Name pulumi.StringPtrInput // Okta Call MFA policy settings (✓ Classic). OktaCall pulumi.StringMapInput // Okta Email MFA policy settings (✓ Classic, ✓ OIE). OktaEmail pulumi.StringMapInput // Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic). OktaOtp pulumi.StringMapInput // Okta Password MFA policy settings (✓ Classic, ✓ OIE). OktaPassword pulumi.StringMapInput // Okta Push MFA policy settings (✓ Classic). OktaPush pulumi.StringMapInput // Okta Question MFA policy settings (✓ Classic). OktaQuestion pulumi.StringMapInput // Okta SMS MFA policy settings (✓ Classic). OktaSms pulumi.StringMapInput // Okta Verify MFA policy settings (✓ OIE). OktaVerify pulumi.StringMapInput // On-Prem MFA MFA policy settings (✓ OIE). OnpremMfa pulumi.StringMapInput // Phone Number MFA policy settings (✓ OIE). PhoneNumber pulumi.StringMapInput // Priority of the policy. Priority pulumi.IntPtrInput // RSA Token MFA policy settings (✓ Classic, ✓ OIE). RsaToken pulumi.StringMapInput // Security Question MFA policy settings (✓ OIE). SecurityQuestion pulumi.StringMapInput // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput // Symantec VIP MFA policy settings (✓ Classic). SymantecVip pulumi.StringMapInput // FIDO2 (WebAuthn) MFA policy settings (✓ OIE). Webauthn pulumi.StringMapInput // Yubikey Token MFA policy settings (✓ Classic, ✓ OIE). YubikeyToken pulumi.StringMapInput }
The set of arguments for constructing a Mfa resource.
func (MfaArgs) ElementType ¶
type MfaArray ¶
type MfaArray []MfaInput
func (MfaArray) ElementType ¶
func (MfaArray) ToMfaArrayOutput ¶
func (i MfaArray) ToMfaArrayOutput() MfaArrayOutput
func (MfaArray) ToMfaArrayOutputWithContext ¶
func (i MfaArray) ToMfaArrayOutputWithContext(ctx context.Context) MfaArrayOutput
type MfaArrayInput ¶
type MfaArrayInput interface { pulumi.Input ToMfaArrayOutput() MfaArrayOutput ToMfaArrayOutputWithContext(context.Context) MfaArrayOutput }
MfaArrayInput is an input type that accepts MfaArray and MfaArrayOutput values. You can construct a concrete instance of `MfaArrayInput` via:
MfaArray{ MfaArgs{...} }
type MfaArrayOutput ¶
type MfaArrayOutput struct{ *pulumi.OutputState }
func (MfaArrayOutput) ElementType ¶
func (MfaArrayOutput) ElementType() reflect.Type
func (MfaArrayOutput) ToMfaArrayOutput ¶
func (o MfaArrayOutput) ToMfaArrayOutput() MfaArrayOutput
func (MfaArrayOutput) ToMfaArrayOutputWithContext ¶
func (o MfaArrayOutput) ToMfaArrayOutputWithContext(ctx context.Context) MfaArrayOutput
type MfaMap ¶
func (MfaMap) ElementType ¶
func (MfaMap) ToMfaMapOutput ¶
func (i MfaMap) ToMfaMapOutput() MfaMapOutput
func (MfaMap) ToMfaMapOutputWithContext ¶
func (i MfaMap) ToMfaMapOutputWithContext(ctx context.Context) MfaMapOutput
type MfaMapInput ¶
type MfaMapInput interface { pulumi.Input ToMfaMapOutput() MfaMapOutput ToMfaMapOutputWithContext(context.Context) MfaMapOutput }
MfaMapInput is an input type that accepts MfaMap and MfaMapOutput values. You can construct a concrete instance of `MfaMapInput` via:
MfaMap{ "key": MfaArgs{...} }
type MfaMapOutput ¶
type MfaMapOutput struct{ *pulumi.OutputState }
func (MfaMapOutput) ElementType ¶
func (MfaMapOutput) ElementType() reflect.Type
func (MfaMapOutput) MapIndex ¶
func (o MfaMapOutput) MapIndex(k pulumi.StringInput) MfaOutput
func (MfaMapOutput) ToMfaMapOutput ¶
func (o MfaMapOutput) ToMfaMapOutput() MfaMapOutput
func (MfaMapOutput) ToMfaMapOutputWithContext ¶
func (o MfaMapOutput) ToMfaMapOutputWithContext(ctx context.Context) MfaMapOutput
type MfaOutput ¶
type MfaOutput struct{ *pulumi.OutputState }
func (MfaOutput) Description ¶ added in v3.9.0
func (o MfaOutput) Description() pulumi.StringPtrOutput
Policy Description.
func (MfaOutput) Duo ¶ added in v3.9.0
func (o MfaOutput) Duo() pulumi.StringMapOutput
DUO MFA policy settings (✓ Classic, ✓ OIE).
func (MfaOutput) ElementType ¶
func (MfaOutput) ExternalIdp ¶ added in v3.9.0
func (o MfaOutput) ExternalIdp() pulumi.StringMapOutput
External IDP MFA policy settings (✓ OIE).
func (MfaOutput) FidoU2f ¶ added in v3.9.0
func (o MfaOutput) FidoU2f() pulumi.StringMapOutput
Fido U2F MFA policy settings (✓ Classic).
func (MfaOutput) FidoWebauthn ¶ added in v3.9.0
func (o MfaOutput) FidoWebauthn() pulumi.StringMapOutput
Fido Web Authn MFA policy settings (✓ Classic).
func (MfaOutput) GoogleOtp ¶ added in v3.9.0
func (o MfaOutput) GoogleOtp() pulumi.StringMapOutput
Google OTP MFA policy settings (✓ Classic, ✓ OIE).
func (MfaOutput) GroupsIncludeds ¶ added in v3.9.0
func (o MfaOutput) GroupsIncludeds() pulumi.StringArrayOutput
List of Group IDs to Include.
func (MfaOutput) Hotp ¶ added in v3.9.0
func (o MfaOutput) Hotp() pulumi.StringMapOutput
HMAC-based One-Time Password MFA policy settings (✓ Classic).
func (MfaOutput) IsOie ¶ added in v3.9.0
func (o MfaOutput) IsOie() pulumi.BoolPtrOutput
Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`) > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.
func (MfaOutput) OktaCall ¶ added in v3.9.0
func (o MfaOutput) OktaCall() pulumi.StringMapOutput
Okta Call MFA policy settings (✓ Classic).
func (MfaOutput) OktaEmail ¶ added in v3.9.0
func (o MfaOutput) OktaEmail() pulumi.StringMapOutput
Okta Email MFA policy settings (✓ Classic, ✓ OIE).
func (MfaOutput) OktaOtp ¶ added in v3.9.0
func (o MfaOutput) OktaOtp() pulumi.StringMapOutput
Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).
func (MfaOutput) OktaPassword ¶ added in v3.9.0
func (o MfaOutput) OktaPassword() pulumi.StringMapOutput
Okta Password MFA policy settings (✓ Classic, ✓ OIE).
func (MfaOutput) OktaPush ¶ added in v3.9.0
func (o MfaOutput) OktaPush() pulumi.StringMapOutput
Okta Push MFA policy settings (✓ Classic).
func (MfaOutput) OktaQuestion ¶ added in v3.9.0
func (o MfaOutput) OktaQuestion() pulumi.StringMapOutput
Okta Question MFA policy settings (✓ Classic).
func (MfaOutput) OktaSms ¶ added in v3.9.0
func (o MfaOutput) OktaSms() pulumi.StringMapOutput
Okta SMS MFA policy settings (✓ Classic).
func (MfaOutput) OktaVerify ¶ added in v3.9.0
func (o MfaOutput) OktaVerify() pulumi.StringMapOutput
Okta Verify MFA policy settings (✓ OIE).
func (MfaOutput) OnpremMfa ¶ added in v3.9.0
func (o MfaOutput) OnpremMfa() pulumi.StringMapOutput
On-Prem MFA MFA policy settings (✓ OIE).
func (MfaOutput) PhoneNumber ¶ added in v3.9.0
func (o MfaOutput) PhoneNumber() pulumi.StringMapOutput
Phone Number MFA policy settings (✓ OIE).
func (MfaOutput) Priority ¶ added in v3.9.0
func (o MfaOutput) Priority() pulumi.IntPtrOutput
Priority of the policy.
func (MfaOutput) RsaToken ¶ added in v3.9.0
func (o MfaOutput) RsaToken() pulumi.StringMapOutput
RSA Token MFA policy settings (✓ Classic, ✓ OIE).
func (MfaOutput) SecurityQuestion ¶ added in v3.9.0
func (o MfaOutput) SecurityQuestion() pulumi.StringMapOutput
Security Question MFA policy settings (✓ OIE).
func (MfaOutput) Status ¶ added in v3.9.0
func (o MfaOutput) Status() pulumi.StringPtrOutput
Policy Status: `"ACTIVE"` or `"INACTIVE"`.
func (MfaOutput) SymantecVip ¶ added in v3.9.0
func (o MfaOutput) SymantecVip() pulumi.StringMapOutput
Symantec VIP MFA policy settings (✓ Classic).
func (MfaOutput) ToMfaOutput ¶
func (MfaOutput) ToMfaOutputWithContext ¶
func (MfaOutput) Webauthn ¶ added in v3.9.0
func (o MfaOutput) Webauthn() pulumi.StringMapOutput
FIDO2 (WebAuthn) MFA policy settings (✓ OIE).
func (MfaOutput) YubikeyToken ¶ added in v3.9.0
func (o MfaOutput) YubikeyToken() pulumi.StringMapOutput
Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).
type MfaState ¶
type MfaState struct { // Policy Description. Description pulumi.StringPtrInput // DUO MFA policy settings (✓ Classic, ✓ OIE). Duo pulumi.StringMapInput // External IDP MFA policy settings (✓ OIE). ExternalIdp pulumi.StringMapInput // Fido U2F MFA policy settings (✓ Classic). FidoU2f pulumi.StringMapInput // Fido Web Authn MFA policy settings (✓ Classic). FidoWebauthn pulumi.StringMapInput // Google OTP MFA policy settings (✓ Classic, ✓ OIE). GoogleOtp pulumi.StringMapInput // List of Group IDs to Include. GroupsIncludeds pulumi.StringArrayInput // HMAC-based One-Time Password MFA policy settings (✓ Classic). Hotp pulumi.StringMapInput // Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`) // > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature. IsOie pulumi.BoolPtrInput // Policy Name. Name pulumi.StringPtrInput // Okta Call MFA policy settings (✓ Classic). OktaCall pulumi.StringMapInput // Okta Email MFA policy settings (✓ Classic, ✓ OIE). OktaEmail pulumi.StringMapInput // Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic). OktaOtp pulumi.StringMapInput // Okta Password MFA policy settings (✓ Classic, ✓ OIE). OktaPassword pulumi.StringMapInput // Okta Push MFA policy settings (✓ Classic). OktaPush pulumi.StringMapInput // Okta Question MFA policy settings (✓ Classic). OktaQuestion pulumi.StringMapInput // Okta SMS MFA policy settings (✓ Classic). OktaSms pulumi.StringMapInput // Okta Verify MFA policy settings (✓ OIE). OktaVerify pulumi.StringMapInput // On-Prem MFA MFA policy settings (✓ OIE). OnpremMfa pulumi.StringMapInput // Phone Number MFA policy settings (✓ OIE). PhoneNumber pulumi.StringMapInput // Priority of the policy. Priority pulumi.IntPtrInput // RSA Token MFA policy settings (✓ Classic, ✓ OIE). RsaToken pulumi.StringMapInput // Security Question MFA policy settings (✓ OIE). SecurityQuestion pulumi.StringMapInput // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput // Symantec VIP MFA policy settings (✓ Classic). SymantecVip pulumi.StringMapInput // FIDO2 (WebAuthn) MFA policy settings (✓ OIE). Webauthn pulumi.StringMapInput // Yubikey Token MFA policy settings (✓ Classic, ✓ OIE). YubikeyToken pulumi.StringMapInput }
func (MfaState) ElementType ¶
type Password ¶
type Password struct { pulumi.CustomResourceState // Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"` AuthProvider pulumi.StringPtrOutput `pulumi:"authProvider"` // Enable or disable voice call password recovery: ACTIVE or INACTIVE. Type `"string"` CallRecovery pulumi.StringPtrOutput `pulumi:"callRecovery"` // Policy Description. Type `"string"` Description pulumi.StringPtrOutput `pulumi:"description"` // Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"` EmailRecovery pulumi.StringPtrOutput `pulumi:"emailRecovery"` // List of Group IDs to Include. Type `"list(string)"` GroupsIncludeds pulumi.StringArrayOutput `pulumi:"groupsIncludeds"` // Policy Name. Type `"string"` Name pulumi.StringOutput `pulumi:"name"` // Number of minutes before a locked account is unlocked: 0 = no limit. Type `"number"` PasswordAutoUnlockMinutes pulumi.IntPtrOutput `pulumi:"passwordAutoUnlockMinutes"` // Check Passwords Against Common Password Dictionary. Type `"bool"` PasswordDictionaryLookup pulumi.BoolPtrOutput `pulumi:"passwordDictionaryLookup"` // User firstName attribute must be excluded from the password. Type `"bool"` PasswordExcludeFirstName pulumi.BoolPtrOutput `pulumi:"passwordExcludeFirstName"` // User lastName attribute must be excluded from the password. Type `"bool"` PasswordExcludeLastName pulumi.BoolPtrOutput `pulumi:"passwordExcludeLastName"` // If the username must be excluded from the password. Type `"bool"` PasswordExcludeUsername pulumi.BoolPtrOutput `pulumi:"passwordExcludeUsername"` // Length in days a user will be warned before password expiry: 0 = no warning. Type `"number"` PasswordExpireWarnDays pulumi.IntPtrOutput `pulumi:"passwordExpireWarnDays"` // Number of distinct passwords that must be created before they can be reused: 0 = none. Type `"number"` PasswordHistoryCount pulumi.IntPtrOutput `pulumi:"passwordHistoryCount"` // Notification channels to use to notify a user when their account has been locked. Type `"set(string)"` PasswordLockoutNotificationChannels pulumi.StringArrayOutput `pulumi:"passwordLockoutNotificationChannels"` // Length in days a password is valid before expiry: 0 = no limit. Type `"number"` PasswordMaxAgeDays pulumi.IntPtrOutput `pulumi:"passwordMaxAgeDays"` // Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Type `"number"` PasswordMaxLockoutAttempts pulumi.IntPtrOutput `pulumi:"passwordMaxLockoutAttempts"` // Minimum time interval in minutes between password changes: 0 = no limit. Type `"number"` PasswordMinAgeMinutes pulumi.IntPtrOutput `pulumi:"passwordMinAgeMinutes"` // Minimum password length. Default is 8. Type `"number"` PasswordMinLength pulumi.IntPtrOutput `pulumi:"passwordMinLength"` // Minimum number of lower case characters in a password. Type `"number"` PasswordMinLowercase pulumi.IntPtrOutput `pulumi:"passwordMinLowercase"` // Minimum number of numbers in a password. Type `"number"` PasswordMinNumber pulumi.IntPtrOutput `pulumi:"passwordMinNumber"` // Minimum number of symbols in a password. Type `"number"` PasswordMinSymbol pulumi.IntPtrOutput `pulumi:"passwordMinSymbol"` // Minimum number of upper case characters in a password. Type `"number"` PasswordMinUppercase pulumi.IntPtrOutput `pulumi:"passwordMinUppercase"` // If a user should be informed when their account is locked. Type `"bool"` PasswordShowLockoutFailures pulumi.BoolPtrOutput `pulumi:"passwordShowLockoutFailures"` // Priority of the policy. Type `"number"` Priority pulumi.IntPtrOutput `pulumi:"priority"` // Min length of the password recovery question answer. Type `"number"` QuestionMinLength pulumi.IntPtrOutput `pulumi:"questionMinLength"` // Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"` QuestionRecovery pulumi.StringPtrOutput `pulumi:"questionRecovery"` // Lifetime in minutes of the recovery email token. Type `"number"` RecoveryEmailToken pulumi.IntPtrOutput `pulumi:"recoveryEmailToken"` // When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"` SkipUnlock pulumi.BoolPtrOutput `pulumi:"skipUnlock"` // Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"` SmsRecovery pulumi.StringPtrOutput `pulumi:"smsRecovery"` // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"` Status pulumi.StringPtrOutput `pulumi:"status"` }
Creates a Password Policy.
