Okta v4.8.1, Apr 18 24

Okta v4.8.1 published on Thursday, Apr 18, 2024 by Pulumi

okta.PolicyPasswordDefault

Explore with Pulumi AI

Okta v4.8.1 published on Thursday, Apr 18, 2024 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const _default = new okta.PolicyPasswordDefault("default", {});

import pulumi
import pulumi_okta as okta

default = okta.PolicyPasswordDefault("default")

package main

import (
	"github.com/pulumi/pulumi-okta/sdk/v4/go/okta"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := okta.NewPolicyPasswordDefault(ctx, "default", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;

return await Deployment.RunAsync(() => 
{
    var @default = new Okta.PolicyPasswordDefault("default");

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.PolicyPasswordDefault;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var default_ = new PolicyPasswordDefault("default");

    }
}

resources:
  default:
    type: okta:PolicyPasswordDefault

Create PolicyPasswordDefault Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PolicyPasswordDefault(name: string, args?: PolicyPasswordDefaultArgs, opts?: CustomResourceOptions);

@overload
def PolicyPasswordDefault(resource_name: str,
                          args: Optional[PolicyPasswordDefaultArgs] = None,
                          opts: Optional[ResourceOptions] = None)

@overload
def PolicyPasswordDefault(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          call_recovery: Optional[str] = None,
                          email_recovery: Optional[str] = None,
                          password_auto_unlock_minutes: Optional[int] = None,
                          password_dictionary_lookup: Optional[bool] = None,
                          password_exclude_first_name: Optional[bool] = None,
                          password_exclude_last_name: Optional[bool] = None,
                          password_exclude_username: Optional[bool] = None,
                          password_expire_warn_days: Optional[int] = None,
                          password_history_count: Optional[int] = None,
                          password_lockout_notification_channels: Optional[Sequence[str]] = None,
                          password_max_age_days: Optional[int] = None,
                          password_max_lockout_attempts: Optional[int] = None,
                          password_min_age_minutes: Optional[int] = None,
                          password_min_length: Optional[int] = None,
                          password_min_lowercase: Optional[int] = None,
                          password_min_number: Optional[int] = None,
                          password_min_symbol: Optional[int] = None,
                          password_min_uppercase: Optional[int] = None,
                          password_show_lockout_failures: Optional[bool] = None,
                          question_min_length: Optional[int] = None,
                          question_recovery: Optional[str] = None,
                          recovery_email_token: Optional[int] = None,
                          skip_unlock: Optional[bool] = None,
                          sms_recovery: Optional[str] = None)

func NewPolicyPasswordDefault(ctx *Context, name string, args *PolicyPasswordDefaultArgs, opts ...ResourceOption) (*PolicyPasswordDefault, error)

public PolicyPasswordDefault(string name, PolicyPasswordDefaultArgs? args = null, CustomResourceOptions? opts = null)

public PolicyPasswordDefault(String name, PolicyPasswordDefaultArgs args)
public PolicyPasswordDefault(String name, PolicyPasswordDefaultArgs args, CustomResourceOptions options)

type: okta:PolicyPasswordDefault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PolicyPasswordDefaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicyPasswordDefaultArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicyPasswordDefaultArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyPasswordDefaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicyPasswordDefaultArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Example

The following reference example uses placeholder values for all input properties.

var policyPasswordDefaultResource = new Okta.PolicyPasswordDefault("policyPasswordDefaultResource", new()
{
    CallRecovery = "string",
    EmailRecovery = "string",
    PasswordAutoUnlockMinutes = 0,
    PasswordDictionaryLookup = false,
    PasswordExcludeFirstName = false,
    PasswordExcludeLastName = false,
    PasswordExcludeUsername = false,
    PasswordExpireWarnDays = 0,
    PasswordHistoryCount = 0,
    PasswordLockoutNotificationChannels = new[]
    {
        "string",
    },
    PasswordMaxAgeDays = 0,
    PasswordMaxLockoutAttempts = 0,
    PasswordMinAgeMinutes = 0,
    PasswordMinLength = 0,
    PasswordMinLowercase = 0,
    PasswordMinNumber = 0,
    PasswordMinSymbol = 0,
    PasswordMinUppercase = 0,
    PasswordShowLockoutFailures = false,
    QuestionMinLength = 0,
    QuestionRecovery = "string",
    RecoveryEmailToken = 0,
    SkipUnlock = false,
    SmsRecovery = "string",
});

