policy

package
v3.23.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2023 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type GetDefaultPolicyArgs 

type GetDefaultPolicyArgs struct {
	// Type of policy to retrieve.  Valid values: `OKTA_SIGN_ON`, `PASSWORD`, `MFA_ENROLL`, `IDP_DISCOVERY`
	// `"IDP_DISCOVERY"`, `"ACCESS_POLICY"` (**only available as a part of the Identity Engine**), `"PROFILE_ENROLLMENT"` (**only available as a part of the Identity Engine**)
	Type string `pulumi:"type"`
}

A collection of arguments for invoking getDefaultPolicy.

type GetDefaultPolicyOutputArgs added in v3.2.0 

type GetDefaultPolicyOutputArgs struct {
	// Type of policy to retrieve.  Valid values: `OKTA_SIGN_ON`, `PASSWORD`, `MFA_ENROLL`, `IDP_DISCOVERY`
	// `"IDP_DISCOVERY"`, `"ACCESS_POLICY"` (**only available as a part of the Identity Engine**), `"PROFILE_ENROLLMENT"` (**only available as a part of the Identity Engine**)
	Type pulumi.StringInput `pulumi:"type"`
}

A collection of arguments for invoking getDefaultPolicy.

func (GetDefaultPolicyOutputArgs) ElementType added in v3.2.0 

func (GetDefaultPolicyOutputArgs) ElementType() reflect.Type

type GetDefaultPolicyResult 

type GetDefaultPolicyResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// type of policy.
	Type string `pulumi:"type"`
}

A collection of values returned by getDefaultPolicy.

func GetDefaultPolicy 

func GetDefaultPolicy(ctx *pulumi.Context, args *GetDefaultPolicyArgs, opts ...pulumi.InvokeOption) (*GetDefaultPolicyResult, error)

Use this data source to retrieve a default policy from Okta. This same thing can be achieved using the `policy.getPolicy` with default names, this is simply a shortcut.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{
			Type: "PASSWORD",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetDefaultPolicyResultOutput added in v3.2.0 

type GetDefaultPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getDefaultPolicy.

func GetDefaultPolicyOutput added in v3.2.0 

func GetDefaultPolicyOutput(ctx *pulumi.Context, args GetDefaultPolicyOutputArgs, opts ...pulumi.InvokeOption) GetDefaultPolicyResultOutput

func (GetDefaultPolicyResultOutput) ElementType added in v3.2.0 

func (GetDefaultPolicyResultOutput) ElementType() reflect.Type

func (GetDefaultPolicyResultOutput) Id added in v3.2.0 

func (o GetDefaultPolicyResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutput added in v3.2.0 

func (o GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutput() GetDefaultPolicyResultOutput

func (GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutputWithContext added in v3.2.0 

func (o GetDefaultPolicyResultOutput) ToGetDefaultPolicyResultOutputWithContext(ctx context.Context) GetDefaultPolicyResultOutput

func (GetDefaultPolicyResultOutput) Type added in v3.2.0 

func (o GetDefaultPolicyResultOutput) Type() pulumi.StringOutput

type of policy.

type GetPolicyArgs 

type GetPolicyArgs struct {
	// Name of policy to retrieve.
	Name string `pulumi:"name"`
	// Type of policy to retrieve. See https://developer.okta.com/docs/reference/api/policy/#policy-object for valid values. Currently:
	// - All:
	Type string `pulumi:"type"`
}

A collection of arguments for invoking getPolicy.

type GetPolicyOutputArgs added in v3.2.0 

type GetPolicyOutputArgs struct {
	// Name of policy to retrieve.
	Name pulumi.StringInput `pulumi:"name"`
	// Type of policy to retrieve. See https://developer.okta.com/docs/reference/api/policy/#policy-object for valid values. Currently:
	// - All:
	Type pulumi.StringInput `pulumi:"type"`
}

A collection of arguments for invoking getPolicy.

func (GetPolicyOutputArgs) ElementType added in v3.2.0 

func (GetPolicyOutputArgs) ElementType() reflect.Type

type GetPolicyResult 

type GetPolicyResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// name of policy.
	Name   string `pulumi:"name"`
	Status string `pulumi:"status"`
	// type of policy.
	Type string `pulumi:"type"`
}

A collection of values returned by getPolicy.

func GetPolicy 

func GetPolicy(ctx *pulumi.Context, args *GetPolicyArgs, opts ...pulumi.InvokeOption) (*GetPolicyResult, error)

Use this data source to retrieve a policy from Okta.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.GetPolicy(ctx, &policy.GetPolicyArgs{
			Name: "Password Policy Example",
			Type: "PASSWORD",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetPolicyResultOutput added in v3.2.0 

type GetPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPolicy.

func GetPolicyOutput added in v3.2.0 

func GetPolicyOutput(ctx *pulumi.Context, args GetPolicyOutputArgs, opts ...pulumi.InvokeOption) GetPolicyResultOutput

func (GetPolicyResultOutput) ElementType added in v3.2.0 

func (GetPolicyResultOutput) ElementType() reflect.Type

func (GetPolicyResultOutput) Id added in v3.2.0 

func (o GetPolicyResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetPolicyResultOutput) Name added in v3.2.0 

func (o GetPolicyResultOutput) Name() pulumi.StringOutput

name of policy.

func (GetPolicyResultOutput) Status added in v3.3.0 

func (o GetPolicyResultOutput) Status() pulumi.StringOutput

func (GetPolicyResultOutput) ToGetPolicyResultOutput added in v3.2.0 

func (o GetPolicyResultOutput) ToGetPolicyResultOutput() GetPolicyResultOutput

func (GetPolicyResultOutput) ToGetPolicyResultOutputWithContext added in v3.2.0 

func (o GetPolicyResultOutput) ToGetPolicyResultOutputWithContext(ctx context.Context) GetPolicyResultOutput

func (GetPolicyResultOutput) Type added in v3.2.0 

func (o GetPolicyResultOutput) Type() pulumi.StringOutput

type of policy.

type Mfa 

type Mfa struct {
	pulumi.CustomResourceState

	// Policy Description.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// DUO MFA policy settings (✓ Classic, ✓ OIE).
	Duo pulumi.StringMapOutput `pulumi:"duo"`
	// External IDP MFA policy settings (✓ OIE).
	ExternalIdp pulumi.StringMapOutput `pulumi:"externalIdp"`
	// Fido U2F MFA policy settings (✓ Classic).
	FidoU2f pulumi.StringMapOutput `pulumi:"fidoU2f"`
	// Fido Web Authn MFA policy settings (✓ Classic).
	FidoWebauthn pulumi.StringMapOutput `pulumi:"fidoWebauthn"`
	// Google OTP MFA policy settings (✓ Classic, ✓ OIE).
	GoogleOtp pulumi.StringMapOutput `pulumi:"googleOtp"`
	// List of Group IDs to Include.
	GroupsIncludeds pulumi.StringArrayOutput `pulumi:"groupsIncludeds"`
	// HMAC-based One-Time Password MFA policy settings (✓ Classic).
	Hotp pulumi.StringMapOutput `pulumi:"hotp"`
	// Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`)
	// > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.
	IsOie pulumi.BoolPtrOutput `pulumi:"isOie"`
	// Policy Name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Okta Call MFA policy settings (✓ Classic).
	OktaCall pulumi.StringMapOutput `pulumi:"oktaCall"`
	// Okta Email MFA policy settings (✓ Classic, ✓ OIE).
	OktaEmail pulumi.StringMapOutput `pulumi:"oktaEmail"`
	// Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).
	OktaOtp pulumi.StringMapOutput `pulumi:"oktaOtp"`
	// Okta Password MFA policy settings (✓ Classic, ✓ OIE).
	OktaPassword pulumi.StringMapOutput `pulumi:"oktaPassword"`
	// Okta Push MFA policy settings (✓ Classic).
	OktaPush pulumi.StringMapOutput `pulumi:"oktaPush"`
	// Okta Question MFA policy settings (✓ Classic).
	OktaQuestion pulumi.StringMapOutput `pulumi:"oktaQuestion"`
	// Okta SMS MFA policy settings (✓ Classic).
	OktaSms pulumi.StringMapOutput `pulumi:"oktaSms"`
	// Okta Verify MFA policy settings (✓ OIE).
	OktaVerify pulumi.StringMapOutput `pulumi:"oktaVerify"`
	// On-Prem MFA MFA policy settings (✓ OIE).
	OnpremMfa pulumi.StringMapOutput `pulumi:"onpremMfa"`
	// Phone Number MFA policy settings (✓ OIE).
	PhoneNumber pulumi.StringMapOutput `pulumi:"phoneNumber"`
	// Priority of the policy.
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// RSA Token MFA policy settings (✓ Classic, ✓ OIE).
	RsaToken pulumi.StringMapOutput `pulumi:"rsaToken"`
	// Security Question MFA policy settings (✓ OIE).
	SecurityQuestion pulumi.StringMapOutput `pulumi:"securityQuestion"`
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// Symantec VIP MFA policy settings (✓ Classic).
	SymantecVip pulumi.StringMapOutput `pulumi:"symantecVip"`
	// FIDO2 (WebAuthn) MFA policy settings (✓ OIE).
	Webauthn pulumi.StringMapOutput `pulumi:"webauthn"`
	// Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).
	YubikeyToken pulumi.StringMapOutput `pulumi:"yubikeyToken"`
}

Creates an MFA Policy.

This resource allows you to create and configure an MFA Policy.

> Requires Org Feature Flag `OKTA_MFA_POLICY`. Contact support to have this feature flag ***enabled***.

> Unless Org Feature Flag `ENG_ENABLE_OPTIONAL_PASSWORD_ENROLLMENT` is ***disabled*** `oktaPassword` or `oktaEmail` must be present and its `enroll` value set to `REQUIRED`. Contact support to have this feature flag ***disabled***.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.NewMfa(ctx, "classicExample", &policy.MfaArgs{
			Description: pulumi.String("Example MFA policy using Okta Classic engine with factors."),
			GroupsIncludeds: pulumi.StringArray{
				data.Okta_group.Everyone.Id,
			},
			IsOie: pulumi.Bool(false),
			OktaOtp: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			OktaPassword: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			Status: pulumi.String("ACTIVE"),
		})
		if err != nil {
			return err
		}
		_, err = policy.NewMfa(ctx, "oieExample", &policy.MfaArgs{
			Description: pulumi.String("Example MFA policy that uses Okta Identity Engine (OIE) with authenticators"),
			GroupsIncludeds: pulumi.StringArray{
				data.Okta_group.Everyone.Id,
			},
			IsOie: pulumi.Bool(true),
			OktaPassword: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			OktaVerify: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			Status: pulumi.String("ACTIVE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

An MFA Policy can be imported via the Okta ID.

```sh 

$ pulumi import okta:policy/mfa:Mfa example <policy id>

```

func GetMfa 

func GetMfa(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MfaState, opts ...pulumi.ResourceOption) (*Mfa, error)

GetMfa gets an existing Mfa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMfa 

func NewMfa(ctx *pulumi.Context,
	name string, args *MfaArgs, opts ...pulumi.ResourceOption) (*Mfa, error)

NewMfa registers a new resource with the given unique name, arguments, and options.

func (*Mfa) ElementType 

func (*Mfa) ElementType() reflect.Type

func (*Mfa) ToMfaOutput 

func (i *Mfa) ToMfaOutput() MfaOutput

func (*Mfa) ToMfaOutputWithContext 

func (i *Mfa) ToMfaOutputWithContext(ctx context.Context) MfaOutput

type MfaArgs 

type MfaArgs struct {
	// Policy Description.
	Description pulumi.StringPtrInput
	// DUO MFA policy settings (✓ Classic, ✓ OIE).
	Duo pulumi.StringMapInput
	// External IDP MFA policy settings (✓ OIE).
	ExternalIdp pulumi.StringMapInput
	// Fido U2F MFA policy settings (✓ Classic).
	FidoU2f pulumi.StringMapInput
	// Fido Web Authn MFA policy settings (✓ Classic).
	FidoWebauthn pulumi.StringMapInput
	// Google OTP MFA policy settings (✓ Classic, ✓ OIE).
	GoogleOtp pulumi.StringMapInput
	// List of Group IDs to Include.
	GroupsIncludeds pulumi.StringArrayInput
	// HMAC-based One-Time Password MFA policy settings (✓ Classic).
	Hotp pulumi.StringMapInput
	// Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`)
	// > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.
	IsOie pulumi.BoolPtrInput
	// Policy Name.
	Name pulumi.StringPtrInput
	// Okta Call MFA policy settings (✓ Classic).
	OktaCall pulumi.StringMapInput
	// Okta Email MFA policy settings (✓ Classic, ✓ OIE).
	OktaEmail pulumi.StringMapInput
	// Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).
	OktaOtp pulumi.StringMapInput
	// Okta Password MFA policy settings (✓ Classic, ✓ OIE).
	OktaPassword pulumi.StringMapInput
	// Okta Push MFA policy settings (✓ Classic).
	OktaPush pulumi.StringMapInput
	// Okta Question MFA policy settings (✓ Classic).
	OktaQuestion pulumi.StringMapInput
	// Okta SMS MFA policy settings (✓ Classic).
	OktaSms pulumi.StringMapInput
	// Okta Verify MFA policy settings (✓ OIE).
	OktaVerify pulumi.StringMapInput
	// On-Prem MFA MFA policy settings (✓ OIE).
	OnpremMfa pulumi.StringMapInput
	// Phone Number MFA policy settings (✓ OIE).
	PhoneNumber pulumi.StringMapInput
	// Priority of the policy.
	Priority pulumi.IntPtrInput
	// RSA Token MFA policy settings (✓ Classic, ✓ OIE).
	RsaToken pulumi.StringMapInput
	// Security Question MFA policy settings (✓ OIE).
	SecurityQuestion pulumi.StringMapInput
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
	// Symantec VIP MFA policy settings (✓ Classic).
	SymantecVip pulumi.StringMapInput
	// FIDO2 (WebAuthn) MFA policy settings (✓ OIE).
	Webauthn pulumi.StringMapInput
	// Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).
	YubikeyToken pulumi.StringMapInput
}

The set of arguments for constructing a Mfa resource.

func (MfaArgs) ElementType 

func (MfaArgs) ElementType() reflect.Type

type MfaArray 

type MfaArray []MfaInput

func (MfaArray) ElementType 

func (MfaArray) ElementType() reflect.Type

func (MfaArray) ToMfaArrayOutput 

func (i MfaArray) ToMfaArrayOutput() MfaArrayOutput

func (MfaArray) ToMfaArrayOutputWithContext 

func (i MfaArray) ToMfaArrayOutputWithContext(ctx context.Context) MfaArrayOutput

type MfaArrayInput 

type MfaArrayInput interface {
	pulumi.Input

	ToMfaArrayOutput() MfaArrayOutput
	ToMfaArrayOutputWithContext(context.Context) MfaArrayOutput
}

MfaArrayInput is an input type that accepts MfaArray and MfaArrayOutput values. You can construct a concrete instance of `MfaArrayInput` via: 

MfaArray{ MfaArgs{...} }

type MfaArrayOutput 

type MfaArrayOutput struct{ *pulumi.OutputState }

func (MfaArrayOutput) ElementType 

func (MfaArrayOutput) ElementType() reflect.Type

func (MfaArrayOutput) Index 

func (o MfaArrayOutput) Index(i pulumi.IntInput) MfaOutput

func (MfaArrayOutput) ToMfaArrayOutput 

func (o MfaArrayOutput) ToMfaArrayOutput() MfaArrayOutput

func (MfaArrayOutput) ToMfaArrayOutputWithContext 

func (o MfaArrayOutput) ToMfaArrayOutputWithContext(ctx context.Context) MfaArrayOutput

type MfaInput 

type MfaInput interface {
	pulumi.Input

	ToMfaOutput() MfaOutput
	ToMfaOutputWithContext(ctx context.Context) MfaOutput
}

type MfaMap 

type MfaMap map[string]MfaInput

func (MfaMap) ElementType 

func (MfaMap) ElementType() reflect.Type

func (MfaMap) ToMfaMapOutput 

func (i MfaMap) ToMfaMapOutput() MfaMapOutput

func (MfaMap) ToMfaMapOutputWithContext 

func (i MfaMap) ToMfaMapOutputWithContext(ctx context.Context) MfaMapOutput

type MfaMapInput 

type MfaMapInput interface {
	pulumi.Input

	ToMfaMapOutput() MfaMapOutput
	ToMfaMapOutputWithContext(context.Context) MfaMapOutput
}

MfaMapInput is an input type that accepts MfaMap and MfaMapOutput values. You can construct a concrete instance of `MfaMapInput` via: 

MfaMap{ "key": MfaArgs{...} }

type MfaMapOutput 

type MfaMapOutput struct{ *pulumi.OutputState }

func (MfaMapOutput) ElementType 

func (MfaMapOutput) ElementType() reflect.Type

func (MfaMapOutput) MapIndex 

func (o MfaMapOutput) MapIndex(k pulumi.StringInput) MfaOutput

func (MfaMapOutput) ToMfaMapOutput 

func (o MfaMapOutput) ToMfaMapOutput() MfaMapOutput

func (MfaMapOutput) ToMfaMapOutputWithContext 

func (o MfaMapOutput) ToMfaMapOutputWithContext(ctx context.Context) MfaMapOutput

type MfaOutput 

type MfaOutput struct{ *pulumi.OutputState }

func (MfaOutput) Description added in v3.9.0 

func (o MfaOutput) Description() pulumi.StringPtrOutput

Policy Description.

func (MfaOutput) Duo added in v3.9.0 

func (o MfaOutput) Duo() pulumi.StringMapOutput

DUO MFA policy settings (✓ Classic, ✓ OIE).

func (MfaOutput) ElementType 

func (MfaOutput) ElementType() reflect.Type

func (MfaOutput) ExternalIdp added in v3.9.0 

func (o MfaOutput) ExternalIdp() pulumi.StringMapOutput

External IDP MFA policy settings (✓ OIE).

func (MfaOutput) FidoU2f added in v3.9.0 

func (o MfaOutput) FidoU2f() pulumi.StringMapOutput

Fido U2F MFA policy settings (✓ Classic).

func (MfaOutput) FidoWebauthn added in v3.9.0 

func (o MfaOutput) FidoWebauthn() pulumi.StringMapOutput

Fido Web Authn MFA policy settings (✓ Classic).

func (MfaOutput) GoogleOtp added in v3.9.0 

func (o MfaOutput) GoogleOtp() pulumi.StringMapOutput

Google OTP MFA policy settings (✓ Classic, ✓ OIE).

func (MfaOutput) GroupsIncludeds added in v3.9.0 

func (o MfaOutput) GroupsIncludeds() pulumi.StringArrayOutput

List of Group IDs to Include.

func (MfaOutput) Hotp added in v3.9.0 

func (o MfaOutput) Hotp() pulumi.StringMapOutput

HMAC-based One-Time Password MFA policy settings (✓ Classic).

func (MfaOutput) IsOie added in v3.9.0 

func (o MfaOutput) IsOie() pulumi.BoolPtrOutput

Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`) > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.

