okta.policy.RuleIdpDiscovery
Explore with Pulumi AI
This resource allows you to create and configure an IdP Discovery Policy Rule.
If you receive the error
You do not have permission to access the feature you are requesting
contact support and request feature flagADVANCED_SSO
be applied to your org.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const idpDiscoveryPolicy = okta.policy.getPolicy({
name: "Idp Discovery Policy",
type: "IDP_DISCOVERY",
});
const example = new okta.policy.RuleIdpDiscovery("example", {
policyId: idpDiscoveryPolicy.then(idpDiscoveryPolicy => idpDiscoveryPolicy.id),
idpId: "<idp id>",
idpType: "OIDC",
networkConnection: "ANYWHERE",
priority: 1,
status: "ACTIVE",
userIdentifierType: "ATTRIBUTE",
userIdentifierAttribute: "company",
appExcludes: [
{
id: "<app id>",
type: "APP",
},
{
name: "yahoo_mail",
type: "APP_TYPE",
},
],
appIncludes: [
{
id: "<app id>",
type: "APP",
},
{
name: "<app type name>",
type: "APP_TYPE",
},
],
platformIncludes: [{
type: "MOBILE",
osType: "OSX",
}],
userIdentifierPatterns: [{
matchType: "EQUALS",
value: "Articulate",
}],
});
import pulumi
import pulumi_okta as okta
idp_discovery_policy = okta.policy.get_policy(name="Idp Discovery Policy",
type="IDP_DISCOVERY")
example = okta.policy.RuleIdpDiscovery("example",
policy_id=idp_discovery_policy.id,
idp_id="<idp id>",
idp_type="OIDC",
network_connection="ANYWHERE",
priority=1,
status="ACTIVE",
user_identifier_type="ATTRIBUTE",
user_identifier_attribute="company",
app_excludes=[
okta.policy.RuleIdpDiscoveryAppExcludeArgs(
id="<app id>",
type="APP",
),
okta.policy.RuleIdpDiscoveryAppExcludeArgs(
name="yahoo_mail",
type="APP_TYPE",
),
],
app_includes=[
okta.policy.RuleIdpDiscoveryAppIncludeArgs(
id="<app id>",
type="APP",
),
okta.policy.RuleIdpDiscoveryAppIncludeArgs(
name="<app type name>",
type="APP_TYPE",
),
],
platform_includes=[okta.policy.RuleIdpDiscoveryPlatformIncludeArgs(
type="MOBILE",
os_type="OSX",
)],
user_identifier_patterns=[okta.policy.RuleIdpDiscoveryUserIdentifierPatternArgs(
match_type="EQUALS",
value="Articulate",
)])
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/policy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
idpDiscoveryPolicy, err := policy.GetPolicy(ctx, &policy.GetPolicyArgs{
Name: "Idp Discovery Policy",
Type: "IDP_DISCOVERY",
}, nil)
if err != nil {
return err
}
_, err = policy.NewRuleIdpDiscovery(ctx, "example", &policy.RuleIdpDiscoveryArgs{
PolicyId: pulumi.String(idpDiscoveryPolicy.Id),
IdpId: pulumi.String("<idp id>"),
IdpType: pulumi.String("OIDC"),
NetworkConnection: pulumi.String("ANYWHERE"),
Priority: pulumi.Int(1),
Status: pulumi.String("ACTIVE"),
UserIdentifierType: pulumi.String("ATTRIBUTE"),
UserIdentifierAttribute: pulumi.String("company"),
AppExcludes: policy.RuleIdpDiscoveryAppExcludeArray{
&policy.RuleIdpDiscoveryAppExcludeArgs{
Id: pulumi.String("<app id>"),
Type: pulumi.String("APP"),
},
&policy.RuleIdpDiscoveryAppExcludeArgs{
Name: pulumi.String("yahoo_mail"),
Type: pulumi.String("APP_TYPE"),
},
},
AppIncludes: policy.RuleIdpDiscoveryAppIncludeArray{
&policy.RuleIdpDiscoveryAppIncludeArgs{
Id: pulumi.String("<app id>"),
Type: pulumi.String("APP"),
},
&policy.RuleIdpDiscoveryAppIncludeArgs{
Name: pulumi.String("<app type name>"),
Type: pulumi.String("APP_TYPE"),
},
},
PlatformIncludes: policy.RuleIdpDiscoveryPlatformIncludeArray{
&policy.RuleIdpDiscoveryPlatformIncludeArgs{
Type: pulumi.String("MOBILE"),
OsType: pulumi.String("OSX"),
},
},
UserIdentifierPatterns: policy.RuleIdpDiscoveryUserIdentifierPatternArray{
&policy.RuleIdpDiscoveryUserIdentifierPatternArgs{
MatchType: pulumi.String("EQUALS"),
Value: pulumi.String("Articulate"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var idpDiscoveryPolicy = Okta.Policy.GetPolicy.Invoke(new()
{
Name = "Idp Discovery Policy",
Type = "IDP_DISCOVERY",
});
var example = new Okta.Policy.RuleIdpDiscovery("example", new()