example, err := okta.NewPolicyPasswordDefault(ctx, "policyPasswordDefaultResource", &okta.PolicyPasswordDefaultArgs{
	CallRecovery:              pulumi.String("string"),
	EmailRecovery:             pulumi.String("string"),
	PasswordAutoUnlockMinutes: pulumi.Int(0),
	PasswordDictionaryLookup:  pulumi.Bool(false),
	PasswordExcludeFirstName:  pulumi.Bool(false),
	PasswordExcludeLastName:   pulumi.Bool(false),
	PasswordExcludeUsername:   pulumi.Bool(false),
	PasswordExpireWarnDays:    pulumi.Int(0),
	PasswordHistoryCount:      pulumi.Int(0),
	PasswordLockoutNotificationChannels: pulumi.StringArray{
		pulumi.String("string"),
	},
	PasswordMaxAgeDays:          pulumi.Int(0),
	PasswordMaxLockoutAttempts:  pulumi.Int(0),
	PasswordMinAgeMinutes:       pulumi.Int(0),
	PasswordMinLength:           pulumi.Int(0),
	PasswordMinLowercase:        pulumi.Int(0),
	PasswordMinNumber:           pulumi.Int(0),
	PasswordMinSymbol:           pulumi.Int(0),
	PasswordMinUppercase:        pulumi.Int(0),
	PasswordShowLockoutFailures: pulumi.Bool(false),
	QuestionMinLength:           pulumi.Int(0),
	QuestionRecovery:            pulumi.String("string"),
	RecoveryEmailToken:          pulumi.Int(0),
	SkipUnlock:                  pulumi.Bool(false),
	SmsRecovery:                 pulumi.String("string"),
})

var policyPasswordDefaultResource = new PolicyPasswordDefault("policyPasswordDefaultResource", PolicyPasswordDefaultArgs.builder()        
    .callRecovery("string")
    .emailRecovery("string")
    .passwordAutoUnlockMinutes(0)
    .passwordDictionaryLookup(false)
    .passwordExcludeFirstName(false)
    .passwordExcludeLastName(false)
    .passwordExcludeUsername(false)
    .passwordExpireWarnDays(0)
    .passwordHistoryCount(0)
    .passwordLockoutNotificationChannels("string")
    .passwordMaxAgeDays(0)
    .passwordMaxLockoutAttempts(0)
    .passwordMinAgeMinutes(0)
    .passwordMinLength(0)
    .passwordMinLowercase(0)
    .passwordMinNumber(0)
    .passwordMinSymbol(0)
    .passwordMinUppercase(0)
    .passwordShowLockoutFailures(false)
    .questionMinLength(0)
    .questionRecovery("string")
    .recoveryEmailToken(0)
    .skipUnlock(false)
    .smsRecovery("string")
    .build());

policy_password_default_resource = okta.PolicyPasswordDefault("policyPasswordDefaultResource",
    call_recovery="string",
    email_recovery="string",
    password_auto_unlock_minutes=0,
    password_dictionary_lookup=False,
    password_exclude_first_name=False,
    password_exclude_last_name=False,
    password_exclude_username=False,
    password_expire_warn_days=0,
    password_history_count=0,
    password_lockout_notification_channels=["string"],
    password_max_age_days=0,
    password_max_lockout_attempts=0,
    password_min_age_minutes=0,
    password_min_length=0,
    password_min_lowercase=0,
    password_min_number=0,
    password_min_symbol=0,
    password_min_uppercase=0,
    password_show_lockout_failures=False,
    question_min_length=0,
    question_recovery="string",
    recovery_email_token=0,
    skip_unlock=False,
    sms_recovery="string")