This resource allows you to create and configure a Password Policy.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := policy.NewPassword(ctx, "example", &policy.PasswordArgs{ Description: pulumi.String("Example"), GroupsIncludeds: pulumi.StringArray{ data.Okta_group.Everyone.Id, }, PasswordHistoryCount: pulumi.Int(4), Status: pulumi.String("ACTIVE"), }) if err != nil { return err } return nil }) }
```
## Import
A Password Policy can be imported via the Okta ID.
```sh
$ pulumi import okta:policy/password:Password example <policy id>
```
func GetPassword ¶
func GetPassword(ctx *pulumi.Context, name string, id pulumi.IDInput, state *PasswordState, opts ...pulumi.ResourceOption) (*Password, error)
GetPassword gets an existing Password resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewPassword ¶
func NewPassword(ctx *pulumi.Context, name string, args *PasswordArgs, opts ...pulumi.ResourceOption) (*Password, error)
NewPassword registers a new resource with the given unique name, arguments, and options.
func (*Password) ElementType ¶
func (*Password) ToPasswordOutput ¶
func (i *Password) ToPasswordOutput() PasswordOutput
func (*Password) ToPasswordOutputWithContext ¶
func (i *Password) ToPasswordOutputWithContext(ctx context.Context) PasswordOutput
type PasswordArgs ¶
type PasswordArgs struct { // Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"` AuthProvider pulumi.StringPtrInput // Enable or disable voice call password recovery: ACTIVE or INACTIVE. Type `"string"` CallRecovery pulumi.StringPtrInput // Policy Description. Type `"string"` Description pulumi.StringPtrInput // Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"` EmailRecovery pulumi.StringPtrInput // List of Group IDs to Include. Type `"list(string)"` GroupsIncludeds pulumi.StringArrayInput // Policy Name. Type `"string"` Name pulumi.StringPtrInput // Number of minutes before a locked account is unlocked: 0 = no limit. Type `"number"` PasswordAutoUnlockMinutes pulumi.IntPtrInput // Check Passwords Against Common Password Dictionary. Type `"bool"` PasswordDictionaryLookup pulumi.BoolPtrInput // User firstName attribute must be excluded from the password. Type `"bool"` PasswordExcludeFirstName pulumi.BoolPtrInput // User lastName attribute must be excluded from the password. Type `"bool"` PasswordExcludeLastName pulumi.BoolPtrInput // If the username must be excluded from the password. Type `"bool"` PasswordExcludeUsername pulumi.BoolPtrInput // Length in days a user will be warned before password expiry: 0 = no warning. Type `"number"` PasswordExpireWarnDays pulumi.IntPtrInput // Number of distinct passwords that must be created before they can be reused: 0 = none. Type `"number"` PasswordHistoryCount pulumi.IntPtrInput // Notification channels to use to notify a user when their account has been locked. Type `"set(string)"` PasswordLockoutNotificationChannels pulumi.StringArrayInput // Length in days a password is valid before expiry: 0 = no limit. Type `"number"` PasswordMaxAgeDays pulumi.IntPtrInput // Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Type `"number"` PasswordMaxLockoutAttempts pulumi.IntPtrInput // Minimum time interval in minutes between password changes: 0 = no limit. Type `"number"` PasswordMinAgeMinutes pulumi.IntPtrInput // Minimum password length. Default is 8. Type `"number"` PasswordMinLength pulumi.IntPtrInput // Minimum number of lower case characters in a password. Type `"number"` PasswordMinLowercase pulumi.IntPtrInput // Minimum number of numbers in a password. Type `"number"` PasswordMinNumber pulumi.IntPtrInput // Minimum number of symbols in a password. Type `"number"` PasswordMinSymbol pulumi.IntPtrInput // Minimum number of upper case characters in a password. Type `"number"` PasswordMinUppercase pulumi.IntPtrInput // If a user should be informed when their account is locked. Type `"bool"` PasswordShowLockoutFailures pulumi.BoolPtrInput // Priority of the policy. Type `"number"` Priority pulumi.IntPtrInput // Min length of the password recovery question answer. Type `"number"` QuestionMinLength pulumi.IntPtrInput // Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"` QuestionRecovery pulumi.StringPtrInput // Lifetime in minutes of the recovery email token. Type `"number"` RecoveryEmailToken pulumi.IntPtrInput // When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"` SkipUnlock pulumi.BoolPtrInput // Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"` SmsRecovery pulumi.StringPtrInput // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"` Status pulumi.StringPtrInput }
The set of arguments for constructing a Password resource.
func (PasswordArgs) ElementType ¶
func (PasswordArgs) ElementType() reflect.Type
type PasswordArray ¶
type PasswordArray []PasswordInput
func (PasswordArray) ElementType ¶
func (PasswordArray) ElementType() reflect.Type
func (PasswordArray) ToPasswordArrayOutput ¶
func (i PasswordArray) ToPasswordArrayOutput() PasswordArrayOutput
func (PasswordArray) ToPasswordArrayOutputWithContext ¶
func (i PasswordArray) ToPasswordArrayOutputWithContext(ctx context.Context) PasswordArrayOutput
type PasswordArrayInput ¶
type PasswordArrayInput interface { pulumi.Input ToPasswordArrayOutput() PasswordArrayOutput ToPasswordArrayOutputWithContext(context.Context) PasswordArrayOutput }
PasswordArrayInput is an input type that accepts PasswordArray and PasswordArrayOutput values. You can construct a concrete instance of `PasswordArrayInput` via:
PasswordArray{ PasswordArgs{...} }
type PasswordArrayOutput ¶
type PasswordArrayOutput struct{ *pulumi.OutputState }
func (PasswordArrayOutput) ElementType ¶
func (PasswordArrayOutput) ElementType() reflect.Type
func (PasswordArrayOutput) Index ¶
func (o PasswordArrayOutput) Index(i pulumi.IntInput) PasswordOutput
func (PasswordArrayOutput) ToPasswordArrayOutput ¶
func (o PasswordArrayOutput) ToPasswordArrayOutput() PasswordArrayOutput
func (PasswordArrayOutput) ToPasswordArrayOutputWithContext ¶
func (o PasswordArrayOutput) ToPasswordArrayOutputWithContext(ctx context.Context) PasswordArrayOutput
type PasswordInput ¶
type PasswordInput interface { pulumi.Input ToPasswordOutput() PasswordOutput ToPasswordOutputWithContext(ctx context.Context) PasswordOutput }
type PasswordMap ¶
type PasswordMap map[string]PasswordInput
func (PasswordMap) ElementType ¶
func (PasswordMap) ElementType() reflect.Type
func (PasswordMap) ToPasswordMapOutput ¶
func (i PasswordMap) ToPasswordMapOutput() PasswordMapOutput
func (PasswordMap) ToPasswordMapOutputWithContext ¶
func (i PasswordMap) ToPasswordMapOutputWithContext(ctx context.Context) PasswordMapOutput
type PasswordMapInput ¶
type PasswordMapInput interface { pulumi.Input ToPasswordMapOutput() PasswordMapOutput ToPasswordMapOutputWithContext(context.Context) PasswordMapOutput }
PasswordMapInput is an input type that accepts PasswordMap and PasswordMapOutput values. You can construct a concrete instance of `PasswordMapInput` via:
PasswordMap{ "key": PasswordArgs{...} }
type PasswordMapOutput ¶
type PasswordMapOutput struct{ *pulumi.OutputState }
func (PasswordMapOutput) ElementType ¶
func (PasswordMapOutput) ElementType() reflect.Type
func (PasswordMapOutput) MapIndex ¶
func (o PasswordMapOutput) MapIndex(k pulumi.StringInput) PasswordOutput
func (PasswordMapOutput) ToPasswordMapOutput ¶
func (o PasswordMapOutput) ToPasswordMapOutput() PasswordMapOutput
func (PasswordMapOutput) ToPasswordMapOutputWithContext ¶
func (o PasswordMapOutput) ToPasswordMapOutputWithContext(ctx context.Context) PasswordMapOutput
type PasswordOutput ¶
type PasswordOutput struct{ *pulumi.OutputState }
func (PasswordOutput) AuthProvider ¶ added in v3.9.0
func (o PasswordOutput) AuthProvider() pulumi.StringPtrOutput
Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"`
func (PasswordOutput) CallRecovery ¶ added in v3.9.0
func (o PasswordOutput) CallRecovery() pulumi.StringPtrOutput
Enable or disable voice call password recovery: ACTIVE or INACTIVE. Type `"string"`
func (PasswordOutput) Description ¶ added in v3.9.0
func (o PasswordOutput) Description() pulumi.StringPtrOutput
Policy Description. Type `"string"`
func (PasswordOutput) ElementType ¶
func (PasswordOutput) ElementType() reflect.Type
func (PasswordOutput) EmailRecovery ¶ added in v3.9.0
func (o PasswordOutput) EmailRecovery() pulumi.StringPtrOutput
Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"`
func (PasswordOutput) GroupsIncludeds ¶ added in v3.9.0
func (o PasswordOutput) GroupsIncludeds() pulumi.StringArrayOutput
List of Group IDs to Include. Type `"list(string)"`
func (PasswordOutput) Name ¶ added in v3.9.0
func (o PasswordOutput) Name() pulumi.StringOutput
Policy Name. Type `"string"`
func (PasswordOutput) PasswordAutoUnlockMinutes ¶ added in v3.9.0
func (o PasswordOutput) PasswordAutoUnlockMinutes() pulumi.IntPtrOutput
Number of minutes before a locked account is unlocked: 0 = no limit. Type `"number"`
func (PasswordOutput) PasswordDictionaryLookup ¶ added in v3.9.0
func (o PasswordOutput) PasswordDictionaryLookup() pulumi.BoolPtrOutput
Check Passwords Against Common Password Dictionary. Type `"bool"`
func (PasswordOutput) PasswordExcludeFirstName ¶ added in v3.9.0
func (o PasswordOutput) PasswordExcludeFirstName() pulumi.BoolPtrOutput
User firstName attribute must be excluded from the password. Type `"bool"`
func (PasswordOutput) PasswordExcludeLastName ¶ added in v3.9.0
func (o PasswordOutput) PasswordExcludeLastName() pulumi.BoolPtrOutput
User lastName attribute must be excluded from the password. Type `"bool"`
func (PasswordOutput) PasswordExcludeUsername ¶ added in v3.9.0
func (o PasswordOutput) PasswordExcludeUsername() pulumi.BoolPtrOutput
If the username must be excluded from the password. Type `"bool"`
func (PasswordOutput) PasswordExpireWarnDays ¶ added in v3.9.0
func (o PasswordOutput) PasswordExpireWarnDays() pulumi.IntPtrOutput
Length in days a user will be warned before password expiry: 0 = no warning. Type `"number"`
func (PasswordOutput) PasswordHistoryCount ¶ added in v3.9.0
func (o PasswordOutput) PasswordHistoryCount() pulumi.IntPtrOutput
Number of distinct passwords that must be created before they can be reused: 0 = none. Type `"number"`
func (PasswordOutput) PasswordLockoutNotificationChannels ¶ added in v3.9.0
func (o PasswordOutput) PasswordLockoutNotificationChannels() pulumi.StringArrayOutput
Notification channels to use to notify a user when their account has been locked. Type `"set(string)"`
func (PasswordOutput) PasswordMaxAgeDays ¶ added in v3.9.0
func (o PasswordOutput) PasswordMaxAgeDays() pulumi.IntPtrOutput
Length in days a password is valid before expiry: 0 = no limit. Type `"number"`
func (PasswordOutput) PasswordMaxLockoutAttempts ¶ added in v3.9.0
func (o PasswordOutput) PasswordMaxLockoutAttempts() pulumi.IntPtrOutput
Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Type `"number"`
func (PasswordOutput) PasswordMinAgeMinutes ¶ added in v3.9.0
func (o PasswordOutput) PasswordMinAgeMinutes() pulumi.IntPtrOutput
Minimum time interval in minutes between password changes: 0 = no limit. Type `"number"`
func (PasswordOutput) PasswordMinLength ¶ added in v3.9.0
func (o PasswordOutput) PasswordMinLength() pulumi.IntPtrOutput
Minimum password length. Default is 8. Type `"number"`
func (PasswordOutput) PasswordMinLowercase ¶ added in v3.9.0
func (o PasswordOutput) PasswordMinLowercase() pulumi.IntPtrOutput
Minimum number of lower case characters in a password. Type `"number"`
func (PasswordOutput) PasswordMinNumber ¶ added in v3.9.0
func (o PasswordOutput) PasswordMinNumber() pulumi.IntPtrOutput
Minimum number of numbers in a password. Type `"number"`
func (PasswordOutput) PasswordMinSymbol ¶ added in v3.9.0
func (o PasswordOutput) PasswordMinSymbol() pulumi.IntPtrOutput
Minimum number of symbols in a password. Type `"number"`
func (PasswordOutput) PasswordMinUppercase ¶ added in v3.9.0
func (o PasswordOutput) PasswordMinUppercase() pulumi.IntPtrOutput
Minimum number of upper case characters in a password. Type `"number"`
func (PasswordOutput) PasswordShowLockoutFailures ¶ added in v3.9.0
func (o PasswordOutput) PasswordShowLockoutFailures() pulumi.BoolPtrOutput
If a user should be informed when their account is locked. Type `"bool"`
func (PasswordOutput) Priority ¶ added in v3.9.0
func (o PasswordOutput) Priority() pulumi.IntPtrOutput
Priority of the policy. Type `"number"`
func (PasswordOutput) QuestionMinLength ¶ added in v3.9.0
func (o PasswordOutput) QuestionMinLength() pulumi.IntPtrOutput
Min length of the password recovery question answer. Type `"number"`
func (PasswordOutput) QuestionRecovery ¶ added in v3.9.0
func (o PasswordOutput) QuestionRecovery() pulumi.StringPtrOutput
Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"`
func (PasswordOutput) RecoveryEmailToken ¶ added in v3.9.0
func (o PasswordOutput) RecoveryEmailToken() pulumi.IntPtrOutput
Lifetime in minutes of the recovery email token. Type `"number"`
func (PasswordOutput) SkipUnlock ¶ added in v3.9.0
func (o PasswordOutput) SkipUnlock() pulumi.BoolPtrOutput
When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"`
func (PasswordOutput) SmsRecovery ¶ added in v3.9.0
func (o PasswordOutput) SmsRecovery() pulumi.StringPtrOutput
Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"`
func (PasswordOutput) Status ¶ added in v3.9.0
func (o PasswordOutput) Status() pulumi.StringPtrOutput
Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
func (PasswordOutput) ToPasswordOutput ¶
func (o PasswordOutput) ToPasswordOutput() PasswordOutput
func (PasswordOutput) ToPasswordOutputWithContext ¶
func (o PasswordOutput) ToPasswordOutputWithContext(ctx context.Context) PasswordOutput
type PasswordState ¶
type PasswordState struct { // Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"` AuthProvider pulumi.StringPtrInput // Enable or disable voice call password recovery: ACTIVE or INACTIVE. Type `"string"` CallRecovery pulumi.StringPtrInput // Policy Description. Type `"string"` Description pulumi.StringPtrInput // Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"` EmailRecovery pulumi.StringPtrInput // List of Group IDs to Include. Type `"list(string)"` GroupsIncludeds pulumi.StringArrayInput // Policy Name. Type `"string"` Name pulumi.StringPtrInput // Number of minutes before a locked account is unlocked: 0 = no limit. Type `"number"` PasswordAutoUnlockMinutes pulumi.IntPtrInput // Check Passwords Against Common Password Dictionary. Type `"bool"` PasswordDictionaryLookup pulumi.BoolPtrInput // User firstName attribute must be excluded from the password. Type `"bool"` PasswordExcludeFirstName pulumi.BoolPtrInput // User lastName attribute must be excluded from the password. Type `"bool"` PasswordExcludeLastName pulumi.BoolPtrInput // If the username must be excluded from the password. Type `"bool"` PasswordExcludeUsername pulumi.BoolPtrInput // Length in days a user will be warned before password expiry: 0 = no warning. Type `"number"` PasswordExpireWarnDays pulumi.IntPtrInput // Number of distinct passwords that must be created before they can be reused: 0 = none. Type `"number"` PasswordHistoryCount pulumi.IntPtrInput // Notification channels to use to notify a user when their account has been locked. Type `"set(string)"` PasswordLockoutNotificationChannels pulumi.StringArrayInput // Length in days a password is valid before expiry: 0 = no limit. Type `"number"` PasswordMaxAgeDays pulumi.IntPtrInput // Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Type `"number"` PasswordMaxLockoutAttempts pulumi.IntPtrInput // Minimum time interval in minutes between password changes: 0 = no limit. Type `"number"` PasswordMinAgeMinutes pulumi.IntPtrInput // Minimum password length. Default is 8. Type `"number"` PasswordMinLength pulumi.IntPtrInput // Minimum number of lower case characters in a password. Type `"number"` PasswordMinLowercase pulumi.IntPtrInput // Minimum number of numbers in a password. Type `"number"` PasswordMinNumber pulumi.IntPtrInput // Minimum number of symbols in a password. Type `"number"` PasswordMinSymbol pulumi.IntPtrInput // Minimum number of upper case characters in a password. Type `"number"` PasswordMinUppercase pulumi.IntPtrInput // If a user should be informed when their account is locked. Type `"bool"` PasswordShowLockoutFailures pulumi.BoolPtrInput // Priority of the policy. Type `"number"` Priority pulumi.IntPtrInput // Min length of the password recovery question answer. Type `"number"` QuestionMinLength pulumi.IntPtrInput // Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"` QuestionRecovery pulumi.StringPtrInput // Lifetime in minutes of the recovery email token. Type `"number"` RecoveryEmailToken pulumi.IntPtrInput // When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"` SkipUnlock pulumi.BoolPtrInput // Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"` SmsRecovery pulumi.StringPtrInput // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"` Status pulumi.StringPtrInput }
func (PasswordState) ElementType ¶
func (PasswordState) ElementType() reflect.Type
type RuleIdpDiscovery ¶
type RuleIdpDiscovery struct { pulumi.CustomResourceState // Applications to exclude in discovery. See `appInclude` for details. AppExcludes RuleIdpDiscoveryAppExcludeArrayOutput `pulumi:"appExcludes"` // Applications to include in discovery rule. AppIncludes RuleIdpDiscoveryAppIncludeArrayOutput `pulumi:"appIncludes"` // The identifier for the Idp the rule should route to if all conditions are met. IdpId pulumi.StringPtrOutput `pulumi:"idpId"` // Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"` IdpType pulumi.StringPtrOutput `pulumi:"idpType"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringOutput `pulumi:"name"` // The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`. NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"` // Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude. NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"` // Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include. NetworkIncludes pulumi.StringArrayOutput `pulumi:"networkIncludes"` PlatformIncludes RuleIdpDiscoveryPlatformIncludeArrayOutput `pulumi:"platformIncludes"` // Policy ID. PolicyId pulumi.StringPtrOutput `pulumi:"policyId"` // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrOutput `pulumi:"policyid"` // Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided. Priority pulumi.IntPtrOutput `pulumi:"priority"` // Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`. Status pulumi.StringPtrOutput `pulumi:"status"` // Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against. UserIdentifierAttribute pulumi.StringPtrOutput `pulumi:"userIdentifierAttribute"` // Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided. UserIdentifierPatterns RuleIdpDiscoveryUserIdentifierPatternArrayOutput `pulumi:"userIdentifierPatterns"` // One of: `"IDENTIFIER"`, `"ATTRIBUTE"` UserIdentifierType pulumi.StringPtrOutput `pulumi:"userIdentifierType"` }
This resource allows you to create and configure an IdP Discovery Policy Rule.
