okta.PolicyPasswordDefault
Explore with Pulumi AI
Configures default password policy.
This resource allows you to configure default password policy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const _default = new okta.PolicyPasswordDefault("default", {});
import pulumi
import pulumi_okta as okta
default = okta.PolicyPasswordDefault("default")
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := okta.NewPolicyPasswordDefault(ctx, "default", nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var @default = new Okta.PolicyPasswordDefault("default");
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.PolicyPasswordDefault;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new PolicyPasswordDefault("default");
}
}
resources:
default:
type: okta:PolicyPasswordDefault
Create PolicyPasswordDefault Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyPasswordDefault(name: string, args?: PolicyPasswordDefaultArgs, opts?: CustomResourceOptions);
@overload
def PolicyPasswordDefault(resource_name: str,
args: Optional[PolicyPasswordDefaultArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyPasswordDefault(resource_name: str,
opts: Optional[ResourceOptions] = None,
call_recovery: Optional[str] = None,
email_recovery: Optional[str] = None,
password_auto_unlock_minutes: Optional[int] = None,
password_dictionary_lookup: Optional[bool] = None,
password_exclude_first_name: Optional[bool] = None,
password_exclude_last_name: Optional[bool] = None,
password_exclude_username: Optional[bool] = None,
password_expire_warn_days: Optional[int] = None,
password_history_count: Optional[int] = None,
password_lockout_notification_channels: Optional[Sequence[str]] = None,
password_max_age_days: Optional[int] = None,
password_max_lockout_attempts: Optional[int] = None,
password_min_age_minutes: Optional[int] = None,
password_min_length: Optional[int] = None,
password_min_lowercase: Optional[int] = None,
password_min_number: Optional[int] = None,
password_min_symbol: Optional[int] = None,
password_min_uppercase: Optional[int] = None,
password_show_lockout_failures: Optional[bool] = None,
question_min_length: Optional[int] = None,
question_recovery: Optional[str] = None,
recovery_email_token: Optional[int] = None,
skip_unlock: Optional[bool] = None,
sms_recovery: Optional[str] = None)
func NewPolicyPasswordDefault(ctx *Context, name string, args *PolicyPasswordDefaultArgs, opts ...ResourceOption) (*PolicyPasswordDefault, error)
public PolicyPasswordDefault(string name, PolicyPasswordDefaultArgs? args = null, CustomResourceOptions? opts = null)
public PolicyPasswordDefault(String name, PolicyPasswordDefaultArgs args)
public PolicyPasswordDefault(String name, PolicyPasswordDefaultArgs args, CustomResourceOptions options)
type: okta:PolicyPasswordDefault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyPasswordDefaultArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyPasswordDefaultArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyPasswordDefaultArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyPasswordDefaultArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyPasswordDefaultArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var policyPasswordDefaultResource = new Okta.PolicyPasswordDefault("policyPasswordDefaultResource", new()
{
CallRecovery = "string",
EmailRecovery = "string",
PasswordAutoUnlockMinutes = 0,
PasswordDictionaryLookup = false,
PasswordExcludeFirstName = false,
PasswordExcludeLastName = false,
PasswordExcludeUsername = false,
PasswordExpireWarnDays = 0,
PasswordHistoryCount = 0,
PasswordLockoutNotificationChannels = new[]
{
"string",
},
PasswordMaxAgeDays = 0,
PasswordMaxLockoutAttempts = 0,
PasswordMinAgeMinutes = 0,
PasswordMinLength = 0,
PasswordMinLowercase = 0,
PasswordMinNumber = 0,
PasswordMinSymbol = 0,
PasswordMinUppercase = 0,
PasswordShowLockoutFailures = false,
QuestionMinLength = 0,
QuestionRecovery = "string",
RecoveryEmailToken = 0,
SkipUnlock = false,
SmsRecovery = "string",
});