const policyPasswordDefaultResource = new okta.PolicyPasswordDefault("policyPasswordDefaultResource", {
    callRecovery: "string",
    emailRecovery: "string",
    passwordAutoUnlockMinutes: 0,
    passwordDictionaryLookup: false,
    passwordExcludeFirstName: false,
    passwordExcludeLastName: false,
    passwordExcludeUsername: false,
    passwordExpireWarnDays: 0,
    passwordHistoryCount: 0,
    passwordLockoutNotificationChannels: ["string"],
    passwordMaxAgeDays: 0,
    passwordMaxLockoutAttempts: 0,
    passwordMinAgeMinutes: 0,
    passwordMinLength: 0,
    passwordMinLowercase: 0,
    passwordMinNumber: 0,
    passwordMinSymbol: 0,
    passwordMinUppercase: 0,
    passwordShowLockoutFailures: false,
    questionMinLength: 0,
    questionRecovery: "string",
    recoveryEmailToken: 0,
    skipUnlock: false,
    smsRecovery: "string",
});

type: okta:PolicyPasswordDefault
properties:
    callRecovery: string
    emailRecovery: string
    passwordAutoUnlockMinutes: 0
    passwordDictionaryLookup: false
    passwordExcludeFirstName: false
    passwordExcludeLastName: false
    passwordExcludeUsername: false
    passwordExpireWarnDays: 0
    passwordHistoryCount: 0
    passwordLockoutNotificationChannels:
        - string
    passwordMaxAgeDays: 0
    passwordMaxLockoutAttempts: 0
    passwordMinAgeMinutes: 0
    passwordMinLength: 0
    passwordMinLowercase: 0
    passwordMinNumber: 0
    passwordMinSymbol: 0
    passwordMinUppercase: 0
    passwordShowLockoutFailures: false
    questionMinLength: 0
    questionRecovery: string
    recoveryEmailToken: 0
    skipUnlock: false
    smsRecovery: string

PolicyPasswordDefault Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The PolicyPasswordDefault resource accepts the following input properties:

CallRecovery string: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
EmailRecovery string: Enable or disable email password recovery: ACTIVE or INACTIVE.
PasswordAutoUnlockMinutes int: Number of minutes before a locked account is unlocked: 0 = no limit.
PasswordDictionaryLookup bool: Check Passwords Against Common Password Dictionary.
PasswordExcludeFirstName bool: User firstName attribute must be excluded from the password.
PasswordExcludeLastName bool: User lastName attribute must be excluded from the password.
PasswordExcludeUsername bool: If the username must be excluded from the password.
PasswordExpireWarnDays int: Length in days a user will be warned before password expiry: 0 = no warning.
PasswordHistoryCount int: Number of distinct passwords that must be created before they can be reused: 0 = none.
PasswordLockoutNotificationChannels List<string>: Notification channels to use to notify a user when their account has been locked.
PasswordMaxAgeDays int: Length in days a password is valid before expiry: 0 = no limit.,
PasswordMaxLockoutAttempts int: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
PasswordMinAgeMinutes int: Minimum time interval in minutes between password changes: 0 = no limit.
PasswordMinLength int: Minimum password length. Default is 8.
PasswordMinLowercase int: Minimum number of lower case characters in a password.
PasswordMinNumber int: Minimum number of numbers in a password.
PasswordMinSymbol int: Minimum number of symbols in a password.
PasswordMinUppercase int: Minimum number of upper case characters in a password.
PasswordShowLockoutFailures bool: If a user should be informed when their account is locked.
QuestionMinLength int: Min length of the password recovery question answer.
QuestionRecovery string: Enable or disable security question password recovery: ACTIVE or INACTIVE.
RecoveryEmailToken int: Lifetime in minutes of the recovery email token.
SkipUnlock bool: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
SmsRecovery string: Enable or disable SMS password recovery: ACTIVE or INACTIVE.