> If you receive the error `You do not have permission to access the feature you are requesting` contact support and request feature flag `ADVANCED_SSO` be applied to your org.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { idpDiscoveryPolicy, err := policy.GetPolicy(ctx, &policy.GetPolicyArgs{ Name: "Idp Discovery Policy", Type: "IDP_DISCOVERY", }, nil) if err != nil { return err } _, err = policy.NewRuleIdpDiscovery(ctx, "example", &policy.RuleIdpDiscoveryArgs{ PolicyId: *pulumi.String(idpDiscoveryPolicy.Id), IdpId: pulumi.String("<idp id>"), IdpType: pulumi.String("OIDC"), NetworkConnection: pulumi.String("ANYWHERE"), Priority: pulumi.Int(1), Status: pulumi.String("ACTIVE"), UserIdentifierType: pulumi.String("ATTRIBUTE"), UserIdentifierAttribute: pulumi.String("company"), AppExcludes: policy.RuleIdpDiscoveryAppExcludeArray{ &policy.RuleIdpDiscoveryAppExcludeArgs{ Id: pulumi.String("<app id>"), Type: pulumi.String("APP"), }, &policy.RuleIdpDiscoveryAppExcludeArgs{ Name: pulumi.String("yahoo_mail"), Type: pulumi.String("APP_TYPE"), }, }, AppIncludes: policy.RuleIdpDiscoveryAppIncludeArray{ &policy.RuleIdpDiscoveryAppIncludeArgs{ Id: pulumi.String("<app id>"), Type: pulumi.String("APP"), }, &policy.RuleIdpDiscoveryAppIncludeArgs{ Name: pulumi.String("<app type name>"), Type: pulumi.String("APP_TYPE"), }, }, PlatformIncludes: policy.RuleIdpDiscoveryPlatformIncludeArray{ &policy.RuleIdpDiscoveryPlatformIncludeArgs{ Type: pulumi.String("MOBILE"), OsType: pulumi.String("OSX"), }, }, UserIdentifierPatterns: policy.RuleIdpDiscoveryUserIdentifierPatternArray{ &policy.RuleIdpDiscoveryUserIdentifierPatternArgs{ MatchType: pulumi.String("EQUALS"), Value: pulumi.String("Articulate"), }, }, }) if err != nil { return err } return nil }) }
```
## Import
A Policy Rule can be imported via the Policy and Rule ID.
```sh
$ pulumi import okta:policy/ruleIdpDiscovery:RuleIdpDiscovery example <policy id>/<rule id>
```
func GetRuleIdpDiscovery ¶
func GetRuleIdpDiscovery(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RuleIdpDiscoveryState, opts ...pulumi.ResourceOption) (*RuleIdpDiscovery, error)
GetRuleIdpDiscovery gets an existing RuleIdpDiscovery resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRuleIdpDiscovery ¶
func NewRuleIdpDiscovery(ctx *pulumi.Context, name string, args *RuleIdpDiscoveryArgs, opts ...pulumi.ResourceOption) (*RuleIdpDiscovery, error)
NewRuleIdpDiscovery registers a new resource with the given unique name, arguments, and options.
func (*RuleIdpDiscovery) ElementType ¶
func (*RuleIdpDiscovery) ElementType() reflect.Type
func (*RuleIdpDiscovery) ToRuleIdpDiscoveryOutput ¶
func (i *RuleIdpDiscovery) ToRuleIdpDiscoveryOutput() RuleIdpDiscoveryOutput
func (*RuleIdpDiscovery) ToRuleIdpDiscoveryOutputWithContext ¶
func (i *RuleIdpDiscovery) ToRuleIdpDiscoveryOutputWithContext(ctx context.Context) RuleIdpDiscoveryOutput
type RuleIdpDiscoveryAppExclude ¶
type RuleIdpDiscoveryAppExclude struct { // Use if `type` is `"APP"` to indicate the application id to include. Id *string `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name *string `pulumi:"name"` // One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"` Type string `pulumi:"type"` }
type RuleIdpDiscoveryAppExcludeArgs ¶
type RuleIdpDiscoveryAppExcludeArgs struct { // Use if `type` is `"APP"` to indicate the application id to include. Id pulumi.StringPtrInput `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput `pulumi:"name"` // One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"` Type pulumi.StringInput `pulumi:"type"` }
func (RuleIdpDiscoveryAppExcludeArgs) ElementType ¶
func (RuleIdpDiscoveryAppExcludeArgs) ElementType() reflect.Type
func (RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutput ¶
func (i RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput
func (RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutputWithContext ¶
func (i RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeOutput
type RuleIdpDiscoveryAppExcludeArray ¶
type RuleIdpDiscoveryAppExcludeArray []RuleIdpDiscoveryAppExcludeInput
func (RuleIdpDiscoveryAppExcludeArray) ElementType ¶
func (RuleIdpDiscoveryAppExcludeArray) ElementType() reflect.Type
func (RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutput ¶
func (i RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput
func (RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext ¶
func (i RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeArrayOutput
type RuleIdpDiscoveryAppExcludeArrayInput ¶
type RuleIdpDiscoveryAppExcludeArrayInput interface { pulumi.Input ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(context.Context) RuleIdpDiscoveryAppExcludeArrayOutput }
RuleIdpDiscoveryAppExcludeArrayInput is an input type that accepts RuleIdpDiscoveryAppExcludeArray and RuleIdpDiscoveryAppExcludeArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppExcludeArrayInput` via:
RuleIdpDiscoveryAppExcludeArray{ RuleIdpDiscoveryAppExcludeArgs{...} }
type RuleIdpDiscoveryAppExcludeArrayOutput ¶
type RuleIdpDiscoveryAppExcludeArrayOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryAppExcludeArrayOutput) ElementType ¶
func (RuleIdpDiscoveryAppExcludeArrayOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryAppExcludeArrayOutput) Index ¶
func (o RuleIdpDiscoveryAppExcludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryAppExcludeOutput
func (RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutput ¶
func (o RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput
func (RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext ¶
func (o RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeArrayOutput
type RuleIdpDiscoveryAppExcludeInput ¶
type RuleIdpDiscoveryAppExcludeInput interface { pulumi.Input ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput ToRuleIdpDiscoveryAppExcludeOutputWithContext(context.Context) RuleIdpDiscoveryAppExcludeOutput }
RuleIdpDiscoveryAppExcludeInput is an input type that accepts RuleIdpDiscoveryAppExcludeArgs and RuleIdpDiscoveryAppExcludeOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppExcludeInput` via:
RuleIdpDiscoveryAppExcludeArgs{...}
type RuleIdpDiscoveryAppExcludeOutput ¶
type RuleIdpDiscoveryAppExcludeOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryAppExcludeOutput) ElementType ¶
func (RuleIdpDiscoveryAppExcludeOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryAppExcludeOutput) Id ¶
func (o RuleIdpDiscoveryAppExcludeOutput) Id() pulumi.StringPtrOutput
Use if `type` is `"APP"` to indicate the application id to include.
func (RuleIdpDiscoveryAppExcludeOutput) Name ¶
func (o RuleIdpDiscoveryAppExcludeOutput) Name() pulumi.StringPtrOutput
Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
func (RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutput ¶
func (o RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput
func (RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutputWithContext ¶
func (o RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeOutput
func (RuleIdpDiscoveryAppExcludeOutput) Type ¶
func (o RuleIdpDiscoveryAppExcludeOutput) Type() pulumi.StringOutput
One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
type RuleIdpDiscoveryAppInclude ¶
type RuleIdpDiscoveryAppInclude struct { // Use if `type` is `"APP"` to indicate the application id to include. Id *string `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name *string `pulumi:"name"` // One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"` Type string `pulumi:"type"` }
type RuleIdpDiscoveryAppIncludeArgs ¶
type RuleIdpDiscoveryAppIncludeArgs struct { // Use if `type` is `"APP"` to indicate the application id to include. Id pulumi.StringPtrInput `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput `pulumi:"name"` // One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"` Type pulumi.StringInput `pulumi:"type"` }
func (RuleIdpDiscoveryAppIncludeArgs) ElementType ¶
func (RuleIdpDiscoveryAppIncludeArgs) ElementType() reflect.Type
func (RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutput ¶
func (i RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput
func (RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutputWithContext ¶
func (i RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeOutput
type RuleIdpDiscoveryAppIncludeArray ¶
type RuleIdpDiscoveryAppIncludeArray []RuleIdpDiscoveryAppIncludeInput
func (RuleIdpDiscoveryAppIncludeArray) ElementType ¶
func (RuleIdpDiscoveryAppIncludeArray) ElementType() reflect.Type
func (RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutput ¶
func (i RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput
func (RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext ¶
func (i RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeArrayOutput
type RuleIdpDiscoveryAppIncludeArrayInput ¶
type RuleIdpDiscoveryAppIncludeArrayInput interface { pulumi.Input ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(context.Context) RuleIdpDiscoveryAppIncludeArrayOutput }
RuleIdpDiscoveryAppIncludeArrayInput is an input type that accepts RuleIdpDiscoveryAppIncludeArray and RuleIdpDiscoveryAppIncludeArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppIncludeArrayInput` via:
RuleIdpDiscoveryAppIncludeArray{ RuleIdpDiscoveryAppIncludeArgs{...} }
type RuleIdpDiscoveryAppIncludeArrayOutput ¶
type RuleIdpDiscoveryAppIncludeArrayOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryAppIncludeArrayOutput) ElementType ¶
func (RuleIdpDiscoveryAppIncludeArrayOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryAppIncludeArrayOutput) Index ¶
func (o RuleIdpDiscoveryAppIncludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryAppIncludeOutput
func (RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutput ¶
func (o RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput
func (RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext ¶
func (o RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeArrayOutput
type RuleIdpDiscoveryAppIncludeInput ¶
type RuleIdpDiscoveryAppIncludeInput interface { pulumi.Input ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput ToRuleIdpDiscoveryAppIncludeOutputWithContext(context.Context) RuleIdpDiscoveryAppIncludeOutput }
RuleIdpDiscoveryAppIncludeInput is an input type that accepts RuleIdpDiscoveryAppIncludeArgs and RuleIdpDiscoveryAppIncludeOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppIncludeInput` via:
RuleIdpDiscoveryAppIncludeArgs{...}
type RuleIdpDiscoveryAppIncludeOutput ¶
type RuleIdpDiscoveryAppIncludeOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryAppIncludeOutput) ElementType ¶
func (RuleIdpDiscoveryAppIncludeOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryAppIncludeOutput) Id ¶
func (o RuleIdpDiscoveryAppIncludeOutput) Id() pulumi.StringPtrOutput
Use if `type` is `"APP"` to indicate the application id to include.
func (RuleIdpDiscoveryAppIncludeOutput) Name ¶
func (o RuleIdpDiscoveryAppIncludeOutput) Name() pulumi.StringPtrOutput
Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
func (RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutput ¶
func (o RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput
func (RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutputWithContext ¶
func (o RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeOutput
func (RuleIdpDiscoveryAppIncludeOutput) Type ¶
func (o RuleIdpDiscoveryAppIncludeOutput) Type() pulumi.StringOutput
One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
type RuleIdpDiscoveryArgs ¶
type RuleIdpDiscoveryArgs struct { // Applications to exclude in discovery. See `appInclude` for details. AppExcludes RuleIdpDiscoveryAppExcludeArrayInput // Applications to include in discovery rule. AppIncludes RuleIdpDiscoveryAppIncludeArrayInput // The identifier for the Idp the rule should route to if all conditions are met. IdpId pulumi.StringPtrInput // Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"` IdpType pulumi.StringPtrInput // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput // The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`. NetworkConnection pulumi.StringPtrInput // Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude. NetworkExcludes pulumi.StringArrayInput // Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include. NetworkIncludes pulumi.StringArrayInput PlatformIncludes RuleIdpDiscoveryPlatformIncludeArrayInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided. Priority pulumi.IntPtrInput // Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`. Status pulumi.StringPtrInput // Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against. UserIdentifierAttribute pulumi.StringPtrInput // Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided. UserIdentifierPatterns RuleIdpDiscoveryUserIdentifierPatternArrayInput // One of: `"IDENTIFIER"`, `"ATTRIBUTE"` UserIdentifierType pulumi.StringPtrInput }
The set of arguments for constructing a RuleIdpDiscovery resource.