{
PolicyId = idpDiscoveryPolicy.Apply(getPolicyResult => getPolicyResult.Id),
IdpId = "<idp id>",
IdpType = "OIDC",
NetworkConnection = "ANYWHERE",
Priority = 1,
Status = "ACTIVE",
UserIdentifierType = "ATTRIBUTE",
UserIdentifierAttribute = "company",
AppExcludes = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryAppExcludeArgs
{
Id = "<app id>",
Type = "APP",
},
new Okta.Policy.Inputs.RuleIdpDiscoveryAppExcludeArgs
{
Name = "yahoo_mail",
Type = "APP_TYPE",
},
},
AppIncludes = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryAppIncludeArgs
{
Id = "<app id>",
Type = "APP",
},
new Okta.Policy.Inputs.RuleIdpDiscoveryAppIncludeArgs
{
Name = "<app type name>",
Type = "APP_TYPE",
},
},
PlatformIncludes = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryPlatformIncludeArgs
{
Type = "MOBILE",
OsType = "OSX",
},
},
UserIdentifierPatterns = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryUserIdentifierPatternArgs
{
MatchType = "EQUALS",
Value = "Articulate",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.policy.PolicyFunctions;
import com.pulumi.okta.policy.inputs.GetPolicyArgs;
import com.pulumi.okta.policy.RuleIdpDiscovery;
import com.pulumi.okta.policy.RuleIdpDiscoveryArgs;
import com.pulumi.okta.policy.inputs.RuleIdpDiscoveryAppExcludeArgs;
import com.pulumi.okta.policy.inputs.RuleIdpDiscoveryAppIncludeArgs;
import com.pulumi.okta.policy.inputs.RuleIdpDiscoveryPlatformIncludeArgs;
import com.pulumi.okta.policy.inputs.RuleIdpDiscoveryUserIdentifierPatternArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var idpDiscoveryPolicy = PolicyFunctions.getPolicy(GetPolicyArgs.builder()
.name("Idp Discovery Policy")
.type("IDP_DISCOVERY")
.build());
var example = new RuleIdpDiscovery("example", RuleIdpDiscoveryArgs.builder()
.policyId(idpDiscoveryPolicy.applyValue(getPolicyResult -> getPolicyResult.id()))
.idpId("<idp id>")
.idpType("OIDC")
.networkConnection("ANYWHERE")
.priority(1)
.status("ACTIVE")
.userIdentifierType("ATTRIBUTE")
.userIdentifierAttribute("company")
.appExcludes(
RuleIdpDiscoveryAppExcludeArgs.builder()
.id("<app id>")
.type("APP")
.build(),
RuleIdpDiscoveryAppExcludeArgs.builder()
.name("yahoo_mail")
.type("APP_TYPE")
.build())
.appIncludes(
RuleIdpDiscoveryAppIncludeArgs.builder()
.id("<app id>")
.type("APP")
.build(),
RuleIdpDiscoveryAppIncludeArgs.builder()
.name("<app type name>")
.type("APP_TYPE")
.build())
.platformIncludes(RuleIdpDiscoveryPlatformIncludeArgs.builder()
.type("MOBILE")
.osType("OSX")
.build())
.userIdentifierPatterns(RuleIdpDiscoveryUserIdentifierPatternArgs.builder()
.matchType("EQUALS")
.value("Articulate")
.build())
.build());
}
}
resources:
example:
type: okta:policy:RuleIdpDiscovery
properties:
policyId: ${idpDiscoveryPolicy.id}
idpId: <idp id>
idpType: OIDC
networkConnection: ANYWHERE
priority: 1
status: ACTIVE
userIdentifierType: ATTRIBUTE
userIdentifierAttribute: company
appExcludes:
- id: <app id>
type: APP
- name: yahoo_mail
type: APP_TYPE
appIncludes:
- id: <app id>
type: APP
- name: <app type name>
type: APP_TYPE
platformIncludes:
- type: MOBILE
osType: OSX
userIdentifierPatterns:
- matchType: EQUALS
value: Articulate
variables:
idpDiscoveryPolicy:
fn::invoke:
Function: okta:policy:getPolicy
Arguments:
name: Idp Discovery Policy
type: IDP_DISCOVERY
Create RuleIdpDiscovery Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RuleIdpDiscovery(name: string, args?: RuleIdpDiscoveryArgs, opts?: CustomResourceOptions);
@overload
def RuleIdpDiscovery(resource_name: str,
args: Optional[RuleIdpDiscoveryArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def RuleIdpDiscovery(resource_name: str,
opts: Optional[ResourceOptions] = None,
app_excludes: Optional[Sequence[RuleIdpDiscoveryAppExcludeArgs]] = None,
app_includes: Optional[Sequence[RuleIdpDiscoveryAppIncludeArgs]] = None,
idp_id: Optional[str] = None,
idp_type: Optional[str] = None,
name: Optional[str] = None,