CallRecovery string: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
EmailRecovery string: Enable or disable email password recovery: ACTIVE or INACTIVE.
PasswordAutoUnlockMinutes int: Number of minutes before a locked account is unlocked: 0 = no limit.
PasswordDictionaryLookup bool: Check Passwords Against Common Password Dictionary.
PasswordExcludeFirstName bool: User firstName attribute must be excluded from the password.
PasswordExcludeLastName bool: User lastName attribute must be excluded from the password.
PasswordExcludeUsername bool: If the username must be excluded from the password.
PasswordExpireWarnDays int: Length in days a user will be warned before password expiry: 0 = no warning.
PasswordHistoryCount int: Number of distinct passwords that must be created before they can be reused: 0 = none.
PasswordLockoutNotificationChannels []string: Notification channels to use to notify a user when their account has been locked.
PasswordMaxAgeDays int: Length in days a password is valid before expiry: 0 = no limit.,
PasswordMaxLockoutAttempts int: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
PasswordMinAgeMinutes int: Minimum time interval in minutes between password changes: 0 = no limit.
PasswordMinLength int: Minimum password length. Default is 8.
PasswordMinLowercase int: Minimum number of lower case characters in a password.
PasswordMinNumber int: Minimum number of numbers in a password.
PasswordMinSymbol int: Minimum number of symbols in a password.
PasswordMinUppercase int: Minimum number of upper case characters in a password.
PasswordShowLockoutFailures bool: If a user should be informed when their account is locked.
QuestionMinLength int: Min length of the password recovery question answer.
QuestionRecovery string: Enable or disable security question password recovery: ACTIVE or INACTIVE.
RecoveryEmailToken int: Lifetime in minutes of the recovery email token.
SkipUnlock bool: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
SmsRecovery string: Enable or disable SMS password recovery: ACTIVE or INACTIVE.

callRecovery String: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
emailRecovery String: Enable or disable email password recovery: ACTIVE or INACTIVE.
passwordAutoUnlockMinutes Integer: Number of minutes before a locked account is unlocked: 0 = no limit.
passwordDictionaryLookup Boolean: Check Passwords Against Common Password Dictionary.
passwordExcludeFirstName Boolean: User firstName attribute must be excluded from the password.
passwordExcludeLastName Boolean: User lastName attribute must be excluded from the password.
passwordExcludeUsername Boolean: If the username must be excluded from the password.
passwordExpireWarnDays Integer: Length in days a user will be warned before password expiry: 0 = no warning.
passwordHistoryCount Integer: Number of distinct passwords that must be created before they can be reused: 0 = none.
passwordLockoutNotificationChannels List<String>: Notification channels to use to notify a user when their account has been locked.
passwordMaxAgeDays Integer: Length in days a password is valid before expiry: 0 = no limit.,
passwordMaxLockoutAttempts Integer: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
passwordMinAgeMinutes Integer: Minimum time interval in minutes between password changes: 0 = no limit.
passwordMinLength Integer: Minimum password length. Default is 8.
passwordMinLowercase Integer: Minimum number of lower case characters in a password.
passwordMinNumber Integer: Minimum number of numbers in a password.
passwordMinSymbol Integer: Minimum number of symbols in a password.
passwordMinUppercase Integer: Minimum number of upper case characters in a password.
passwordShowLockoutFailures Boolean: If a user should be informed when their account is locked.
questionMinLength Integer: Min length of the password recovery question answer.
questionRecovery String: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recoveryEmailToken Integer: Lifetime in minutes of the recovery email token.
skipUnlock Boolean: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
smsRecovery String: Enable or disable SMS password recovery: ACTIVE or INACTIVE.