func (RuleIdpDiscoveryArgs) ElementType ¶
func (RuleIdpDiscoveryArgs) ElementType() reflect.Type
type RuleIdpDiscoveryArray ¶
type RuleIdpDiscoveryArray []RuleIdpDiscoveryInput
func (RuleIdpDiscoveryArray) ElementType ¶
func (RuleIdpDiscoveryArray) ElementType() reflect.Type
func (RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutput ¶
func (i RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutput() RuleIdpDiscoveryArrayOutput
func (RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutputWithContext ¶
func (i RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryArrayOutput
type RuleIdpDiscoveryArrayInput ¶
type RuleIdpDiscoveryArrayInput interface { pulumi.Input ToRuleIdpDiscoveryArrayOutput() RuleIdpDiscoveryArrayOutput ToRuleIdpDiscoveryArrayOutputWithContext(context.Context) RuleIdpDiscoveryArrayOutput }
RuleIdpDiscoveryArrayInput is an input type that accepts RuleIdpDiscoveryArray and RuleIdpDiscoveryArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryArrayInput` via:
RuleIdpDiscoveryArray{ RuleIdpDiscoveryArgs{...} }
type RuleIdpDiscoveryArrayOutput ¶
type RuleIdpDiscoveryArrayOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryArrayOutput) ElementType ¶
func (RuleIdpDiscoveryArrayOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryArrayOutput) Index ¶
func (o RuleIdpDiscoveryArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryOutput
func (RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutput ¶
func (o RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutput() RuleIdpDiscoveryArrayOutput
func (RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutputWithContext ¶
func (o RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryArrayOutput
type RuleIdpDiscoveryInput ¶
type RuleIdpDiscoveryInput interface { pulumi.Input ToRuleIdpDiscoveryOutput() RuleIdpDiscoveryOutput ToRuleIdpDiscoveryOutputWithContext(ctx context.Context) RuleIdpDiscoveryOutput }
type RuleIdpDiscoveryMap ¶
type RuleIdpDiscoveryMap map[string]RuleIdpDiscoveryInput
func (RuleIdpDiscoveryMap) ElementType ¶
func (RuleIdpDiscoveryMap) ElementType() reflect.Type
func (RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutput ¶
func (i RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutput() RuleIdpDiscoveryMapOutput
func (RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutputWithContext ¶
func (i RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutputWithContext(ctx context.Context) RuleIdpDiscoveryMapOutput
type RuleIdpDiscoveryMapInput ¶
type RuleIdpDiscoveryMapInput interface { pulumi.Input ToRuleIdpDiscoveryMapOutput() RuleIdpDiscoveryMapOutput ToRuleIdpDiscoveryMapOutputWithContext(context.Context) RuleIdpDiscoveryMapOutput }
RuleIdpDiscoveryMapInput is an input type that accepts RuleIdpDiscoveryMap and RuleIdpDiscoveryMapOutput values. You can construct a concrete instance of `RuleIdpDiscoveryMapInput` via:
RuleIdpDiscoveryMap{ "key": RuleIdpDiscoveryArgs{...} }
type RuleIdpDiscoveryMapOutput ¶
type RuleIdpDiscoveryMapOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryMapOutput) ElementType ¶
func (RuleIdpDiscoveryMapOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryMapOutput) MapIndex ¶
func (o RuleIdpDiscoveryMapOutput) MapIndex(k pulumi.StringInput) RuleIdpDiscoveryOutput
func (RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutput ¶
func (o RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutput() RuleIdpDiscoveryMapOutput
func (RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutputWithContext ¶
func (o RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutputWithContext(ctx context.Context) RuleIdpDiscoveryMapOutput
type RuleIdpDiscoveryOutput ¶
type RuleIdpDiscoveryOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryOutput) AppExcludes ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) AppExcludes() RuleIdpDiscoveryAppExcludeArrayOutput
Applications to exclude in discovery. See `appInclude` for details.
func (RuleIdpDiscoveryOutput) AppIncludes ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) AppIncludes() RuleIdpDiscoveryAppIncludeArrayOutput
Applications to include in discovery rule.
func (RuleIdpDiscoveryOutput) ElementType ¶
func (RuleIdpDiscoveryOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryOutput) IdpId ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) IdpId() pulumi.StringPtrOutput
The identifier for the Idp the rule should route to if all conditions are met.
func (RuleIdpDiscoveryOutput) IdpType ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) IdpType() pulumi.StringPtrOutput
Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`
func (RuleIdpDiscoveryOutput) Name ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) Name() pulumi.StringOutput
Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
func (RuleIdpDiscoveryOutput) NetworkConnection ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) NetworkConnection() pulumi.StringPtrOutput
The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.
func (RuleIdpDiscoveryOutput) NetworkExcludes ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) NetworkExcludes() pulumi.StringArrayOutput
Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.
func (RuleIdpDiscoveryOutput) NetworkIncludes ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) NetworkIncludes() pulumi.StringArrayOutput
Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.
func (RuleIdpDiscoveryOutput) PlatformIncludes ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) PlatformIncludes() RuleIdpDiscoveryPlatformIncludeArrayOutput
func (RuleIdpDiscoveryOutput) PolicyId ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) PolicyId() pulumi.StringPtrOutput
Policy ID.
func (RuleIdpDiscoveryOutput) Policyid
deprecated
added in
v3.9.0
func (o RuleIdpDiscoveryOutput) Policyid() pulumi.StringPtrOutput
Policy ID.
Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
func (RuleIdpDiscoveryOutput) Priority ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) Priority() pulumi.IntPtrOutput
Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
func (RuleIdpDiscoveryOutput) Status ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) Status() pulumi.StringPtrOutput
Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.
func (RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutput ¶
func (o RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutput() RuleIdpDiscoveryOutput
func (RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutputWithContext ¶
func (o RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutputWithContext(ctx context.Context) RuleIdpDiscoveryOutput
func (RuleIdpDiscoveryOutput) UserIdentifierAttribute ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) UserIdentifierAttribute() pulumi.StringPtrOutput
Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.
func (RuleIdpDiscoveryOutput) UserIdentifierPatterns ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) UserIdentifierPatterns() RuleIdpDiscoveryUserIdentifierPatternArrayOutput
Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.
func (RuleIdpDiscoveryOutput) UserIdentifierType ¶ added in v3.9.0
func (o RuleIdpDiscoveryOutput) UserIdentifierType() pulumi.StringPtrOutput
One of: `"IDENTIFIER"`, `"ATTRIBUTE"`
type RuleIdpDiscoveryPlatformInclude ¶
type RuleIdpDiscoveryPlatformInclude struct { // Only available when using `osType = "OTHER"` OsExpression *string `pulumi:"osExpression"` // One of: `"ANY"`, `"IOS"`, `"WINDOWS"`, `"ANDROID"`, `"OTHER"`, `"OSX"` OsType *string `pulumi:"osType"` // One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"` Type *string `pulumi:"type"` }
type RuleIdpDiscoveryPlatformIncludeArgs ¶
type RuleIdpDiscoveryPlatformIncludeArgs struct { // Only available when using `osType = "OTHER"` OsExpression pulumi.StringPtrInput `pulumi:"osExpression"` // One of: `"ANY"`, `"IOS"`, `"WINDOWS"`, `"ANDROID"`, `"OTHER"`, `"OSX"` OsType pulumi.StringPtrInput `pulumi:"osType"` // One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"` Type pulumi.StringPtrInput `pulumi:"type"` }
func (RuleIdpDiscoveryPlatformIncludeArgs) ElementType ¶
func (RuleIdpDiscoveryPlatformIncludeArgs) ElementType() reflect.Type
func (RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutput ¶
func (i RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput
func (RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext ¶
func (i RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeOutput
type RuleIdpDiscoveryPlatformIncludeArray ¶
type RuleIdpDiscoveryPlatformIncludeArray []RuleIdpDiscoveryPlatformIncludeInput
func (RuleIdpDiscoveryPlatformIncludeArray) ElementType ¶
func (RuleIdpDiscoveryPlatformIncludeArray) ElementType() reflect.Type
func (RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutput ¶
func (i RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput
func (RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext ¶
func (i RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput
type RuleIdpDiscoveryPlatformIncludeArrayInput ¶
type RuleIdpDiscoveryPlatformIncludeArrayInput interface { pulumi.Input ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput }
RuleIdpDiscoveryPlatformIncludeArrayInput is an input type that accepts RuleIdpDiscoveryPlatformIncludeArray and RuleIdpDiscoveryPlatformIncludeArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryPlatformIncludeArrayInput` via:
RuleIdpDiscoveryPlatformIncludeArray{ RuleIdpDiscoveryPlatformIncludeArgs{...} }
type RuleIdpDiscoveryPlatformIncludeArrayOutput ¶
type RuleIdpDiscoveryPlatformIncludeArrayOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ElementType ¶
func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutput ¶
func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput
func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext ¶
func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput
type RuleIdpDiscoveryPlatformIncludeInput ¶
type RuleIdpDiscoveryPlatformIncludeInput interface { pulumi.Input ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(context.Context) RuleIdpDiscoveryPlatformIncludeOutput }
RuleIdpDiscoveryPlatformIncludeInput is an input type that accepts RuleIdpDiscoveryPlatformIncludeArgs and RuleIdpDiscoveryPlatformIncludeOutput values. You can construct a concrete instance of `RuleIdpDiscoveryPlatformIncludeInput` via:
RuleIdpDiscoveryPlatformIncludeArgs{...}
type RuleIdpDiscoveryPlatformIncludeOutput ¶
type RuleIdpDiscoveryPlatformIncludeOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryPlatformIncludeOutput) ElementType ¶
func (RuleIdpDiscoveryPlatformIncludeOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryPlatformIncludeOutput) OsExpression ¶
func (o RuleIdpDiscoveryPlatformIncludeOutput) OsExpression() pulumi.StringPtrOutput
Only available when using `osType = "OTHER"`
func (RuleIdpDiscoveryPlatformIncludeOutput) OsType ¶
func (o RuleIdpDiscoveryPlatformIncludeOutput) OsType() pulumi.StringPtrOutput
One of: `"ANY"`, `"IOS"`, `"WINDOWS"`, `"ANDROID"`, `"OTHER"`, `"OSX"`
func (RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutput ¶
func (o RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput
func (RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext ¶
func (o RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeOutput
func (RuleIdpDiscoveryPlatformIncludeOutput) Type ¶
func (o RuleIdpDiscoveryPlatformIncludeOutput) Type() pulumi.StringPtrOutput
One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
type RuleIdpDiscoveryState ¶
type RuleIdpDiscoveryState struct { // Applications to exclude in discovery. See `appInclude` for details. AppExcludes RuleIdpDiscoveryAppExcludeArrayInput // Applications to include in discovery rule. AppIncludes RuleIdpDiscoveryAppIncludeArrayInput // The identifier for the Idp the rule should route to if all conditions are met. IdpId pulumi.StringPtrInput // Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"` IdpType pulumi.StringPtrInput // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput // The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`. NetworkConnection pulumi.StringPtrInput // Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude. NetworkExcludes pulumi.StringArrayInput // Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include. NetworkIncludes pulumi.StringArrayInput PlatformIncludes RuleIdpDiscoveryPlatformIncludeArrayInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided. Priority pulumi.IntPtrInput // Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`. Status pulumi.StringPtrInput // Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against. UserIdentifierAttribute pulumi.StringPtrInput // Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided. UserIdentifierPatterns RuleIdpDiscoveryUserIdentifierPatternArrayInput // One of: `"IDENTIFIER"`, `"ATTRIBUTE"` UserIdentifierType pulumi.StringPtrInput }
func (RuleIdpDiscoveryState) ElementType ¶
func (RuleIdpDiscoveryState) ElementType() reflect.Type
type RuleIdpDiscoveryUserIdentifierPattern ¶
type RuleIdpDiscoveryUserIdentifierPattern struct { // The kind of pattern. For regex, use `"EXPRESSION"`. For simple string matches, use one of the following: `"SUFFIX"`, `"EQUALS"`, `"STARTS_WITH"`, `"CONTAINS"` MatchType *string `pulumi:"matchType"` // The regex or simple match string to match against. Value *string `pulumi:"value"` }
type RuleIdpDiscoveryUserIdentifierPatternArgs ¶
type RuleIdpDiscoveryUserIdentifierPatternArgs struct { // The kind of pattern. For regex, use `"EXPRESSION"`. For simple string matches, use one of the following: `"SUFFIX"`, `"EQUALS"`, `"STARTS_WITH"`, `"CONTAINS"` MatchType pulumi.StringPtrInput `pulumi:"matchType"` // The regex or simple match string to match against. Value pulumi.StringPtrInput `pulumi:"value"` }
func (RuleIdpDiscoveryUserIdentifierPatternArgs) ElementType ¶
func (RuleIdpDiscoveryUserIdentifierPatternArgs) ElementType() reflect.Type
func (RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutput ¶
func (i RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput
func (RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext ¶
func (i RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput
type RuleIdpDiscoveryUserIdentifierPatternArray ¶
type RuleIdpDiscoveryUserIdentifierPatternArray []RuleIdpDiscoveryUserIdentifierPatternInput
func (RuleIdpDiscoveryUserIdentifierPatternArray) ElementType ¶
func (RuleIdpDiscoveryUserIdentifierPatternArray) ElementType() reflect.Type
func (RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput ¶
func (i RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput
func (RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext ¶
func (i RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput
type RuleIdpDiscoveryUserIdentifierPatternArrayInput ¶
type RuleIdpDiscoveryUserIdentifierPatternArrayInput interface { pulumi.Input ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput }
RuleIdpDiscoveryUserIdentifierPatternArrayInput is an input type that accepts RuleIdpDiscoveryUserIdentifierPatternArray and RuleIdpDiscoveryUserIdentifierPatternArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryUserIdentifierPatternArrayInput` via:
RuleIdpDiscoveryUserIdentifierPatternArray{ RuleIdpDiscoveryUserIdentifierPatternArgs{...} }
type RuleIdpDiscoveryUserIdentifierPatternArrayOutput ¶
type RuleIdpDiscoveryUserIdentifierPatternArrayOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ElementType ¶
func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput ¶
func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput
func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext ¶
func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput
type RuleIdpDiscoveryUserIdentifierPatternInput ¶
type RuleIdpDiscoveryUserIdentifierPatternInput interface { pulumi.Input ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput }
RuleIdpDiscoveryUserIdentifierPatternInput is an input type that accepts RuleIdpDiscoveryUserIdentifierPatternArgs and RuleIdpDiscoveryUserIdentifierPatternOutput values. You can construct a concrete instance of `RuleIdpDiscoveryUserIdentifierPatternInput` via:
RuleIdpDiscoveryUserIdentifierPatternArgs{...}
type RuleIdpDiscoveryUserIdentifierPatternOutput ¶
type RuleIdpDiscoveryUserIdentifierPatternOutput struct{ *pulumi.OutputState }
func (RuleIdpDiscoveryUserIdentifierPatternOutput) ElementType ¶
func (RuleIdpDiscoveryUserIdentifierPatternOutput) ElementType() reflect.Type
func (RuleIdpDiscoveryUserIdentifierPatternOutput) MatchType ¶
func (o RuleIdpDiscoveryUserIdentifierPatternOutput) MatchType() pulumi.StringPtrOutput
The kind of pattern. For regex, use `"EXPRESSION"`. For simple string matches, use one of the following: `"SUFFIX"`, `"EQUALS"`, `"STARTS_WITH"`, `"CONTAINS"`
func (RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutput ¶
func (o RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput
func (RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext ¶
func (o RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput
func (RuleIdpDiscoveryUserIdentifierPatternOutput) Value ¶
func (o RuleIdpDiscoveryUserIdentifierPatternOutput) Value() pulumi.StringPtrOutput
The regex or simple match string to match against.