network_connection: Optional[str] = None,
network_excludes: Optional[Sequence[str]] = None,
network_includes: Optional[Sequence[str]] = None,
platform_includes: Optional[Sequence[RuleIdpDiscoveryPlatformIncludeArgs]] = None,
policy_id: Optional[str] = None,
priority: Optional[int] = None,
status: Optional[str] = None,
user_identifier_attribute: Optional[str] = None,
user_identifier_patterns: Optional[Sequence[RuleIdpDiscoveryUserIdentifierPatternArgs]] = None,
user_identifier_type: Optional[str] = None)
func NewRuleIdpDiscovery(ctx *Context, name string, args *RuleIdpDiscoveryArgs, opts ...ResourceOption) (*RuleIdpDiscovery, error)
public RuleIdpDiscovery(string name, RuleIdpDiscoveryArgs? args = null, CustomResourceOptions? opts = null)
public RuleIdpDiscovery(String name, RuleIdpDiscoveryArgs args)
public RuleIdpDiscovery(String name, RuleIdpDiscoveryArgs args, CustomResourceOptions options)
type: okta:policy:RuleIdpDiscovery
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RuleIdpDiscoveryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RuleIdpDiscoveryArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RuleIdpDiscoveryArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RuleIdpDiscoveryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RuleIdpDiscoveryArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var ruleIdpDiscoveryResource = new Okta.Policy.RuleIdpDiscovery("ruleIdpDiscoveryResource", new()
{
AppExcludes = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryAppExcludeArgs
{
Type = "string",
Id = "string",
Name = "string",
},
},
AppIncludes = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryAppIncludeArgs
{
Type = "string",
Id = "string",
Name = "string",
},
},
IdpId = "string",
IdpType = "string",
Name = "string",
NetworkConnection = "string",
NetworkExcludes = new[]
{
"string",
},
NetworkIncludes = new[]
{
"string",
},
PlatformIncludes = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryPlatformIncludeArgs
{
OsExpression = "string",
OsType = "string",
Type = "string",
},
},
PolicyId = "string",
Priority = 0,
Status = "string",
UserIdentifierAttribute = "string",
UserIdentifierPatterns = new[]
{
new Okta.Policy.Inputs.RuleIdpDiscoveryUserIdentifierPatternArgs
{
MatchType = "string",
Value = "string",
},
},
UserIdentifierType = "string",
});
example, err := policy.NewRuleIdpDiscovery(ctx, "ruleIdpDiscoveryResource", &policy.RuleIdpDiscoveryArgs{
AppExcludes: policy.RuleIdpDiscoveryAppExcludeArray{
&policy.RuleIdpDiscoveryAppExcludeArgs{
Type: pulumi.String("string"),
Id: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
AppIncludes: policy.RuleIdpDiscoveryAppIncludeArray{
&policy.RuleIdpDiscoveryAppIncludeArgs{
Type: pulumi.String("string"),
Id: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
IdpId: pulumi.String("string"),
IdpType: pulumi.String("string"),
Name: pulumi.String("string"),
NetworkConnection: pulumi.String("string"),
NetworkExcludes: pulumi.StringArray{
pulumi.String("string"),
},
NetworkIncludes: pulumi.StringArray{
pulumi.String("string"),
},
PlatformIncludes: policy.RuleIdpDiscoveryPlatformIncludeArray{
&policy.RuleIdpDiscoveryPlatformIncludeArgs{
OsExpression: pulumi.String("string"),
OsType: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
PolicyId: pulumi.String("string"),
Priority: pulumi.Int(0),
Status: pulumi.String("string"),
UserIdentifierAttribute: pulumi.String("string"),
UserIdentifierPatterns: policy.RuleIdpDiscoveryUserIdentifierPatternArray{
&policy.RuleIdpDiscoveryUserIdentifierPatternArgs{
MatchType: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
UserIdentifierType: pulumi.String("string"),
})
var ruleIdpDiscoveryResource = new RuleIdpDiscovery("ruleIdpDiscoveryResource", RuleIdpDiscoveryArgs.builder()
.appExcludes(RuleIdpDiscoveryAppExcludeArgs.builder()
.type("string")
.id("string")
.name("string")
.build())