example, err := okta.NewPolicyPasswordDefault(ctx, "policyPasswordDefaultResource", &okta.PolicyPasswordDefaultArgs{
CallRecovery: pulumi.String("string"),
EmailRecovery: pulumi.String("string"),
PasswordAutoUnlockMinutes: pulumi.Int(0),
PasswordDictionaryLookup: pulumi.Bool(false),
PasswordExcludeFirstName: pulumi.Bool(false),
PasswordExcludeLastName: pulumi.Bool(false),
PasswordExcludeUsername: pulumi.Bool(false),
PasswordExpireWarnDays: pulumi.Int(0),
PasswordHistoryCount: pulumi.Int(0),
PasswordLockoutNotificationChannels: pulumi.StringArray{
pulumi.String("string"),
},
PasswordMaxAgeDays: pulumi.Int(0),
PasswordMaxLockoutAttempts: pulumi.Int(0),
PasswordMinAgeMinutes: pulumi.Int(0),
PasswordMinLength: pulumi.Int(0),
PasswordMinLowercase: pulumi.Int(0),
PasswordMinNumber: pulumi.Int(0),
PasswordMinSymbol: pulumi.Int(0),
PasswordMinUppercase: pulumi.Int(0),
PasswordShowLockoutFailures: pulumi.Bool(false),
QuestionMinLength: pulumi.Int(0),
QuestionRecovery: pulumi.String("string"),
RecoveryEmailToken: pulumi.Int(0),
SkipUnlock: pulumi.Bool(false),
SmsRecovery: pulumi.String("string"),
})
var policyPasswordDefaultResource = new PolicyPasswordDefault("policyPasswordDefaultResource", PolicyPasswordDefaultArgs.builder()
.callRecovery("string")
.emailRecovery("string")
.passwordAutoUnlockMinutes(0)
.passwordDictionaryLookup(false)
.passwordExcludeFirstName(false)
.passwordExcludeLastName(false)
.passwordExcludeUsername(false)
.passwordExpireWarnDays(0)
.passwordHistoryCount(0)
.passwordLockoutNotificationChannels("string")
.passwordMaxAgeDays(0)
.passwordMaxLockoutAttempts(0)
.passwordMinAgeMinutes(0)
.passwordMinLength(0)
.passwordMinLowercase(0)
.passwordMinNumber(0)
.passwordMinSymbol(0)
.passwordMinUppercase(0)
.passwordShowLockoutFailures(false)
.questionMinLength(0)
.questionRecovery("string")
.recoveryEmailToken(0)
.skipUnlock(false)
.smsRecovery("string")
.build());
policy_password_default_resource = okta.PolicyPasswordDefault("policyPasswordDefaultResource",
call_recovery="string",
email_recovery="string",
password_auto_unlock_minutes=0,
password_dictionary_lookup=False,
password_exclude_first_name=False,
password_exclude_last_name=False,
password_exclude_username=False,
password_expire_warn_days=0,
password_history_count=0,
password_lockout_notification_channels=["string"],
password_max_age_days=0,
password_max_lockout_attempts=0,
password_min_age_minutes=0,
password_min_length=0,
password_min_lowercase=0,
password_min_number=0,
password_min_symbol=0,
password_min_uppercase=0,
password_show_lockout_failures=False,
question_min_length=0,
question_recovery="string",
recovery_email_token=0,
skip_unlock=False,
sms_recovery="string")
const policyPasswordDefaultResource = new okta.PolicyPasswordDefault("policyPasswordDefaultResource", {
callRecovery: "string",
emailRecovery: "string",
passwordAutoUnlockMinutes: 0,
passwordDictionaryLookup: false,
passwordExcludeFirstName: false,
passwordExcludeLastName: false,
passwordExcludeUsername: false,
passwordExpireWarnDays: 0,
passwordHistoryCount: 0,
passwordLockoutNotificationChannels: ["string"],
passwordMaxAgeDays: 0,
passwordMaxLockoutAttempts: 0,
passwordMinAgeMinutes: 0,
passwordMinLength: 0,
passwordMinLowercase: 0,
passwordMinNumber: 0,
passwordMinSymbol: 0,
passwordMinUppercase: 0,
passwordShowLockoutFailures: false,
questionMinLength: 0,
questionRecovery: "string",
recoveryEmailToken: 0,
skipUnlock: false,
smsRecovery: "string",
});
type: okta:PolicyPasswordDefault
properties:
callRecovery: string
emailRecovery: string
passwordAutoUnlockMinutes: 0
passwordDictionaryLookup: false
passwordExcludeFirstName: false
passwordExcludeLastName: false
passwordExcludeUsername: false
passwordExpireWarnDays: 0
passwordHistoryCount: 0
passwordLockoutNotificationChannels:
- string
passwordMaxAgeDays: 0
passwordMaxLockoutAttempts: 0
passwordMinAgeMinutes: 0
passwordMinLength: 0
passwordMinLowercase: 0
passwordMinNumber: 0
passwordMinSymbol: 0
passwordMinUppercase: 0
passwordShowLockoutFailures: false
questionMinLength: 0