func (MfaOutput) Name added in v3.9.0 

func (o MfaOutput) Name() pulumi.StringOutput

Policy Name.

func (MfaOutput) OktaCall added in v3.9.0 

func (o MfaOutput) OktaCall() pulumi.StringMapOutput

Okta Call MFA policy settings (✓ Classic).

func (MfaOutput) OktaEmail added in v3.9.0 

func (o MfaOutput) OktaEmail() pulumi.StringMapOutput

Okta Email MFA policy settings (✓ Classic, ✓ OIE).

func (MfaOutput) OktaOtp added in v3.9.0 

func (o MfaOutput) OktaOtp() pulumi.StringMapOutput

Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).

func (MfaOutput) OktaPassword added in v3.9.0 

func (o MfaOutput) OktaPassword() pulumi.StringMapOutput

Okta Password MFA policy settings (✓ Classic, ✓ OIE).

func (MfaOutput) OktaPush added in v3.9.0 

func (o MfaOutput) OktaPush() pulumi.StringMapOutput

Okta Push MFA policy settings (✓ Classic).

func (MfaOutput) OktaQuestion added in v3.9.0 

func (o MfaOutput) OktaQuestion() pulumi.StringMapOutput

Okta Question MFA policy settings (✓ Classic).

func (MfaOutput) OktaSms added in v3.9.0 

func (o MfaOutput) OktaSms() pulumi.StringMapOutput

Okta SMS MFA policy settings (✓ Classic).

func (MfaOutput) OktaVerify added in v3.9.0 

func (o MfaOutput) OktaVerify() pulumi.StringMapOutput

Okta Verify MFA policy settings (✓ OIE).

func (MfaOutput) OnpremMfa added in v3.9.0 

func (o MfaOutput) OnpremMfa() pulumi.StringMapOutput

On-Prem MFA MFA policy settings (✓ OIE).

func (MfaOutput) PhoneNumber added in v3.9.0 

func (o MfaOutput) PhoneNumber() pulumi.StringMapOutput

Phone Number MFA policy settings (✓ OIE).

func (MfaOutput) Priority added in v3.9.0 

func (o MfaOutput) Priority() pulumi.IntPtrOutput

Priority of the policy.

func (MfaOutput) RsaToken added in v3.9.0 

func (o MfaOutput) RsaToken() pulumi.StringMapOutput

RSA Token MFA policy settings (✓ Classic, ✓ OIE).

func (MfaOutput) SecurityQuestion added in v3.9.0 

func (o MfaOutput) SecurityQuestion() pulumi.StringMapOutput

Security Question MFA policy settings (✓ OIE).

func (MfaOutput) Status added in v3.9.0 

func (o MfaOutput) Status() pulumi.StringPtrOutput

Policy Status: `"ACTIVE"` or `"INACTIVE"`.

func (MfaOutput) SymantecVip added in v3.9.0 

func (o MfaOutput) SymantecVip() pulumi.StringMapOutput

Symantec VIP MFA policy settings (✓ Classic).

func (MfaOutput) ToMfaOutput 

func (o MfaOutput) ToMfaOutput() MfaOutput

func (MfaOutput) ToMfaOutputWithContext 

func (o MfaOutput) ToMfaOutputWithContext(ctx context.Context) MfaOutput

func (MfaOutput) Webauthn added in v3.9.0 

func (o MfaOutput) Webauthn() pulumi.StringMapOutput

FIDO2 (WebAuthn) MFA policy settings (✓ OIE).

func (MfaOutput) YubikeyToken added in v3.9.0 

func (o MfaOutput) YubikeyToken() pulumi.StringMapOutput

Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).

type MfaState 

type MfaState struct {
	// Policy Description.
	Description pulumi.StringPtrInput
	// DUO MFA policy settings (✓ Classic, ✓ OIE).
	Duo pulumi.StringMapInput
	// External IDP MFA policy settings (✓ OIE).
	ExternalIdp pulumi.StringMapInput
	// Fido U2F MFA policy settings (✓ Classic).
	FidoU2f pulumi.StringMapInput
	// Fido Web Authn MFA policy settings (✓ Classic).
	FidoWebauthn pulumi.StringMapInput
	// Google OTP MFA policy settings (✓ Classic, ✓ OIE).
	GoogleOtp pulumi.StringMapInput
	// List of Group IDs to Include.
	GroupsIncludeds pulumi.StringArrayInput
	// HMAC-based One-Time Password MFA policy settings (✓ Classic).
	Hotp pulumi.StringMapInput
	// Boolean that specifies whether to use the newer Okta Identity Engine (OIE) with policy authenticators instead of the classic engine with Factors. This value determines which of the following policy factor settings can be configured. (Default = `false`)
	// > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.
	IsOie pulumi.BoolPtrInput
	// Policy Name.
	Name pulumi.StringPtrInput
	// Okta Call MFA policy settings (✓ Classic).
	OktaCall pulumi.StringMapInput
	// Okta Email MFA policy settings (✓ Classic, ✓ OIE).
	OktaEmail pulumi.StringMapInput
	// Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).
	OktaOtp pulumi.StringMapInput
	// Okta Password MFA policy settings (✓ Classic, ✓ OIE).
	OktaPassword pulumi.StringMapInput
	// Okta Push MFA policy settings (✓ Classic).
	OktaPush pulumi.StringMapInput
	// Okta Question MFA policy settings (✓ Classic).
	OktaQuestion pulumi.StringMapInput
	// Okta SMS MFA policy settings (✓ Classic).
	OktaSms pulumi.StringMapInput
	// Okta Verify MFA policy settings (✓ OIE).
	OktaVerify pulumi.StringMapInput
	// On-Prem MFA MFA policy settings (✓ OIE).
	OnpremMfa pulumi.StringMapInput
	// Phone Number MFA policy settings (✓ OIE).
	PhoneNumber pulumi.StringMapInput
	// Priority of the policy.
	Priority pulumi.IntPtrInput
	// RSA Token MFA policy settings (✓ Classic, ✓ OIE).
	RsaToken pulumi.StringMapInput
	// Security Question MFA policy settings (✓ OIE).
	SecurityQuestion pulumi.StringMapInput
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
	// Symantec VIP MFA policy settings (✓ Classic).
	SymantecVip pulumi.StringMapInput
	// FIDO2 (WebAuthn) MFA policy settings (✓ OIE).
	Webauthn pulumi.StringMapInput
	// Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).
	YubikeyToken pulumi.StringMapInput
}

func (MfaState) ElementType 

func (MfaState) ElementType() reflect.Type

type Password 

type Password struct {
	pulumi.CustomResourceState

	// Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"`
	AuthProvider pulumi.StringPtrOutput `pulumi:"authProvider"`
	// Enable or disable voice call password recovery: ACTIVE or INACTIVE.  Type `"string"`
	CallRecovery pulumi.StringPtrOutput `pulumi:"callRecovery"`
	// Policy Description. Type `"string"`
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"`
	EmailRecovery pulumi.StringPtrOutput `pulumi:"emailRecovery"`
	// List of Group IDs to Include. Type `"list(string)"`
	GroupsIncludeds pulumi.StringArrayOutput `pulumi:"groupsIncludeds"`
	// Policy Name. Type `"string"`
	Name pulumi.StringOutput `pulumi:"name"`
	// Number of minutes before a locked account is unlocked: 0 = no limit.  Type `"number"`
	PasswordAutoUnlockMinutes pulumi.IntPtrOutput `pulumi:"passwordAutoUnlockMinutes"`
	// Check Passwords Against Common Password Dictionary. Type `"bool"`
	PasswordDictionaryLookup pulumi.BoolPtrOutput `pulumi:"passwordDictionaryLookup"`
	// User firstName attribute must be excluded from the password. Type `"bool"`
	PasswordExcludeFirstName pulumi.BoolPtrOutput `pulumi:"passwordExcludeFirstName"`
	// User lastName attribute must be excluded from the password. Type `"bool"`
	PasswordExcludeLastName pulumi.BoolPtrOutput `pulumi:"passwordExcludeLastName"`
	// If the username must be excluded from the password. Type `"bool"`
	PasswordExcludeUsername pulumi.BoolPtrOutput `pulumi:"passwordExcludeUsername"`
	// Length in days a user will be warned before password expiry: 0 = no warning.  Type `"number"`
	PasswordExpireWarnDays pulumi.IntPtrOutput `pulumi:"passwordExpireWarnDays"`
	// Number of distinct passwords that must be created before they can be reused: 0 = none.  Type `"number"`
	PasswordHistoryCount pulumi.IntPtrOutput `pulumi:"passwordHistoryCount"`
	// Notification channels to use to notify a user when their account has been locked. Type `"set(string)"`
	PasswordLockoutNotificationChannels pulumi.StringArrayOutput `pulumi:"passwordLockoutNotificationChannels"`
	// Length in days a password is valid before expiry: 0 = no limit.  Type `"number"`
	PasswordMaxAgeDays pulumi.IntPtrOutput `pulumi:"passwordMaxAgeDays"`
	// Number of unsuccessful login attempts allowed before lockout: 0 = no limit.  Type `"number"`
	PasswordMaxLockoutAttempts pulumi.IntPtrOutput `pulumi:"passwordMaxLockoutAttempts"`
	// Minimum time interval in minutes between password changes: 0 = no limit.  Type `"number"`
	PasswordMinAgeMinutes pulumi.IntPtrOutput `pulumi:"passwordMinAgeMinutes"`
	// Minimum password length. Default is 8. Type `"number"`
	PasswordMinLength pulumi.IntPtrOutput `pulumi:"passwordMinLength"`
	// Minimum number of lower case characters in a password. Type `"number"`
	PasswordMinLowercase pulumi.IntPtrOutput `pulumi:"passwordMinLowercase"`
	// Minimum number of numbers in a password. Type `"number"`
	PasswordMinNumber pulumi.IntPtrOutput `pulumi:"passwordMinNumber"`
	// Minimum number of symbols in a password. Type `"number"`
	PasswordMinSymbol pulumi.IntPtrOutput `pulumi:"passwordMinSymbol"`
	// Minimum number of upper case characters in a password. Type `"number"`
	PasswordMinUppercase pulumi.IntPtrOutput `pulumi:"passwordMinUppercase"`
	// If a user should be informed when their account is locked.  Type `"bool"`
	PasswordShowLockoutFailures pulumi.BoolPtrOutput `pulumi:"passwordShowLockoutFailures"`
	// Priority of the policy. Type `"number"`
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// Min length of the password recovery question answer.  Type `"number"`
	QuestionMinLength pulumi.IntPtrOutput `pulumi:"questionMinLength"`
	// Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"`
	QuestionRecovery pulumi.StringPtrOutput `pulumi:"questionRecovery"`
	// Lifetime in minutes of the recovery email token.  Type `"number"`
	RecoveryEmailToken pulumi.IntPtrOutput `pulumi:"recoveryEmailToken"`
	// When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"`
	SkipUnlock pulumi.BoolPtrOutput `pulumi:"skipUnlock"`
	// Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"`
	SmsRecovery pulumi.StringPtrOutput `pulumi:"smsRecovery"`
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
	Status pulumi.StringPtrOutput `pulumi:"status"`
}

Creates a Password Policy.

This resource allows you to create and configure a Password Policy.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.NewPassword(ctx, "example", &policy.PasswordArgs{
			Description: pulumi.String("Example"),
			GroupsIncludeds: pulumi.StringArray{
				data.Okta_group.Everyone.Id,
			},
			PasswordHistoryCount: pulumi.Int(4),
			Status:               pulumi.String("ACTIVE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

A Password Policy can be imported via the Okta ID.

```sh 

$ pulumi import okta:policy/password:Password example <policy id>

```

func GetPassword 

func GetPassword(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PasswordState, opts ...pulumi.ResourceOption) (*Password, error)

GetPassword gets an existing Password resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPassword 

func NewPassword(ctx *pulumi.Context,
	name string, args *PasswordArgs, opts ...pulumi.ResourceOption) (*Password, error)

NewPassword registers a new resource with the given unique name, arguments, and options.

func (*Password) ElementType 

func (*Password) ElementType() reflect.Type

func (*Password) ToPasswordOutput 

func (i *Password) ToPasswordOutput() PasswordOutput

func (*Password) ToPasswordOutputWithContext 

func (i *Password) ToPasswordOutputWithContext(ctx context.Context) PasswordOutput

type PasswordArgs 

type PasswordArgs struct {
	// Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"`
	AuthProvider pulumi.StringPtrInput
	// Enable or disable voice call password recovery: ACTIVE or INACTIVE.  Type `"string"`
	CallRecovery pulumi.StringPtrInput
	// Policy Description. Type `"string"`
	Description pulumi.StringPtrInput
	// Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"`
	EmailRecovery pulumi.StringPtrInput
	// List of Group IDs to Include. Type `"list(string)"`
	GroupsIncludeds pulumi.StringArrayInput
	// Policy Name. Type `"string"`
	Name pulumi.StringPtrInput
	// Number of minutes before a locked account is unlocked: 0 = no limit.  Type `"number"`
	PasswordAutoUnlockMinutes pulumi.IntPtrInput
	// Check Passwords Against Common Password Dictionary. Type `"bool"`
	PasswordDictionaryLookup pulumi.BoolPtrInput
	// User firstName attribute must be excluded from the password. Type `"bool"`
	PasswordExcludeFirstName pulumi.BoolPtrInput
	// User lastName attribute must be excluded from the password. Type `"bool"`
	PasswordExcludeLastName pulumi.BoolPtrInput
	// If the username must be excluded from the password. Type `"bool"`
	PasswordExcludeUsername pulumi.BoolPtrInput
	// Length in days a user will be warned before password expiry: 0 = no warning.  Type `"number"`
	PasswordExpireWarnDays pulumi.IntPtrInput
	// Number of distinct passwords that must be created before they can be reused: 0 = none.  Type `"number"`
	PasswordHistoryCount pulumi.IntPtrInput
	// Notification channels to use to notify a user when their account has been locked. Type `"set(string)"`
	PasswordLockoutNotificationChannels pulumi.StringArrayInput
	// Length in days a password is valid before expiry: 0 = no limit.  Type `"number"`
	PasswordMaxAgeDays pulumi.IntPtrInput
	// Number of unsuccessful login attempts allowed before lockout: 0 = no limit.  Type `"number"`
	PasswordMaxLockoutAttempts pulumi.IntPtrInput
	// Minimum time interval in minutes between password changes: 0 = no limit.  Type `"number"`
	PasswordMinAgeMinutes pulumi.IntPtrInput
	// Minimum password length. Default is 8. Type `"number"`
	PasswordMinLength pulumi.IntPtrInput
	// Minimum number of lower case characters in a password. Type `"number"`
	PasswordMinLowercase pulumi.IntPtrInput
	// Minimum number of numbers in a password. Type `"number"`
	PasswordMinNumber pulumi.IntPtrInput
	// Minimum number of symbols in a password. Type `"number"`
	PasswordMinSymbol pulumi.IntPtrInput
	// Minimum number of upper case characters in a password. Type `"number"`
	PasswordMinUppercase pulumi.IntPtrInput
	// If a user should be informed when their account is locked.  Type `"bool"`
	PasswordShowLockoutFailures pulumi.BoolPtrInput
	// Priority of the policy. Type `"number"`
	Priority pulumi.IntPtrInput
	// Min length of the password recovery question answer.  Type `"number"`
	QuestionMinLength pulumi.IntPtrInput
	// Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"`
	QuestionRecovery pulumi.StringPtrInput
	// Lifetime in minutes of the recovery email token.  Type `"number"`
	RecoveryEmailToken pulumi.IntPtrInput
	// When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"`
	SkipUnlock pulumi.BoolPtrInput
	// Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"`
	SmsRecovery pulumi.StringPtrInput
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
	Status pulumi.StringPtrInput
}

The set of arguments for constructing a Password resource.

func (PasswordArgs) ElementType 

func (PasswordArgs) ElementType() reflect.Type

type PasswordArray 

type PasswordArray []PasswordInput

func (PasswordArray) ElementType 

func (PasswordArray) ElementType() reflect.Type

func (PasswordArray) ToPasswordArrayOutput 

func (i PasswordArray) ToPasswordArrayOutput() PasswordArrayOutput

func (PasswordArray) ToPasswordArrayOutputWithContext 

func (i PasswordArray) ToPasswordArrayOutputWithContext(ctx context.Context) PasswordArrayOutput

type PasswordArrayInput 

type PasswordArrayInput interface {
	pulumi.Input

	ToPasswordArrayOutput() PasswordArrayOutput
	ToPasswordArrayOutputWithContext(context.Context) PasswordArrayOutput
}

PasswordArrayInput is an input type that accepts PasswordArray and PasswordArrayOutput values. You can construct a concrete instance of `PasswordArrayInput` via: 

PasswordArray{ PasswordArgs{...} }

type PasswordArrayOutput 

type PasswordArrayOutput struct{ *pulumi.OutputState }

func (PasswordArrayOutput) ElementType 

func (PasswordArrayOutput) ElementType() reflect.Type

func (PasswordArrayOutput) Index 

func (o PasswordArrayOutput) Index(i pulumi.IntInput) PasswordOutput

func (PasswordArrayOutput) ToPasswordArrayOutput 

func (o PasswordArrayOutput) ToPasswordArrayOutput() PasswordArrayOutput

func (PasswordArrayOutput) ToPasswordArrayOutputWithContext 

func (o PasswordArrayOutput) ToPasswordArrayOutputWithContext(ctx context.Context) PasswordArrayOutput

type PasswordInput 

type PasswordInput interface {
	pulumi.Input

	ToPasswordOutput() PasswordOutput
	ToPasswordOutputWithContext(ctx context.Context) PasswordOutput
}

type PasswordMap 

type PasswordMap map[string]PasswordInput

func (PasswordMap) ElementType 

func (PasswordMap) ElementType() reflect.Type

func (PasswordMap) ToPasswordMapOutput 

func (i PasswordMap) ToPasswordMapOutput() PasswordMapOutput

func (PasswordMap) ToPasswordMapOutputWithContext 

func (i PasswordMap) ToPasswordMapOutputWithContext(ctx context.Context) PasswordMapOutput

type PasswordMapInput 

type PasswordMapInput interface {
	pulumi.Input

	ToPasswordMapOutput() PasswordMapOutput
	ToPasswordMapOutputWithContext(context.Context) PasswordMapOutput
}

PasswordMapInput is an input type that accepts PasswordMap and PasswordMapOutput values. You can construct a concrete instance of `PasswordMapInput` via: 

