ServerPolicyClaim

Deprecated: okta.auth.ServerPolicyClaim has been deprecated in favor of okta.auth.ServerPolicyRule

Creates an Authorization Server Policy Rule.

This resource allows you to create and configure an Authorization Server Policy Rule.

Example Usage

using Pulumi;
using Okta = Pulumi.Okta;

class MyStack : Stack
{
    public MyStack()
    {
        var example = new Okta.Auth.ServerPolicyRule("example", new Okta.Auth.ServerPolicyRuleArgs
        {
            AuthServerId = "<auth server id>",
            GrantTypeWhitelists = 
            {
                "implicit",
            },
            GroupWhitelists = 
            {
                "<group ids>",
            },
            PolicyId = "<auth server policy id>",
            Priority = 1,
            Status = "ACTIVE",
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/auth"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auth.NewServerPolicyRule(ctx, "example", &auth.ServerPolicyRuleArgs{
			AuthServerId: pulumi.String("<auth server id>"),
			GrantTypeWhitelists: pulumi.StringArray{
				pulumi.String("implicit"),
			},
			GroupWhitelists: pulumi.StringArray{
				pulumi.String("<group ids>"),
			},
			PolicyId: pulumi.String("<auth server policy id>"),
			Priority: pulumi.Int(1),
			Status:   pulumi.String("ACTIVE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_okta as okta

example = okta.auth.ServerPolicyRule("example",
    auth_server_id="<auth server id>",
    grant_type_whitelists=["implicit"],
    group_whitelists=["<group ids>"],
    policy_id="<auth server policy id>",
    priority=1,
    status="ACTIVE")
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.auth.ServerPolicyRule("example", {
    authServerId: "<auth server id>",
    grantTypeWhitelists: ["implicit"],
    groupWhitelists: ["<group ids>"],
    policyId: "<auth server policy id>",
    priority: 1,
    status: "ACTIVE",
});

Create a ServerPolicyClaim Resource

new ServerPolicyClaim(name: string, args: ServerPolicyClaimArgs, opts?: CustomResourceOptions);
@overload
def ServerPolicyClaim(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      access_token_lifetime_minutes: Optional[int] = None,
                      auth_server_id: Optional[str] = None,
                      grant_type_whitelists: Optional[Sequence[str]] = None,
                      group_blacklists: Optional[Sequence[str]] = None,
                      group_whitelists: Optional[Sequence[str]] = None,
                      inline_hook_id: Optional[str] = None,
                      name: Optional[str] = None,
                      policy_id: Optional[str] = None,
                      priority: Optional[int] = None,
                      refresh_token_lifetime_minutes: Optional[int] = None,
                      refresh_token_window_minutes: Optional[int] = None,
                      scope_whitelists: Optional[Sequence[str]] = None,
                      status: Optional[str] = None,
                      type: Optional[str] = None,
                      user_blacklists: Optional[Sequence[str]] = None,
                      user_whitelists: Optional[Sequence[str]] = None)
@overload
def ServerPolicyClaim(resource_name: str,
                      args: ServerPolicyClaimArgs,
                      opts: Optional[ResourceOptions] = None)
func NewServerPolicyClaim(ctx *Context, name string, args ServerPolicyClaimArgs, opts ...ResourceOption) (*ServerPolicyClaim, error)
public ServerPolicyClaim(string name, ServerPolicyClaimArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

ServerPolicyClaim Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The ServerPolicyClaim resource accepts the following input properties:

AuthServerId string
Auth Server ID.
GrantTypeWhitelists List<string>
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
PolicyId string
Auth Server Policy ID.
Priority int
Priority of the auth server policy rule.
AccessTokenLifetimeMinutes int
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
GroupBlacklists List<string>
Specifies a set of Groups whose Users are to be excluded.
GroupWhitelists List<string>
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
InlineHookId string
The ID of the inline token to trigger.
Name string
Auth Server Policy Rule name.
RefreshTokenLifetimeMinutes int
Lifetime of refresh token.
RefreshTokenWindowMinutes int
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
ScopeWhitelists List<string>
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
Status string
The status of the Auth Server Policy Rule.
Type string
The type of the Auth Server Policy Rule.
UserBlacklists List<string>
Specifies a set of Users to be excluded.
UserWhitelists List<string>
Specifies a set of Users to be included.
AuthServerId string
Auth Server ID.
GrantTypeWhitelists []string
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
PolicyId string
Auth Server Policy ID.
Priority int
Priority of the auth server policy rule.
AccessTokenLifetimeMinutes int
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
GroupBlacklists []string
Specifies a set of Groups whose Users are to be excluded.
GroupWhitelists []string
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
InlineHookId string
The ID of the inline token to trigger.
Name string
Auth Server Policy Rule name.
RefreshTokenLifetimeMinutes int
Lifetime of refresh token.
RefreshTokenWindowMinutes int
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
ScopeWhitelists []string
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
Status string
The status of the Auth Server Policy Rule.
Type string
The type of the Auth Server Policy Rule.
UserBlacklists []string
Specifies a set of Users to be excluded.
UserWhitelists []string
Specifies a set of Users to be included.
authServerId string
Auth Server ID.
grantTypeWhitelists string[]
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
policyId string
Auth Server Policy ID.
priority number
Priority of the auth server policy rule.
accessTokenLifetimeMinutes number
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
groupBlacklists string[]
Specifies a set of Groups whose Users are to be excluded.
groupWhitelists string[]
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
inlineHookId string
The ID of the inline token to trigger.
name string
Auth Server Policy Rule name.
refreshTokenLifetimeMinutes number
Lifetime of refresh token.
refreshTokenWindowMinutes number
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
scopeWhitelists string[]
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
status string
The status of the Auth Server Policy Rule.
type string
The type of the Auth Server Policy Rule.
userBlacklists string[]
Specifies a set of Users to be excluded.
userWhitelists string[]
Specifies a set of Users to be included.
auth_server_id str
Auth Server ID.
grant_type_whitelists Sequence[str]
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
policy_id str
Auth Server Policy ID.
priority int
Priority of the auth server policy rule.
access_token_lifetime_minutes int
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
group_blacklists Sequence[str]
Specifies a set of Groups whose Users are to be excluded.
group_whitelists Sequence[str]
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
inline_hook_id str
The ID of the inline token to trigger.
name str
Auth Server Policy Rule name.
refresh_token_lifetime_minutes int
Lifetime of refresh token.
refresh_token_window_minutes int
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
scope_whitelists Sequence[str]
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
status str
The status of the Auth Server Policy Rule.
type str
The type of the Auth Server Policy Rule.
user_blacklists Sequence[str]
Specifies a set of Users to be excluded.
user_whitelists Sequence[str]
Specifies a set of Users to be included.

Outputs

All input properties are implicitly available as output properties. Additionally, the ServerPolicyClaim resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing ServerPolicyClaim Resource