callRecovery string: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
emailRecovery string: Enable or disable email password recovery: ACTIVE or INACTIVE.
passwordAutoUnlockMinutes number: Number of minutes before a locked account is unlocked: 0 = no limit.
passwordDictionaryLookup boolean: Check Passwords Against Common Password Dictionary.
passwordExcludeFirstName boolean: User firstName attribute must be excluded from the password.
passwordExcludeLastName boolean: User lastName attribute must be excluded from the password.
passwordExcludeUsername boolean: If the username must be excluded from the password.
passwordExpireWarnDays number: Length in days a user will be warned before password expiry: 0 = no warning.
passwordHistoryCount number: Number of distinct passwords that must be created before they can be reused: 0 = none.
passwordLockoutNotificationChannels string[]: Notification channels to use to notify a user when their account has been locked.
passwordMaxAgeDays number: Length in days a password is valid before expiry: 0 = no limit.,
passwordMaxLockoutAttempts number: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
passwordMinAgeMinutes number: Minimum time interval in minutes between password changes: 0 = no limit.
passwordMinLength number: Minimum password length. Default is 8.
passwordMinLowercase number: Minimum number of lower case characters in a password.
passwordMinNumber number: Minimum number of numbers in a password.
passwordMinSymbol number: Minimum number of symbols in a password.
passwordMinUppercase number: Minimum number of upper case characters in a password.
passwordShowLockoutFailures boolean: If a user should be informed when their account is locked.
questionMinLength number: Min length of the password recovery question answer.
questionRecovery string: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recoveryEmailToken number: Lifetime in minutes of the recovery email token.
skipUnlock boolean: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
smsRecovery string: Enable or disable SMS password recovery: ACTIVE or INACTIVE.

call_recovery str: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
email_recovery str: Enable or disable email password recovery: ACTIVE or INACTIVE.
password_auto_unlock_minutes int: Number of minutes before a locked account is unlocked: 0 = no limit.
password_dictionary_lookup bool: Check Passwords Against Common Password Dictionary.
password_exclude_first_name bool: User firstName attribute must be excluded from the password.
password_exclude_last_name bool: User lastName attribute must be excluded from the password.
password_exclude_username bool: If the username must be excluded from the password.
password_expire_warn_days int: Length in days a user will be warned before password expiry: 0 = no warning.
password_history_count int: Number of distinct passwords that must be created before they can be reused: 0 = none.
password_lockout_notification_channels Sequence[str]: Notification channels to use to notify a user when their account has been locked.
password_max_age_days int: Length in days a password is valid before expiry: 0 = no limit.,
password_max_lockout_attempts int: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
password_min_age_minutes int: Minimum time interval in minutes between password changes: 0 = no limit.
password_min_length int: Minimum password length. Default is 8.
password_min_lowercase int: Minimum number of lower case characters in a password.
password_min_number int: Minimum number of numbers in a password.
password_min_symbol int: Minimum number of symbols in a password.
password_min_uppercase int: Minimum number of upper case characters in a password.
password_show_lockout_failures bool: If a user should be informed when their account is locked.
question_min_length int: Min length of the password recovery question answer.
question_recovery str: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recovery_email_token int: Lifetime in minutes of the recovery email token.
skip_unlock bool: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
sms_recovery str: Enable or disable SMS password recovery: ACTIVE or INACTIVE.

callRecovery String: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
emailRecovery String: Enable or disable email password recovery: ACTIVE or INACTIVE.
passwordAutoUnlockMinutes Number: Number of minutes before a locked account is unlocked: 0 = no limit.
passwordDictionaryLookup Boolean: Check Passwords Against Common Password Dictionary.
passwordExcludeFirstName Boolean: User firstName attribute must be excluded from the password.
passwordExcludeLastName Boolean: User lastName attribute must be excluded from the password.
passwordExcludeUsername Boolean: If the username must be excluded from the password.
passwordExpireWarnDays Number: Length in days a user will be warned before password expiry: 0 = no warning.
passwordHistoryCount Number: Number of distinct passwords that must be created before they can be reused: 0 = none.
passwordLockoutNotificationChannels List<String>: Notification channels to use to notify a user when their account has been locked.
passwordMaxAgeDays Number: Length in days a password is valid before expiry: 0 = no limit.,
passwordMaxLockoutAttempts Number: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
passwordMinAgeMinutes Number: Minimum time interval in minutes between password changes: 0 = no limit.
passwordMinLength Number: Minimum password length. Default is 8.
passwordMinLowercase Number: Minimum number of lower case characters in a password.
passwordMinNumber Number: Minimum number of numbers in a password.
passwordMinSymbol Number: Minimum number of symbols in a password.
passwordMinUppercase Number: Minimum number of upper case characters in a password.
passwordShowLockoutFailures Boolean: If a user should be informed when their account is locked.
questionMinLength Number: Min length of the password recovery question answer.
questionRecovery String: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recoveryEmailToken Number: Lifetime in minutes of the recovery email token.
skipUnlock Boolean: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
smsRecovery String: Enable or disable SMS password recovery: ACTIVE or INACTIVE.