PasswordMap{ "key": PasswordArgs{...} }

type PasswordMapOutput 

type PasswordMapOutput struct{ *pulumi.OutputState }

func (PasswordMapOutput) ElementType 

func (PasswordMapOutput) ElementType() reflect.Type

func (PasswordMapOutput) MapIndex 

func (o PasswordMapOutput) MapIndex(k pulumi.StringInput) PasswordOutput

func (PasswordMapOutput) ToPasswordMapOutput 

func (o PasswordMapOutput) ToPasswordMapOutput() PasswordMapOutput

func (PasswordMapOutput) ToPasswordMapOutputWithContext 

func (o PasswordMapOutput) ToPasswordMapOutputWithContext(ctx context.Context) PasswordMapOutput

type PasswordOutput 

type PasswordOutput struct{ *pulumi.OutputState }

func (PasswordOutput) AuthProvider added in v3.9.0 

func (o PasswordOutput) AuthProvider() pulumi.StringPtrOutput

Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"`

func (PasswordOutput) CallRecovery added in v3.9.0 

func (o PasswordOutput) CallRecovery() pulumi.StringPtrOutput

Enable or disable voice call password recovery: ACTIVE or INACTIVE. Type `"string"`

func (PasswordOutput) Description added in v3.9.0 

func (o PasswordOutput) Description() pulumi.StringPtrOutput

Policy Description. Type `"string"`

func (PasswordOutput) ElementType 

func (PasswordOutput) ElementType() reflect.Type

func (PasswordOutput) EmailRecovery added in v3.9.0 

func (o PasswordOutput) EmailRecovery() pulumi.StringPtrOutput

Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"`

func (PasswordOutput) GroupsIncludeds added in v3.9.0 

func (o PasswordOutput) GroupsIncludeds() pulumi.StringArrayOutput

List of Group IDs to Include. Type `"list(string)"`

func (PasswordOutput) Name added in v3.9.0 

func (o PasswordOutput) Name() pulumi.StringOutput

Policy Name. Type `"string"`

func (PasswordOutput) PasswordAutoUnlockMinutes added in v3.9.0 

func (o PasswordOutput) PasswordAutoUnlockMinutes() pulumi.IntPtrOutput

Number of minutes before a locked account is unlocked: 0 = no limit. Type `"number"`

func (PasswordOutput) PasswordDictionaryLookup added in v3.9.0 

func (o PasswordOutput) PasswordDictionaryLookup() pulumi.BoolPtrOutput

Check Passwords Against Common Password Dictionary. Type `"bool"`

func (PasswordOutput) PasswordExcludeFirstName added in v3.9.0 

func (o PasswordOutput) PasswordExcludeFirstName() pulumi.BoolPtrOutput

User firstName attribute must be excluded from the password. Type `"bool"`

func (PasswordOutput) PasswordExcludeLastName added in v3.9.0 

func (o PasswordOutput) PasswordExcludeLastName() pulumi.BoolPtrOutput

User lastName attribute must be excluded from the password. Type `"bool"`

func (PasswordOutput) PasswordExcludeUsername added in v3.9.0 

func (o PasswordOutput) PasswordExcludeUsername() pulumi.BoolPtrOutput

If the username must be excluded from the password. Type `"bool"`

func (PasswordOutput) PasswordExpireWarnDays added in v3.9.0 

func (o PasswordOutput) PasswordExpireWarnDays() pulumi.IntPtrOutput

Length in days a user will be warned before password expiry: 0 = no warning. Type `"number"`

func (PasswordOutput) PasswordHistoryCount added in v3.9.0 

func (o PasswordOutput) PasswordHistoryCount() pulumi.IntPtrOutput

Number of distinct passwords that must be created before they can be reused: 0 = none. Type `"number"`

func (PasswordOutput) PasswordLockoutNotificationChannels added in v3.9.0 

func (o PasswordOutput) PasswordLockoutNotificationChannels() pulumi.StringArrayOutput

Notification channels to use to notify a user when their account has been locked. Type `"set(string)"`

func (PasswordOutput) PasswordMaxAgeDays added in v3.9.0 

func (o PasswordOutput) PasswordMaxAgeDays() pulumi.IntPtrOutput

Length in days a password is valid before expiry: 0 = no limit. Type `"number"`

func (PasswordOutput) PasswordMaxLockoutAttempts added in v3.9.0 

func (o PasswordOutput) PasswordMaxLockoutAttempts() pulumi.IntPtrOutput

Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Type `"number"`

func (PasswordOutput) PasswordMinAgeMinutes added in v3.9.0 

func (o PasswordOutput) PasswordMinAgeMinutes() pulumi.IntPtrOutput

Minimum time interval in minutes between password changes: 0 = no limit. Type `"number"`

func (PasswordOutput) PasswordMinLength added in v3.9.0 

func (o PasswordOutput) PasswordMinLength() pulumi.IntPtrOutput

Minimum password length. Default is 8. Type `"number"`

func (PasswordOutput) PasswordMinLowercase added in v3.9.0 

func (o PasswordOutput) PasswordMinLowercase() pulumi.IntPtrOutput

Minimum number of lower case characters in a password. Type `"number"`

func (PasswordOutput) PasswordMinNumber added in v3.9.0 

func (o PasswordOutput) PasswordMinNumber() pulumi.IntPtrOutput

Minimum number of numbers in a password. Type `"number"`

func (PasswordOutput) PasswordMinSymbol added in v3.9.0 

func (o PasswordOutput) PasswordMinSymbol() pulumi.IntPtrOutput

Minimum number of symbols in a password. Type `"number"`

func (PasswordOutput) PasswordMinUppercase added in v3.9.0 

func (o PasswordOutput) PasswordMinUppercase() pulumi.IntPtrOutput

Minimum number of upper case characters in a password. Type `"number"`

func (PasswordOutput) PasswordShowLockoutFailures added in v3.9.0 

func (o PasswordOutput) PasswordShowLockoutFailures() pulumi.BoolPtrOutput

If a user should be informed when their account is locked. Type `"bool"`

func (PasswordOutput) Priority added in v3.9.0 

func (o PasswordOutput) Priority() pulumi.IntPtrOutput

Priority of the policy. Type `"number"`

func (PasswordOutput) QuestionMinLength added in v3.9.0 

func (o PasswordOutput) QuestionMinLength() pulumi.IntPtrOutput

Min length of the password recovery question answer. Type `"number"`

func (PasswordOutput) QuestionRecovery added in v3.9.0 

func (o PasswordOutput) QuestionRecovery() pulumi.StringPtrOutput

Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"`

func (PasswordOutput) RecoveryEmailToken added in v3.9.0 

func (o PasswordOutput) RecoveryEmailToken() pulumi.IntPtrOutput

Lifetime in minutes of the recovery email token. Type `"number"`

func (PasswordOutput) SkipUnlock added in v3.9.0 

func (o PasswordOutput) SkipUnlock() pulumi.BoolPtrOutput

When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"`

func (PasswordOutput) SmsRecovery added in v3.9.0 

func (o PasswordOutput) SmsRecovery() pulumi.StringPtrOutput

Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"`

func (PasswordOutput) Status added in v3.9.0 

func (o PasswordOutput) Status() pulumi.StringPtrOutput

Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`

func (PasswordOutput) ToPasswordOutput 

func (o PasswordOutput) ToPasswordOutput() PasswordOutput

func (PasswordOutput) ToPasswordOutputWithContext 

func (o PasswordOutput) ToPasswordOutputWithContext(ctx context.Context) PasswordOutput

type PasswordState 

type PasswordState struct {
	// Authentication Provider: `"OKTA"`, `"ACTIVE_DIRECTORY"` or `"LDAP"`. Default is `"OKTA"`. Type `"string"`
	AuthProvider pulumi.StringPtrInput
	// Enable or disable voice call password recovery: ACTIVE or INACTIVE.  Type `"string"`
	CallRecovery pulumi.StringPtrInput
	// Policy Description. Type `"string"`
	Description pulumi.StringPtrInput
	// Enable or disable email password recovery: ACTIVE or INACTIVE. Type `"string"`
	EmailRecovery pulumi.StringPtrInput
	// List of Group IDs to Include. Type `"list(string)"`
	GroupsIncludeds pulumi.StringArrayInput
	// Policy Name. Type `"string"`
	Name pulumi.StringPtrInput
	// Number of minutes before a locked account is unlocked: 0 = no limit.  Type `"number"`
	PasswordAutoUnlockMinutes pulumi.IntPtrInput
	// Check Passwords Against Common Password Dictionary. Type `"bool"`
	PasswordDictionaryLookup pulumi.BoolPtrInput
	// User firstName attribute must be excluded from the password. Type `"bool"`
	PasswordExcludeFirstName pulumi.BoolPtrInput
	// User lastName attribute must be excluded from the password. Type `"bool"`
	PasswordExcludeLastName pulumi.BoolPtrInput
	// If the username must be excluded from the password. Type `"bool"`
	PasswordExcludeUsername pulumi.BoolPtrInput
	// Length in days a user will be warned before password expiry: 0 = no warning.  Type `"number"`
	PasswordExpireWarnDays pulumi.IntPtrInput
	// Number of distinct passwords that must be created before they can be reused: 0 = none.  Type `"number"`
	PasswordHistoryCount pulumi.IntPtrInput
	// Notification channels to use to notify a user when their account has been locked. Type `"set(string)"`
	PasswordLockoutNotificationChannels pulumi.StringArrayInput
	// Length in days a password is valid before expiry: 0 = no limit.  Type `"number"`
	PasswordMaxAgeDays pulumi.IntPtrInput
	// Number of unsuccessful login attempts allowed before lockout: 0 = no limit.  Type `"number"`
	PasswordMaxLockoutAttempts pulumi.IntPtrInput
	// Minimum time interval in minutes between password changes: 0 = no limit.  Type `"number"`
	PasswordMinAgeMinutes pulumi.IntPtrInput
	// Minimum password length. Default is 8. Type `"number"`
	PasswordMinLength pulumi.IntPtrInput
	// Minimum number of lower case characters in a password. Type `"number"`
	PasswordMinLowercase pulumi.IntPtrInput
	// Minimum number of numbers in a password. Type `"number"`
	PasswordMinNumber pulumi.IntPtrInput
	// Minimum number of symbols in a password. Type `"number"`
	PasswordMinSymbol pulumi.IntPtrInput
	// Minimum number of upper case characters in a password. Type `"number"`
	PasswordMinUppercase pulumi.IntPtrInput
	// If a user should be informed when their account is locked.  Type `"bool"`
	PasswordShowLockoutFailures pulumi.BoolPtrInput
	// Priority of the policy. Type `"number"`
	Priority pulumi.IntPtrInput
	// Min length of the password recovery question answer.  Type `"number"`
	QuestionMinLength pulumi.IntPtrInput
	// Enable or disable security question password recovery: ACTIVE or INACTIVE. Type `"string"`
	QuestionRecovery pulumi.StringPtrInput
	// Lifetime in minutes of the recovery email token.  Type `"number"`
	RecoveryEmailToken pulumi.IntPtrInput
	// When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Type `"bool"`
	SkipUnlock pulumi.BoolPtrInput
	// Enable or disable SMS password recovery: ACTIVE or INACTIVE. Type `"string"`
	SmsRecovery pulumi.StringPtrInput
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
	Status pulumi.StringPtrInput
}

func (PasswordState) ElementType 

func (PasswordState) ElementType() reflect.Type

type RuleIdpDiscovery 

type RuleIdpDiscovery struct {
	pulumi.CustomResourceState

	// Applications to exclude in discovery. See `appInclude` for details.
	AppExcludes RuleIdpDiscoveryAppExcludeArrayOutput `pulumi:"appExcludes"`
	// Applications to include in discovery rule.
	AppIncludes RuleIdpDiscoveryAppIncludeArrayOutput `pulumi:"appIncludes"`
	// The identifier for the Idp the rule should route to if all conditions are met.
	IdpId pulumi.StringPtrOutput `pulumi:"idpId"`
	// Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`
	IdpType pulumi.StringPtrOutput `pulumi:"idpType"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringOutput `pulumi:"name"`
	// The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.
	NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"`
	// Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.
	NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"`
	// Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.
	NetworkIncludes  pulumi.StringArrayOutput                   `pulumi:"networkIncludes"`
	PlatformIncludes RuleIdpDiscoveryPlatformIncludeArrayOutput `pulumi:"platformIncludes"`
	// Policy ID.
	PolicyId pulumi.StringPtrOutput `pulumi:"policyId"`
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrOutput `pulumi:"policyid"`
	// Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.
	UserIdentifierAttribute pulumi.StringPtrOutput `pulumi:"userIdentifierAttribute"`
	// Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.
	UserIdentifierPatterns RuleIdpDiscoveryUserIdentifierPatternArrayOutput `pulumi:"userIdentifierPatterns"`
	// One of: `"IDENTIFIER"`, `"ATTRIBUTE"`
	UserIdentifierType pulumi.StringPtrOutput `pulumi:"userIdentifierType"`
}

This resource allows you to create and configure an IdP Discovery Policy Rule.

> If you receive the error `You do not have permission to access the feature you are requesting` contact support and request feature flag `ADVANCED_SSO` be applied to your org.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		idpDiscoveryPolicy, err := policy.GetPolicy(ctx, &policy.GetPolicyArgs{
			Name: "Idp Discovery Policy",
			Type: "IDP_DISCOVERY",
		}, nil)
		if err != nil {
			return err
		}
		_, err = policy.NewRuleIdpDiscovery(ctx, "example", &policy.RuleIdpDiscoveryArgs{
			PolicyId:                *pulumi.String(idpDiscoveryPolicy.Id),
			IdpId:                   pulumi.String("<idp id>"),
			IdpType:                 pulumi.String("OIDC"),
			NetworkConnection:       pulumi.String("ANYWHERE"),
			Priority:                pulumi.Int(1),
			Status:                  pulumi.String("ACTIVE"),
			UserIdentifierType:      pulumi.String("ATTRIBUTE"),
			UserIdentifierAttribute: pulumi.String("company"),
			AppExcludes: policy.RuleIdpDiscoveryAppExcludeArray{
				&policy.RuleIdpDiscoveryAppExcludeArgs{
					Id:   pulumi.String("<app id>"),
					Type: pulumi.String("APP"),
				},
				&policy.RuleIdpDiscoveryAppExcludeArgs{
					Name: pulumi.String("yahoo_mail"),
					Type: pulumi.String("APP_TYPE"),
				},
			},
			AppIncludes: policy.RuleIdpDiscoveryAppIncludeArray{
				&policy.RuleIdpDiscoveryAppIncludeArgs{
					Id:   pulumi.String("<app id>"),
					Type: pulumi.String("APP"),
				},
				&policy.RuleIdpDiscoveryAppIncludeArgs{
					Name: pulumi.String("<app type name>"),
					Type: pulumi.String("APP_TYPE"),
				},
			},
			PlatformIncludes: policy.RuleIdpDiscoveryPlatformIncludeArray{
				&policy.RuleIdpDiscoveryPlatformIncludeArgs{
					Type:   pulumi.String("MOBILE"),
					OsType: pulumi.String("OSX"),
				},
			},
			UserIdentifierPatterns: policy.RuleIdpDiscoveryUserIdentifierPatternArray{
				&policy.RuleIdpDiscoveryUserIdentifierPatternArgs{
					MatchType: pulumi.String("EQUALS"),
					Value:     pulumi.String("Articulate"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

A Policy Rule can be imported via the Policy and Rule ID.

```sh 

$ pulumi import okta:policy/ruleIdpDiscovery:RuleIdpDiscovery example &#60;policy id&#62;/&#60;rule id&#62;

```

func GetRuleIdpDiscovery 

func GetRuleIdpDiscovery(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RuleIdpDiscoveryState, opts ...pulumi.ResourceOption) (*RuleIdpDiscovery, error)

GetRuleIdpDiscovery gets an existing RuleIdpDiscovery resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRuleIdpDiscovery 

func NewRuleIdpDiscovery(ctx *pulumi.Context,
	name string, args *RuleIdpDiscoveryArgs, opts ...pulumi.ResourceOption) (*RuleIdpDiscovery, error)

NewRuleIdpDiscovery registers a new resource with the given unique name, arguments, and options.

func (*RuleIdpDiscovery) ElementType 

func (*RuleIdpDiscovery) ElementType() reflect.Type

func (*RuleIdpDiscovery) ToRuleIdpDiscoveryOutput 

func (i *RuleIdpDiscovery) ToRuleIdpDiscoveryOutput() RuleIdpDiscoveryOutput

func (*RuleIdpDiscovery) ToRuleIdpDiscoveryOutputWithContext 

func (i *RuleIdpDiscovery) ToRuleIdpDiscoveryOutputWithContext(ctx context.Context) RuleIdpDiscoveryOutput

type RuleIdpDiscoveryAppExclude 

type RuleIdpDiscoveryAppExclude struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id *string `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name *string `pulumi:"name"`
	// One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
	Type string `pulumi:"type"`
}

type RuleIdpDiscoveryAppExcludeArgs 

type RuleIdpDiscoveryAppExcludeArgs struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id pulumi.StringPtrInput `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
	Type pulumi.StringInput `pulumi:"type"`
}

func (RuleIdpDiscoveryAppExcludeArgs) ElementType 

func (RuleIdpDiscoveryAppExcludeArgs) ElementType() reflect.Type

func (RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutput 

func (i RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput

func (RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutputWithContext 

func (i RuleIdpDiscoveryAppExcludeArgs) ToRuleIdpDiscoveryAppExcludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeOutput

type RuleIdpDiscoveryAppExcludeArray 

type RuleIdpDiscoveryAppExcludeArray []RuleIdpDiscoveryAppExcludeInput

func (RuleIdpDiscoveryAppExcludeArray) ElementType 

func (RuleIdpDiscoveryAppExcludeArray) ElementType() reflect.Type

func (RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutput 

func (i RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput

func (RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext 

func (i RuleIdpDiscoveryAppExcludeArray) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeArrayOutput

type RuleIdpDiscoveryAppExcludeArrayInput 

type RuleIdpDiscoveryAppExcludeArrayInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput
	ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(context.Context) RuleIdpDiscoveryAppExcludeArrayOutput
}

RuleIdpDiscoveryAppExcludeArrayInput is an input type that accepts RuleIdpDiscoveryAppExcludeArray and RuleIdpDiscoveryAppExcludeArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppExcludeArrayInput` via: 

RuleIdpDiscoveryAppExcludeArray{ RuleIdpDiscoveryAppExcludeArgs{...} }

type RuleIdpDiscoveryAppExcludeArrayOutput 

type RuleIdpDiscoveryAppExcludeArrayOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryAppExcludeArrayOutput) ElementType 

func (RuleIdpDiscoveryAppExcludeArrayOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryAppExcludeArrayOutput) Index 

func (o RuleIdpDiscoveryAppExcludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryAppExcludeOutput

func (RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutput 

func (o RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutput() RuleIdpDiscoveryAppExcludeArrayOutput

func (RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext 

func (o RuleIdpDiscoveryAppExcludeArrayOutput) ToRuleIdpDiscoveryAppExcludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeArrayOutput

type RuleIdpDiscoveryAppExcludeInput 

type RuleIdpDiscoveryAppExcludeInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput
	ToRuleIdpDiscoveryAppExcludeOutputWithContext(context.Context) RuleIdpDiscoveryAppExcludeOutput
}

RuleIdpDiscoveryAppExcludeInput is an input type that accepts RuleIdpDiscoveryAppExcludeArgs and RuleIdpDiscoveryAppExcludeOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppExcludeInput` via: 