.appIncludes(RuleIdpDiscoveryAppIncludeArgs.builder()
.type("string")
.id("string")
.name("string")
.build())
.idpId("string")
.idpType("string")
.name("string")
.networkConnection("string")
.networkExcludes("string")
.networkIncludes("string")
.platformIncludes(RuleIdpDiscoveryPlatformIncludeArgs.builder()
.osExpression("string")
.osType("string")
.type("string")
.build())
.policyId("string")
.priority(0)
.status("string")
.userIdentifierAttribute("string")
.userIdentifierPatterns(RuleIdpDiscoveryUserIdentifierPatternArgs.builder()
.matchType("string")
.value("string")
.build())
.userIdentifierType("string")
.build());
rule_idp_discovery_resource = okta.policy.RuleIdpDiscovery("ruleIdpDiscoveryResource",
app_excludes=[okta.policy.RuleIdpDiscoveryAppExcludeArgs(
type="string",
id="string",
name="string",
)],
app_includes=[okta.policy.RuleIdpDiscoveryAppIncludeArgs(
type="string",
id="string",
name="string",
)],
idp_id="string",
idp_type="string",
name="string",
network_connection="string",
network_excludes=["string"],
network_includes=["string"],
platform_includes=[okta.policy.RuleIdpDiscoveryPlatformIncludeArgs(
os_expression="string",
os_type="string",
type="string",
)],
policy_id="string",
priority=0,
status="string",
user_identifier_attribute="string",
user_identifier_patterns=[okta.policy.RuleIdpDiscoveryUserIdentifierPatternArgs(
match_type="string",
value="string",
)],
user_identifier_type="string")
const ruleIdpDiscoveryResource = new okta.policy.RuleIdpDiscovery("ruleIdpDiscoveryResource", {
appExcludes: [{
type: "string",
id: "string",
name: "string",
}],
appIncludes: [{
type: "string",
id: "string",
name: "string",
}],
idpId: "string",
idpType: "string",
name: "string",
networkConnection: "string",
networkExcludes: ["string"],
networkIncludes: ["string"],
platformIncludes: [{
osExpression: "string",
osType: "string",
type: "string",
}],
policyId: "string",
priority: 0,
status: "string",
userIdentifierAttribute: "string",
userIdentifierPatterns: [{
matchType: "string",
value: "string",
}],
userIdentifierType: "string",
});
type: okta:policy:RuleIdpDiscovery
properties:
appExcludes:
- id: string
name: string
type: string
appIncludes:
- id: string
name: string
type: string
idpId: string
idpType: string
name: string
networkConnection: string
networkExcludes:
- string
networkIncludes:
- string
platformIncludes:
- osExpression: string
osType: string
type: string
policyId: string
priority: 0
status: string
userIdentifierAttribute: string
userIdentifierPatterns:
- matchType: string
value: string
userIdentifierType: string
RuleIdpDiscovery Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The RuleIdpDiscovery resource accepts the following input properties:
- App
Excludes List<RuleIdp Discovery App Exclude> - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="appincludes_csharp">
- Applications to include in discovery rule.
- Idp
Id string - The identifier for the Idp the rule should route to if all conditions are met.
- Idp
Type string - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- Name string
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - Network
Connection string - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - Network
Excludes List<string> - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - Network
Includes List<string> - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - Platform
Includes List<RuleIdp Discovery Platform Include> - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- Policy
Id string - Policy ID.
- Priority int
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- Status string
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - User
Identifier stringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - User
Identifier List<RulePatterns Idp Discovery User Identifier Pattern> - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - User