type RuleMfa ¶
type RuleMfa struct { pulumi.CustomResourceState // Applications to exclude AppExcludes RuleMfaAppExcludeArrayOutput `pulumi:"appExcludes"` // Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations. AppIncludes RuleMfaAppIncludeArrayOutput `pulumi:"appIncludes"` // When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`. Enroll pulumi.StringPtrOutput `pulumi:"enroll"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringOutput `pulumi:"name"` // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"` // The network zones to exclude. Conflicts with `networkIncludes`. NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"` // The network zones to include. Conflicts with `networkExcludes`. NetworkIncludes pulumi.StringArrayOutput `pulumi:"networkIncludes"` // Policy ID. PolicyId pulumi.StringPtrOutput `pulumi:"policyId"` // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrOutput `pulumi:"policyid"` // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Priority pulumi.IntPtrOutput `pulumi:"priority"` // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrOutput `pulumi:"status"` // Set of User IDs to Exclude UsersExcludeds pulumi.StringArrayOutput `pulumi:"usersExcludeds"` }
This resource allows you to create and configure an MFA Policy Rule.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/app" "github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{ Type: "MFA_ENROLL", }, nil) if err != nil { return err } exampleOAuth, err := app.NewOAuth(ctx, "exampleOAuth", &app.OAuthArgs{ Label: pulumi.String("My App"), Type: pulumi.String("web"), GrantTypes: pulumi.StringArray{ pulumi.String("authorization_code"), }, RedirectUris: pulumi.StringArray{ pulumi.String("http://localhost:8000"), }, ResponseTypes: pulumi.StringArray{ pulumi.String("code"), }, SkipGroups: pulumi.Bool(true), }) if err != nil { return err } _, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{ PolicyId: *pulumi.String(exampleDefaultPolicy.Id), Status: pulumi.String("ACTIVE"), Enroll: pulumi.String("LOGIN"), AppIncludes: policy.RuleMfaAppIncludeArray{ &policy.RuleMfaAppIncludeArgs{ Id: exampleOAuth.ID(), Type: pulumi.String("APP"), }, &policy.RuleMfaAppIncludeArgs{ Type: pulumi.String("APP_TYPE"), Name: pulumi.String("yahoo_mail"), }, }, }) if err != nil { return err } return nil }) }
```
Unchecked `Okta` and checked `Applications` (with `Any application that supports MFA enrollment` option) checkboxes in the `User is accessing` section corresponds to the following config:
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{ Type: "MFA_ENROLL", }, nil) if err != nil { return err } _, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{ PolicyId: *pulumi.String(exampleDefaultPolicy.Id), AppExcludes: policy.RuleMfaAppExcludeArray{ &policy.RuleMfaAppExcludeArgs{ Name: pulumi.String("okta"), Type: pulumi.String("APP_TYPE"), }, }, }) if err != nil { return err } return nil }) }
```
Unchecked `Okta` and checked `Applications` (with `Specific applications` option) checkboxes in the `User is accessing` section corresponds to the following config:
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{ Type: "MFA_ENROLL", }, nil) if err != nil { return err } _, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{ PolicyId: *pulumi.String(exampleDefaultPolicy.Id), AppExcludes: policy.RuleMfaAppExcludeArray{ &policy.RuleMfaAppExcludeArgs{ Name: pulumi.String("okta"), Type: pulumi.String("APP_TYPE"), }, }, AppIncludes: policy.RuleMfaAppIncludeArray{ &policy.RuleMfaAppIncludeArgs{ Id: pulumi.String("some_app_id"), Type: pulumi.String("APP"), }, }, }) if err != nil { return err } return nil }) }
```
Checked `Okta` and unchecked `Applications` checkboxes in the `User is accessing` section corresponds to the following config:
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{ Type: "MFA_ENROLL", }, nil) if err != nil { return err } _, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{ PolicyId: *pulumi.String(exampleDefaultPolicy.Id), AppIncludes: policy.RuleMfaAppIncludeArray{ &policy.RuleMfaAppIncludeArgs{ Name: pulumi.String("okta"), Type: pulumi.String("APP_TYPE"), }, }, }) if err != nil { return err } return nil }) }
```
Checked `Okta` and checked `Applications` (with `Any application that supports MFA enrollment` option) checkboxes in the `User is accessing` section corresponds to the following config:
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{ Type: "MFA_ENROLL", }, nil) if err != nil { return err } _, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{ PolicyId: *pulumi.String(exampleDefaultPolicy.Id), }) if err != nil { return err } return nil }) }
```
Checked `Okta` and checked `Applications` (with `Specific applications` option) checkboxes in the `User is accessing` section corresponds to the following config:
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{ Type: "MFA_ENROLL", }, nil) if err != nil { return err } _, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{ PolicyId: *pulumi.String(exampleDefaultPolicy.Id), AppIncludes: policy.RuleMfaAppIncludeArray{ &policy.RuleMfaAppIncludeArgs{ Name: pulumi.String("okta"), Type: pulumi.String("APP_TYPE"), }, &policy.RuleMfaAppIncludeArgs{ Id: pulumi.String("some_app_id"), Type: pulumi.String("APP"), }, }, }) if err != nil { return err } return nil }) }
```
## Import
A Policy Rule can be imported via the Policy and Rule ID.
```sh
$ pulumi import okta:policy/ruleMfa:RuleMfa example <policy id>/<rule id>
```
func GetRuleMfa ¶
func GetRuleMfa(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RuleMfaState, opts ...pulumi.ResourceOption) (*RuleMfa, error)
GetRuleMfa gets an existing RuleMfa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRuleMfa ¶
func NewRuleMfa(ctx *pulumi.Context, name string, args *RuleMfaArgs, opts ...pulumi.ResourceOption) (*RuleMfa, error)
NewRuleMfa registers a new resource with the given unique name, arguments, and options.
func (*RuleMfa) ElementType ¶
func (*RuleMfa) ToRuleMfaOutput ¶
func (i *RuleMfa) ToRuleMfaOutput() RuleMfaOutput
func (*RuleMfa) ToRuleMfaOutputWithContext ¶
func (i *RuleMfa) ToRuleMfaOutputWithContext(ctx context.Context) RuleMfaOutput
type RuleMfaAppExclude ¶ added in v3.3.0
type RuleMfaAppExclude struct { // Use if `type` is `"APP"` to indicate the application id to include. Id *string `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name *string `pulumi:"name"` // One of: `"APP"`, `"APP_TYPE"` Type string `pulumi:"type"` }
type RuleMfaAppExcludeArgs ¶ added in v3.3.0
type RuleMfaAppExcludeArgs struct { // Use if `type` is `"APP"` to indicate the application id to include. Id pulumi.StringPtrInput `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput `pulumi:"name"` // One of: `"APP"`, `"APP_TYPE"` Type pulumi.StringInput `pulumi:"type"` }
func (RuleMfaAppExcludeArgs) ElementType ¶ added in v3.3.0
func (RuleMfaAppExcludeArgs) ElementType() reflect.Type
func (RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutput ¶ added in v3.3.0
func (i RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutput() RuleMfaAppExcludeOutput
func (RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutputWithContext ¶ added in v3.3.0
func (i RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutputWithContext(ctx context.Context) RuleMfaAppExcludeOutput
type RuleMfaAppExcludeArray ¶ added in v3.3.0
type RuleMfaAppExcludeArray []RuleMfaAppExcludeInput
func (RuleMfaAppExcludeArray) ElementType ¶ added in v3.3.0
func (RuleMfaAppExcludeArray) ElementType() reflect.Type
func (RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutput ¶ added in v3.3.0
func (i RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutput() RuleMfaAppExcludeArrayOutput
func (RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutputWithContext ¶ added in v3.3.0
func (i RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutputWithContext(ctx context.Context) RuleMfaAppExcludeArrayOutput
type RuleMfaAppExcludeArrayInput ¶ added in v3.3.0
type RuleMfaAppExcludeArrayInput interface { pulumi.Input ToRuleMfaAppExcludeArrayOutput() RuleMfaAppExcludeArrayOutput ToRuleMfaAppExcludeArrayOutputWithContext(context.Context) RuleMfaAppExcludeArrayOutput }
RuleMfaAppExcludeArrayInput is an input type that accepts RuleMfaAppExcludeArray and RuleMfaAppExcludeArrayOutput values. You can construct a concrete instance of `RuleMfaAppExcludeArrayInput` via:
RuleMfaAppExcludeArray{ RuleMfaAppExcludeArgs{...} }
type RuleMfaAppExcludeArrayOutput ¶ added in v3.3.0
type RuleMfaAppExcludeArrayOutput struct{ *pulumi.OutputState }
func (RuleMfaAppExcludeArrayOutput) ElementType ¶ added in v3.3.0
func (RuleMfaAppExcludeArrayOutput) ElementType() reflect.Type
func (RuleMfaAppExcludeArrayOutput) Index ¶ added in v3.3.0
func (o RuleMfaAppExcludeArrayOutput) Index(i pulumi.IntInput) RuleMfaAppExcludeOutput
func (RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutput ¶ added in v3.3.0
func (o RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutput() RuleMfaAppExcludeArrayOutput
func (RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutputWithContext ¶ added in v3.3.0
func (o RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutputWithContext(ctx context.Context) RuleMfaAppExcludeArrayOutput
type RuleMfaAppExcludeInput ¶ added in v3.3.0
type RuleMfaAppExcludeInput interface { pulumi.Input ToRuleMfaAppExcludeOutput() RuleMfaAppExcludeOutput ToRuleMfaAppExcludeOutputWithContext(context.Context) RuleMfaAppExcludeOutput }
RuleMfaAppExcludeInput is an input type that accepts RuleMfaAppExcludeArgs and RuleMfaAppExcludeOutput values. You can construct a concrete instance of `RuleMfaAppExcludeInput` via:
RuleMfaAppExcludeArgs{...}
type RuleMfaAppExcludeOutput ¶ added in v3.3.0
type RuleMfaAppExcludeOutput struct{ *pulumi.OutputState }
func (RuleMfaAppExcludeOutput) ElementType ¶ added in v3.3.0
func (RuleMfaAppExcludeOutput) ElementType() reflect.Type
func (RuleMfaAppExcludeOutput) Id ¶ added in v3.3.0
func (o RuleMfaAppExcludeOutput) Id() pulumi.StringPtrOutput
Use if `type` is `"APP"` to indicate the application id to include.
func (RuleMfaAppExcludeOutput) Name ¶ added in v3.3.0
func (o RuleMfaAppExcludeOutput) Name() pulumi.StringPtrOutput
Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
func (RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutput ¶ added in v3.3.0
func (o RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutput() RuleMfaAppExcludeOutput
func (RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutputWithContext ¶ added in v3.3.0
func (o RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutputWithContext(ctx context.Context) RuleMfaAppExcludeOutput
func (RuleMfaAppExcludeOutput) Type ¶ added in v3.3.0
func (o RuleMfaAppExcludeOutput) Type() pulumi.StringOutput
One of: `"APP"`, `"APP_TYPE"`
type RuleMfaAppInclude ¶ added in v3.3.0
type RuleMfaAppInclude struct { // Use if `type` is `"APP"` to indicate the application id to include. Id *string `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name *string `pulumi:"name"` // One of: `"APP"`, `"APP_TYPE"` Type string `pulumi:"type"` }
type RuleMfaAppIncludeArgs ¶ added in v3.3.0
type RuleMfaAppIncludeArgs struct { // Use if `type` is `"APP"` to indicate the application id to include. Id pulumi.StringPtrInput `pulumi:"id"` // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput `pulumi:"name"` // One of: `"APP"`, `"APP_TYPE"` Type pulumi.StringInput `pulumi:"type"` }
func (RuleMfaAppIncludeArgs) ElementType ¶ added in v3.3.0
func (RuleMfaAppIncludeArgs) ElementType() reflect.Type
func (RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutput ¶ added in v3.3.0
func (i RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutput() RuleMfaAppIncludeOutput
func (RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutputWithContext ¶ added in v3.3.0
func (i RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutputWithContext(ctx context.Context) RuleMfaAppIncludeOutput
type RuleMfaAppIncludeArray ¶ added in v3.3.0
type RuleMfaAppIncludeArray []RuleMfaAppIncludeInput
func (RuleMfaAppIncludeArray) ElementType ¶ added in v3.3.0
func (RuleMfaAppIncludeArray) ElementType() reflect.Type
func (RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutput ¶ added in v3.3.0
func (i RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutput() RuleMfaAppIncludeArrayOutput
func (RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutputWithContext ¶ added in v3.3.0
func (i RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutputWithContext(ctx context.Context) RuleMfaAppIncludeArrayOutput
type RuleMfaAppIncludeArrayInput ¶ added in v3.3.0
type RuleMfaAppIncludeArrayInput interface { pulumi.Input ToRuleMfaAppIncludeArrayOutput() RuleMfaAppIncludeArrayOutput ToRuleMfaAppIncludeArrayOutputWithContext(context.Context) RuleMfaAppIncludeArrayOutput }
RuleMfaAppIncludeArrayInput is an input type that accepts RuleMfaAppIncludeArray and RuleMfaAppIncludeArrayOutput values. You can construct a concrete instance of `RuleMfaAppIncludeArrayInput` via:
RuleMfaAppIncludeArray{ RuleMfaAppIncludeArgs{...} }
type RuleMfaAppIncludeArrayOutput ¶ added in v3.3.0
type RuleMfaAppIncludeArrayOutput struct{ *pulumi.OutputState }
func (RuleMfaAppIncludeArrayOutput) ElementType ¶ added in v3.3.0
func (RuleMfaAppIncludeArrayOutput) ElementType() reflect.Type
func (RuleMfaAppIncludeArrayOutput) Index ¶ added in v3.3.0
func (o RuleMfaAppIncludeArrayOutput) Index(i pulumi.IntInput) RuleMfaAppIncludeOutput
func (RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutput ¶ added in v3.3.0
func (o RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutput() RuleMfaAppIncludeArrayOutput
func (RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutputWithContext ¶ added in v3.3.0
func (o RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutputWithContext(ctx context.Context) RuleMfaAppIncludeArrayOutput
type RuleMfaAppIncludeInput ¶ added in v3.3.0
type RuleMfaAppIncludeInput interface { pulumi.Input ToRuleMfaAppIncludeOutput() RuleMfaAppIncludeOutput ToRuleMfaAppIncludeOutputWithContext(context.Context) RuleMfaAppIncludeOutput }
RuleMfaAppIncludeInput is an input type that accepts RuleMfaAppIncludeArgs and RuleMfaAppIncludeOutput values. You can construct a concrete instance of `RuleMfaAppIncludeInput` via:
RuleMfaAppIncludeArgs{...}
type RuleMfaAppIncludeOutput ¶ added in v3.3.0
type RuleMfaAppIncludeOutput struct{ *pulumi.OutputState }
func (RuleMfaAppIncludeOutput) ElementType ¶ added in v3.3.0
func (RuleMfaAppIncludeOutput) ElementType() reflect.Type
func (RuleMfaAppIncludeOutput) Id ¶ added in v3.3.0
func (o RuleMfaAppIncludeOutput) Id() pulumi.StringPtrOutput
Use if `type` is `"APP"` to indicate the application id to include.
func (RuleMfaAppIncludeOutput) Name ¶ added in v3.3.0
func (o RuleMfaAppIncludeOutput) Name() pulumi.StringPtrOutput
Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
func (RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutput ¶ added in v3.3.0
func (o RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutput() RuleMfaAppIncludeOutput
func (RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutputWithContext ¶ added in v3.3.0
func (o RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutputWithContext(ctx context.Context) RuleMfaAppIncludeOutput
func (RuleMfaAppIncludeOutput) Type ¶ added in v3.3.0
func (o RuleMfaAppIncludeOutput) Type() pulumi.StringOutput
One of: `"APP"`, `"APP_TYPE"`
type RuleMfaArgs ¶
type RuleMfaArgs struct { // Applications to exclude AppExcludes RuleMfaAppExcludeArrayInput // Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations. AppIncludes RuleMfaAppIncludeArrayInput // When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`. Enroll pulumi.StringPtrInput // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. NetworkConnection pulumi.StringPtrInput // The network zones to exclude. Conflicts with `networkIncludes`. NetworkExcludes pulumi.StringArrayInput // The network zones to include. Conflicts with `networkExcludes`. NetworkIncludes pulumi.StringArrayInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Priority pulumi.IntPtrInput // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput // Set of User IDs to Exclude UsersExcludeds pulumi.StringArrayInput }
The set of arguments for constructing a RuleMfa resource.