RuleIdpDiscoveryAppExcludeArgs{...}

type RuleIdpDiscoveryAppExcludeOutput 

type RuleIdpDiscoveryAppExcludeOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryAppExcludeOutput) ElementType 

func (RuleIdpDiscoveryAppExcludeOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryAppExcludeOutput) Id 

func (o RuleIdpDiscoveryAppExcludeOutput) Id() pulumi.StringPtrOutput

Use if `type` is `"APP"` to indicate the application id to include.

func (RuleIdpDiscoveryAppExcludeOutput) Name 

func (o RuleIdpDiscoveryAppExcludeOutput) Name() pulumi.StringPtrOutput

Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.

func (RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutput 

func (o RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutput() RuleIdpDiscoveryAppExcludeOutput

func (RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutputWithContext 

func (o RuleIdpDiscoveryAppExcludeOutput) ToRuleIdpDiscoveryAppExcludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppExcludeOutput

func (RuleIdpDiscoveryAppExcludeOutput) Type 

func (o RuleIdpDiscoveryAppExcludeOutput) Type() pulumi.StringOutput

One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`

type RuleIdpDiscoveryAppInclude 

type RuleIdpDiscoveryAppInclude struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id *string `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name *string `pulumi:"name"`
	// One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
	Type string `pulumi:"type"`
}

type RuleIdpDiscoveryAppIncludeArgs 

type RuleIdpDiscoveryAppIncludeArgs struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id pulumi.StringPtrInput `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
	Type pulumi.StringInput `pulumi:"type"`
}

func (RuleIdpDiscoveryAppIncludeArgs) ElementType 

func (RuleIdpDiscoveryAppIncludeArgs) ElementType() reflect.Type

func (RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutput 

func (i RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput

func (RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutputWithContext 

func (i RuleIdpDiscoveryAppIncludeArgs) ToRuleIdpDiscoveryAppIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeOutput

type RuleIdpDiscoveryAppIncludeArray 

type RuleIdpDiscoveryAppIncludeArray []RuleIdpDiscoveryAppIncludeInput

func (RuleIdpDiscoveryAppIncludeArray) ElementType 

func (RuleIdpDiscoveryAppIncludeArray) ElementType() reflect.Type

func (RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutput 

func (i RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput

func (RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext 

func (i RuleIdpDiscoveryAppIncludeArray) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeArrayOutput

type RuleIdpDiscoveryAppIncludeArrayInput 

type RuleIdpDiscoveryAppIncludeArrayInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput
	ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(context.Context) RuleIdpDiscoveryAppIncludeArrayOutput
}

RuleIdpDiscoveryAppIncludeArrayInput is an input type that accepts RuleIdpDiscoveryAppIncludeArray and RuleIdpDiscoveryAppIncludeArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppIncludeArrayInput` via: 

RuleIdpDiscoveryAppIncludeArray{ RuleIdpDiscoveryAppIncludeArgs{...} }

type RuleIdpDiscoveryAppIncludeArrayOutput 

type RuleIdpDiscoveryAppIncludeArrayOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryAppIncludeArrayOutput) ElementType 

func (RuleIdpDiscoveryAppIncludeArrayOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryAppIncludeArrayOutput) Index 

func (o RuleIdpDiscoveryAppIncludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryAppIncludeOutput

func (RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutput 

func (o RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutput() RuleIdpDiscoveryAppIncludeArrayOutput

func (RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext 

func (o RuleIdpDiscoveryAppIncludeArrayOutput) ToRuleIdpDiscoveryAppIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeArrayOutput

type RuleIdpDiscoveryAppIncludeInput 

type RuleIdpDiscoveryAppIncludeInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput
	ToRuleIdpDiscoveryAppIncludeOutputWithContext(context.Context) RuleIdpDiscoveryAppIncludeOutput
}

RuleIdpDiscoveryAppIncludeInput is an input type that accepts RuleIdpDiscoveryAppIncludeArgs and RuleIdpDiscoveryAppIncludeOutput values. You can construct a concrete instance of `RuleIdpDiscoveryAppIncludeInput` via: 

RuleIdpDiscoveryAppIncludeArgs{...}

type RuleIdpDiscoveryAppIncludeOutput 

type RuleIdpDiscoveryAppIncludeOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryAppIncludeOutput) ElementType 

func (RuleIdpDiscoveryAppIncludeOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryAppIncludeOutput) Id 

func (o RuleIdpDiscoveryAppIncludeOutput) Id() pulumi.StringPtrOutput

Use if `type` is `"APP"` to indicate the application id to include.

func (RuleIdpDiscoveryAppIncludeOutput) Name 

func (o RuleIdpDiscoveryAppIncludeOutput) Name() pulumi.StringPtrOutput

Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.

func (RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutput 

func (o RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutput() RuleIdpDiscoveryAppIncludeOutput

func (RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutputWithContext 

func (o RuleIdpDiscoveryAppIncludeOutput) ToRuleIdpDiscoveryAppIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryAppIncludeOutput

func (RuleIdpDiscoveryAppIncludeOutput) Type 

func (o RuleIdpDiscoveryAppIncludeOutput) Type() pulumi.StringOutput

One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`

type RuleIdpDiscoveryArgs 

type RuleIdpDiscoveryArgs struct {
	// Applications to exclude in discovery. See `appInclude` for details.
	AppExcludes RuleIdpDiscoveryAppExcludeArrayInput
	// Applications to include in discovery rule.
	AppIncludes RuleIdpDiscoveryAppIncludeArrayInput
	// The identifier for the Idp the rule should route to if all conditions are met.
	IdpId pulumi.StringPtrInput
	// Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`
	IdpType pulumi.StringPtrInput
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput
	// The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.
	NetworkConnection pulumi.StringPtrInput
	// Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.
	NetworkExcludes pulumi.StringArrayInput
	// Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.
	NetworkIncludes  pulumi.StringArrayInput
	PlatformIncludes RuleIdpDiscoveryPlatformIncludeArrayInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
	Priority pulumi.IntPtrInput
	// Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.
	Status pulumi.StringPtrInput
	// Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.
	UserIdentifierAttribute pulumi.StringPtrInput
	// Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.
	UserIdentifierPatterns RuleIdpDiscoveryUserIdentifierPatternArrayInput
	// One of: `"IDENTIFIER"`, `"ATTRIBUTE"`
	UserIdentifierType pulumi.StringPtrInput
}

The set of arguments for constructing a RuleIdpDiscovery resource.

func (RuleIdpDiscoveryArgs) ElementType 

func (RuleIdpDiscoveryArgs) ElementType() reflect.Type

type RuleIdpDiscoveryArray 

type RuleIdpDiscoveryArray []RuleIdpDiscoveryInput

func (RuleIdpDiscoveryArray) ElementType 

func (RuleIdpDiscoveryArray) ElementType() reflect.Type

func (RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutput 

func (i RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutput() RuleIdpDiscoveryArrayOutput

func (RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutputWithContext 

func (i RuleIdpDiscoveryArray) ToRuleIdpDiscoveryArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryArrayOutput

type RuleIdpDiscoveryArrayInput 

type RuleIdpDiscoveryArrayInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryArrayOutput() RuleIdpDiscoveryArrayOutput
	ToRuleIdpDiscoveryArrayOutputWithContext(context.Context) RuleIdpDiscoveryArrayOutput
}

RuleIdpDiscoveryArrayInput is an input type that accepts RuleIdpDiscoveryArray and RuleIdpDiscoveryArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryArrayInput` via: 

RuleIdpDiscoveryArray{ RuleIdpDiscoveryArgs{...} }

type RuleIdpDiscoveryArrayOutput 

type RuleIdpDiscoveryArrayOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryArrayOutput) ElementType 

func (RuleIdpDiscoveryArrayOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryArrayOutput) Index 

func (o RuleIdpDiscoveryArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryOutput

func (RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutput 

func (o RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutput() RuleIdpDiscoveryArrayOutput

func (RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutputWithContext 

func (o RuleIdpDiscoveryArrayOutput) ToRuleIdpDiscoveryArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryArrayOutput

type RuleIdpDiscoveryInput 

type RuleIdpDiscoveryInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryOutput() RuleIdpDiscoveryOutput
	ToRuleIdpDiscoveryOutputWithContext(ctx context.Context) RuleIdpDiscoveryOutput
}

type RuleIdpDiscoveryMap 

type RuleIdpDiscoveryMap map[string]RuleIdpDiscoveryInput

func (RuleIdpDiscoveryMap) ElementType 

func (RuleIdpDiscoveryMap) ElementType() reflect.Type

func (RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutput 

func (i RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutput() RuleIdpDiscoveryMapOutput

func (RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutputWithContext 

func (i RuleIdpDiscoveryMap) ToRuleIdpDiscoveryMapOutputWithContext(ctx context.Context) RuleIdpDiscoveryMapOutput

type RuleIdpDiscoveryMapInput 

type RuleIdpDiscoveryMapInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryMapOutput() RuleIdpDiscoveryMapOutput
	ToRuleIdpDiscoveryMapOutputWithContext(context.Context) RuleIdpDiscoveryMapOutput
}

RuleIdpDiscoveryMapInput is an input type that accepts RuleIdpDiscoveryMap and RuleIdpDiscoveryMapOutput values. You can construct a concrete instance of `RuleIdpDiscoveryMapInput` via: 

RuleIdpDiscoveryMap{ "key": RuleIdpDiscoveryArgs{...} }

type RuleIdpDiscoveryMapOutput 

type RuleIdpDiscoveryMapOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryMapOutput) ElementType 

func (RuleIdpDiscoveryMapOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryMapOutput) MapIndex 

func (o RuleIdpDiscoveryMapOutput) MapIndex(k pulumi.StringInput) RuleIdpDiscoveryOutput

func (RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutput 

func (o RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutput() RuleIdpDiscoveryMapOutput

func (RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutputWithContext 

func (o RuleIdpDiscoveryMapOutput) ToRuleIdpDiscoveryMapOutputWithContext(ctx context.Context) RuleIdpDiscoveryMapOutput

type RuleIdpDiscoveryOutput 

type RuleIdpDiscoveryOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryOutput) AppExcludes added in v3.9.0 

func (o RuleIdpDiscoveryOutput) AppExcludes() RuleIdpDiscoveryAppExcludeArrayOutput

Applications to exclude in discovery. See `appInclude` for details.

func (RuleIdpDiscoveryOutput) AppIncludes added in v3.9.0 

func (o RuleIdpDiscoveryOutput) AppIncludes() RuleIdpDiscoveryAppIncludeArrayOutput

Applications to include in discovery rule.

func (RuleIdpDiscoveryOutput) ElementType 

func (RuleIdpDiscoveryOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryOutput) IdpId added in v3.9.0 

func (o RuleIdpDiscoveryOutput) IdpId() pulumi.StringPtrOutput

The identifier for the Idp the rule should route to if all conditions are met.

func (RuleIdpDiscoveryOutput) IdpType added in v3.9.0 

func (o RuleIdpDiscoveryOutput) IdpType() pulumi.StringPtrOutput

Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`

func (RuleIdpDiscoveryOutput) Name added in v3.9.0 

func (o RuleIdpDiscoveryOutput) Name() pulumi.StringOutput

Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.

func (RuleIdpDiscoveryOutput) NetworkConnection added in v3.9.0 

func (o RuleIdpDiscoveryOutput) NetworkConnection() pulumi.StringPtrOutput

The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.

func (RuleIdpDiscoveryOutput) NetworkExcludes added in v3.9.0 

func (o RuleIdpDiscoveryOutput) NetworkExcludes() pulumi.StringArrayOutput

Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.

func (RuleIdpDiscoveryOutput) NetworkIncludes added in v3.9.0 

func (o RuleIdpDiscoveryOutput) NetworkIncludes() pulumi.StringArrayOutput

Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.

func (RuleIdpDiscoveryOutput) PlatformIncludes added in v3.9.0 

func (o RuleIdpDiscoveryOutput) PlatformIncludes() RuleIdpDiscoveryPlatformIncludeArrayOutput

func (RuleIdpDiscoveryOutput) PolicyId added in v3.9.0 

func (o RuleIdpDiscoveryOutput) PolicyId() pulumi.StringPtrOutput

Policy ID.

func (RuleIdpDiscoveryOutput) Policyid deprecated added in v3.9.0 

func (o RuleIdpDiscoveryOutput) Policyid() pulumi.StringPtrOutput

Policy ID.

Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead

func (RuleIdpDiscoveryOutput) Priority added in v3.9.0 

func (o RuleIdpDiscoveryOutput) Priority() pulumi.IntPtrOutput

Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.

func (RuleIdpDiscoveryOutput) Status added in v3.9.0 

func (o RuleIdpDiscoveryOutput) Status() pulumi.StringPtrOutput

Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.

func (RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutput 

func (o RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutput() RuleIdpDiscoveryOutput

func (RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutputWithContext 

func (o RuleIdpDiscoveryOutput) ToRuleIdpDiscoveryOutputWithContext(ctx context.Context) RuleIdpDiscoveryOutput

func (RuleIdpDiscoveryOutput) UserIdentifierAttribute added in v3.9.0 

func (o RuleIdpDiscoveryOutput) UserIdentifierAttribute() pulumi.StringPtrOutput

Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.

func (RuleIdpDiscoveryOutput) UserIdentifierPatterns added in v3.9.0 

func (o RuleIdpDiscoveryOutput) UserIdentifierPatterns() RuleIdpDiscoveryUserIdentifierPatternArrayOutput

Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.

func (RuleIdpDiscoveryOutput) UserIdentifierType added in v3.9.0 

func (o RuleIdpDiscoveryOutput) UserIdentifierType() pulumi.StringPtrOutput

One of: `"IDENTIFIER"`, `"ATTRIBUTE"`

type RuleIdpDiscoveryPlatformInclude 

type RuleIdpDiscoveryPlatformInclude struct {
	// Only available when using `osType = "OTHER"`
	OsExpression *string `pulumi:"osExpression"`
	// One of: `"ANY"`, `"IOS"`, `"WINDOWS"`, `"ANDROID"`, `"OTHER"`, `"OSX"`
	OsType *string `pulumi:"osType"`
	// One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
	Type *string `pulumi:"type"`
}

type RuleIdpDiscoveryPlatformIncludeArgs 

type RuleIdpDiscoveryPlatformIncludeArgs struct {
	// Only available when using `osType = "OTHER"`
	OsExpression pulumi.StringPtrInput `pulumi:"osExpression"`
	// One of: `"ANY"`, `"IOS"`, `"WINDOWS"`, `"ANDROID"`, `"OTHER"`, `"OSX"`
	OsType pulumi.StringPtrInput `pulumi:"osType"`
	// One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`
	Type pulumi.StringPtrInput `pulumi:"type"`
}

func (RuleIdpDiscoveryPlatformIncludeArgs) ElementType 

func (RuleIdpDiscoveryPlatformIncludeArgs) ElementType() reflect.Type

func (RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutput 

func (i RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput

func (RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext 

func (i RuleIdpDiscoveryPlatformIncludeArgs) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeOutput

type RuleIdpDiscoveryPlatformIncludeArray 

type RuleIdpDiscoveryPlatformIncludeArray []RuleIdpDiscoveryPlatformIncludeInput

func (RuleIdpDiscoveryPlatformIncludeArray) ElementType 

func (RuleIdpDiscoveryPlatformIncludeArray) ElementType() reflect.Type

func (RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutput 

func (i RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput

func (RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext 

func (i RuleIdpDiscoveryPlatformIncludeArray) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput

type RuleIdpDiscoveryPlatformIncludeArrayInput 

type RuleIdpDiscoveryPlatformIncludeArrayInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput
	ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput
}

RuleIdpDiscoveryPlatformIncludeArrayInput is an input type that accepts RuleIdpDiscoveryPlatformIncludeArray and RuleIdpDiscoveryPlatformIncludeArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryPlatformIncludeArrayInput` via: 

RuleIdpDiscoveryPlatformIncludeArray{ RuleIdpDiscoveryPlatformIncludeArgs{...} }

type RuleIdpDiscoveryPlatformIncludeArrayOutput 

type RuleIdpDiscoveryPlatformIncludeArrayOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ElementType 

func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryPlatformIncludeArrayOutput) Index 

func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryPlatformIncludeOutput

func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutput 

func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutput() RuleIdpDiscoveryPlatformIncludeArrayOutput

func (RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext 

func (o RuleIdpDiscoveryPlatformIncludeArrayOutput) ToRuleIdpDiscoveryPlatformIncludeArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeArrayOutput

type RuleIdpDiscoveryPlatformIncludeInput 

type RuleIdpDiscoveryPlatformIncludeInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput
	ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(context.Context) RuleIdpDiscoveryPlatformIncludeOutput
}

RuleIdpDiscoveryPlatformIncludeInput is an input type that accepts RuleIdpDiscoveryPlatformIncludeArgs and RuleIdpDiscoveryPlatformIncludeOutput values. You can construct a concrete instance of `RuleIdpDiscoveryPlatformIncludeInput` via: 

RuleIdpDiscoveryPlatformIncludeArgs{...}

type RuleIdpDiscoveryPlatformIncludeOutput 

type RuleIdpDiscoveryPlatformIncludeOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryPlatformIncludeOutput) ElementType 

func (RuleIdpDiscoveryPlatformIncludeOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryPlatformIncludeOutput) OsExpression 

func (o RuleIdpDiscoveryPlatformIncludeOutput) OsExpression() pulumi.StringPtrOutput