Identifier stringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- App
Excludes []RuleIdp Discovery App Exclude Args - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="appincludes_go">
- Applications to include in discovery rule.
- Idp
Id string - The identifier for the Idp the rule should route to if all conditions are met.
- Idp
Type string - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- Name string
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - Network
Connection string - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - Network
Excludes []string - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - Network
Includes []string - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - Platform
Includes []RuleIdp Discovery Platform Include Args - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- Policy
Id string - Policy ID.
- Priority int
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- Status string
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - User
Identifier stringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - User
Identifier []RulePatterns Idp Discovery User Identifier Pattern Args - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - User
Identifier stringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app
Excludes List<RuleIdp Discovery App Exclude> - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="appincludes_java">
- Applications to include in discovery rule.
- idp
Id String - The identifier for the Idp the rule should route to if all conditions are met.
- idp
Type String - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name String
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network
Connection String - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network
Excludes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network
Includes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform
Includes List<RuleIdp Discovery Platform Include> - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy
Id String - Policy ID.
- priority Integer
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status String
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user
Identifier StringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user
Identifier List<RulePatterns Idp Discovery User Identifier Pattern> - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user
Identifier StringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app
Excludes RuleIdp Discovery App Exclude[] - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="appincludes_nodejs">
- Applications to include in discovery rule.
- idp
Id string - The identifier for the Idp the rule should route to if all conditions are met.
- idp
Type string - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name string
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network
Connection string - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network
Excludes string[] - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network
Includes string[] - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform
Includes RuleIdp Discovery Platform Include[] - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy
Id string - Policy ID.
- priority number
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status string
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user
Identifier stringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user
Identifier RulePatterns Idp Discovery User Identifier Pattern[] - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user
Identifier stringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app_
excludes Sequence[RuleIdp Discovery App Exclude Args] - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="app_includes_python">
- Applications to include in discovery rule.
- idp_
id str - The identifier for the Idp the rule should route to if all conditions are met.