Get an existing ServerPolicyClaim resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ServerPolicyClaimState, opts?: CustomResourceOptions): ServerPolicyClaim
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_token_lifetime_minutes: Optional[int] = None,
        auth_server_id: Optional[str] = None,
        grant_type_whitelists: Optional[Sequence[str]] = None,
        group_blacklists: Optional[Sequence[str]] = None,
        group_whitelists: Optional[Sequence[str]] = None,
        inline_hook_id: Optional[str] = None,
        name: Optional[str] = None,
        policy_id: Optional[str] = None,
        priority: Optional[int] = None,
        refresh_token_lifetime_minutes: Optional[int] = None,
        refresh_token_window_minutes: Optional[int] = None,
        scope_whitelists: Optional[Sequence[str]] = None,
        status: Optional[str] = None,
        type: Optional[str] = None,
        user_blacklists: Optional[Sequence[str]] = None,
        user_whitelists: Optional[Sequence[str]] = None) -> ServerPolicyClaim
func GetServerPolicyClaim(ctx *Context, name string, id IDInput, state *ServerPolicyClaimState, opts ...ResourceOption) (*ServerPolicyClaim, error)
public static ServerPolicyClaim Get(string name, Input<string> id, ServerPolicyClaimState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessTokenLifetimeMinutes int
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
AuthServerId string
Auth Server ID.
GrantTypeWhitelists List<string>
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
GroupBlacklists List<string>
Specifies a set of Groups whose Users are to be excluded.
GroupWhitelists List<string>
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
InlineHookId string
The ID of the inline token to trigger.
Name string
Auth Server Policy Rule name.
PolicyId string
Auth Server Policy ID.
Priority int
Priority of the auth server policy rule.
RefreshTokenLifetimeMinutes int
Lifetime of refresh token.
RefreshTokenWindowMinutes int
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
ScopeWhitelists List<string>
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
Status string
The status of the Auth Server Policy Rule.
Type string
The type of the Auth Server Policy Rule.
UserBlacklists List<string>
Specifies a set of Users to be excluded.
UserWhitelists List<string>
Specifies a set of Users to be included.
AccessTokenLifetimeMinutes int
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
AuthServerId string
Auth Server ID.
GrantTypeWhitelists []string
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
GroupBlacklists []string
Specifies a set of Groups whose Users are to be excluded.
GroupWhitelists []string
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
InlineHookId string
The ID of the inline token to trigger.
Name string
Auth Server Policy Rule name.
PolicyId string
Auth Server Policy ID.
Priority int
Priority of the auth server policy rule.
RefreshTokenLifetimeMinutes int
Lifetime of refresh token.
RefreshTokenWindowMinutes int
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
ScopeWhitelists []string
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
Status string
The status of the Auth Server Policy Rule.
Type string
The type of the Auth Server Policy Rule.
UserBlacklists []string
Specifies a set of Users to be excluded.
UserWhitelists []string
Specifies a set of Users to be included.
accessTokenLifetimeMinutes number
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
authServerId string
Auth Server ID.
grantTypeWhitelists string[]
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
groupBlacklists string[]
Specifies a set of Groups whose Users are to be excluded.
groupWhitelists string[]
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
inlineHookId string
The ID of the inline token to trigger.
name string
Auth Server Policy Rule name.
policyId string
Auth Server Policy ID.
priority number
Priority of the auth server policy rule.
refreshTokenLifetimeMinutes number
Lifetime of refresh token.
refreshTokenWindowMinutes number
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
scopeWhitelists string[]
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
status string
The status of the Auth Server Policy Rule.
type string
The type of the Auth Server Policy Rule.
userBlacklists string[]
Specifies a set of Users to be excluded.
userWhitelists string[]
Specifies a set of Users to be included.
access_token_lifetime_minutes int
Lifetime of access token. Can be set to a value between 5 and 1440 minutes.
auth_server_id str
Auth Server ID.
grant_type_whitelists Sequence[str]
Accepted grant type values, "authorization_code", "implicit", "password" or "client_credentials". For "implicit" value either user_whitelist or group_whitelist should be set.
group_blacklists Sequence[str]
Specifies a set of Groups whose Users are to be excluded.
group_whitelists Sequence[str]
Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: “EVERYONE”.
inline_hook_id str
The ID of the inline token to trigger.
name str
Auth Server Policy Rule name.
policy_id str
Auth Server Policy ID.
priority int
Priority of the auth server policy rule.
refresh_token_lifetime_minutes int
Lifetime of refresh token.
refresh_token_window_minutes int
Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".
scope_whitelists Sequence[str]
Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".
status str
The status of the Auth Server Policy Rule.
type str
The type of the Auth Server Policy Rule.
user_blacklists Sequence[str]
Specifies a set of Users to be excluded.
user_whitelists Sequence[str]
Specifies a set of Users to be included.

Import

Authorization Server Policy Rule can be imported via the Auth Server ID, Policy ID, and Policy Rule ID.

 $ pulumi import okta:auth/serverPolicyClaim:ServerPolicyClaim example <auth server id>/<policy id>/<policy rule id>

Package Details

Repository
https://github.com/pulumi/pulumi-okta
License
Apache-2.0
Notes
This Pulumi package is based on the okta Terraform Provider.