questionRecovery: string
recoveryEmailToken: 0
skipUnlock: false
smsRecovery: string
PolicyPasswordDefault Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The PolicyPasswordDefault resource accepts the following input properties:
- Call
Recovery string - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- Email
Recovery string - Enable or disable email password recovery: ACTIVE or INACTIVE.
- Password
Auto intUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- Password
Dictionary boolLookup - Check Passwords Against Common Password Dictionary.
- Password
Exclude boolFirst Name - User firstName attribute must be excluded from the password.
- Password
Exclude boolLast Name - User lastName attribute must be excluded from the password.
- Password
Exclude boolUsername - If the username must be excluded from the password.
- Password
Expire intWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- Password
History intCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- Password
Lockout List<string>Notification Channels - Notification channels to use to notify a user when their account has been locked.
- Password
Max intAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- Password
Max intLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- Password
Min intAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- Password
Min intLength - Minimum password length. Default is 8.
- Password
Min intLowercase - Minimum number of lower case characters in a password.
- Password
Min intNumber - Minimum number of numbers in a password.
- Password
Min intSymbol - Minimum number of symbols in a password.
- Password
Min intUppercase - Minimum number of upper case characters in a password.
- Password
Show boolLockout Failures - If a user should be informed when their account is locked.
- Question
Min intLength - Min length of the password recovery question answer.
- Question
Recovery string - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- Recovery
Email intToken - Lifetime in minutes of the recovery email token.
- Skip
Unlock bool - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- Sms
Recovery string - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- Call
Recovery string - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- Email
Recovery string - Enable or disable email password recovery: ACTIVE or INACTIVE.
- Password
Auto intUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- Password
Dictionary boolLookup - Check Passwords Against Common Password Dictionary.
- Password
Exclude boolFirst Name - User firstName attribute must be excluded from the password.
- Password
Exclude boolLast Name - User lastName attribute must be excluded from the password.
- Password
Exclude boolUsername - If the username must be excluded from the password.
- Password
Expire intWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- Password
History intCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- Password
Lockout []stringNotification Channels - Notification channels to use to notify a user when their account has been locked.
- Password
Max intAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- Password
Max intLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- Password
Min intAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- Password
Min intLength - Minimum password length. Default is 8.
- Password
Min intLowercase - Minimum number of lower case characters in a password.
- Password
Min intNumber - Minimum number of numbers in a password.
- Password
Min intSymbol - Minimum number of symbols in a password.
- Password
Min intUppercase - Minimum number of upper case characters in a password.
- Password
Show boolLockout Failures - If a user should be informed when their account is locked.
- Question
Min intLength - Min length of the password recovery question answer.
- Question
Recovery string - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- Recovery
Email intToken - Lifetime in minutes of the recovery email token.