- idp_
type str - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name str
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network_
connection str - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network_
excludes Sequence[str] - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network_
includes Sequence[str] - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform_
includes Sequence[RuleIdp Discovery Platform Include Args] - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy_
id str - Policy ID.
- priority int
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status str
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user_
identifier_ strattribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user_
identifier_ Sequence[Rulepatterns Idp Discovery User Identifier Pattern Args] - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user_
identifier_ strtype - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app
Excludes List<Property Map> - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="appincludes_yaml">
- Applications to include in discovery rule.
- idp
Id String - The identifier for the Idp the rule should route to if all conditions are met.
- idp
Type String - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name String
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network
Connection String - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network
Excludes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network
Includes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform
Includes List<Property Map> - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy
Id String - Policy ID.
- priority Number
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status String
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user
Identifier StringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user
Identifier List<Property Map>Patterns - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user
Identifier StringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
Outputs
All input properties are implicitly available as output properties. Additionally, the RuleIdpDiscovery resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RuleIdpDiscovery Resource
Get an existing RuleIdpDiscovery resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RuleIdpDiscoveryState, opts?: CustomResourceOptions): RuleIdpDiscovery
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
app_excludes: Optional[Sequence[RuleIdpDiscoveryAppExcludeArgs]] = None,
app_includes: Optional[Sequence[RuleIdpDiscoveryAppIncludeArgs]] = None,
idp_id: Optional[str] = None,
idp_type: Optional[str] = None,
name: Optional[str] = None,
network_connection: Optional[str] = None,
network_excludes: Optional[Sequence[str]] = None,
network_includes: Optional[Sequence[str]] = None,
platform_includes: Optional[Sequence[RuleIdpDiscoveryPlatformIncludeArgs]] = None,
policy_id: Optional[str] = None,
priority: Optional[int] = None,
status: Optional[str] = None,
user_identifier_attribute: Optional[str] = None,
user_identifier_patterns: Optional[Sequence[RuleIdpDiscoveryUserIdentifierPatternArgs]] = None,
user_identifier_type: Optional[str] = None) -> RuleIdpDiscovery
func GetRuleIdpDiscovery(ctx *Context, name string, id IDInput, state *RuleIdpDiscoveryState, opts ...ResourceOption) (*RuleIdpDiscovery, error)
public static RuleIdpDiscovery Get(string name, Input<string> id, RuleIdpDiscoveryState? state, CustomResourceOptions? opts = null)
public static RuleIdpDiscovery get(String name, Output<String> id, RuleIdpDiscoveryState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- App
Excludes List<RuleIdp Discovery App Exclude> - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="state_appincludes_csharp">
- Applications to include in discovery rule.
- Idp
Id string - The identifier for the Idp the rule should route to if all conditions are met.
- Idp
Type string - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- Name string
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - Network
Connection string - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - Network
Excludes List<string> - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - Network
Includes List<string> - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - Platform
Includes List<RuleIdp Discovery Platform Include> - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- Policy
Id string - Policy ID.
- Priority int
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- Status string
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - User
Identifier stringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - User
Identifier List<RulePatterns Idp Discovery User Identifier Pattern> - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - User
Identifier stringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- App
Excludes []RuleIdp Discovery App Exclude Args - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="state_appincludes_go">
- Applications to include in discovery rule.
- Idp
Id string - The identifier for the Idp the rule should route to if all conditions are met.
- Idp
Type string - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- Name string
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - Network
Connection string - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - Network
Excludes []string - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - Network
Includes []string - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - Platform
Includes []RuleIdp Discovery Platform Include Args - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- Policy
Id string - Policy ID.
- Priority int
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- Status string
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - User
Identifier stringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - User
Identifier []RulePatterns Idp Discovery User Identifier Pattern Args - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - User
Identifier stringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app
Excludes List<RuleIdp Discovery App Exclude> - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="state_appincludes_java">
- Applications to include in discovery rule.