func (RuleMfaArgs) ElementType ¶
func (RuleMfaArgs) ElementType() reflect.Type
type RuleMfaArray ¶
type RuleMfaArray []RuleMfaInput
func (RuleMfaArray) ElementType ¶
func (RuleMfaArray) ElementType() reflect.Type
func (RuleMfaArray) ToRuleMfaArrayOutput ¶
func (i RuleMfaArray) ToRuleMfaArrayOutput() RuleMfaArrayOutput
func (RuleMfaArray) ToRuleMfaArrayOutputWithContext ¶
func (i RuleMfaArray) ToRuleMfaArrayOutputWithContext(ctx context.Context) RuleMfaArrayOutput
type RuleMfaArrayInput ¶
type RuleMfaArrayInput interface { pulumi.Input ToRuleMfaArrayOutput() RuleMfaArrayOutput ToRuleMfaArrayOutputWithContext(context.Context) RuleMfaArrayOutput }
RuleMfaArrayInput is an input type that accepts RuleMfaArray and RuleMfaArrayOutput values. You can construct a concrete instance of `RuleMfaArrayInput` via:
RuleMfaArray{ RuleMfaArgs{...} }
type RuleMfaArrayOutput ¶
type RuleMfaArrayOutput struct{ *pulumi.OutputState }
func (RuleMfaArrayOutput) ElementType ¶
func (RuleMfaArrayOutput) ElementType() reflect.Type
func (RuleMfaArrayOutput) Index ¶
func (o RuleMfaArrayOutput) Index(i pulumi.IntInput) RuleMfaOutput
func (RuleMfaArrayOutput) ToRuleMfaArrayOutput ¶
func (o RuleMfaArrayOutput) ToRuleMfaArrayOutput() RuleMfaArrayOutput
func (RuleMfaArrayOutput) ToRuleMfaArrayOutputWithContext ¶
func (o RuleMfaArrayOutput) ToRuleMfaArrayOutputWithContext(ctx context.Context) RuleMfaArrayOutput
type RuleMfaInput ¶
type RuleMfaInput interface { pulumi.Input ToRuleMfaOutput() RuleMfaOutput ToRuleMfaOutputWithContext(ctx context.Context) RuleMfaOutput }
type RuleMfaMap ¶
type RuleMfaMap map[string]RuleMfaInput
func (RuleMfaMap) ElementType ¶
func (RuleMfaMap) ElementType() reflect.Type
func (RuleMfaMap) ToRuleMfaMapOutput ¶
func (i RuleMfaMap) ToRuleMfaMapOutput() RuleMfaMapOutput
func (RuleMfaMap) ToRuleMfaMapOutputWithContext ¶
func (i RuleMfaMap) ToRuleMfaMapOutputWithContext(ctx context.Context) RuleMfaMapOutput
type RuleMfaMapInput ¶
type RuleMfaMapInput interface { pulumi.Input ToRuleMfaMapOutput() RuleMfaMapOutput ToRuleMfaMapOutputWithContext(context.Context) RuleMfaMapOutput }
RuleMfaMapInput is an input type that accepts RuleMfaMap and RuleMfaMapOutput values. You can construct a concrete instance of `RuleMfaMapInput` via:
RuleMfaMap{ "key": RuleMfaArgs{...} }
type RuleMfaMapOutput ¶
type RuleMfaMapOutput struct{ *pulumi.OutputState }
func (RuleMfaMapOutput) ElementType ¶
func (RuleMfaMapOutput) ElementType() reflect.Type
func (RuleMfaMapOutput) MapIndex ¶
func (o RuleMfaMapOutput) MapIndex(k pulumi.StringInput) RuleMfaOutput
func (RuleMfaMapOutput) ToRuleMfaMapOutput ¶
func (o RuleMfaMapOutput) ToRuleMfaMapOutput() RuleMfaMapOutput
func (RuleMfaMapOutput) ToRuleMfaMapOutputWithContext ¶
func (o RuleMfaMapOutput) ToRuleMfaMapOutputWithContext(ctx context.Context) RuleMfaMapOutput
type RuleMfaOutput ¶
type RuleMfaOutput struct{ *pulumi.OutputState }
func (RuleMfaOutput) AppExcludes ¶ added in v3.9.0
func (o RuleMfaOutput) AppExcludes() RuleMfaAppExcludeArrayOutput
Applications to exclude
func (RuleMfaOutput) AppIncludes ¶ added in v3.9.0
func (o RuleMfaOutput) AppIncludes() RuleMfaAppIncludeArrayOutput
Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.
func (RuleMfaOutput) ElementType ¶
func (RuleMfaOutput) ElementType() reflect.Type
func (RuleMfaOutput) Enroll ¶ added in v3.9.0
func (o RuleMfaOutput) Enroll() pulumi.StringPtrOutput
When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`.
func (RuleMfaOutput) Name ¶ added in v3.9.0
func (o RuleMfaOutput) Name() pulumi.StringOutput
Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
func (RuleMfaOutput) NetworkConnection ¶ added in v3.9.0
func (o RuleMfaOutput) NetworkConnection() pulumi.StringPtrOutput
Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
func (RuleMfaOutput) NetworkExcludes ¶ added in v3.9.0
func (o RuleMfaOutput) NetworkExcludes() pulumi.StringArrayOutput
The network zones to exclude. Conflicts with `networkIncludes`.
func (RuleMfaOutput) NetworkIncludes ¶ added in v3.9.0
func (o RuleMfaOutput) NetworkIncludes() pulumi.StringArrayOutput
The network zones to include. Conflicts with `networkExcludes`.
func (RuleMfaOutput) PolicyId ¶ added in v3.9.0
func (o RuleMfaOutput) PolicyId() pulumi.StringPtrOutput
Policy ID.
func (RuleMfaOutput) Policyid
deprecated
added in
v3.9.0
func (o RuleMfaOutput) Policyid() pulumi.StringPtrOutput
Policy ID.
Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
func (RuleMfaOutput) Priority ¶ added in v3.9.0
func (o RuleMfaOutput) Priority() pulumi.IntPtrOutput
Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
func (RuleMfaOutput) Status ¶ added in v3.9.0
func (o RuleMfaOutput) Status() pulumi.StringPtrOutput
Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
func (RuleMfaOutput) ToRuleMfaOutput ¶
func (o RuleMfaOutput) ToRuleMfaOutput() RuleMfaOutput
func (RuleMfaOutput) ToRuleMfaOutputWithContext ¶
func (o RuleMfaOutput) ToRuleMfaOutputWithContext(ctx context.Context) RuleMfaOutput
func (RuleMfaOutput) UsersExcludeds ¶ added in v3.9.0
func (o RuleMfaOutput) UsersExcludeds() pulumi.StringArrayOutput
Set of User IDs to Exclude
type RuleMfaState ¶
type RuleMfaState struct { // Applications to exclude AppExcludes RuleMfaAppExcludeArrayInput // Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations. AppIncludes RuleMfaAppIncludeArrayInput // When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`. Enroll pulumi.StringPtrInput // Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included. Name pulumi.StringPtrInput // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. NetworkConnection pulumi.StringPtrInput // The network zones to exclude. Conflicts with `networkIncludes`. NetworkExcludes pulumi.StringArrayInput // The network zones to include. Conflicts with `networkExcludes`. NetworkIncludes pulumi.StringArrayInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Priority pulumi.IntPtrInput // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput // Set of User IDs to Exclude UsersExcludeds pulumi.StringArrayInput }
func (RuleMfaState) ElementType ¶
func (RuleMfaState) ElementType() reflect.Type
type RulePassword ¶
type RulePassword struct { pulumi.CustomResourceState // Policy Rule Name. Type `"string"` Name pulumi.StringOutput `pulumi:"name"` // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"` NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"` // The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"` NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"` // The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"` NetworkIncludes pulumi.StringArrayOutput `pulumi:"networkIncludes"` // Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"` PasswordChange pulumi.StringPtrOutput `pulumi:"passwordChange"` // Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"` PasswordReset pulumi.StringPtrOutput `pulumi:"passwordReset"` // Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"` PasswordUnlock pulumi.StringPtrOutput `pulumi:"passwordUnlock"` // Policy ID. PolicyId pulumi.StringPtrOutput `pulumi:"policyId"` // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrOutput `pulumi:"policyid"` // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"` Priority pulumi.IntPtrOutput `pulumi:"priority"` // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"` Status pulumi.StringPtrOutput `pulumi:"status"` // The users to exclude. Type `"set(string)"` UsersExcludeds pulumi.StringArrayOutput `pulumi:"usersExcludeds"` }
Creates a Password Policy Rule.
This resource allows you to create and configure a Password Policy Rule.
## Import
A Policy Rule can be imported via the Policy and Rule ID.
```sh
$ pulumi import okta:policy/rulePassword:RulePassword example <policy id>/<rule id>
```
func GetRulePassword ¶
func GetRulePassword(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RulePasswordState, opts ...pulumi.ResourceOption) (*RulePassword, error)
GetRulePassword gets an existing RulePassword resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRulePassword ¶
func NewRulePassword(ctx *pulumi.Context, name string, args *RulePasswordArgs, opts ...pulumi.ResourceOption) (*RulePassword, error)
NewRulePassword registers a new resource with the given unique name, arguments, and options.
func (*RulePassword) ElementType ¶
func (*RulePassword) ElementType() reflect.Type
func (*RulePassword) ToRulePasswordOutput ¶
func (i *RulePassword) ToRulePasswordOutput() RulePasswordOutput
func (*RulePassword) ToRulePasswordOutputWithContext ¶
func (i *RulePassword) ToRulePasswordOutputWithContext(ctx context.Context) RulePasswordOutput
type RulePasswordArgs ¶
type RulePasswordArgs struct { // Policy Rule Name. Type `"string"` Name pulumi.StringPtrInput // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"` NetworkConnection pulumi.StringPtrInput // The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"` NetworkExcludes pulumi.StringArrayInput // The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"` NetworkIncludes pulumi.StringArrayInput // Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"` PasswordChange pulumi.StringPtrInput // Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"` PasswordReset pulumi.StringPtrInput // Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"` PasswordUnlock pulumi.StringPtrInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"` Priority pulumi.IntPtrInput // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"` Status pulumi.StringPtrInput // The users to exclude. Type `"set(string)"` UsersExcludeds pulumi.StringArrayInput }
The set of arguments for constructing a RulePassword resource.
func (RulePasswordArgs) ElementType ¶
func (RulePasswordArgs) ElementType() reflect.Type
type RulePasswordArray ¶
type RulePasswordArray []RulePasswordInput
func (RulePasswordArray) ElementType ¶
func (RulePasswordArray) ElementType() reflect.Type
func (RulePasswordArray) ToRulePasswordArrayOutput ¶
func (i RulePasswordArray) ToRulePasswordArrayOutput() RulePasswordArrayOutput
func (RulePasswordArray) ToRulePasswordArrayOutputWithContext ¶
func (i RulePasswordArray) ToRulePasswordArrayOutputWithContext(ctx context.Context) RulePasswordArrayOutput
type RulePasswordArrayInput ¶
type RulePasswordArrayInput interface { pulumi.Input ToRulePasswordArrayOutput() RulePasswordArrayOutput ToRulePasswordArrayOutputWithContext(context.Context) RulePasswordArrayOutput }
RulePasswordArrayInput is an input type that accepts RulePasswordArray and RulePasswordArrayOutput values. You can construct a concrete instance of `RulePasswordArrayInput` via:
RulePasswordArray{ RulePasswordArgs{...} }
type RulePasswordArrayOutput ¶
type RulePasswordArrayOutput struct{ *pulumi.OutputState }
func (RulePasswordArrayOutput) ElementType ¶
func (RulePasswordArrayOutput) ElementType() reflect.Type
func (RulePasswordArrayOutput) Index ¶
func (o RulePasswordArrayOutput) Index(i pulumi.IntInput) RulePasswordOutput
func (RulePasswordArrayOutput) ToRulePasswordArrayOutput ¶
func (o RulePasswordArrayOutput) ToRulePasswordArrayOutput() RulePasswordArrayOutput
func (RulePasswordArrayOutput) ToRulePasswordArrayOutputWithContext ¶
func (o RulePasswordArrayOutput) ToRulePasswordArrayOutputWithContext(ctx context.Context) RulePasswordArrayOutput
type RulePasswordInput ¶
type RulePasswordInput interface { pulumi.Input ToRulePasswordOutput() RulePasswordOutput ToRulePasswordOutputWithContext(ctx context.Context) RulePasswordOutput }
type RulePasswordMap ¶
type RulePasswordMap map[string]RulePasswordInput
func (RulePasswordMap) ElementType ¶
func (RulePasswordMap) ElementType() reflect.Type
func (RulePasswordMap) ToRulePasswordMapOutput ¶
func (i RulePasswordMap) ToRulePasswordMapOutput() RulePasswordMapOutput
func (RulePasswordMap) ToRulePasswordMapOutputWithContext ¶
func (i RulePasswordMap) ToRulePasswordMapOutputWithContext(ctx context.Context) RulePasswordMapOutput
type RulePasswordMapInput ¶
type RulePasswordMapInput interface { pulumi.Input ToRulePasswordMapOutput() RulePasswordMapOutput ToRulePasswordMapOutputWithContext(context.Context) RulePasswordMapOutput }
RulePasswordMapInput is an input type that accepts RulePasswordMap and RulePasswordMapOutput values. You can construct a concrete instance of `RulePasswordMapInput` via:
RulePasswordMap{ "key": RulePasswordArgs{...} }
type RulePasswordMapOutput ¶
type RulePasswordMapOutput struct{ *pulumi.OutputState }
func (RulePasswordMapOutput) ElementType ¶
func (RulePasswordMapOutput) ElementType() reflect.Type
func (RulePasswordMapOutput) MapIndex ¶
func (o RulePasswordMapOutput) MapIndex(k pulumi.StringInput) RulePasswordOutput
func (RulePasswordMapOutput) ToRulePasswordMapOutput ¶
func (o RulePasswordMapOutput) ToRulePasswordMapOutput() RulePasswordMapOutput
func (RulePasswordMapOutput) ToRulePasswordMapOutputWithContext ¶
func (o RulePasswordMapOutput) ToRulePasswordMapOutputWithContext(ctx context.Context) RulePasswordMapOutput
type RulePasswordOutput ¶
type RulePasswordOutput struct{ *pulumi.OutputState }
func (RulePasswordOutput) ElementType ¶
func (RulePasswordOutput) ElementType() reflect.Type
func (RulePasswordOutput) Name ¶ added in v3.9.0
func (o RulePasswordOutput) Name() pulumi.StringOutput
Policy Rule Name. Type `"string"`
func (RulePasswordOutput) NetworkConnection ¶ added in v3.9.0
func (o RulePasswordOutput) NetworkConnection() pulumi.StringPtrOutput
Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"`
func (RulePasswordOutput) NetworkExcludes ¶ added in v3.9.0
func (o RulePasswordOutput) NetworkExcludes() pulumi.StringArrayOutput
The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"`
func (RulePasswordOutput) NetworkIncludes ¶ added in v3.9.0
func (o RulePasswordOutput) NetworkIncludes() pulumi.StringArrayOutput
The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"`
func (RulePasswordOutput) PasswordChange ¶ added in v3.9.0
func (o RulePasswordOutput) PasswordChange() pulumi.StringPtrOutput
Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
func (RulePasswordOutput) PasswordReset ¶ added in v3.9.0
func (o RulePasswordOutput) PasswordReset() pulumi.StringPtrOutput
Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
func (RulePasswordOutput) PasswordUnlock ¶ added in v3.9.0
func (o RulePasswordOutput) PasswordUnlock() pulumi.StringPtrOutput
Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"`
func (RulePasswordOutput) PolicyId ¶ added in v3.9.0
func (o RulePasswordOutput) PolicyId() pulumi.StringPtrOutput
Policy ID.
func (RulePasswordOutput) Policyid
deprecated
added in
v3.9.0
func (o RulePasswordOutput) Policyid() pulumi.StringPtrOutput
Policy ID.
Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
func (RulePasswordOutput) Priority ¶ added in v3.9.0
func (o RulePasswordOutput) Priority() pulumi.IntPtrOutput
Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"`
func (RulePasswordOutput) Status ¶ added in v3.9.0
func (o RulePasswordOutput) Status() pulumi.StringPtrOutput
Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
func (RulePasswordOutput) ToRulePasswordOutput ¶
func (o RulePasswordOutput) ToRulePasswordOutput() RulePasswordOutput
func (RulePasswordOutput) ToRulePasswordOutputWithContext ¶
func (o RulePasswordOutput) ToRulePasswordOutputWithContext(ctx context.Context) RulePasswordOutput
func (RulePasswordOutput) UsersExcludeds ¶ added in v3.9.0
func (o RulePasswordOutput) UsersExcludeds() pulumi.StringArrayOutput
The users to exclude. Type `"set(string)"`
type RulePasswordState ¶
type RulePasswordState struct { // Policy Rule Name. Type `"string"` Name pulumi.StringPtrInput // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"` NetworkConnection pulumi.StringPtrInput // The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"` NetworkExcludes pulumi.StringArrayInput // The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"` NetworkIncludes pulumi.StringArrayInput // Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"` PasswordChange pulumi.StringPtrInput // Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"` PasswordReset pulumi.StringPtrInput // Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"` PasswordUnlock pulumi.StringPtrInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"` Priority pulumi.IntPtrInput // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"` Status pulumi.StringPtrInput // The users to exclude. Type `"set(string)"` UsersExcludeds pulumi.StringArrayInput }
func (RulePasswordState) ElementType ¶
func (RulePasswordState) ElementType() reflect.Type
type RuleSignon ¶
type RuleSignon struct { pulumi.CustomResourceState // Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`. Access pulumi.StringPtrOutput `pulumi:"access"` // Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`. Authtype pulumi.StringPtrOutput `pulumi:"authtype"` // List of behavior IDs. Behaviors pulumi.StringArrayOutput `pulumi:"behaviors"` // Auth factor sequences. Should be set if `access = "CHALLENGE"`. FactorSequences RuleSignonFactorSequenceArrayOutput `pulumi:"factorSequences"` // Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`. IdentityProvider pulumi.StringPtrOutput `pulumi:"identityProvider"` // When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on. IdentityProviderIds pulumi.StringArrayOutput `pulumi:"identityProviderIds"` // Elapsed time before the next MFA challenge. MfaLifetime pulumi.IntPtrOutput `pulumi:"mfaLifetime"` // Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`. MfaPrompt pulumi.StringPtrOutput `pulumi:"mfaPrompt"` // Remember MFA device. The default `false`. MfaRememberDevice pulumi.BoolPtrOutput `pulumi:"mfaRememberDevice"` // Require MFA. By default is `false`. MfaRequired pulumi.BoolPtrOutput `pulumi:"mfaRequired"` // Policy Rule Name. Name pulumi.StringOutput `pulumi:"name"` // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"` // The network zones to exclude. Conflicts with `networkIncludes`. NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"` // The network zones to include. Conflicts with `networkExcludes`. NetworkIncludes pulumi.StringArrayOutput `pulumi:"networkIncludes"` // Policy ID. PolicyId pulumi.StringPtrOutput `pulumi:"policyId"` // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrOutput `pulumi:"policyid"` // Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: // `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`. PrimaryFactor pulumi.StringOutput `pulumi:"primaryFactor"` // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Priority pulumi.IntPtrOutput `pulumi:"priority"` // Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also // set to an empty string in case `RISC_SCORING` org feature flag is disabled. RiscLevel pulumi.StringPtrOutput `pulumi:"riscLevel"` // Max minutes a session can be idle., SessionIdle pulumi.IntPtrOutput `pulumi:"sessionIdle"` // Max minutes a session is active: Disable = 0. SessionLifetime pulumi.IntPtrOutput `pulumi:"sessionLifetime"` // Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies. SessionPersistent pulumi.BoolPtrOutput `pulumi:"sessionPersistent"` // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrOutput `pulumi:"status"` // The list of user IDs that would be excluded when rules are processed. UsersExcludeds pulumi.StringArrayOutput `pulumi:"usersExcludeds"` }
Creates a Sign On Policy Rule. In case `Invalid condition type specified: riskScore.` error is thrown, set `riscLevel` to an empty string, since this feature is not enabled.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta" "github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := policy.NewSignon(ctx, "test", &policy.SignonArgs{ Status: pulumi.String("ACTIVE"), Description: pulumi.String("Example Policy"), }) if err != nil { return err } newCity, err := okta.LookupBehaviour(ctx, &okta.LookupBehaviourArgs{ Name: pulumi.StringRef("New City"), }, nil) if err != nil { return err } _, err = policy.NewRuleSignon(ctx, "example", &policy.RuleSignonArgs{ Access: pulumi.String("CHALLENGE"), Authtype: pulumi.String("RADIUS"), NetworkConnection: pulumi.String("ANYWHERE"), PolicyId: pulumi.Any(okta_policy_signon.Example.Id), Status: pulumi.String("ACTIVE"), RiscLevel: pulumi.String("HIGH"), Behaviors: pulumi.StringArray{ *pulumi.String(newCity.Id), }, FactorSequences: policy.RuleSignonFactorSequenceArray{ &policy.RuleSignonFactorSequenceArgs{ PrimaryCriteriaFactorType: pulumi.String("token:hotp"), PrimaryCriteriaProvider: pulumi.String("CUSTOM"), SecondaryCriterias: policy.RuleSignonFactorSequenceSecondaryCriteriaArray{ &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("token:software:totp"), Provider: pulumi.String("OKTA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("push"), Provider: pulumi.String("OKTA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("password"), Provider: pulumi.String("OKTA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("question"), Provider: pulumi.String("OKTA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("sms"), Provider: pulumi.String("OKTA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("token:software:totp"), Provider: pulumi.String("GOOGLE"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("email"), Provider: pulumi.String("OKTA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("call"), Provider: pulumi.String("OKTA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("webauthn"), Provider: pulumi.String("FIDO"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("token"), Provider: pulumi.String("RSA"), }, &policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{ FactorType: pulumi.String("token"), Provider: pulumi.String("SYMANTEC"), }, }, }, &policy.RuleSignonFactorSequenceArgs{ PrimaryCriteriaFactorType: pulumi.String("token:software:totp"), PrimaryCriteriaProvider: pulumi.String("OKTA"), }, }, }) if err != nil { return err } return nil }) }
```
## Import
A Policy Rule can be imported via the Policy and Rule ID.
```sh
$ pulumi import okta:policy/ruleSignon:RuleSignon example <policy id>/<rule id>
```
func GetRuleSignon ¶
func GetRuleSignon(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RuleSignonState, opts ...pulumi.ResourceOption) (*RuleSignon, error)
GetRuleSignon gets an existing RuleSignon resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRuleSignon ¶
func NewRuleSignon(ctx *pulumi.Context, name string, args *RuleSignonArgs, opts ...pulumi.ResourceOption) (*RuleSignon, error)
NewRuleSignon registers a new resource with the given unique name, arguments, and options.
func (*RuleSignon) ElementType ¶
func (*RuleSignon) ElementType() reflect.Type
func (*RuleSignon) ToRuleSignonOutput ¶
func (i *RuleSignon) ToRuleSignonOutput() RuleSignonOutput
func (*RuleSignon) ToRuleSignonOutputWithContext ¶
func (i *RuleSignon) ToRuleSignonOutputWithContext(ctx context.Context) RuleSignonOutput
type RuleSignonArgs ¶
type RuleSignonArgs struct { // Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`. Access pulumi.StringPtrInput // Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`. Authtype pulumi.StringPtrInput // List of behavior IDs. Behaviors pulumi.StringArrayInput // Auth factor sequences. Should be set if `access = "CHALLENGE"`. FactorSequences RuleSignonFactorSequenceArrayInput // Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`. IdentityProvider pulumi.StringPtrInput // When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on. IdentityProviderIds pulumi.StringArrayInput // Elapsed time before the next MFA challenge. MfaLifetime pulumi.IntPtrInput // Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`. MfaPrompt pulumi.StringPtrInput // Remember MFA device. The default `false`. MfaRememberDevice pulumi.BoolPtrInput // Require MFA. By default is `false`. MfaRequired pulumi.BoolPtrInput // Policy Rule Name. Name pulumi.StringPtrInput // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. NetworkConnection pulumi.StringPtrInput // The network zones to exclude. Conflicts with `networkIncludes`. NetworkExcludes pulumi.StringArrayInput // The network zones to include. Conflicts with `networkExcludes`. NetworkIncludes pulumi.StringArrayInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: // `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`. PrimaryFactor pulumi.StringPtrInput // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Priority pulumi.IntPtrInput // Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also // set to an empty string in case `RISC_SCORING` org feature flag is disabled. RiscLevel pulumi.StringPtrInput // Max minutes a session can be idle., SessionIdle pulumi.IntPtrInput // Max minutes a session is active: Disable = 0. SessionLifetime pulumi.IntPtrInput // Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies. SessionPersistent pulumi.BoolPtrInput // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput // The list of user IDs that would be excluded when rules are processed. UsersExcludeds pulumi.StringArrayInput }
The set of arguments for constructing a RuleSignon resource.
func (RuleSignonArgs) ElementType ¶
func (RuleSignonArgs) ElementType() reflect.Type
type RuleSignonArray ¶
type RuleSignonArray []RuleSignonInput
func (RuleSignonArray) ElementType ¶
func (RuleSignonArray) ElementType() reflect.Type
func (RuleSignonArray) ToRuleSignonArrayOutput ¶
func (i RuleSignonArray) ToRuleSignonArrayOutput() RuleSignonArrayOutput
func (RuleSignonArray) ToRuleSignonArrayOutputWithContext ¶
func (i RuleSignonArray) ToRuleSignonArrayOutputWithContext(ctx context.Context) RuleSignonArrayOutput
type RuleSignonArrayInput ¶
type RuleSignonArrayInput interface { pulumi.Input ToRuleSignonArrayOutput() RuleSignonArrayOutput ToRuleSignonArrayOutputWithContext(context.Context) RuleSignonArrayOutput }
RuleSignonArrayInput is an input type that accepts RuleSignonArray and RuleSignonArrayOutput values. You can construct a concrete instance of `RuleSignonArrayInput` via:
RuleSignonArray{ RuleSignonArgs{...} }
type RuleSignonArrayOutput ¶
type RuleSignonArrayOutput struct{ *pulumi.OutputState }
func (RuleSignonArrayOutput) ElementType ¶
func (RuleSignonArrayOutput) ElementType() reflect.Type
func (RuleSignonArrayOutput) Index ¶
func (o RuleSignonArrayOutput) Index(i pulumi.IntInput) RuleSignonOutput
func (RuleSignonArrayOutput) ToRuleSignonArrayOutput ¶
func (o RuleSignonArrayOutput) ToRuleSignonArrayOutput() RuleSignonArrayOutput
func (RuleSignonArrayOutput) ToRuleSignonArrayOutputWithContext ¶
func (o RuleSignonArrayOutput) ToRuleSignonArrayOutputWithContext(ctx context.Context) RuleSignonArrayOutput
type RuleSignonFactorSequence ¶ added in v3.1.0
type RuleSignonFactorSequence struct { // Primary factor type of the auth section. PrimaryCriteriaFactorType string `pulumi:"primaryCriteriaFactorType"` // Primary provider of the auth section. PrimaryCriteriaProvider string `pulumi:"primaryCriteriaProvider"` // Additional authentication steps. SecondaryCriterias []RuleSignonFactorSequenceSecondaryCriteria `pulumi:"secondaryCriterias"` }
type RuleSignonFactorSequenceArgs ¶ added in v3.1.0
type RuleSignonFactorSequenceArgs struct { // Primary factor type of the auth section. PrimaryCriteriaFactorType pulumi.StringInput `pulumi:"primaryCriteriaFactorType"` // Primary provider of the auth section. PrimaryCriteriaProvider pulumi.StringInput `pulumi:"primaryCriteriaProvider"` // Additional authentication steps. SecondaryCriterias RuleSignonFactorSequenceSecondaryCriteriaArrayInput `pulumi:"secondaryCriterias"` }
func (RuleSignonFactorSequenceArgs) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceArgs) ElementType() reflect.Type
func (RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutput ¶ added in v3.1.0
func (i RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput
func (RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutputWithContext ¶ added in v3.1.0
func (i RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutputWithContext(ctx context.Context) RuleSignonFactorSequenceOutput
type RuleSignonFactorSequenceArray ¶ added in v3.1.0
type RuleSignonFactorSequenceArray []RuleSignonFactorSequenceInput
func (RuleSignonFactorSequenceArray) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceArray) ElementType() reflect.Type
func (RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutput ¶ added in v3.1.0
func (i RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput
func (RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutputWithContext ¶ added in v3.1.0
func (i RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceArrayOutput
type RuleSignonFactorSequenceArrayInput ¶ added in v3.1.0
type RuleSignonFactorSequenceArrayInput interface { pulumi.Input ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput ToRuleSignonFactorSequenceArrayOutputWithContext(context.Context) RuleSignonFactorSequenceArrayOutput }
RuleSignonFactorSequenceArrayInput is an input type that accepts RuleSignonFactorSequenceArray and RuleSignonFactorSequenceArrayOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceArrayInput` via:
RuleSignonFactorSequenceArray{ RuleSignonFactorSequenceArgs{...} }
type RuleSignonFactorSequenceArrayOutput ¶ added in v3.1.0
type RuleSignonFactorSequenceArrayOutput struct{ *pulumi.OutputState }
func (RuleSignonFactorSequenceArrayOutput) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceArrayOutput) ElementType() reflect.Type
func (RuleSignonFactorSequenceArrayOutput) Index ¶ added in v3.1.0
func (o RuleSignonFactorSequenceArrayOutput) Index(i pulumi.IntInput) RuleSignonFactorSequenceOutput
func (RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutput ¶ added in v3.1.0
func (o RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput
func (RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutputWithContext ¶ added in v3.1.0
func (o RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceArrayOutput
type RuleSignonFactorSequenceInput ¶ added in v3.1.0
type RuleSignonFactorSequenceInput interface { pulumi.Input ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput ToRuleSignonFactorSequenceOutputWithContext(context.Context) RuleSignonFactorSequenceOutput }
RuleSignonFactorSequenceInput is an input type that accepts RuleSignonFactorSequenceArgs and RuleSignonFactorSequenceOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceInput` via:
RuleSignonFactorSequenceArgs{...}
type RuleSignonFactorSequenceOutput ¶ added in v3.1.0
type RuleSignonFactorSequenceOutput struct{ *pulumi.OutputState }
func (RuleSignonFactorSequenceOutput) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceOutput) ElementType() reflect.Type
func (RuleSignonFactorSequenceOutput) PrimaryCriteriaFactorType ¶ added in v3.1.0
func (o RuleSignonFactorSequenceOutput) PrimaryCriteriaFactorType() pulumi.StringOutput
Primary factor type of the auth section.
func (RuleSignonFactorSequenceOutput) PrimaryCriteriaProvider ¶ added in v3.1.0
func (o RuleSignonFactorSequenceOutput) PrimaryCriteriaProvider() pulumi.StringOutput
Primary provider of the auth section.
func (RuleSignonFactorSequenceOutput) SecondaryCriterias ¶ added in v3.1.0
func (o RuleSignonFactorSequenceOutput) SecondaryCriterias() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
Additional authentication steps.
func (RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutput ¶ added in v3.1.0
func (o RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput
func (RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutputWithContext ¶ added in v3.1.0
func (o RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutputWithContext(ctx context.Context) RuleSignonFactorSequenceOutput
type RuleSignonFactorSequenceSecondaryCriteria ¶ added in v3.1.0
type RuleSignonFactorSequenceSecondaryCriteriaArgs ¶ added in v3.1.0
type RuleSignonFactorSequenceSecondaryCriteriaArgs struct { // Factor type of the additional authentication step. FactorType pulumi.StringInput `pulumi:"factorType"` // Provider of the additional authentication step. Provider pulumi.StringInput `pulumi:"provider"` }
func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ElementType() reflect.Type
func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutput ¶ added in v3.1.0
func (i RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput
func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext ¶ added in v3.1.0
func (i RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput
type RuleSignonFactorSequenceSecondaryCriteriaArray ¶ added in v3.1.0
type RuleSignonFactorSequenceSecondaryCriteriaArray []RuleSignonFactorSequenceSecondaryCriteriaInput
func (RuleSignonFactorSequenceSecondaryCriteriaArray) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceSecondaryCriteriaArray) ElementType() reflect.Type
func (RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput ¶ added in v3.1.0
func (i RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
func (RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext ¶ added in v3.1.0
func (i RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
type RuleSignonFactorSequenceSecondaryCriteriaArrayInput ¶ added in v3.1.0
type RuleSignonFactorSequenceSecondaryCriteriaArrayInput interface { pulumi.Input ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput }
RuleSignonFactorSequenceSecondaryCriteriaArrayInput is an input type that accepts RuleSignonFactorSequenceSecondaryCriteriaArray and RuleSignonFactorSequenceSecondaryCriteriaArrayOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceSecondaryCriteriaArrayInput` via:
RuleSignonFactorSequenceSecondaryCriteriaArray{ RuleSignonFactorSequenceSecondaryCriteriaArgs{...} }
type RuleSignonFactorSequenceSecondaryCriteriaArrayOutput ¶ added in v3.1.0
type RuleSignonFactorSequenceSecondaryCriteriaArrayOutput struct{ *pulumi.OutputState }
func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ElementType() reflect.Type
func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput ¶ added in v3.1.0
func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext ¶ added in v3.1.0
func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
type RuleSignonFactorSequenceSecondaryCriteriaInput ¶ added in v3.1.0
type RuleSignonFactorSequenceSecondaryCriteriaInput interface { pulumi.Input ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput }
RuleSignonFactorSequenceSecondaryCriteriaInput is an input type that accepts RuleSignonFactorSequenceSecondaryCriteriaArgs and RuleSignonFactorSequenceSecondaryCriteriaOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceSecondaryCriteriaInput` via:
RuleSignonFactorSequenceSecondaryCriteriaArgs{...}
type RuleSignonFactorSequenceSecondaryCriteriaOutput ¶ added in v3.1.0
type RuleSignonFactorSequenceSecondaryCriteriaOutput struct{ *pulumi.OutputState }
func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ElementType ¶ added in v3.1.0
func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ElementType() reflect.Type
func (RuleSignonFactorSequenceSecondaryCriteriaOutput) FactorType ¶ added in v3.1.0
func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) FactorType() pulumi.StringOutput
Factor type of the additional authentication step.