Outputs

All input properties are implicitly available as output properties. Additionally, the PolicyPasswordDefault resource produces the following output properties:

DefaultAuthProvider string: Default authentication provider.
DefaultIncludedGroupId string: ID of the default Okta group.
Description string: Default policy description.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Default policy name.
Priority int: Default policy priority.
Status string: Default policy status.

DefaultAuthProvider string: Default authentication provider.
DefaultIncludedGroupId string: ID of the default Okta group.
Description string: Default policy description.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Default policy name.
Priority int: Default policy priority.
Status string: Default policy status.

defaultAuthProvider String: Default authentication provider.
defaultIncludedGroupId String: ID of the default Okta group.
description String: Default policy description.
id String: The provider-assigned unique ID for this managed resource.
name String: Default policy name.
priority Integer: Default policy priority.
status String: Default policy status.

defaultAuthProvider string: Default authentication provider.
defaultIncludedGroupId string: ID of the default Okta group.
description string: Default policy description.
id string: The provider-assigned unique ID for this managed resource.
name string: Default policy name.
priority number: Default policy priority.
status string: Default policy status.

default_auth_provider str: Default authentication provider.
default_included_group_id str: ID of the default Okta group.
description str: Default policy description.
id str: The provider-assigned unique ID for this managed resource.
name str: Default policy name.
priority int: Default policy priority.
status str: Default policy status.

defaultAuthProvider String: Default authentication provider.
defaultIncludedGroupId String: ID of the default Okta group.
description String: Default policy description.
id String: The provider-assigned unique ID for this managed resource.
name String: Default policy name.
priority Number: Default policy priority.
status String: Default policy status.

Look up Existing PolicyPasswordDefault Resource

Get an existing PolicyPasswordDefault resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicyPasswordDefaultState, opts?: CustomResourceOptions): PolicyPasswordDefault

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        call_recovery: Optional[str] = None,
        default_auth_provider: Optional[str] = None,
        default_included_group_id: Optional[str] = None,
        description: Optional[str] = None,
        email_recovery: Optional[str] = None,
        name: Optional[str] = None,
        password_auto_unlock_minutes: Optional[int] = None,
        password_dictionary_lookup: Optional[bool] = None,
        password_exclude_first_name: Optional[bool] = None,
        password_exclude_last_name: Optional[bool] = None,
        password_exclude_username: Optional[bool] = None,
        password_expire_warn_days: Optional[int] = None,
        password_history_count: Optional[int] = None,
        password_lockout_notification_channels: Optional[Sequence[str]] = None,
        password_max_age_days: Optional[int] = None,
        password_max_lockout_attempts: Optional[int] = None,
        password_min_age_minutes: Optional[int] = None,
        password_min_length: Optional[int] = None,
        password_min_lowercase: Optional[int] = None,
        password_min_number: Optional[int] = None,
        password_min_symbol: Optional[int] = None,
        password_min_uppercase: Optional[int] = None,
        password_show_lockout_failures: Optional[bool] = None,
        priority: Optional[int] = None,
        question_min_length: Optional[int] = None,
        question_recovery: Optional[str] = None,
        recovery_email_token: Optional[int] = None,
        skip_unlock: Optional[bool] = None,
        sms_recovery: Optional[str] = None,
        status: Optional[str] = None) -> PolicyPasswordDefault