- Skip
Unlock bool - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- Sms
Recovery string - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- call
Recovery String - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- email
Recovery String - Enable or disable email password recovery: ACTIVE or INACTIVE.
- password
Auto IntegerUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password
Dictionary BooleanLookup - Check Passwords Against Common Password Dictionary.
- password
Exclude BooleanFirst Name - User firstName attribute must be excluded from the password.
- password
Exclude BooleanLast Name - User lastName attribute must be excluded from the password.
- password
Exclude BooleanUsername - If the username must be excluded from the password.
- password
Expire IntegerWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- password
History IntegerCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password
Lockout List<String>Notification Channels - Notification channels to use to notify a user when their account has been locked.
- password
Max IntegerAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- password
Max IntegerLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password
Min IntegerAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password
Min IntegerLength - Minimum password length. Default is 8.
- password
Min IntegerLowercase - Minimum number of lower case characters in a password.
- password
Min IntegerNumber - Minimum number of numbers in a password.
- password
Min IntegerSymbol - Minimum number of symbols in a password.
- password
Min IntegerUppercase - Minimum number of upper case characters in a password.
- password
Show BooleanLockout Failures - If a user should be informed when their account is locked.
- question
Min IntegerLength - Min length of the password recovery question answer.
- question
Recovery String - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery
Email IntegerToken - Lifetime in minutes of the recovery email token.
- skip
Unlock Boolean - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms
Recovery String - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- call
Recovery string - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- email
Recovery string - Enable or disable email password recovery: ACTIVE or INACTIVE.
- password
Auto numberUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password
Dictionary booleanLookup - Check Passwords Against Common Password Dictionary.
- password
Exclude booleanFirst Name - User firstName attribute must be excluded from the password.
- password
Exclude booleanLast Name - User lastName attribute must be excluded from the password.
- password
Exclude booleanUsername - If the username must be excluded from the password.
- password
Expire numberWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- password
History numberCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password
Lockout string[]Notification Channels - Notification channels to use to notify a user when their account has been locked.
- password
Max numberAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- password
Max numberLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password
Min numberAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password
Min numberLength - Minimum password length. Default is 8.
- password
Min numberLowercase - Minimum number of lower case characters in a password.
- password
Min numberNumber - Minimum number of numbers in a password.
- password
Min numberSymbol - Minimum number of symbols in a password.
- password
Min numberUppercase - Minimum number of upper case characters in a password.
- password
Show booleanLockout Failures - If a user should be informed when their account is locked.
- question
Min numberLength - Min length of the password recovery question answer.
- question
Recovery string - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery
Email numberToken - Lifetime in minutes of the recovery email token.
- skip
Unlock boolean - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms
Recovery string - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- call_
recovery str - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- email_
recovery str - Enable or disable email password recovery: ACTIVE or INACTIVE.
- password_
auto_ intunlock_ minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password_
dictionary_ boollookup - Check Passwords Against Common Password Dictionary.
- password_
exclude_ boolfirst_ name - User firstName attribute must be excluded from the password.
- password_
exclude_ boollast_ name - User lastName attribute must be excluded from the password.
- password_
exclude_ boolusername - If the username must be excluded from the password.
- password_
expire_ intwarn_ days - Length in days a user will be warned before password expiry: 0 = no warning.
- password_
history_ intcount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password_
lockout_ Sequence[str]notification_ channels - Notification channels to use to notify a user when their account has been locked.
- password_
max_ intage_ days - Length in days a password is valid before expiry: 0 = no limit.,
- password_
max_ intlockout_ attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password_
min_ intage_ minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password_
min_ intlength - Minimum password length. Default is 8.
- password_
min_ intlowercase - Minimum number of lower case characters in a password.
- password_
min_ intnumber - Minimum number of numbers in a password.
- password_
min_ intsymbol - Minimum number of symbols in a password.