Only available when using `osType = "OTHER"`

func (RuleIdpDiscoveryPlatformIncludeOutput) OsType 

func (o RuleIdpDiscoveryPlatformIncludeOutput) OsType() pulumi.StringPtrOutput

One of: `"ANY"`, `"IOS"`, `"WINDOWS"`, `"ANDROID"`, `"OTHER"`, `"OSX"`

func (RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutput 

func (o RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutput() RuleIdpDiscoveryPlatformIncludeOutput

func (RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext 

func (o RuleIdpDiscoveryPlatformIncludeOutput) ToRuleIdpDiscoveryPlatformIncludeOutputWithContext(ctx context.Context) RuleIdpDiscoveryPlatformIncludeOutput

func (RuleIdpDiscoveryPlatformIncludeOutput) Type 

func (o RuleIdpDiscoveryPlatformIncludeOutput) Type() pulumi.StringPtrOutput

One of: `"ANY"`, `"MOBILE"`, `"DESKTOP"`

type RuleIdpDiscoveryState 

type RuleIdpDiscoveryState struct {
	// Applications to exclude in discovery. See `appInclude` for details.
	AppExcludes RuleIdpDiscoveryAppExcludeArrayInput
	// Applications to include in discovery rule.
	AppIncludes RuleIdpDiscoveryAppIncludeArrayInput
	// The identifier for the Idp the rule should route to if all conditions are met.
	IdpId pulumi.StringPtrInput
	// Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`
	IdpType pulumi.StringPtrInput
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput
	// The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.
	NetworkConnection pulumi.StringPtrInput
	// Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.
	NetworkExcludes pulumi.StringArrayInput
	// Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.
	NetworkIncludes  pulumi.StringArrayInput
	PlatformIncludes RuleIdpDiscoveryPlatformIncludeArrayInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
	Priority pulumi.IntPtrInput
	// Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.
	Status pulumi.StringPtrInput
	// Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.
	UserIdentifierAttribute pulumi.StringPtrInput
	// Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.
	UserIdentifierPatterns RuleIdpDiscoveryUserIdentifierPatternArrayInput
	// One of: `"IDENTIFIER"`, `"ATTRIBUTE"`
	UserIdentifierType pulumi.StringPtrInput
}

func (RuleIdpDiscoveryState) ElementType 

func (RuleIdpDiscoveryState) ElementType() reflect.Type

type RuleIdpDiscoveryUserIdentifierPattern 

type RuleIdpDiscoveryUserIdentifierPattern struct {
	// The kind of pattern. For regex, use `"EXPRESSION"`. For simple string matches, use one of the following: `"SUFFIX"`, `"EQUALS"`, `"STARTS_WITH"`, `"CONTAINS"`
	MatchType *string `pulumi:"matchType"`
	// The regex or simple match string to match against.
	Value *string `pulumi:"value"`
}

type RuleIdpDiscoveryUserIdentifierPatternArgs 

type RuleIdpDiscoveryUserIdentifierPatternArgs struct {
	// The kind of pattern. For regex, use `"EXPRESSION"`. For simple string matches, use one of the following: `"SUFFIX"`, `"EQUALS"`, `"STARTS_WITH"`, `"CONTAINS"`
	MatchType pulumi.StringPtrInput `pulumi:"matchType"`
	// The regex or simple match string to match against.
	Value pulumi.StringPtrInput `pulumi:"value"`
}

func (RuleIdpDiscoveryUserIdentifierPatternArgs) ElementType 

func (RuleIdpDiscoveryUserIdentifierPatternArgs) ElementType() reflect.Type

func (RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutput 

func (i RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput

func (RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext 

func (i RuleIdpDiscoveryUserIdentifierPatternArgs) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput

type RuleIdpDiscoveryUserIdentifierPatternArray 

type RuleIdpDiscoveryUserIdentifierPatternArray []RuleIdpDiscoveryUserIdentifierPatternInput

func (RuleIdpDiscoveryUserIdentifierPatternArray) ElementType 

func (RuleIdpDiscoveryUserIdentifierPatternArray) ElementType() reflect.Type

func (RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput 

func (i RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput

func (RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext 

func (i RuleIdpDiscoveryUserIdentifierPatternArray) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput

type RuleIdpDiscoveryUserIdentifierPatternArrayInput 

type RuleIdpDiscoveryUserIdentifierPatternArrayInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput
	ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput
}

RuleIdpDiscoveryUserIdentifierPatternArrayInput is an input type that accepts RuleIdpDiscoveryUserIdentifierPatternArray and RuleIdpDiscoveryUserIdentifierPatternArrayOutput values. You can construct a concrete instance of `RuleIdpDiscoveryUserIdentifierPatternArrayInput` via: 

RuleIdpDiscoveryUserIdentifierPatternArray{ RuleIdpDiscoveryUserIdentifierPatternArgs{...} }

type RuleIdpDiscoveryUserIdentifierPatternArrayOutput 

type RuleIdpDiscoveryUserIdentifierPatternArrayOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ElementType 

func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) Index 

func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) Index(i pulumi.IntInput) RuleIdpDiscoveryUserIdentifierPatternOutput

func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput 

func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutput() RuleIdpDiscoveryUserIdentifierPatternArrayOutput

func (RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext 

func (o RuleIdpDiscoveryUserIdentifierPatternArrayOutput) ToRuleIdpDiscoveryUserIdentifierPatternArrayOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternArrayOutput

type RuleIdpDiscoveryUserIdentifierPatternInput 

type RuleIdpDiscoveryUserIdentifierPatternInput interface {
	pulumi.Input

	ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput
	ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput
}

RuleIdpDiscoveryUserIdentifierPatternInput is an input type that accepts RuleIdpDiscoveryUserIdentifierPatternArgs and RuleIdpDiscoveryUserIdentifierPatternOutput values. You can construct a concrete instance of `RuleIdpDiscoveryUserIdentifierPatternInput` via: 

RuleIdpDiscoveryUserIdentifierPatternArgs{...}

type RuleIdpDiscoveryUserIdentifierPatternOutput 

type RuleIdpDiscoveryUserIdentifierPatternOutput struct{ *pulumi.OutputState }

func (RuleIdpDiscoveryUserIdentifierPatternOutput) ElementType 

func (RuleIdpDiscoveryUserIdentifierPatternOutput) ElementType() reflect.Type

func (RuleIdpDiscoveryUserIdentifierPatternOutput) MatchType 

func (o RuleIdpDiscoveryUserIdentifierPatternOutput) MatchType() pulumi.StringPtrOutput

The kind of pattern. For regex, use `"EXPRESSION"`. For simple string matches, use one of the following: `"SUFFIX"`, `"EQUALS"`, `"STARTS_WITH"`, `"CONTAINS"`

func (RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutput 

func (o RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutput() RuleIdpDiscoveryUserIdentifierPatternOutput

func (RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext 

func (o RuleIdpDiscoveryUserIdentifierPatternOutput) ToRuleIdpDiscoveryUserIdentifierPatternOutputWithContext(ctx context.Context) RuleIdpDiscoveryUserIdentifierPatternOutput

func (RuleIdpDiscoveryUserIdentifierPatternOutput) Value 

func (o RuleIdpDiscoveryUserIdentifierPatternOutput) Value() pulumi.StringPtrOutput

The regex or simple match string to match against.

type RuleMfa 

type RuleMfa struct {
	pulumi.CustomResourceState

	// Applications to exclude
	AppExcludes RuleMfaAppExcludeArrayOutput `pulumi:"appExcludes"`
	// Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.
	AppIncludes RuleMfaAppIncludeArrayOutput `pulumi:"appIncludes"`
	// When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`.
	Enroll pulumi.StringPtrOutput `pulumi:"enroll"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringOutput `pulumi:"name"`
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
	NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"`
	// The network zones to exclude. Conflicts with `networkIncludes`.
	NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"`
	// The network zones to include. Conflicts with `networkExcludes`.
	NetworkIncludes pulumi.StringArrayOutput `pulumi:"networkIncludes"`
	// Policy ID.
	PolicyId pulumi.StringPtrOutput `pulumi:"policyId"`
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrOutput `pulumi:"policyid"`
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// Set of User IDs to Exclude
	UsersExcludeds pulumi.StringArrayOutput `pulumi:"usersExcludeds"`
}

This resource allows you to create and configure an MFA Policy Rule.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/app"
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{
			Type: "MFA_ENROLL",
		}, nil)
		if err != nil {
			return err
		}
		exampleOAuth, err := app.NewOAuth(ctx, "exampleOAuth", &app.OAuthArgs{
			Label: pulumi.String("My App"),
			Type:  pulumi.String("web"),
			GrantTypes: pulumi.StringArray{
				pulumi.String("authorization_code"),
			},
			RedirectUris: pulumi.StringArray{
				pulumi.String("http://localhost:8000"),
			},
			ResponseTypes: pulumi.StringArray{
				pulumi.String("code"),
			},
			SkipGroups: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{
			PolicyId: *pulumi.String(exampleDefaultPolicy.Id),
			Status:   pulumi.String("ACTIVE"),
			Enroll:   pulumi.String("LOGIN"),
			AppIncludes: policy.RuleMfaAppIncludeArray{
				&policy.RuleMfaAppIncludeArgs{
					Id:   exampleOAuth.ID(),
					Type: pulumi.String("APP"),
				},
				&policy.RuleMfaAppIncludeArgs{
					Type: pulumi.String("APP_TYPE"),
					Name: pulumi.String("yahoo_mail"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

Unchecked `Okta` and checked `Applications` (with `Any application that supports MFA enrollment` option) checkboxes in the `User is accessing` section corresponds to the following config:

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{
			Type: "MFA_ENROLL",
		}, nil)
		if err != nil {
			return err
		}
		_, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{
			PolicyId: *pulumi.String(exampleDefaultPolicy.Id),
			AppExcludes: policy.RuleMfaAppExcludeArray{
				&policy.RuleMfaAppExcludeArgs{
					Name: pulumi.String("okta"),
					Type: pulumi.String("APP_TYPE"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

Unchecked `Okta` and checked `Applications` (with `Specific applications` option) checkboxes in the `User is accessing` section corresponds to the following config:

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{
			Type: "MFA_ENROLL",
		}, nil)
		if err != nil {
			return err
		}
		_, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{
			PolicyId: *pulumi.String(exampleDefaultPolicy.Id),
			AppExcludes: policy.RuleMfaAppExcludeArray{
				&policy.RuleMfaAppExcludeArgs{
					Name: pulumi.String("okta"),
					Type: pulumi.String("APP_TYPE"),
				},
			},
			AppIncludes: policy.RuleMfaAppIncludeArray{
				&policy.RuleMfaAppIncludeArgs{
					Id:   pulumi.String("some_app_id"),
					Type: pulumi.String("APP"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

Checked `Okta` and unchecked `Applications` checkboxes in the `User is accessing` section corresponds to the following config:

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{
			Type: "MFA_ENROLL",
		}, nil)
		if err != nil {
			return err
		}
		_, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{
			PolicyId: *pulumi.String(exampleDefaultPolicy.Id),
			AppIncludes: policy.RuleMfaAppIncludeArray{
				&policy.RuleMfaAppIncludeArgs{
					Name: pulumi.String("okta"),
					Type: pulumi.String("APP_TYPE"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

Checked `Okta` and checked `Applications` (with `Any application that supports MFA enrollment` option) checkboxes in the `User is accessing` section corresponds to the following config:

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{
			Type: "MFA_ENROLL",
		}, nil)
		if err != nil {
			return err
		}
		_, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{
			PolicyId: *pulumi.String(exampleDefaultPolicy.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

Checked `Okta` and checked `Applications` (with `Specific applications` option) checkboxes in the `User is accessing` section corresponds to the following config:

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleDefaultPolicy, err := policy.GetDefaultPolicy(ctx, &policy.GetDefaultPolicyArgs{
			Type: "MFA_ENROLL",
		}, nil)
		if err != nil {
			return err
		}
		_, err = policy.NewRuleMfa(ctx, "exampleRuleMfa", &policy.RuleMfaArgs{
			PolicyId: *pulumi.String(exampleDefaultPolicy.Id),
			AppIncludes: policy.RuleMfaAppIncludeArray{
				&policy.RuleMfaAppIncludeArgs{
					Name: pulumi.String("okta"),
					Type: pulumi.String("APP_TYPE"),
				},
				&policy.RuleMfaAppIncludeArgs{
					Id:   pulumi.String("some_app_id"),
					Type: pulumi.String("APP"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

A Policy Rule can be imported via the Policy and Rule ID.

```sh 

$ pulumi import okta:policy/ruleMfa:RuleMfa example &#60;policy id&#62;/&#60;rule id&#62;

```

func GetRuleMfa 

func GetRuleMfa(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RuleMfaState, opts ...pulumi.ResourceOption) (*RuleMfa, error)

GetRuleMfa gets an existing RuleMfa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRuleMfa 

func NewRuleMfa(ctx *pulumi.Context,
	name string, args *RuleMfaArgs, opts ...pulumi.ResourceOption) (*RuleMfa, error)

NewRuleMfa registers a new resource with the given unique name, arguments, and options.

func (*RuleMfa) ElementType 

func (*RuleMfa) ElementType() reflect.Type

func (*RuleMfa) ToRuleMfaOutput 

func (i *RuleMfa) ToRuleMfaOutput() RuleMfaOutput

func (*RuleMfa) ToRuleMfaOutputWithContext 

func (i *RuleMfa) ToRuleMfaOutputWithContext(ctx context.Context) RuleMfaOutput

type RuleMfaAppExclude added in v3.3.0 

type RuleMfaAppExclude struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id *string `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name *string `pulumi:"name"`
	// One of: `"APP"`, `"APP_TYPE"`
	Type string `pulumi:"type"`
}

type RuleMfaAppExcludeArgs added in v3.3.0 

type RuleMfaAppExcludeArgs struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id pulumi.StringPtrInput `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// One of: `"APP"`, `"APP_TYPE"`
	Type pulumi.StringInput `pulumi:"type"`
}

func (RuleMfaAppExcludeArgs) ElementType added in v3.3.0 

func (RuleMfaAppExcludeArgs) ElementType() reflect.Type

func (RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutput added in v3.3.0 

func (i RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutput() RuleMfaAppExcludeOutput

func (RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutputWithContext added in v3.3.0 

func (i RuleMfaAppExcludeArgs) ToRuleMfaAppExcludeOutputWithContext(ctx context.Context) RuleMfaAppExcludeOutput

type RuleMfaAppExcludeArray added in v3.3.0 

type RuleMfaAppExcludeArray []RuleMfaAppExcludeInput

func (RuleMfaAppExcludeArray) ElementType added in v3.3.0 

func (RuleMfaAppExcludeArray) ElementType() reflect.Type

func (RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutput added in v3.3.0 

func (i RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutput() RuleMfaAppExcludeArrayOutput

func (RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutputWithContext added in v3.3.0 

func (i RuleMfaAppExcludeArray) ToRuleMfaAppExcludeArrayOutputWithContext(ctx context.Context) RuleMfaAppExcludeArrayOutput

type RuleMfaAppExcludeArrayInput added in v3.3.0 

type RuleMfaAppExcludeArrayInput interface {
	pulumi.Input

	ToRuleMfaAppExcludeArrayOutput() RuleMfaAppExcludeArrayOutput
	ToRuleMfaAppExcludeArrayOutputWithContext(context.Context) RuleMfaAppExcludeArrayOutput
}

RuleMfaAppExcludeArrayInput is an input type that accepts RuleMfaAppExcludeArray and RuleMfaAppExcludeArrayOutput values. You can construct a concrete instance of `RuleMfaAppExcludeArrayInput` via: 

RuleMfaAppExcludeArray{ RuleMfaAppExcludeArgs{...} }

type RuleMfaAppExcludeArrayOutput added in v3.3.0 

type RuleMfaAppExcludeArrayOutput struct{ *pulumi.OutputState }

func (RuleMfaAppExcludeArrayOutput) ElementType added in v3.3.0 

func (RuleMfaAppExcludeArrayOutput) ElementType() reflect.Type

func (RuleMfaAppExcludeArrayOutput) Index added in v3.3.0 

func (o RuleMfaAppExcludeArrayOutput) Index(i pulumi.IntInput) RuleMfaAppExcludeOutput

func (RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutput added in v3.3.0 

func (o RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutput() RuleMfaAppExcludeArrayOutput

func (RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutputWithContext added in v3.3.0 

func (o RuleMfaAppExcludeArrayOutput) ToRuleMfaAppExcludeArrayOutputWithContext(ctx context.Context) RuleMfaAppExcludeArrayOutput

type RuleMfaAppExcludeInput added in v3.3.0 

type RuleMfaAppExcludeInput interface {
	pulumi.Input

	ToRuleMfaAppExcludeOutput() RuleMfaAppExcludeOutput
	ToRuleMfaAppExcludeOutputWithContext(context.Context) RuleMfaAppExcludeOutput
}

RuleMfaAppExcludeInput is an input type that accepts RuleMfaAppExcludeArgs and RuleMfaAppExcludeOutput values. You can construct a concrete instance of `RuleMfaAppExcludeInput` via: 

RuleMfaAppExcludeArgs{...}

type RuleMfaAppExcludeOutput added in v3.3.0 

type RuleMfaAppExcludeOutput struct{ *pulumi.OutputState }

func (RuleMfaAppExcludeOutput) ElementType added in v3.3.0 

func (RuleMfaAppExcludeOutput) ElementType() reflect.Type

func (RuleMfaAppExcludeOutput) Id added in v3.3.0 

func (o RuleMfaAppExcludeOutput) Id() pulumi.StringPtrOutput

Use if `type` is `"APP"` to indicate the application id to include.

func (RuleMfaAppExcludeOutput) Name added in v3.3.0 

func (o RuleMfaAppExcludeOutput) Name() pulumi.StringPtrOutput

Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.

func (RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutput added in v3.3.0 

func (o RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutput() RuleMfaAppExcludeOutput

func (RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutputWithContext added in v3.3.0 

func (o RuleMfaAppExcludeOutput) ToRuleMfaAppExcludeOutputWithContext(ctx context.Context) RuleMfaAppExcludeOutput

func (RuleMfaAppExcludeOutput) Type added in v3.3.0 

func (o RuleMfaAppExcludeOutput) Type() pulumi.StringOutput

One of: `"APP"`, `"APP_TYPE"`

type RuleMfaAppInclude added in v3.3.0 

type RuleMfaAppInclude struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id *string `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name *string `pulumi:"name"`
	// One of: `"APP"`, `"APP_TYPE"`
	Type string `pulumi:"type"`
}

type RuleMfaAppIncludeArgs added in v3.3.0 

type RuleMfaAppIncludeArgs struct {
	// Use if `type` is `"APP"` to indicate the application id to include.
	Id pulumi.StringPtrInput `pulumi:"id"`
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// One of: `"APP"`, `"APP_TYPE"`
	Type pulumi.StringInput `pulumi:"type"`
}

func (RuleMfaAppIncludeArgs) ElementType added in v3.3.0 

func (RuleMfaAppIncludeArgs) ElementType() reflect.Type

func (RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutput added in v3.3.0 

func (i RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutput() RuleMfaAppIncludeOutput

func (RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutputWithContext added in v3.3.0 

func (i RuleMfaAppIncludeArgs) ToRuleMfaAppIncludeOutputWithContext(ctx context.Context) RuleMfaAppIncludeOutput

type RuleMfaAppIncludeArray added in v3.3.0 

type RuleMfaAppIncludeArray []RuleMfaAppIncludeInput

func (RuleMfaAppIncludeArray) ElementType added in v3.3.0 

func (RuleMfaAppIncludeArray) ElementType() reflect.Type

func (RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutput added in v3.3.0 

func (i RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutput() RuleMfaAppIncludeArrayOutput

func (RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutputWithContext added in v3.3.0 

func (i RuleMfaAppIncludeArray) ToRuleMfaAppIncludeArrayOutputWithContext(ctx context.Context) RuleMfaAppIncludeArrayOutput

type RuleMfaAppIncludeArrayInput added in v3.3.0 

type RuleMfaAppIncludeArrayInput interface {
	pulumi.Input

	ToRuleMfaAppIncludeArrayOutput() RuleMfaAppIncludeArrayOutput
	ToRuleMfaAppIncludeArrayOutputWithContext(context.Context) RuleMfaAppIncludeArrayOutput
}

RuleMfaAppIncludeArrayInput is an input type that accepts RuleMfaAppIncludeArray and RuleMfaAppIncludeArrayOutput values. You can construct a concrete instance of `RuleMfaAppIncludeArrayInput` via: 