- idp
Id String - The identifier for the Idp the rule should route to if all conditions are met.
- idp
Type String - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name String
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network
Connection String - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network
Excludes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network
Includes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform
Includes List<RuleIdp Discovery Platform Include> - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy
Id String - Policy ID.
- priority Integer
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status String
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user
Identifier StringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user
Identifier List<RulePatterns Idp Discovery User Identifier Pattern> - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user
Identifier StringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app
Excludes RuleIdp Discovery App Exclude[] - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="state_appincludes_nodejs">
- Applications to include in discovery rule.
- idp
Id string - The identifier for the Idp the rule should route to if all conditions are met.
- idp
Type string - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name string
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network
Connection string - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network
Excludes string[] - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network
Includes string[] - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform
Includes RuleIdp Discovery Platform Include[] - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy
Id string - Policy ID.
- priority number
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status string
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user
Identifier stringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user
Identifier RulePatterns Idp Discovery User Identifier Pattern[] - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user
Identifier stringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app_
excludes Sequence[RuleIdp Discovery App Exclude Args] - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="state_app_includes_python">
- Applications to include in discovery rule.
- idp_
id str - The identifier for the Idp the rule should route to if all conditions are met.
- idp_
type str - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name str
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network_
connection str - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network_
excludes Sequence[str] - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network_
includes Sequence[str] - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform_
includes Sequence[RuleIdp Discovery Platform Include Args] - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy_
id str - Policy ID.
- priority int
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status str
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user_
identifier_ strattribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user_
identifier_ Sequence[Rulepatterns Idp Discovery User Identifier Pattern Args] - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user_
identifier_ strtype - One of:
"IDENTIFIER"
,"ATTRIBUTE"
- app
Excludes List<Property Map> - Applications to exclude in discovery. See
app_include
for details.import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="state_appincludes_yaml">
- Applications to include in discovery rule.
- idp
Id String - The identifier for the Idp the rule should route to if all conditions are met.
- idp
Type String - Type of Idp. One of:
"SAML2"
,"IWA"
,"AgentlessDSSO"
,"X509"
,"FACEBOOK"
,"GOOGLE"
,"LINKEDIN"
,"MICROSOFT"
,"OIDC"
- name String
- Use if the
type
is"APP_TYPE"
to indicate the type of application(s) to include in instances where an entire group (i.e.yahoo_mail
) of applications should be included. - network
Connection String - The network selection mode. One of
"ANYWEHRE"
or"ZONE"
. - network
Excludes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to exclude. - network
Includes List<String> - Required if
network_connection
="ZONE"
. Indicates the network zones to include. - platform
Includes List<Property Map> - Platform to include in discovery rule. - ’type’ - (Optional) One of: ‘ANY’, ‘MOBILE’, ‘DESKTOP’ - ‘os_expression - (Optional) Only available when using os_type = ‘OTHER’ - ‘os_type’ - (Optional) One of: ‘ANY’, ‘IOS’, ‘WINDOWS’, ‘ANDROID’, ‘OTHER’, ‘OSX’
- policy
Id String - Policy ID.