- password_
min_ intuppercase - Minimum number of upper case characters in a password.
- password_
show_ boollockout_ failures - If a user should be informed when their account is locked.
- question_
min_ intlength - Min length of the password recovery question answer.
- question_
recovery str - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery_
email_ inttoken - Lifetime in minutes of the recovery email token.
- skip_
unlock bool - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms_
recovery str - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- call
Recovery String - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- email
Recovery String - Enable or disable email password recovery: ACTIVE or INACTIVE.
- password
Auto NumberUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password
Dictionary BooleanLookup - Check Passwords Against Common Password Dictionary.
- password
Exclude BooleanFirst Name - User firstName attribute must be excluded from the password.
- password
Exclude BooleanLast Name - User lastName attribute must be excluded from the password.
- password
Exclude BooleanUsername - If the username must be excluded from the password.
- password
Expire NumberWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- password
History NumberCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password
Lockout List<String>Notification Channels - Notification channels to use to notify a user when their account has been locked.
- password
Max NumberAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- password
Max NumberLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password
Min NumberAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password
Min NumberLength - Minimum password length. Default is 8.
- password
Min NumberLowercase - Minimum number of lower case characters in a password.
- password
Min NumberNumber - Minimum number of numbers in a password.
- password
Min NumberSymbol - Minimum number of symbols in a password.
- password
Min NumberUppercase - Minimum number of upper case characters in a password.
- password
Show BooleanLockout Failures - If a user should be informed when their account is locked.
- question
Min NumberLength - Min length of the password recovery question answer.
- question
Recovery String - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery
Email NumberToken - Lifetime in minutes of the recovery email token.
- skip
Unlock Boolean - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms
Recovery String - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyPasswordDefault resource produces the following output properties:
- Default
Auth stringProvider - Default authentication provider.
- Default
Included stringGroup Id - ID of the default Okta group.
- Description string
- Default policy description.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Default policy name.
- Priority int
- Default policy priority.
- Status string
- Default policy status.
- Default
Auth stringProvider - Default authentication provider.
- Default
Included stringGroup Id - ID of the default Okta group.
- Description string
- Default policy description.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Default policy name.
- Priority int
- Default policy priority.
- Status string
- Default policy status.
- default
Auth StringProvider - Default authentication provider.
- default
Included StringGroup Id - ID of the default Okta group.
- description String
- Default policy description.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Default policy name.
- priority Integer
- Default policy priority.
- status String
- Default policy status.
- default
Auth stringProvider - Default authentication provider.
- default
Included stringGroup Id - ID of the default Okta group.
- description string
- Default policy description.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- Default policy name.
- priority number
- Default policy priority.
- status string
- Default policy status.
- default_
auth_ strprovider - Default authentication provider.
- default_
included_ strgroup_ id - ID of the default Okta group.
- description str
- Default policy description.
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- Default policy name.
- priority int
- Default policy priority.
- status str
- Default policy status.
- default
Auth StringProvider - Default authentication provider.
- default
Included StringGroup Id - ID of the default Okta group.
- description String
- Default policy description.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Default policy name.
- priority Number
- Default policy priority.
- status String
- Default policy status.