func (RuleSignonFactorSequenceSecondaryCriteriaOutput) Provider ¶ added in v3.1.0
func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) Provider() pulumi.StringOutput
Provider of the additional authentication step.
func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutput ¶ added in v3.1.0
func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput
func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext ¶ added in v3.1.0
func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput
type RuleSignonInput ¶
type RuleSignonInput interface { pulumi.Input ToRuleSignonOutput() RuleSignonOutput ToRuleSignonOutputWithContext(ctx context.Context) RuleSignonOutput }
type RuleSignonMap ¶
type RuleSignonMap map[string]RuleSignonInput
func (RuleSignonMap) ElementType ¶
func (RuleSignonMap) ElementType() reflect.Type
func (RuleSignonMap) ToRuleSignonMapOutput ¶
func (i RuleSignonMap) ToRuleSignonMapOutput() RuleSignonMapOutput
func (RuleSignonMap) ToRuleSignonMapOutputWithContext ¶
func (i RuleSignonMap) ToRuleSignonMapOutputWithContext(ctx context.Context) RuleSignonMapOutput
type RuleSignonMapInput ¶
type RuleSignonMapInput interface { pulumi.Input ToRuleSignonMapOutput() RuleSignonMapOutput ToRuleSignonMapOutputWithContext(context.Context) RuleSignonMapOutput }
RuleSignonMapInput is an input type that accepts RuleSignonMap and RuleSignonMapOutput values. You can construct a concrete instance of `RuleSignonMapInput` via:
RuleSignonMap{ "key": RuleSignonArgs{...} }
type RuleSignonMapOutput ¶
type RuleSignonMapOutput struct{ *pulumi.OutputState }
func (RuleSignonMapOutput) ElementType ¶
func (RuleSignonMapOutput) ElementType() reflect.Type
func (RuleSignonMapOutput) MapIndex ¶
func (o RuleSignonMapOutput) MapIndex(k pulumi.StringInput) RuleSignonOutput
func (RuleSignonMapOutput) ToRuleSignonMapOutput ¶
func (o RuleSignonMapOutput) ToRuleSignonMapOutput() RuleSignonMapOutput
func (RuleSignonMapOutput) ToRuleSignonMapOutputWithContext ¶
func (o RuleSignonMapOutput) ToRuleSignonMapOutputWithContext(ctx context.Context) RuleSignonMapOutput
type RuleSignonOutput ¶
type RuleSignonOutput struct{ *pulumi.OutputState }
func (RuleSignonOutput) Access ¶ added in v3.9.0
func (o RuleSignonOutput) Access() pulumi.StringPtrOutput
Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`.
func (RuleSignonOutput) Authtype ¶ added in v3.9.0
func (o RuleSignonOutput) Authtype() pulumi.StringPtrOutput
Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`.
func (RuleSignonOutput) Behaviors ¶ added in v3.9.0
func (o RuleSignonOutput) Behaviors() pulumi.StringArrayOutput
List of behavior IDs.
func (RuleSignonOutput) ElementType ¶
func (RuleSignonOutput) ElementType() reflect.Type
func (RuleSignonOutput) FactorSequences ¶ added in v3.9.0
func (o RuleSignonOutput) FactorSequences() RuleSignonFactorSequenceArrayOutput
Auth factor sequences. Should be set if `access = "CHALLENGE"`.
func (RuleSignonOutput) IdentityProvider ¶ added in v3.9.0
func (o RuleSignonOutput) IdentityProvider() pulumi.StringPtrOutput
Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`.
func (RuleSignonOutput) IdentityProviderIds ¶ added in v3.9.0
func (o RuleSignonOutput) IdentityProviderIds() pulumi.StringArrayOutput
When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on.
func (RuleSignonOutput) MfaLifetime ¶ added in v3.9.0
func (o RuleSignonOutput) MfaLifetime() pulumi.IntPtrOutput
Elapsed time before the next MFA challenge.
func (RuleSignonOutput) MfaPrompt ¶ added in v3.9.0
func (o RuleSignonOutput) MfaPrompt() pulumi.StringPtrOutput
Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`.
func (RuleSignonOutput) MfaRememberDevice ¶ added in v3.9.0
func (o RuleSignonOutput) MfaRememberDevice() pulumi.BoolPtrOutput
Remember MFA device. The default `false`.
func (RuleSignonOutput) MfaRequired ¶ added in v3.9.0
func (o RuleSignonOutput) MfaRequired() pulumi.BoolPtrOutput
Require MFA. By default is `false`.
func (RuleSignonOutput) Name ¶ added in v3.9.0
func (o RuleSignonOutput) Name() pulumi.StringOutput
Policy Rule Name.
func (RuleSignonOutput) NetworkConnection ¶ added in v3.9.0
func (o RuleSignonOutput) NetworkConnection() pulumi.StringPtrOutput
Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
func (RuleSignonOutput) NetworkExcludes ¶ added in v3.9.0
func (o RuleSignonOutput) NetworkExcludes() pulumi.StringArrayOutput
The network zones to exclude. Conflicts with `networkIncludes`.
func (RuleSignonOutput) NetworkIncludes ¶ added in v3.9.0
func (o RuleSignonOutput) NetworkIncludes() pulumi.StringArrayOutput
The network zones to include. Conflicts with `networkExcludes`.
func (RuleSignonOutput) PolicyId ¶ added in v3.9.0
func (o RuleSignonOutput) PolicyId() pulumi.StringPtrOutput
Policy ID.
func (RuleSignonOutput) Policyid
deprecated
added in
v3.9.0
func (o RuleSignonOutput) Policyid() pulumi.StringPtrOutput
Policy ID.
Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
func (RuleSignonOutput) PrimaryFactor ¶ added in v3.9.0
func (o RuleSignonOutput) PrimaryFactor() pulumi.StringOutput
Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`.
func (RuleSignonOutput) Priority ¶ added in v3.9.0
func (o RuleSignonOutput) Priority() pulumi.IntPtrOutput
Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
func (RuleSignonOutput) RiscLevel ¶ added in v3.9.0
func (o RuleSignonOutput) RiscLevel() pulumi.StringPtrOutput
Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also set to an empty string in case `RISC_SCORING` org feature flag is disabled.
func (RuleSignonOutput) SessionIdle ¶ added in v3.9.0
func (o RuleSignonOutput) SessionIdle() pulumi.IntPtrOutput
Max minutes a session can be idle.,
func (RuleSignonOutput) SessionLifetime ¶ added in v3.9.0
func (o RuleSignonOutput) SessionLifetime() pulumi.IntPtrOutput
Max minutes a session is active: Disable = 0.
func (RuleSignonOutput) SessionPersistent ¶ added in v3.9.0
func (o RuleSignonOutput) SessionPersistent() pulumi.BoolPtrOutput
Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
func (RuleSignonOutput) Status ¶ added in v3.9.0
func (o RuleSignonOutput) Status() pulumi.StringPtrOutput
Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
func (RuleSignonOutput) ToRuleSignonOutput ¶
func (o RuleSignonOutput) ToRuleSignonOutput() RuleSignonOutput
func (RuleSignonOutput) ToRuleSignonOutputWithContext ¶
func (o RuleSignonOutput) ToRuleSignonOutputWithContext(ctx context.Context) RuleSignonOutput
func (RuleSignonOutput) UsersExcludeds ¶ added in v3.9.0
func (o RuleSignonOutput) UsersExcludeds() pulumi.StringArrayOutput
The list of user IDs that would be excluded when rules are processed.
type RuleSignonState ¶
type RuleSignonState struct { // Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`. Access pulumi.StringPtrInput // Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`. Authtype pulumi.StringPtrInput // List of behavior IDs. Behaviors pulumi.StringArrayInput // Auth factor sequences. Should be set if `access = "CHALLENGE"`. FactorSequences RuleSignonFactorSequenceArrayInput // Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`. IdentityProvider pulumi.StringPtrInput // When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on. IdentityProviderIds pulumi.StringArrayInput // Elapsed time before the next MFA challenge. MfaLifetime pulumi.IntPtrInput // Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`. MfaPrompt pulumi.StringPtrInput // Remember MFA device. The default `false`. MfaRememberDevice pulumi.BoolPtrInput // Require MFA. By default is `false`. MfaRequired pulumi.BoolPtrInput // Policy Rule Name. Name pulumi.StringPtrInput // Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. NetworkConnection pulumi.StringPtrInput // The network zones to exclude. Conflicts with `networkIncludes`. NetworkExcludes pulumi.StringArrayInput // The network zones to include. Conflicts with `networkExcludes`. NetworkIncludes pulumi.StringArrayInput // Policy ID. PolicyId pulumi.StringPtrInput // Policy ID. // // Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead Policyid pulumi.StringPtrInput // Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: // `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`. PrimaryFactor pulumi.StringPtrInput // Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Priority pulumi.IntPtrInput // Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also // set to an empty string in case `RISC_SCORING` org feature flag is disabled. RiscLevel pulumi.StringPtrInput // Max minutes a session can be idle., SessionIdle pulumi.IntPtrInput // Max minutes a session is active: Disable = 0. SessionLifetime pulumi.IntPtrInput // Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies. SessionPersistent pulumi.BoolPtrInput // Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput // The list of user IDs that would be excluded when rules are processed. UsersExcludeds pulumi.StringArrayInput }
func (RuleSignonState) ElementType ¶
func (RuleSignonState) ElementType() reflect.Type
type Signon ¶
type Signon struct { pulumi.CustomResourceState // Policy Description. Description pulumi.StringPtrOutput `pulumi:"description"` // List of Group IDs to Include. GroupsIncludeds pulumi.StringArrayOutput `pulumi:"groupsIncludeds"` // Policy Name. Name pulumi.StringOutput `pulumi:"name"` // Priority of the policy. Priority pulumi.IntPtrOutput `pulumi:"priority"` // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrOutput `pulumi:"status"` }
Creates a Sign On Policy.
This resource allows you to create and configure a Sign On Policy.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := policy.NewSignon(ctx, "example", &policy.SignonArgs{ Description: pulumi.String("Example"), GroupsIncludeds: pulumi.StringArray{ data.Okta_group.Everyone.Id, }, Status: pulumi.String("ACTIVE"), }) if err != nil { return err } return nil }) }
```
## Import
A Sign On Policy can be imported via the Okta ID.
```sh
$ pulumi import okta:policy/signon:Signon example <policy id>
```
func GetSignon ¶
func GetSignon(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SignonState, opts ...pulumi.ResourceOption) (*Signon, error)
GetSignon gets an existing Signon resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSignon ¶
func NewSignon(ctx *pulumi.Context, name string, args *SignonArgs, opts ...pulumi.ResourceOption) (*Signon, error)
NewSignon registers a new resource with the given unique name, arguments, and options.
func (*Signon) ElementType ¶
func (*Signon) ToSignonOutput ¶
func (i *Signon) ToSignonOutput() SignonOutput
func (*Signon) ToSignonOutputWithContext ¶
func (i *Signon) ToSignonOutputWithContext(ctx context.Context) SignonOutput
type SignonArgs ¶
type SignonArgs struct { // Policy Description. Description pulumi.StringPtrInput // List of Group IDs to Include. GroupsIncludeds pulumi.StringArrayInput // Policy Name. Name pulumi.StringPtrInput // Priority of the policy. Priority pulumi.IntPtrInput // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput }
The set of arguments for constructing a Signon resource.
func (SignonArgs) ElementType ¶
func (SignonArgs) ElementType() reflect.Type
type SignonArray ¶
type SignonArray []SignonInput
func (SignonArray) ElementType ¶
func (SignonArray) ElementType() reflect.Type
func (SignonArray) ToSignonArrayOutput ¶
func (i SignonArray) ToSignonArrayOutput() SignonArrayOutput
func (SignonArray) ToSignonArrayOutputWithContext ¶
func (i SignonArray) ToSignonArrayOutputWithContext(ctx context.Context) SignonArrayOutput
type SignonArrayInput ¶
type SignonArrayInput interface { pulumi.Input ToSignonArrayOutput() SignonArrayOutput ToSignonArrayOutputWithContext(context.Context) SignonArrayOutput }
SignonArrayInput is an input type that accepts SignonArray and SignonArrayOutput values. You can construct a concrete instance of `SignonArrayInput` via:
SignonArray{ SignonArgs{...} }
type SignonArrayOutput ¶
type SignonArrayOutput struct{ *pulumi.OutputState }
func (SignonArrayOutput) ElementType ¶
func (SignonArrayOutput) ElementType() reflect.Type
func (SignonArrayOutput) Index ¶
func (o SignonArrayOutput) Index(i pulumi.IntInput) SignonOutput
func (SignonArrayOutput) ToSignonArrayOutput ¶
func (o SignonArrayOutput) ToSignonArrayOutput() SignonArrayOutput
func (SignonArrayOutput) ToSignonArrayOutputWithContext ¶
func (o SignonArrayOutput) ToSignonArrayOutputWithContext(ctx context.Context) SignonArrayOutput
type SignonInput ¶
type SignonInput interface { pulumi.Input ToSignonOutput() SignonOutput ToSignonOutputWithContext(ctx context.Context) SignonOutput }
type SignonMap ¶
type SignonMap map[string]SignonInput
func (SignonMap) ElementType ¶
func (SignonMap) ToSignonMapOutput ¶
func (i SignonMap) ToSignonMapOutput() SignonMapOutput
func (SignonMap) ToSignonMapOutputWithContext ¶
func (i SignonMap) ToSignonMapOutputWithContext(ctx context.Context) SignonMapOutput
type SignonMapInput ¶
type SignonMapInput interface { pulumi.Input ToSignonMapOutput() SignonMapOutput ToSignonMapOutputWithContext(context.Context) SignonMapOutput }
SignonMapInput is an input type that accepts SignonMap and SignonMapOutput values. You can construct a concrete instance of `SignonMapInput` via:
SignonMap{ "key": SignonArgs{...} }
type SignonMapOutput ¶
type SignonMapOutput struct{ *pulumi.OutputState }
func (SignonMapOutput) ElementType ¶
func (SignonMapOutput) ElementType() reflect.Type
func (SignonMapOutput) MapIndex ¶
func (o SignonMapOutput) MapIndex(k pulumi.StringInput) SignonOutput
func (SignonMapOutput) ToSignonMapOutput ¶
func (o SignonMapOutput) ToSignonMapOutput() SignonMapOutput
func (SignonMapOutput) ToSignonMapOutputWithContext ¶
func (o SignonMapOutput) ToSignonMapOutputWithContext(ctx context.Context) SignonMapOutput
type SignonOutput ¶
type SignonOutput struct{ *pulumi.OutputState }
func (SignonOutput) Description ¶ added in v3.9.0
func (o SignonOutput) Description() pulumi.StringPtrOutput
Policy Description.
func (SignonOutput) ElementType ¶
func (SignonOutput) ElementType() reflect.Type
func (SignonOutput) GroupsIncludeds ¶ added in v3.9.0
func (o SignonOutput) GroupsIncludeds() pulumi.StringArrayOutput
List of Group IDs to Include.
func (SignonOutput) Name ¶ added in v3.9.0
func (o SignonOutput) Name() pulumi.StringOutput
Policy Name.
func (SignonOutput) Priority ¶ added in v3.9.0
func (o SignonOutput) Priority() pulumi.IntPtrOutput
Priority of the policy.
func (SignonOutput) Status ¶ added in v3.9.0
func (o SignonOutput) Status() pulumi.StringPtrOutput
Policy Status: `"ACTIVE"` or `"INACTIVE"`.
func (SignonOutput) ToSignonOutput ¶
func (o SignonOutput) ToSignonOutput() SignonOutput
func (SignonOutput) ToSignonOutputWithContext ¶
func (o SignonOutput) ToSignonOutputWithContext(ctx context.Context) SignonOutput
type SignonState ¶
type SignonState struct { // Policy Description. Description pulumi.StringPtrInput // List of Group IDs to Include. GroupsIncludeds pulumi.StringArrayInput // Policy Name. Name pulumi.StringPtrInput // Priority of the policy. Priority pulumi.IntPtrInput // Policy Status: `"ACTIVE"` or `"INACTIVE"`. Status pulumi.StringPtrInput }
func (SignonState) ElementType ¶
func (SignonState) ElementType() reflect.Type