- priority Number
- Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
- status String
- Idp rule status:
"ACTIVE"
or"INACTIVE"
. By default, it is"ACTIVE"
. - user
Identifier StringAttribute - Profile attribute matching can only have a single value that describes the type indicated in
user_identifier_type
. This is the attribute or identifier that theuser_identifier_patterns
are checked against. - user
Identifier List<Property Map>Patterns - Specifies a User Identifier pattern condition to match against. If
match_type
of"EXPRESSION"
is used, only a single element can be set, otherwise multiple elements of matching patterns may be provided. - user
Identifier StringType - One of:
"IDENTIFIER"
,"ATTRIBUTE"
Supporting Types
RuleIdpDiscoveryAppExclude, RuleIdpDiscoveryAppExcludeArgs
RuleIdpDiscoveryAppInclude, RuleIdpDiscoveryAppIncludeArgs
RuleIdpDiscoveryPlatformInclude, RuleIdpDiscoveryPlatformIncludeArgs
- Os
Expression string - Only available when using
os_type = "OTHER"
- Os
Type string - One of:
"ANY"
,"IOS"
,"WINDOWS"
,"ANDROID"
,"OTHER"
,"OSX"
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="type_csharp">
Type string
- One of:
"ANY"
,"MOBILE"
,"DESKTOP"
- Os
Expression string - Only available when using
os_type = "OTHER"
- Os
Type string - One of:
"ANY"
,"IOS"
,"WINDOWS"
,"ANDROID"
,"OTHER"
,"OSX"
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="type_go">
Type string
- One of:
"ANY"
,"MOBILE"
,"DESKTOP"
- os
Expression String - Only available when using
os_type = "OTHER"
- os
Type String - One of:
"ANY"
,"IOS"
,"WINDOWS"
,"ANDROID"
,"OTHER"
,"OSX"
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="type_java">
type String
- One of:
"ANY"
,"MOBILE"
,"DESKTOP"
- os
Expression string - Only available when using
os_type = "OTHER"
- os
Type string - One of:
"ANY"
,"IOS"
,"WINDOWS"
,"ANDROID"
,"OTHER"
,"OSX"
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="type_nodejs">
type string
- One of:
"ANY"
,"MOBILE"
,"DESKTOP"
- os_
expression str - Only available when using
os_type = "OTHER"
- os_
type str - One of:
"ANY"
,"IOS"
,"WINDOWS"
,"ANDROID"
,"OTHER"
,"OSX"
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="type_python">
type str
- One of:
"ANY"
,"MOBILE"
,"DESKTOP"
- os
Expression String - Only available when using
os_type = "OTHER"
- os
Type String - One of:
"ANY"
,"IOS"
,"WINDOWS"
,"ANDROID"
,"OTHER"
,"OSX"
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
title="Optional"> <span id="type_yaml">
type String
- One of:
"ANY"
,"MOBILE"
,"DESKTOP"
RuleIdpDiscoveryUserIdentifierPattern, RuleIdpDiscoveryUserIdentifierPatternArgs
- Match
Type string - The kind of pattern. For regex, use
"EXPRESSION"
. For simple string matches, use one of the following:"SUFFIX"
,"EQUALS"
,"STARTS_WITH"
,"CONTAINS"
- Value string
- The regex or simple match string to match against.
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- Match
Type string - The kind of pattern. For regex, use
"EXPRESSION"
. For simple string matches, use one of the following:"SUFFIX"
,"EQUALS"
,"STARTS_WITH"
,"CONTAINS"
- Value string
- The regex or simple match string to match against.
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- match
Type String - The kind of pattern. For regex, use
"EXPRESSION"
. For simple string matches, use one of the following:"SUFFIX"
,"EQUALS"
,"STARTS_WITH"
,"CONTAINS"
- value String
- The regex or simple match string to match against.
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- match
Type string - The kind of pattern. For regex, use
"EXPRESSION"
. For simple string matches, use one of the following:"SUFFIX"
,"EQUALS"
,"STARTS_WITH"
,"CONTAINS"
- value string
- The regex or simple match string to match against.
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- match_
type str - The kind of pattern. For regex, use
"EXPRESSION"
. For simple string matches, use one of the following:"SUFFIX"
,"EQUALS"
,"STARTS_WITH"
,"CONTAINS"
- value str
- The regex or simple match string to match against.
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- match
Type String - The kind of pattern. For regex, use
"EXPRESSION"
. For simple string matches, use one of the following:"SUFFIX"
,"EQUALS"
,"STARTS_WITH"
,"CONTAINS"
- value String
- The regex or simple match string to match against.
import * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
Import
A Policy Rule can be imported via the Policy and Rule ID.
$ pulumi import okta:policy/ruleIdpDiscovery:RuleIdpDiscovery example <policy id>/<rule id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
okta
Terraform Provider.