Look up Existing PolicyPasswordDefault Resource
Get an existing PolicyPasswordDefault resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PolicyPasswordDefaultState, opts?: CustomResourceOptions): PolicyPasswordDefault
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
call_recovery: Optional[str] = None,
default_auth_provider: Optional[str] = None,
default_included_group_id: Optional[str] = None,
description: Optional[str] = None,
email_recovery: Optional[str] = None,
name: Optional[str] = None,
password_auto_unlock_minutes: Optional[int] = None,
password_dictionary_lookup: Optional[bool] = None,
password_exclude_first_name: Optional[bool] = None,
password_exclude_last_name: Optional[bool] = None,
password_exclude_username: Optional[bool] = None,
password_expire_warn_days: Optional[int] = None,
password_history_count: Optional[int] = None,
password_lockout_notification_channels: Optional[Sequence[str]] = None,
password_max_age_days: Optional[int] = None,
password_max_lockout_attempts: Optional[int] = None,
password_min_age_minutes: Optional[int] = None,
password_min_length: Optional[int] = None,
password_min_lowercase: Optional[int] = None,
password_min_number: Optional[int] = None,
password_min_symbol: Optional[int] = None,
password_min_uppercase: Optional[int] = None,
password_show_lockout_failures: Optional[bool] = None,
priority: Optional[int] = None,
question_min_length: Optional[int] = None,
question_recovery: Optional[str] = None,
recovery_email_token: Optional[int] = None,
skip_unlock: Optional[bool] = None,
sms_recovery: Optional[str] = None,
status: Optional[str] = None) -> PolicyPasswordDefault
func GetPolicyPasswordDefault(ctx *Context, name string, id IDInput, state *PolicyPasswordDefaultState, opts ...ResourceOption) (*PolicyPasswordDefault, error)
public static PolicyPasswordDefault Get(string name, Input<string> id, PolicyPasswordDefaultState? state, CustomResourceOptions? opts = null)
public static PolicyPasswordDefault get(String name, Output<String> id, PolicyPasswordDefaultState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Call
Recovery string - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- Default
Auth stringProvider - Default authentication provider.
- Default
Included stringGroup Id - ID of the default Okta group.
- Description string
- Default policy description.
- Email
Recovery string - Enable or disable email password recovery: ACTIVE or INACTIVE.
- Name string
- Default policy name.
- Password
Auto intUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- Password
Dictionary boolLookup - Check Passwords Against Common Password Dictionary.
- Password
Exclude boolFirst Name - User firstName attribute must be excluded from the password.
- Password
Exclude boolLast Name - User lastName attribute must be excluded from the password.
- Password
Exclude boolUsername - If the username must be excluded from the password.
- Password
Expire intWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- Password
History intCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- Password
Lockout List<string>Notification Channels - Notification channels to use to notify a user when their account has been locked.
- Password
Max intAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- Password
Max intLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- Password
Min intAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- Password
Min intLength - Minimum password length. Default is 8.
- Password
Min intLowercase - Minimum number of lower case characters in a password.
- Password
Min intNumber - Minimum number of numbers in a password.
- Password
Min intSymbol - Minimum number of symbols in a password.
- Password
Min intUppercase - Minimum number of upper case characters in a password.
- Password
Show boolLockout Failures - If a user should be informed when their account is locked.
- Priority int
- Default policy priority.
- Question
Min intLength - Min length of the password recovery question answer.
- Question
Recovery string - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- Recovery
Email intToken - Lifetime in minutes of the recovery email token.
- Skip
Unlock bool - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- Sms
Recovery string - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- Status string
- Default policy status.
- Call
Recovery string - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- Default
Auth stringProvider - Default authentication provider.
- Default
Included stringGroup Id - ID of the default Okta group.
- Description string
- Default policy description.
- Email
Recovery string - Enable or disable email password recovery: ACTIVE or INACTIVE.
- Name string
- Default policy name.
- Password
Auto intUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- Password
Dictionary boolLookup - Check Passwords Against Common Password Dictionary.
- Password
Exclude boolFirst Name - User firstName attribute must be excluded from the password.
- Password
Exclude boolLast Name - User lastName attribute must be excluded from the password.
- Password
Exclude boolUsername - If the username must be excluded from the password.
- Password
Expire intWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- Password
History intCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- Password
Lockout []stringNotification Channels - Notification channels to use to notify a user when their account has been locked.
- Password
Max intAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- Password
Max intLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- Password
Min intAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- Password
Min intLength - Minimum password length. Default is 8.
- Password
Min intLowercase - Minimum number of lower case characters in a password.
- Password
Min intNumber - Minimum number of numbers in a password.