RuleMfaAppIncludeArray{ RuleMfaAppIncludeArgs{...} }

type RuleMfaAppIncludeArrayOutput added in v3.3.0 

type RuleMfaAppIncludeArrayOutput struct{ *pulumi.OutputState }

func (RuleMfaAppIncludeArrayOutput) ElementType added in v3.3.0 

func (RuleMfaAppIncludeArrayOutput) ElementType() reflect.Type

func (RuleMfaAppIncludeArrayOutput) Index added in v3.3.0 

func (o RuleMfaAppIncludeArrayOutput) Index(i pulumi.IntInput) RuleMfaAppIncludeOutput

func (RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutput added in v3.3.0 

func (o RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutput() RuleMfaAppIncludeArrayOutput

func (RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutputWithContext added in v3.3.0 

func (o RuleMfaAppIncludeArrayOutput) ToRuleMfaAppIncludeArrayOutputWithContext(ctx context.Context) RuleMfaAppIncludeArrayOutput

type RuleMfaAppIncludeInput added in v3.3.0 

type RuleMfaAppIncludeInput interface {
	pulumi.Input

	ToRuleMfaAppIncludeOutput() RuleMfaAppIncludeOutput
	ToRuleMfaAppIncludeOutputWithContext(context.Context) RuleMfaAppIncludeOutput
}

RuleMfaAppIncludeInput is an input type that accepts RuleMfaAppIncludeArgs and RuleMfaAppIncludeOutput values. You can construct a concrete instance of `RuleMfaAppIncludeInput` via: 

RuleMfaAppIncludeArgs{...}

type RuleMfaAppIncludeOutput added in v3.3.0 

type RuleMfaAppIncludeOutput struct{ *pulumi.OutputState }

func (RuleMfaAppIncludeOutput) ElementType added in v3.3.0 

func (RuleMfaAppIncludeOutput) ElementType() reflect.Type

func (RuleMfaAppIncludeOutput) Id added in v3.3.0 

func (o RuleMfaAppIncludeOutput) Id() pulumi.StringPtrOutput

Use if `type` is `"APP"` to indicate the application id to include.

func (RuleMfaAppIncludeOutput) Name added in v3.3.0 

func (o RuleMfaAppIncludeOutput) Name() pulumi.StringPtrOutput

Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.

func (RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutput added in v3.3.0 

func (o RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutput() RuleMfaAppIncludeOutput

func (RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutputWithContext added in v3.3.0 

func (o RuleMfaAppIncludeOutput) ToRuleMfaAppIncludeOutputWithContext(ctx context.Context) RuleMfaAppIncludeOutput

func (RuleMfaAppIncludeOutput) Type added in v3.3.0 

func (o RuleMfaAppIncludeOutput) Type() pulumi.StringOutput

One of: `"APP"`, `"APP_TYPE"`

type RuleMfaArgs 

type RuleMfaArgs struct {
	// Applications to exclude
	AppExcludes RuleMfaAppExcludeArrayInput
	// Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.
	AppIncludes RuleMfaAppIncludeArrayInput
	// When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`.
	Enroll pulumi.StringPtrInput
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
	NetworkConnection pulumi.StringPtrInput
	// The network zones to exclude. Conflicts with `networkIncludes`.
	NetworkExcludes pulumi.StringArrayInput
	// The network zones to include. Conflicts with `networkExcludes`.
	NetworkIncludes pulumi.StringArrayInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
	Priority pulumi.IntPtrInput
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
	// Set of User IDs to Exclude
	UsersExcludeds pulumi.StringArrayInput
}

The set of arguments for constructing a RuleMfa resource.

func (RuleMfaArgs) ElementType 

func (RuleMfaArgs) ElementType() reflect.Type

type RuleMfaArray 

type RuleMfaArray []RuleMfaInput

func (RuleMfaArray) ElementType 

func (RuleMfaArray) ElementType() reflect.Type

func (RuleMfaArray) ToRuleMfaArrayOutput 

func (i RuleMfaArray) ToRuleMfaArrayOutput() RuleMfaArrayOutput

func (RuleMfaArray) ToRuleMfaArrayOutputWithContext 

func (i RuleMfaArray) ToRuleMfaArrayOutputWithContext(ctx context.Context) RuleMfaArrayOutput

type RuleMfaArrayInput 

type RuleMfaArrayInput interface {
	pulumi.Input

	ToRuleMfaArrayOutput() RuleMfaArrayOutput
	ToRuleMfaArrayOutputWithContext(context.Context) RuleMfaArrayOutput
}

RuleMfaArrayInput is an input type that accepts RuleMfaArray and RuleMfaArrayOutput values. You can construct a concrete instance of `RuleMfaArrayInput` via: 

RuleMfaArray{ RuleMfaArgs{...} }

type RuleMfaArrayOutput 

type RuleMfaArrayOutput struct{ *pulumi.OutputState }

func (RuleMfaArrayOutput) ElementType 

func (RuleMfaArrayOutput) ElementType() reflect.Type

func (RuleMfaArrayOutput) Index 

func (o RuleMfaArrayOutput) Index(i pulumi.IntInput) RuleMfaOutput

func (RuleMfaArrayOutput) ToRuleMfaArrayOutput 

func (o RuleMfaArrayOutput) ToRuleMfaArrayOutput() RuleMfaArrayOutput

func (RuleMfaArrayOutput) ToRuleMfaArrayOutputWithContext 

func (o RuleMfaArrayOutput) ToRuleMfaArrayOutputWithContext(ctx context.Context) RuleMfaArrayOutput

type RuleMfaInput 

type RuleMfaInput interface {
	pulumi.Input

	ToRuleMfaOutput() RuleMfaOutput
	ToRuleMfaOutputWithContext(ctx context.Context) RuleMfaOutput
}

type RuleMfaMap 

type RuleMfaMap map[string]RuleMfaInput

func (RuleMfaMap) ElementType 

func (RuleMfaMap) ElementType() reflect.Type

func (RuleMfaMap) ToRuleMfaMapOutput 

func (i RuleMfaMap) ToRuleMfaMapOutput() RuleMfaMapOutput

func (RuleMfaMap) ToRuleMfaMapOutputWithContext 

func (i RuleMfaMap) ToRuleMfaMapOutputWithContext(ctx context.Context) RuleMfaMapOutput

type RuleMfaMapInput 

type RuleMfaMapInput interface {
	pulumi.Input

	ToRuleMfaMapOutput() RuleMfaMapOutput
	ToRuleMfaMapOutputWithContext(context.Context) RuleMfaMapOutput
}

RuleMfaMapInput is an input type that accepts RuleMfaMap and RuleMfaMapOutput values. You can construct a concrete instance of `RuleMfaMapInput` via: 

RuleMfaMap{ "key": RuleMfaArgs{...} }

type RuleMfaMapOutput 

type RuleMfaMapOutput struct{ *pulumi.OutputState }

func (RuleMfaMapOutput) ElementType 

func (RuleMfaMapOutput) ElementType() reflect.Type

func (RuleMfaMapOutput) MapIndex 

func (o RuleMfaMapOutput) MapIndex(k pulumi.StringInput) RuleMfaOutput

func (RuleMfaMapOutput) ToRuleMfaMapOutput 

func (o RuleMfaMapOutput) ToRuleMfaMapOutput() RuleMfaMapOutput

func (RuleMfaMapOutput) ToRuleMfaMapOutputWithContext 

func (o RuleMfaMapOutput) ToRuleMfaMapOutputWithContext(ctx context.Context) RuleMfaMapOutput

type RuleMfaOutput 

type RuleMfaOutput struct{ *pulumi.OutputState }

func (RuleMfaOutput) AppExcludes added in v3.9.0 

func (o RuleMfaOutput) AppExcludes() RuleMfaAppExcludeArrayOutput

Applications to exclude

func (RuleMfaOutput) AppIncludes added in v3.9.0 

func (o RuleMfaOutput) AppIncludes() RuleMfaAppIncludeArrayOutput

Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.

func (RuleMfaOutput) ElementType 

func (RuleMfaOutput) ElementType() reflect.Type

func (RuleMfaOutput) Enroll added in v3.9.0 

func (o RuleMfaOutput) Enroll() pulumi.StringPtrOutput

When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`.

func (RuleMfaOutput) Name added in v3.9.0 

func (o RuleMfaOutput) Name() pulumi.StringOutput

Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.

func (RuleMfaOutput) NetworkConnection added in v3.9.0 

func (o RuleMfaOutput) NetworkConnection() pulumi.StringPtrOutput

Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.

func (RuleMfaOutput) NetworkExcludes added in v3.9.0 

func (o RuleMfaOutput) NetworkExcludes() pulumi.StringArrayOutput

The network zones to exclude. Conflicts with `networkIncludes`.

func (RuleMfaOutput) NetworkIncludes added in v3.9.0 

func (o RuleMfaOutput) NetworkIncludes() pulumi.StringArrayOutput

The network zones to include. Conflicts with `networkExcludes`.

func (RuleMfaOutput) PolicyId added in v3.9.0 

func (o RuleMfaOutput) PolicyId() pulumi.StringPtrOutput

Policy ID.

func (RuleMfaOutput) Policyid deprecated added in v3.9.0 

func (o RuleMfaOutput) Policyid() pulumi.StringPtrOutput

Policy ID.

Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead

func (RuleMfaOutput) Priority added in v3.9.0 

func (o RuleMfaOutput) Priority() pulumi.IntPtrOutput

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.

func (RuleMfaOutput) Status added in v3.9.0 

func (o RuleMfaOutput) Status() pulumi.StringPtrOutput

Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.

func (RuleMfaOutput) ToRuleMfaOutput 

func (o RuleMfaOutput) ToRuleMfaOutput() RuleMfaOutput

func (RuleMfaOutput) ToRuleMfaOutputWithContext 

func (o RuleMfaOutput) ToRuleMfaOutputWithContext(ctx context.Context) RuleMfaOutput

func (RuleMfaOutput) UsersExcludeds added in v3.9.0 

func (o RuleMfaOutput) UsersExcludeds() pulumi.StringArrayOutput

Set of User IDs to Exclude

type RuleMfaState 

type RuleMfaState struct {
	// Applications to exclude
	AppExcludes RuleMfaAppExcludeArrayInput
	// Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.
	AppIncludes RuleMfaAppIncludeArrayInput
	// When a user should be prompted for MFA. It can be `"CHALLENGE"`, `"LOGIN"`, or `"NEVER"`.
	Enroll pulumi.StringPtrInput
	// Use if the `type` is `"APP_TYPE"` to indicate the type of application(s) to include in instances where an entire group (i.e. `yahooMail`) of applications should be included.
	Name pulumi.StringPtrInput
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
	NetworkConnection pulumi.StringPtrInput
	// The network zones to exclude. Conflicts with `networkIncludes`.
	NetworkExcludes pulumi.StringArrayInput
	// The network zones to include. Conflicts with `networkExcludes`.
	NetworkIncludes pulumi.StringArrayInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
	Priority pulumi.IntPtrInput
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
	// Set of User IDs to Exclude
	UsersExcludeds pulumi.StringArrayInput
}

func (RuleMfaState) ElementType 

func (RuleMfaState) ElementType() reflect.Type

type RulePassword 

type RulePassword struct {
	pulumi.CustomResourceState

	// Policy Rule Name. Type `"string"`
	Name pulumi.StringOutput `pulumi:"name"`
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"`
	NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"`
	// The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"`
	NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"`
	// The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"`
	NetworkIncludes pulumi.StringArrayOutput `pulumi:"networkIncludes"`
	// Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
	PasswordChange pulumi.StringPtrOutput `pulumi:"passwordChange"`
	// Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
	PasswordReset pulumi.StringPtrOutput `pulumi:"passwordReset"`
	// Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"`
	PasswordUnlock pulumi.StringPtrOutput `pulumi:"passwordUnlock"`
	// Policy ID.
	PolicyId pulumi.StringPtrOutput `pulumi:"policyId"`
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrOutput `pulumi:"policyid"`
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"`
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// The users to exclude. Type `"set(string)"`
	UsersExcludeds pulumi.StringArrayOutput `pulumi:"usersExcludeds"`
}

Creates a Password Policy Rule.

This resource allows you to create and configure a Password Policy Rule.

## Import

A Policy Rule can be imported via the Policy and Rule ID.

```sh 

$ pulumi import okta:policy/rulePassword:RulePassword example &#60;policy id&#62;/&#60;rule id&#62;

```

func GetRulePassword 

func GetRulePassword(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RulePasswordState, opts ...pulumi.ResourceOption) (*RulePassword, error)

GetRulePassword gets an existing RulePassword resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRulePassword 

func NewRulePassword(ctx *pulumi.Context,
	name string, args *RulePasswordArgs, opts ...pulumi.ResourceOption) (*RulePassword, error)

NewRulePassword registers a new resource with the given unique name, arguments, and options.

func (*RulePassword) ElementType 

func (*RulePassword) ElementType() reflect.Type

func (*RulePassword) ToRulePasswordOutput 

func (i *RulePassword) ToRulePasswordOutput() RulePasswordOutput

func (*RulePassword) ToRulePasswordOutputWithContext 

func (i *RulePassword) ToRulePasswordOutputWithContext(ctx context.Context) RulePasswordOutput

type RulePasswordArgs 

type RulePasswordArgs struct {
	// Policy Rule Name. Type `"string"`
	Name pulumi.StringPtrInput
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"`
	NetworkConnection pulumi.StringPtrInput
	// The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"`
	NetworkExcludes pulumi.StringArrayInput
	// The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"`
	NetworkIncludes pulumi.StringArrayInput
	// Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
	PasswordChange pulumi.StringPtrInput
	// Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
	PasswordReset pulumi.StringPtrInput
	// Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"`
	PasswordUnlock pulumi.StringPtrInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"`
	Priority pulumi.IntPtrInput
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
	Status pulumi.StringPtrInput
	// The users to exclude. Type `"set(string)"`
	UsersExcludeds pulumi.StringArrayInput
}

The set of arguments for constructing a RulePassword resource.

func (RulePasswordArgs) ElementType 

func (RulePasswordArgs) ElementType() reflect.Type

type RulePasswordArray 

type RulePasswordArray []RulePasswordInput

func (RulePasswordArray) ElementType 

func (RulePasswordArray) ElementType() reflect.Type

func (RulePasswordArray) ToRulePasswordArrayOutput 

func (i RulePasswordArray) ToRulePasswordArrayOutput() RulePasswordArrayOutput

func (RulePasswordArray) ToRulePasswordArrayOutputWithContext 

func (i RulePasswordArray) ToRulePasswordArrayOutputWithContext(ctx context.Context) RulePasswordArrayOutput

type RulePasswordArrayInput 

type RulePasswordArrayInput interface {
	pulumi.Input

	ToRulePasswordArrayOutput() RulePasswordArrayOutput
	ToRulePasswordArrayOutputWithContext(context.Context) RulePasswordArrayOutput
}

RulePasswordArrayInput is an input type that accepts RulePasswordArray and RulePasswordArrayOutput values. You can construct a concrete instance of `RulePasswordArrayInput` via: 

RulePasswordArray{ RulePasswordArgs{...} }

type RulePasswordArrayOutput 

type RulePasswordArrayOutput struct{ *pulumi.OutputState }

func (RulePasswordArrayOutput) ElementType 

func (RulePasswordArrayOutput) ElementType() reflect.Type

func (RulePasswordArrayOutput) Index 

func (o RulePasswordArrayOutput) Index(i pulumi.IntInput) RulePasswordOutput

func (RulePasswordArrayOutput) ToRulePasswordArrayOutput 

func (o RulePasswordArrayOutput) ToRulePasswordArrayOutput() RulePasswordArrayOutput

func (RulePasswordArrayOutput) ToRulePasswordArrayOutputWithContext 

func (o RulePasswordArrayOutput) ToRulePasswordArrayOutputWithContext(ctx context.Context) RulePasswordArrayOutput

type RulePasswordInput 

type RulePasswordInput interface {
	pulumi.Input

	ToRulePasswordOutput() RulePasswordOutput
	ToRulePasswordOutputWithContext(ctx context.Context) RulePasswordOutput
}

type RulePasswordMap 

type RulePasswordMap map[string]RulePasswordInput

func (RulePasswordMap) ElementType 

func (RulePasswordMap) ElementType() reflect.Type

func (RulePasswordMap) ToRulePasswordMapOutput 

func (i RulePasswordMap) ToRulePasswordMapOutput() RulePasswordMapOutput

func (RulePasswordMap) ToRulePasswordMapOutputWithContext 

func (i RulePasswordMap) ToRulePasswordMapOutputWithContext(ctx context.Context) RulePasswordMapOutput

type RulePasswordMapInput 

type RulePasswordMapInput interface {
	pulumi.Input

	ToRulePasswordMapOutput() RulePasswordMapOutput
	ToRulePasswordMapOutputWithContext(context.Context) RulePasswordMapOutput
}

RulePasswordMapInput is an input type that accepts RulePasswordMap and RulePasswordMapOutput values. You can construct a concrete instance of `RulePasswordMapInput` via: 

RulePasswordMap{ "key": RulePasswordArgs{...} }

type RulePasswordMapOutput 

type RulePasswordMapOutput struct{ *pulumi.OutputState }

func (RulePasswordMapOutput) ElementType 

func (RulePasswordMapOutput) ElementType() reflect.Type

func (RulePasswordMapOutput) MapIndex 

func (o RulePasswordMapOutput) MapIndex(k pulumi.StringInput) RulePasswordOutput

func (RulePasswordMapOutput) ToRulePasswordMapOutput 

func (o RulePasswordMapOutput) ToRulePasswordMapOutput() RulePasswordMapOutput

func (RulePasswordMapOutput) ToRulePasswordMapOutputWithContext 

func (o RulePasswordMapOutput) ToRulePasswordMapOutputWithContext(ctx context.Context) RulePasswordMapOutput

type RulePasswordOutput 

type RulePasswordOutput struct{ *pulumi.OutputState }

func (RulePasswordOutput) ElementType 

func (RulePasswordOutput) ElementType() reflect.Type

func (RulePasswordOutput) Name added in v3.9.0 

func (o RulePasswordOutput) Name() pulumi.StringOutput

Policy Rule Name. Type `"string"`

func (RulePasswordOutput) NetworkConnection added in v3.9.0 

func (o RulePasswordOutput) NetworkConnection() pulumi.StringPtrOutput

Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"`

func (RulePasswordOutput) NetworkExcludes added in v3.9.0 

func (o RulePasswordOutput) NetworkExcludes() pulumi.StringArrayOutput

The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"`

func (RulePasswordOutput) NetworkIncludes added in v3.9.0 

func (o RulePasswordOutput) NetworkIncludes() pulumi.StringArrayOutput

The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"`

func (RulePasswordOutput) PasswordChange added in v3.9.0 

func (o RulePasswordOutput) PasswordChange() pulumi.StringPtrOutput

Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`

func (RulePasswordOutput) PasswordReset added in v3.9.0 

func (o RulePasswordOutput) PasswordReset() pulumi.StringPtrOutput

Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`

func (RulePasswordOutput) PasswordUnlock added in v3.9.0 

func (o RulePasswordOutput) PasswordUnlock() pulumi.StringPtrOutput

Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"`

func (RulePasswordOutput) PolicyId added in v3.9.0 

func (o RulePasswordOutput) PolicyId() pulumi.StringPtrOutput

Policy ID.

func (RulePasswordOutput) Policyid deprecated added in v3.9.0 

func (o RulePasswordOutput) Policyid() pulumi.StringPtrOutput

Policy ID.

Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead

func (RulePasswordOutput) Priority added in v3.9.0 

func (o RulePasswordOutput) Priority() pulumi.IntPtrOutput

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"`

func (RulePasswordOutput) Status added in v3.9.0 

func (o RulePasswordOutput) Status() pulumi.StringPtrOutput

Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`

func (RulePasswordOutput) ToRulePasswordOutput 

func (o RulePasswordOutput) ToRulePasswordOutput() RulePasswordOutput

func (RulePasswordOutput) ToRulePasswordOutputWithContext 

func (o RulePasswordOutput) ToRulePasswordOutputWithContext(ctx context.Context) RulePasswordOutput

func (RulePasswordOutput) UsersExcludeds added in v3.9.0 

func (o RulePasswordOutput) UsersExcludeds() pulumi.StringArrayOutput

The users to exclude. Type `"set(string)"`

type RulePasswordState 

type RulePasswordState struct {
	// Policy Rule Name. Type `"string"`
	Name pulumi.StringPtrInput
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`. Type `"string"`
	NetworkConnection pulumi.StringPtrInput
	// The network zones to exclude. Conflicts with `networkIncludes`. Type `"list(string)"`
	NetworkExcludes pulumi.StringArrayInput
	// The network zones to include. Conflicts with `networkExcludes`. Type `"list(string)"`
	NetworkIncludes pulumi.StringArrayInput
	// Allow or deny a user to change their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
	PasswordChange pulumi.StringPtrInput
	// Allow or deny a user to reset their password: `"ALLOW"` or `"DENY"`. By default, it is `"ALLOW"`. Type `"string"`
	PasswordReset pulumi.StringPtrInput
	// Allow or deny a user to unlock: `"ALLOW"` or `"DENY"`. By default, it is `"DENY"`, Type `"string"`
	PasswordUnlock pulumi.StringPtrInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there. Type `"number"`
	Priority pulumi.IntPtrInput
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`. Type `"string"`
	Status pulumi.StringPtrInput
	// The users to exclude. Type `"set(string)"`
	UsersExcludeds pulumi.StringArrayInput
}

func (RulePasswordState) ElementType 

func (RulePasswordState) ElementType() reflect.Type

type RuleSignon 

type RuleSignon struct {
	pulumi.CustomResourceState

	// Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`.
	Access pulumi.StringPtrOutput `pulumi:"access"`
	// Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`.
	Authtype pulumi.StringPtrOutput `pulumi:"authtype"`
	// List of behavior IDs.
	Behaviors pulumi.StringArrayOutput `pulumi:"behaviors"`
	// Auth factor sequences. Should be set if `access = "CHALLENGE"`.
	FactorSequences RuleSignonFactorSequenceArrayOutput `pulumi:"factorSequences"`
	// Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`.
	IdentityProvider pulumi.StringPtrOutput `pulumi:"identityProvider"`
	// When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on.
	IdentityProviderIds pulumi.StringArrayOutput `pulumi:"identityProviderIds"`
	// Elapsed time before the next MFA challenge.
	MfaLifetime pulumi.IntPtrOutput `pulumi:"mfaLifetime"`
	// Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`.
	MfaPrompt pulumi.StringPtrOutput `pulumi:"mfaPrompt"`
	// Remember MFA device. The default `false`.
	MfaRememberDevice pulumi.BoolPtrOutput `pulumi:"mfaRememberDevice"`
	// Require MFA. By default is `false`.
	MfaRequired pulumi.BoolPtrOutput `pulumi:"mfaRequired"`
	// Policy Rule Name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
	NetworkConnection pulumi.StringPtrOutput `pulumi:"networkConnection"`
	// The network zones to exclude. Conflicts with `networkIncludes`.
	NetworkExcludes pulumi.StringArrayOutput `pulumi:"networkExcludes"`
	// The network zones to include. Conflicts with `networkExcludes`.
	NetworkIncludes pulumi.StringArrayOutput `pulumi:"networkIncludes"`
	// Policy ID.
	PolicyId pulumi.StringPtrOutput `pulumi:"policyId"`
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrOutput `pulumi:"policyid"`
	// Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values:
	// `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`.
	PrimaryFactor pulumi.StringOutput `pulumi:"primaryFactor"`
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also
	// set to an empty string in case `RISC_SCORING` org feature flag is disabled.
	RiscLevel pulumi.StringPtrOutput `pulumi:"riscLevel"`
	// Max minutes a session can be idle.,
	SessionIdle pulumi.IntPtrOutput `pulumi:"sessionIdle"`
	// Max minutes a session is active: Disable = 0.
	SessionLifetime pulumi.IntPtrOutput `pulumi:"sessionLifetime"`
	// Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
	SessionPersistent pulumi.BoolPtrOutput `pulumi:"sessionPersistent"`
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// The list of user IDs that would be excluded when rules are processed.
	UsersExcludeds pulumi.StringArrayOutput `pulumi:"usersExcludeds"`
}

Creates a Sign On Policy Rule. In case `Invalid condition type specified: riskScore.` error is thrown, set `riscLevel` to an empty string, since this feature is not enabled.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta"
"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.NewSignon(ctx, "test", &policy.SignonArgs{
			Status:      pulumi.String("ACTIVE"),
			Description: pulumi.String("Example Policy"),
		})
		if err != nil {
			return err
		}
		newCity, err := okta.LookupBehaviour(ctx, &okta.LookupBehaviourArgs{
			Name: pulumi.StringRef("New City"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = policy.NewRuleSignon(ctx, "example", &policy.RuleSignonArgs{
			Access:            pulumi.String("CHALLENGE"),
			Authtype:          pulumi.String("RADIUS"),
			NetworkConnection: pulumi.String("ANYWHERE"),
			PolicyId:          pulumi.Any(okta_policy_signon.Example.Id),
			Status:            pulumi.String("ACTIVE"),
			RiscLevel:         pulumi.String("HIGH"),
			Behaviors: pulumi.StringArray{
				*pulumi.String(newCity.Id),
			},
			FactorSequences: policy.RuleSignonFactorSequenceArray{
				&policy.RuleSignonFactorSequenceArgs{
					PrimaryCriteriaFactorType: pulumi.String("token:hotp"),
					PrimaryCriteriaProvider:   pulumi.String("CUSTOM"),
					SecondaryCriterias: policy.RuleSignonFactorSequenceSecondaryCriteriaArray{
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("token:software:totp"),
							Provider:   pulumi.String("OKTA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("push"),
							Provider:   pulumi.String("OKTA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("password"),
							Provider:   pulumi.String("OKTA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("question"),
							Provider:   pulumi.String("OKTA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("sms"),
							Provider:   pulumi.String("OKTA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("token:software:totp"),
							Provider:   pulumi.String("GOOGLE"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("email"),
							Provider:   pulumi.String("OKTA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("call"),
							Provider:   pulumi.String("OKTA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("webauthn"),
							Provider:   pulumi.String("FIDO"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("token"),
							Provider:   pulumi.String("RSA"),
						},
						&policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{
							FactorType: pulumi.String("token"),
							Provider:   pulumi.String("SYMANTEC"),
						},
					},
				},
				&policy.RuleSignonFactorSequenceArgs{
					PrimaryCriteriaFactorType: pulumi.String("token:software:totp"),
					PrimaryCriteriaProvider:   pulumi.String("OKTA"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

A Policy Rule can be imported via the Policy and Rule ID.

```sh 

$ pulumi import okta:policy/ruleSignon:RuleSignon example &#60;policy id&#62;/&#60;rule id&#62;

```

func GetRuleSignon 

func GetRuleSignon(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RuleSignonState, opts ...pulumi.ResourceOption) (*RuleSignon, error)

GetRuleSignon gets an existing RuleSignon resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRuleSignon 

func NewRuleSignon(ctx *pulumi.Context,
	name string, args *RuleSignonArgs, opts ...pulumi.ResourceOption) (*RuleSignon, error)

NewRuleSignon registers a new resource with the given unique name, arguments, and options.

func (*RuleSignon) ElementType 

func (*RuleSignon) ElementType() reflect.Type

func (*RuleSignon) ToRuleSignonOutput 

func (i *RuleSignon) ToRuleSignonOutput() RuleSignonOutput

func (*RuleSignon) ToRuleSignonOutputWithContext 

func (i *RuleSignon) ToRuleSignonOutputWithContext(ctx context.Context) RuleSignonOutput

type RuleSignonArgs 

type RuleSignonArgs struct {
	// Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`.
	Access pulumi.StringPtrInput
	// Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`.
	Authtype pulumi.StringPtrInput
	// List of behavior IDs.
	Behaviors pulumi.StringArrayInput
	// Auth factor sequences. Should be set if `access = "CHALLENGE"`.
	FactorSequences RuleSignonFactorSequenceArrayInput
	// Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`.
	IdentityProvider pulumi.StringPtrInput
	// When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on.
	IdentityProviderIds pulumi.StringArrayInput
	// Elapsed time before the next MFA challenge.
	MfaLifetime pulumi.IntPtrInput
	// Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`.
	MfaPrompt pulumi.StringPtrInput
	// Remember MFA device. The default `false`.
	MfaRememberDevice pulumi.BoolPtrInput
	// Require MFA. By default is `false`.
	MfaRequired pulumi.BoolPtrInput
	// Policy Rule Name.
	Name pulumi.StringPtrInput
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
	NetworkConnection pulumi.StringPtrInput
	// The network zones to exclude. Conflicts with `networkIncludes`.
	NetworkExcludes pulumi.StringArrayInput
	// The network zones to include. Conflicts with `networkExcludes`.
	NetworkIncludes pulumi.StringArrayInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values:
	// `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`.
	PrimaryFactor pulumi.StringPtrInput
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
	Priority pulumi.IntPtrInput
	// Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also
	// set to an empty string in case `RISC_SCORING` org feature flag is disabled.
	RiscLevel pulumi.StringPtrInput
	// Max minutes a session can be idle.,
	SessionIdle pulumi.IntPtrInput
	// Max minutes a session is active: Disable = 0.
	SessionLifetime pulumi.IntPtrInput
	// Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
	SessionPersistent pulumi.BoolPtrInput
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
	// The list of user IDs that would be excluded when rules are processed.
	UsersExcludeds pulumi.StringArrayInput
}

The set of arguments for constructing a RuleSignon resource.

func (RuleSignonArgs) ElementType 

func (RuleSignonArgs) ElementType() reflect.Type

type RuleSignonArray 

type RuleSignonArray []RuleSignonInput

func (RuleSignonArray) ElementType 

func (RuleSignonArray) ElementType() reflect.Type

func (RuleSignonArray) ToRuleSignonArrayOutput 

func (i RuleSignonArray) ToRuleSignonArrayOutput() RuleSignonArrayOutput

func (RuleSignonArray) ToRuleSignonArrayOutputWithContext 

func (i RuleSignonArray) ToRuleSignonArrayOutputWithContext(ctx context.Context) RuleSignonArrayOutput

type RuleSignonArrayInput 

type RuleSignonArrayInput interface {
	pulumi.Input

	ToRuleSignonArrayOutput() RuleSignonArrayOutput
	ToRuleSignonArrayOutputWithContext(context.Context) RuleSignonArrayOutput
}

RuleSignonArrayInput is an input type that accepts RuleSignonArray and RuleSignonArrayOutput values. You can construct a concrete instance of `RuleSignonArrayInput` via: 

RuleSignonArray{ RuleSignonArgs{...} }

type RuleSignonArrayOutput 

type RuleSignonArrayOutput struct{ *pulumi.OutputState }

func (RuleSignonArrayOutput) ElementType 

func (RuleSignonArrayOutput) ElementType() reflect.Type

func (RuleSignonArrayOutput) Index 

func (o RuleSignonArrayOutput) Index(i pulumi.IntInput) RuleSignonOutput

func (RuleSignonArrayOutput) ToRuleSignonArrayOutput 

func (o RuleSignonArrayOutput) ToRuleSignonArrayOutput() RuleSignonArrayOutput

func (RuleSignonArrayOutput) ToRuleSignonArrayOutputWithContext 

func (o RuleSignonArrayOutput) ToRuleSignonArrayOutputWithContext(ctx context.Context) RuleSignonArrayOutput

type RuleSignonFactorSequence added in v3.1.0 

type RuleSignonFactorSequence struct {
	// Primary factor type of the auth section.
	PrimaryCriteriaFactorType string `pulumi:"primaryCriteriaFactorType"`
	// Primary provider of the auth section.
	PrimaryCriteriaProvider string `pulumi:"primaryCriteriaProvider"`
	// Additional authentication steps.
	SecondaryCriterias []RuleSignonFactorSequenceSecondaryCriteria `pulumi:"secondaryCriterias"`
}

type RuleSignonFactorSequenceArgs added in v3.1.0 

type RuleSignonFactorSequenceArgs struct {
	// Primary factor type of the auth section.
	PrimaryCriteriaFactorType pulumi.StringInput `pulumi:"primaryCriteriaFactorType"`
	// Primary provider of the auth section.
	PrimaryCriteriaProvider pulumi.StringInput `pulumi:"primaryCriteriaProvider"`
	// Additional authentication steps.
	SecondaryCriterias RuleSignonFactorSequenceSecondaryCriteriaArrayInput `pulumi:"secondaryCriterias"`
}

func (RuleSignonFactorSequenceArgs) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceArgs) ElementType() reflect.Type

func (RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutput added in v3.1.0 

func (i RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput

func (RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutputWithContext added in v3.1.0 

func (i RuleSignonFactorSequenceArgs) ToRuleSignonFactorSequenceOutputWithContext(ctx context.Context) RuleSignonFactorSequenceOutput

type RuleSignonFactorSequenceArray added in v3.1.0 

type RuleSignonFactorSequenceArray []RuleSignonFactorSequenceInput

func (RuleSignonFactorSequenceArray) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceArray) ElementType() reflect.Type

func (RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutput added in v3.1.0 

func (i RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput

func (RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutputWithContext added in v3.1.0 

func (i RuleSignonFactorSequenceArray) ToRuleSignonFactorSequenceArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceArrayOutput

type RuleSignonFactorSequenceArrayInput added in v3.1.0 

type RuleSignonFactorSequenceArrayInput interface {
	pulumi.Input

	ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput
	ToRuleSignonFactorSequenceArrayOutputWithContext(context.Context) RuleSignonFactorSequenceArrayOutput
}

RuleSignonFactorSequenceArrayInput is an input type that accepts RuleSignonFactorSequenceArray and RuleSignonFactorSequenceArrayOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceArrayInput` via: 

RuleSignonFactorSequenceArray{ RuleSignonFactorSequenceArgs{...} }

type RuleSignonFactorSequenceArrayOutput added in v3.1.0 

type RuleSignonFactorSequenceArrayOutput struct{ *pulumi.OutputState }

func (RuleSignonFactorSequenceArrayOutput) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceArrayOutput) ElementType() reflect.Type

func (RuleSignonFactorSequenceArrayOutput) Index added in v3.1.0 

func (o RuleSignonFactorSequenceArrayOutput) Index(i pulumi.IntInput) RuleSignonFactorSequenceOutput

func (RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutput added in v3.1.0 

func (o RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutput() RuleSignonFactorSequenceArrayOutput

func (RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutputWithContext added in v3.1.0 

func (o RuleSignonFactorSequenceArrayOutput) ToRuleSignonFactorSequenceArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceArrayOutput

type RuleSignonFactorSequenceInput added in v3.1.0 

type RuleSignonFactorSequenceInput interface {
	pulumi.Input

	ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput
	ToRuleSignonFactorSequenceOutputWithContext(context.Context) RuleSignonFactorSequenceOutput
}

RuleSignonFactorSequenceInput is an input type that accepts RuleSignonFactorSequenceArgs and RuleSignonFactorSequenceOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceInput` via: 

RuleSignonFactorSequenceArgs{...}

type RuleSignonFactorSequenceOutput added in v3.1.0 

type RuleSignonFactorSequenceOutput struct{ *pulumi.OutputState }

func (RuleSignonFactorSequenceOutput) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceOutput) ElementType() reflect.Type

func (RuleSignonFactorSequenceOutput) PrimaryCriteriaFactorType added in v3.1.0 

func (o RuleSignonFactorSequenceOutput) PrimaryCriteriaFactorType() pulumi.StringOutput

Primary factor type of the auth section.

func (RuleSignonFactorSequenceOutput) PrimaryCriteriaProvider added in v3.1.0 

func (o RuleSignonFactorSequenceOutput) PrimaryCriteriaProvider() pulumi.StringOutput

Primary provider of the auth section.

func (RuleSignonFactorSequenceOutput) SecondaryCriterias added in v3.1.0 

func (o RuleSignonFactorSequenceOutput) SecondaryCriterias() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput

Additional authentication steps.

func (RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutput added in v3.1.0 

func (o RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutput() RuleSignonFactorSequenceOutput

func (RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutputWithContext added in v3.1.0 

func (o RuleSignonFactorSequenceOutput) ToRuleSignonFactorSequenceOutputWithContext(ctx context.Context) RuleSignonFactorSequenceOutput

type RuleSignonFactorSequenceSecondaryCriteria added in v3.1.0 

type RuleSignonFactorSequenceSecondaryCriteria struct {
	// Factor type of the additional authentication step.
	FactorType string `pulumi:"factorType"`
	// Provider of the additional authentication step.
	Provider string `pulumi:"provider"`
}

type RuleSignonFactorSequenceSecondaryCriteriaArgs added in v3.1.0 

type RuleSignonFactorSequenceSecondaryCriteriaArgs struct {
	// Factor type of the additional authentication step.
	FactorType pulumi.StringInput `pulumi:"factorType"`
	// Provider of the additional authentication step.
	Provider pulumi.StringInput `pulumi:"provider"`
}

func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ElementType() reflect.Type

func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutput added in v3.1.0 

func (i RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput

func (RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext added in v3.1.0 

func (i RuleSignonFactorSequenceSecondaryCriteriaArgs) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput

type RuleSignonFactorSequenceSecondaryCriteriaArray added in v3.1.0 

type RuleSignonFactorSequenceSecondaryCriteriaArray []RuleSignonFactorSequenceSecondaryCriteriaInput

func (RuleSignonFactorSequenceSecondaryCriteriaArray) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceSecondaryCriteriaArray) ElementType() reflect.Type

func (RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput added in v3.1.0 

func (i RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput

func (RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext added in v3.1.0 

func (i RuleSignonFactorSequenceSecondaryCriteriaArray) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput

type RuleSignonFactorSequenceSecondaryCriteriaArrayInput added in v3.1.0 

type RuleSignonFactorSequenceSecondaryCriteriaArrayInput interface {
	pulumi.Input

	ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
	ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput
}

RuleSignonFactorSequenceSecondaryCriteriaArrayInput is an input type that accepts RuleSignonFactorSequenceSecondaryCriteriaArray and RuleSignonFactorSequenceSecondaryCriteriaArrayOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceSecondaryCriteriaArrayInput` via: 

RuleSignonFactorSequenceSecondaryCriteriaArray{ RuleSignonFactorSequenceSecondaryCriteriaArgs{...} }

type RuleSignonFactorSequenceSecondaryCriteriaArrayOutput added in v3.1.0 

type RuleSignonFactorSequenceSecondaryCriteriaArrayOutput struct{ *pulumi.OutputState }

func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ElementType() reflect.Type

func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) Index added in v3.1.0 

func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) Index(i pulumi.IntInput) RuleSignonFactorSequenceSecondaryCriteriaOutput

func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput added in v3.1.0 

func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutput() RuleSignonFactorSequenceSecondaryCriteriaArrayOutput

func (RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext added in v3.1.0 

func (o RuleSignonFactorSequenceSecondaryCriteriaArrayOutput) ToRuleSignonFactorSequenceSecondaryCriteriaArrayOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaArrayOutput

type RuleSignonFactorSequenceSecondaryCriteriaInput added in v3.1.0 

type RuleSignonFactorSequenceSecondaryCriteriaInput interface {
	pulumi.Input

	ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput
	ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput
}

RuleSignonFactorSequenceSecondaryCriteriaInput is an input type that accepts RuleSignonFactorSequenceSecondaryCriteriaArgs and RuleSignonFactorSequenceSecondaryCriteriaOutput values. You can construct a concrete instance of `RuleSignonFactorSequenceSecondaryCriteriaInput` via: 

RuleSignonFactorSequenceSecondaryCriteriaArgs{...}

type RuleSignonFactorSequenceSecondaryCriteriaOutput added in v3.1.0 

type RuleSignonFactorSequenceSecondaryCriteriaOutput struct{ *pulumi.OutputState }

func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ElementType added in v3.1.0 

func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ElementType() reflect.Type

func (RuleSignonFactorSequenceSecondaryCriteriaOutput) FactorType added in v3.1.0 

func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) FactorType() pulumi.StringOutput

Factor type of the additional authentication step.

func (RuleSignonFactorSequenceSecondaryCriteriaOutput) Provider added in v3.1.0 

func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) Provider() pulumi.StringOutput

Provider of the additional authentication step.

func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutput added in v3.1.0 

func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutput() RuleSignonFactorSequenceSecondaryCriteriaOutput

func (RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext added in v3.1.0 

func (o RuleSignonFactorSequenceSecondaryCriteriaOutput) ToRuleSignonFactorSequenceSecondaryCriteriaOutputWithContext(ctx context.Context) RuleSignonFactorSequenceSecondaryCriteriaOutput

type RuleSignonInput 

type RuleSignonInput interface {
	pulumi.Input

	ToRuleSignonOutput() RuleSignonOutput
	ToRuleSignonOutputWithContext(ctx context.Context) RuleSignonOutput
}

type RuleSignonMap 

type RuleSignonMap map[string]RuleSignonInput

func (RuleSignonMap) ElementType 

func (RuleSignonMap) ElementType() reflect.Type

func (RuleSignonMap) ToRuleSignonMapOutput 

func (i RuleSignonMap) ToRuleSignonMapOutput() RuleSignonMapOutput

func (RuleSignonMap) ToRuleSignonMapOutputWithContext 

func (i RuleSignonMap) ToRuleSignonMapOutputWithContext(ctx context.Context) RuleSignonMapOutput

type RuleSignonMapInput 

type RuleSignonMapInput interface {
	pulumi.Input

	ToRuleSignonMapOutput() RuleSignonMapOutput
	ToRuleSignonMapOutputWithContext(context.Context) RuleSignonMapOutput
}

RuleSignonMapInput is an input type that accepts RuleSignonMap and RuleSignonMapOutput values. You can construct a concrete instance of `RuleSignonMapInput` via: 

RuleSignonMap{ "key": RuleSignonArgs{...} }

type RuleSignonMapOutput 

type RuleSignonMapOutput struct{ *pulumi.OutputState }

func (RuleSignonMapOutput) ElementType 

func (RuleSignonMapOutput) ElementType() reflect.Type

func (RuleSignonMapOutput) MapIndex 

func (o RuleSignonMapOutput) MapIndex(k pulumi.StringInput) RuleSignonOutput

func (RuleSignonMapOutput) ToRuleSignonMapOutput 

func (o RuleSignonMapOutput) ToRuleSignonMapOutput() RuleSignonMapOutput

func (RuleSignonMapOutput) ToRuleSignonMapOutputWithContext 

func (o RuleSignonMapOutput) ToRuleSignonMapOutputWithContext(ctx context.Context) RuleSignonMapOutput

type RuleSignonOutput 

type RuleSignonOutput struct{ *pulumi.OutputState }

func (RuleSignonOutput) Access added in v3.9.0 

func (o RuleSignonOutput) Access() pulumi.StringPtrOutput

Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`.

func (RuleSignonOutput) Authtype added in v3.9.0 

func (o RuleSignonOutput) Authtype() pulumi.StringPtrOutput

Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`.

func (RuleSignonOutput) Behaviors added in v3.9.0 

func (o RuleSignonOutput) Behaviors() pulumi.StringArrayOutput

List of behavior IDs.

func (RuleSignonOutput) ElementType 

func (RuleSignonOutput) ElementType() reflect.Type

func (RuleSignonOutput) FactorSequences added in v3.9.0 

func (o RuleSignonOutput) FactorSequences() RuleSignonFactorSequenceArrayOutput

Auth factor sequences. Should be set if `access = "CHALLENGE"`.

func (RuleSignonOutput) IdentityProvider added in v3.9.0 

func (o RuleSignonOutput) IdentityProvider() pulumi.StringPtrOutput

Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`.

func (RuleSignonOutput) IdentityProviderIds added in v3.9.0 

func (o RuleSignonOutput) IdentityProviderIds() pulumi.StringArrayOutput

When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on.

func (RuleSignonOutput) MfaLifetime added in v3.9.0 

func (o RuleSignonOutput) MfaLifetime() pulumi.IntPtrOutput

Elapsed time before the next MFA challenge.

func (RuleSignonOutput) MfaPrompt added in v3.9.0 

func (o RuleSignonOutput) MfaPrompt() pulumi.StringPtrOutput

Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`.

func (RuleSignonOutput) MfaRememberDevice added in v3.9.0 

func (o RuleSignonOutput) MfaRememberDevice() pulumi.BoolPtrOutput

Remember MFA device. The default `false`.

func (RuleSignonOutput) MfaRequired added in v3.9.0 

func (o RuleSignonOutput) MfaRequired() pulumi.BoolPtrOutput

Require MFA. By default is `false`.

func (RuleSignonOutput) Name added in v3.9.0 

func (o RuleSignonOutput) Name() pulumi.StringOutput

Policy Rule Name.

func (RuleSignonOutput) NetworkConnection added in v3.9.0 

func (o RuleSignonOutput) NetworkConnection() pulumi.StringPtrOutput

Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.

func (RuleSignonOutput) NetworkExcludes added in v3.9.0 

func (o RuleSignonOutput) NetworkExcludes() pulumi.StringArrayOutput

The network zones to exclude. Conflicts with `networkIncludes`.

func (RuleSignonOutput) NetworkIncludes added in v3.9.0 

func (o RuleSignonOutput) NetworkIncludes() pulumi.StringArrayOutput

The network zones to include. Conflicts with `networkExcludes`.

func (RuleSignonOutput) PolicyId added in v3.9.0 

func (o RuleSignonOutput) PolicyId() pulumi.StringPtrOutput

Policy ID.

func (RuleSignonOutput) Policyid deprecated added in v3.9.0 

func (o RuleSignonOutput) Policyid() pulumi.StringPtrOutput

Policy ID.

Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead

func (RuleSignonOutput) PrimaryFactor added in v3.9.0 

func (o RuleSignonOutput) PrimaryFactor() pulumi.StringOutput

Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`.

func (RuleSignonOutput) Priority added in v3.9.0 

func (o RuleSignonOutput) Priority() pulumi.IntPtrOutput

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.

func (RuleSignonOutput) RiscLevel added in v3.9.0 

func (o RuleSignonOutput) RiscLevel() pulumi.StringPtrOutput

Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also set to an empty string in case `RISC_SCORING` org feature flag is disabled.

func (RuleSignonOutput) SessionIdle added in v3.9.0 

func (o RuleSignonOutput) SessionIdle() pulumi.IntPtrOutput

Max minutes a session can be idle.,

func (RuleSignonOutput) SessionLifetime added in v3.9.0 

func (o RuleSignonOutput) SessionLifetime() pulumi.IntPtrOutput

Max minutes a session is active: Disable = 0.

func (RuleSignonOutput) SessionPersistent added in v3.9.0 

func (o RuleSignonOutput) SessionPersistent() pulumi.BoolPtrOutput

Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.

func (RuleSignonOutput) Status added in v3.9.0 

func (o RuleSignonOutput) Status() pulumi.StringPtrOutput

Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.

func (RuleSignonOutput) ToRuleSignonOutput 

func (o RuleSignonOutput) ToRuleSignonOutput() RuleSignonOutput

func (RuleSignonOutput) ToRuleSignonOutputWithContext 

func (o RuleSignonOutput) ToRuleSignonOutputWithContext(ctx context.Context) RuleSignonOutput

func (RuleSignonOutput) UsersExcludeds added in v3.9.0 

func (o RuleSignonOutput) UsersExcludeds() pulumi.StringArrayOutput

The list of user IDs that would be excluded when rules are processed.

type RuleSignonState 

type RuleSignonState struct {
	// Allow or deny access based on the rule conditions: `"ALLOW"`, `"DENY"` or `"CHALLENGE"`. The default is `"ALLOW"`.
	Access pulumi.StringPtrInput
	// Authentication entrypoint: `"ANY"`, `"LDAP_INTERFACE"` or `"RADIUS"`.
	Authtype pulumi.StringPtrInput
	// List of behavior IDs.
	Behaviors pulumi.StringArrayInput
	// Auth factor sequences. Should be set if `access = "CHALLENGE"`.
	FactorSequences RuleSignonFactorSequenceArrayInput
	// Defines the identity provider for this rule. Valid values are `"ANY"`, `"OKTA"`, and `"SPECIFIC_IDP"`.
	IdentityProvider pulumi.StringPtrInput
	// When identityProvider is `"SPECIFIC_IDP"` then this is the list of IdP IDs to apply the rule on.
	IdentityProviderIds pulumi.StringArrayInput
	// Elapsed time before the next MFA challenge.
	MfaLifetime pulumi.IntPtrInput
	// Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `"DEVICE"`, `"SESSION"` or `"ALWAYS"`.
	MfaPrompt pulumi.StringPtrInput
	// Remember MFA device. The default `false`.
	MfaRememberDevice pulumi.BoolPtrInput
	// Require MFA. By default is `false`.
	MfaRequired pulumi.BoolPtrInput
	// Policy Rule Name.
	Name pulumi.StringPtrInput
	// Network selection mode: `"ANYWHERE"`, `"ZONE"`, `"ON_NETWORK"`, or `"OFF_NETWORK"`.
	NetworkConnection pulumi.StringPtrInput
	// The network zones to exclude. Conflicts with `networkIncludes`.
	NetworkExcludes pulumi.StringArrayInput
	// The network zones to include. Conflicts with `networkExcludes`.
	NetworkIncludes pulumi.StringArrayInput
	// Policy ID.
	PolicyId pulumi.StringPtrInput
	// Policy ID.
	//
	// Deprecated: Because of incorrect naming, 'policyid' field will be deprecated and then removed in the next versions of the provider. Please use 'policy_id' instead
	Policyid pulumi.StringPtrInput
	// Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values:
	// `"PASSWORD_IDP_ANY_FACTOR"`, `"PASSWORD_IDP"`.
	PrimaryFactor pulumi.StringPtrInput
	// Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
	Priority pulumi.IntPtrInput
	// Risc level: `"ANY"`, `"LOW"`, `"MEDIUM"` or `"HIGH"`. Default is `"ANY"`. It can be also
	// set to an empty string in case `RISC_SCORING` org feature flag is disabled.
	RiscLevel pulumi.StringPtrInput
	// Max minutes a session can be idle.,
	SessionIdle pulumi.IntPtrInput
	// Max minutes a session is active: Disable = 0.
	SessionLifetime pulumi.IntPtrInput
	// Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
	SessionPersistent pulumi.BoolPtrInput
	// Policy Rule Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
	// The list of user IDs that would be excluded when rules are processed.
	UsersExcludeds pulumi.StringArrayInput
}

func (RuleSignonState) ElementType 

func (RuleSignonState) ElementType() reflect.Type

type Signon 

type Signon struct {
	pulumi.CustomResourceState

	// Policy Description.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// List of Group IDs to Include.
	GroupsIncludeds pulumi.StringArrayOutput `pulumi:"groupsIncludeds"`
	// Policy Name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Priority of the policy.
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
}

Creates a Sign On Policy.

This resource allows you to create and configure a Sign On Policy.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.NewSignon(ctx, "example", &policy.SignonArgs{
			Description: pulumi.String("Example"),
			GroupsIncludeds: pulumi.StringArray{
				data.Okta_group.Everyone.Id,
			},
			Status: pulumi.String("ACTIVE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

A Sign On Policy can be imported via the Okta ID.

```sh 

$ pulumi import okta:policy/signon:Signon example &#60;policy id&#62;

```

func GetSignon 

func GetSignon(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SignonState, opts ...pulumi.ResourceOption) (*Signon, error)

GetSignon gets an existing Signon resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSignon 

func NewSignon(ctx *pulumi.Context,
	name string, args *SignonArgs, opts ...pulumi.ResourceOption) (*Signon, error)

NewSignon registers a new resource with the given unique name, arguments, and options.

func (*Signon) ElementType 

func (*Signon) ElementType() reflect.Type

func (*Signon) ToSignonOutput 

func (i *Signon) ToSignonOutput() SignonOutput

func (*Signon) ToSignonOutputWithContext 

func (i *Signon) ToSignonOutputWithContext(ctx context.Context) SignonOutput

type SignonArgs 

type SignonArgs struct {
	// Policy Description.
	Description pulumi.StringPtrInput
	// List of Group IDs to Include.
	GroupsIncludeds pulumi.StringArrayInput
	// Policy Name.
	Name pulumi.StringPtrInput
	// Priority of the policy.
	Priority pulumi.IntPtrInput
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
}

The set of arguments for constructing a Signon resource.

func (SignonArgs) ElementType 

func (SignonArgs) ElementType() reflect.Type

type SignonArray 

type SignonArray []SignonInput

func (SignonArray) ElementType 

func (SignonArray) ElementType() reflect.Type

func (SignonArray) ToSignonArrayOutput 

func (i SignonArray) ToSignonArrayOutput() SignonArrayOutput

func (SignonArray) ToSignonArrayOutputWithContext 

func (i SignonArray) ToSignonArrayOutputWithContext(ctx context.Context) SignonArrayOutput

type SignonArrayInput 

type SignonArrayInput interface {
	pulumi.Input

	ToSignonArrayOutput() SignonArrayOutput
	ToSignonArrayOutputWithContext(context.Context) SignonArrayOutput
}

SignonArrayInput is an input type that accepts SignonArray and SignonArrayOutput values. You can construct a concrete instance of `SignonArrayInput` via: 

SignonArray{ SignonArgs{...} }

type SignonArrayOutput 

type SignonArrayOutput struct{ *pulumi.OutputState }

func (SignonArrayOutput) ElementType 

func (SignonArrayOutput) ElementType() reflect.Type

func (SignonArrayOutput) Index 

func (o SignonArrayOutput) Index(i pulumi.IntInput) SignonOutput

func (SignonArrayOutput) ToSignonArrayOutput 

func (o SignonArrayOutput) ToSignonArrayOutput() SignonArrayOutput

func (SignonArrayOutput) ToSignonArrayOutputWithContext 

func (o SignonArrayOutput) ToSignonArrayOutputWithContext(ctx context.Context) SignonArrayOutput

type SignonInput 

type SignonInput interface {
	pulumi.Input

	ToSignonOutput() SignonOutput
	ToSignonOutputWithContext(ctx context.Context) SignonOutput
}

type SignonMap 

type SignonMap map[string]SignonInput

func (SignonMap) ElementType 

func (SignonMap) ElementType() reflect.Type

func (SignonMap) ToSignonMapOutput 

func (i SignonMap) ToSignonMapOutput() SignonMapOutput

func (SignonMap) ToSignonMapOutputWithContext 

func (i SignonMap) ToSignonMapOutputWithContext(ctx context.Context) SignonMapOutput

type SignonMapInput 

type SignonMapInput interface {
	pulumi.Input

	ToSignonMapOutput() SignonMapOutput
	ToSignonMapOutputWithContext(context.Context) SignonMapOutput
}

SignonMapInput is an input type that accepts SignonMap and SignonMapOutput values. You can construct a concrete instance of `SignonMapInput` via: 

SignonMap{ "key": SignonArgs{...} }

type SignonMapOutput 

type SignonMapOutput struct{ *pulumi.OutputState }

func (SignonMapOutput) ElementType 

func (SignonMapOutput) ElementType() reflect.Type

func (SignonMapOutput) MapIndex 

func (o SignonMapOutput) MapIndex(k pulumi.StringInput) SignonOutput

func (SignonMapOutput) ToSignonMapOutput 

func (o SignonMapOutput) ToSignonMapOutput() SignonMapOutput

func (SignonMapOutput) ToSignonMapOutputWithContext 

func (o SignonMapOutput) ToSignonMapOutputWithContext(ctx context.Context) SignonMapOutput

type SignonOutput 

type SignonOutput struct{ *pulumi.OutputState }

func (SignonOutput) Description added in v3.9.0 

func (o SignonOutput) Description() pulumi.StringPtrOutput

Policy Description.

func (SignonOutput) ElementType 

func (SignonOutput) ElementType() reflect.Type

func (SignonOutput) GroupsIncludeds added in v3.9.0 

func (o SignonOutput) GroupsIncludeds() pulumi.StringArrayOutput

List of Group IDs to Include.

func (SignonOutput) Name added in v3.9.0 

func (o SignonOutput) Name() pulumi.StringOutput

Policy Name.

func (SignonOutput) Priority added in v3.9.0 

func (o SignonOutput) Priority() pulumi.IntPtrOutput

Priority of the policy.

func (SignonOutput) Status added in v3.9.0 

func (o SignonOutput) Status() pulumi.StringPtrOutput

Policy Status: `"ACTIVE"` or `"INACTIVE"`.

func (SignonOutput) ToSignonOutput 

func (o SignonOutput) ToSignonOutput() SignonOutput

func (SignonOutput) ToSignonOutputWithContext 

func (o SignonOutput) ToSignonOutputWithContext(ctx context.Context) SignonOutput

type SignonState 

type SignonState struct {
	// Policy Description.
	Description pulumi.StringPtrInput
	// List of Group IDs to Include.
	GroupsIncludeds pulumi.StringArrayInput
	// Policy Name.
	Name pulumi.StringPtrInput
	// Priority of the policy.
	Priority pulumi.IntPtrInput
	// Policy Status: `"ACTIVE"` or `"INACTIVE"`.
	Status pulumi.StringPtrInput
}

func (SignonState) ElementType 

func (SignonState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.