- Password
Min intSymbol - Minimum number of symbols in a password.
- Password
Min intUppercase - Minimum number of upper case characters in a password.
- Password
Show boolLockout Failures - If a user should be informed when their account is locked.
- Priority int
- Default policy priority.
- Question
Min intLength - Min length of the password recovery question answer.
- Question
Recovery string - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- Recovery
Email intToken - Lifetime in minutes of the recovery email token.
- Skip
Unlock bool - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- Sms
Recovery string - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- Status string
- Default policy status.
- call
Recovery String - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- default
Auth StringProvider - Default authentication provider.
- default
Included StringGroup Id - ID of the default Okta group.
- description String
- Default policy description.
- email
Recovery String - Enable or disable email password recovery: ACTIVE or INACTIVE.
- name String
- Default policy name.
- password
Auto IntegerUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password
Dictionary BooleanLookup - Check Passwords Against Common Password Dictionary.
- password
Exclude BooleanFirst Name - User firstName attribute must be excluded from the password.
- password
Exclude BooleanLast Name - User lastName attribute must be excluded from the password.
- password
Exclude BooleanUsername - If the username must be excluded from the password.
- password
Expire IntegerWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- password
History IntegerCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password
Lockout List<String>Notification Channels - Notification channels to use to notify a user when their account has been locked.
- password
Max IntegerAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- password
Max IntegerLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password
Min IntegerAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password
Min IntegerLength - Minimum password length. Default is 8.
- password
Min IntegerLowercase - Minimum number of lower case characters in a password.
- password
Min IntegerNumber - Minimum number of numbers in a password.
- password
Min IntegerSymbol - Minimum number of symbols in a password.
- password
Min IntegerUppercase - Minimum number of upper case characters in a password.
- password
Show BooleanLockout Failures - If a user should be informed when their account is locked.
- priority Integer
- Default policy priority.
- question
Min IntegerLength - Min length of the password recovery question answer.
- question
Recovery String - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery
Email IntegerToken - Lifetime in minutes of the recovery email token.
- skip
Unlock Boolean - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms
Recovery String - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- status String
- Default policy status.
- call
Recovery string - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- default
Auth stringProvider - Default authentication provider.
- default
Included stringGroup Id - ID of the default Okta group.
- description string
- Default policy description.
- email
Recovery string - Enable or disable email password recovery: ACTIVE or INACTIVE.
- name string
- Default policy name.
- password
Auto numberUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password
Dictionary booleanLookup - Check Passwords Against Common Password Dictionary.
- password
Exclude booleanFirst Name - User firstName attribute must be excluded from the password.
- password
Exclude booleanLast Name - User lastName attribute must be excluded from the password.
- password
Exclude booleanUsername - If the username must be excluded from the password.
- password
Expire numberWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- password
History numberCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password
Lockout string[]Notification Channels - Notification channels to use to notify a user when their account has been locked.
- password
Max numberAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- password
Max numberLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password
Min numberAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password
Min numberLength - Minimum password length. Default is 8.
- password
Min numberLowercase - Minimum number of lower case characters in a password.
- password
Min numberNumber - Minimum number of numbers in a password.
- password
Min numberSymbol - Minimum number of symbols in a password.
- password
Min numberUppercase - Minimum number of upper case characters in a password.
- password
Show booleanLockout Failures - If a user should be informed when their account is locked.
- priority number
- Default policy priority.
- question
Min numberLength - Min length of the password recovery question answer.
- question
Recovery string - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery
Email numberToken - Lifetime in minutes of the recovery email token.
- skip
Unlock boolean - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms
Recovery string - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- status string
- Default policy status.
- call_
recovery str - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- default_
auth_ strprovider - Default authentication provider.
- default_
included_ strgroup_ id - ID of the default Okta group.
- description str
- Default policy description.
- email_
recovery str - Enable or disable email password recovery: ACTIVE or INACTIVE.
- name str
- Default policy name.
- password_
auto_ intunlock_ minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password_
dictionary_ boollookup - Check Passwords Against Common Password Dictionary.
- password_
exclude_ boolfirst_ name - User firstName attribute must be excluded from the password.
- password_
exclude_ boollast_ name - User lastName attribute must be excluded from the password.
- password_
exclude_ boolusername - If the username must be excluded from the password.
- password_
expire_ intwarn_ days - Length in days a user will be warned before password expiry: 0 = no warning.
- password_
history_ intcount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password_
lockout_ Sequence[str]notification_ channels - Notification channels to use to notify a user when their account has been locked.
- password_
max_ intage_ days - Length in days a password is valid before expiry: 0 = no limit.,
- password_
max_ intlockout_ attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password_
min_ intage_ minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password_
min_ intlength - Minimum password length. Default is 8.
- password_
min_ intlowercase - Minimum number of lower case characters in a password.
- password_
min_ intnumber - Minimum number of numbers in a password.
- password_
min_ intsymbol - Minimum number of symbols in a password.
- password_
min_ intuppercase - Minimum number of upper case characters in a password.
- password_
show_ boollockout_ failures - If a user should be informed when their account is locked.
- priority int
- Default policy priority.
- question_
min_ intlength - Min length of the password recovery question answer.
- question_
recovery str - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery_
email_ inttoken - Lifetime in minutes of the recovery email token.
- skip_
unlock bool - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms_
recovery str - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- status str
- Default policy status.
- call
Recovery String - Enable or disable voice call password recovery: ACTIVE or INACTIVE.
- default
Auth StringProvider - Default authentication provider.
- default
Included StringGroup Id - ID of the default Okta group.
- description String
- Default policy description.
- email
Recovery String - Enable or disable email password recovery: ACTIVE or INACTIVE.
- name String
- Default policy name.
- password
Auto NumberUnlock Minutes - Number of minutes before a locked account is unlocked: 0 = no limit.
- password
Dictionary BooleanLookup - Check Passwords Against Common Password Dictionary.
- password
Exclude BooleanFirst Name - User firstName attribute must be excluded from the password.
- password
Exclude BooleanLast Name - User lastName attribute must be excluded from the password.
- password
Exclude BooleanUsername - If the username must be excluded from the password.
- password
Expire NumberWarn Days - Length in days a user will be warned before password expiry: 0 = no warning.
- password
History NumberCount - Number of distinct passwords that must be created before they can be reused: 0 = none.
- password
Lockout List<String>Notification Channels - Notification channels to use to notify a user when their account has been locked.
- password
Max NumberAge Days - Length in days a password is valid before expiry: 0 = no limit.,
- password
Max NumberLockout Attempts - Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
- password
Min NumberAge Minutes - Minimum time interval in minutes between password changes: 0 = no limit.
- password
Min NumberLength - Minimum password length. Default is 8.
- password
Min NumberLowercase - Minimum number of lower case characters in a password.
- password
Min NumberNumber - Minimum number of numbers in a password.
- password
Min NumberSymbol - Minimum number of symbols in a password.
- password
Min NumberUppercase - Minimum number of upper case characters in a password.
- password
Show BooleanLockout Failures - If a user should be informed when their account is locked.
- priority Number
- Default policy priority.
- question
Min NumberLength - Min length of the password recovery question answer.
- question
Recovery String - Enable or disable security question password recovery: ACTIVE or INACTIVE.
- recovery
Email NumberToken - Lifetime in minutes of the recovery email token.
- skip
Unlock Boolean - When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
- sms
Recovery String - Enable or disable SMS password recovery: ACTIVE or INACTIVE.
- status String
- Default policy status.
Import
Default Password Policy can be imported without providing Okta ID.
$ pulumi import okta:index/policyPasswordDefault:PolicyPasswordDefault example .
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
okta
Terraform Provider.