func GetPolicyPasswordDefault(ctx *Context, name string, id IDInput, state *PolicyPasswordDefaultState, opts ...ResourceOption) (*PolicyPasswordDefault, error)

public static PolicyPasswordDefault Get(string name, Input<string> id, PolicyPasswordDefaultState? state, CustomResourceOptions? opts = null)

public static PolicyPasswordDefault get(String name, Output<String> id, PolicyPasswordDefaultState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CallRecovery string: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
DefaultAuthProvider string: Default authentication provider.
DefaultIncludedGroupId string: ID of the default Okta group.
Description string: Default policy description.
EmailRecovery string: Enable or disable email password recovery: ACTIVE or INACTIVE.
Name string: Default policy name.
PasswordAutoUnlockMinutes int: Number of minutes before a locked account is unlocked: 0 = no limit.
PasswordDictionaryLookup bool: Check Passwords Against Common Password Dictionary.
PasswordExcludeFirstName bool: User firstName attribute must be excluded from the password.
PasswordExcludeLastName bool: User lastName attribute must be excluded from the password.
PasswordExcludeUsername bool: If the username must be excluded from the password.
PasswordExpireWarnDays int: Length in days a user will be warned before password expiry: 0 = no warning.
PasswordHistoryCount int: Number of distinct passwords that must be created before they can be reused: 0 = none.
PasswordLockoutNotificationChannels List<string>: Notification channels to use to notify a user when their account has been locked.
PasswordMaxAgeDays int: Length in days a password is valid before expiry: 0 = no limit.,
PasswordMaxLockoutAttempts int: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
PasswordMinAgeMinutes int: Minimum time interval in minutes between password changes: 0 = no limit.
PasswordMinLength int: Minimum password length. Default is 8.
PasswordMinLowercase int: Minimum number of lower case characters in a password.
PasswordMinNumber int: Minimum number of numbers in a password.
PasswordMinSymbol int: Minimum number of symbols in a password.
PasswordMinUppercase int: Minimum number of upper case characters in a password.
PasswordShowLockoutFailures bool: If a user should be informed when their account is locked.
Priority int: Default policy priority.
QuestionMinLength int: Min length of the password recovery question answer.
QuestionRecovery string: Enable or disable security question password recovery: ACTIVE or INACTIVE.
RecoveryEmailToken int: Lifetime in minutes of the recovery email token.
SkipUnlock bool: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
SmsRecovery string: Enable or disable SMS password recovery: ACTIVE or INACTIVE.
Status string: Default policy status.

CallRecovery string: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
DefaultAuthProvider string: Default authentication provider.
DefaultIncludedGroupId string: ID of the default Okta group.
Description string: Default policy description.
EmailRecovery string: Enable or disable email password recovery: ACTIVE or INACTIVE.
Name string: Default policy name.
PasswordAutoUnlockMinutes int: Number of minutes before a locked account is unlocked: 0 = no limit.
PasswordDictionaryLookup bool: Check Passwords Against Common Password Dictionary.
PasswordExcludeFirstName bool: User firstName attribute must be excluded from the password.
PasswordExcludeLastName bool: User lastName attribute must be excluded from the password.
PasswordExcludeUsername bool: If the username must be excluded from the password.
PasswordExpireWarnDays int: Length in days a user will be warned before password expiry: 0 = no warning.
PasswordHistoryCount int: Number of distinct passwords that must be created before they can be reused: 0 = none.
PasswordLockoutNotificationChannels []string: Notification channels to use to notify a user when their account has been locked.
PasswordMaxAgeDays int: Length in days a password is valid before expiry: 0 = no limit.,
PasswordMaxLockoutAttempts int: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
PasswordMinAgeMinutes int: Minimum time interval in minutes between password changes: 0 = no limit.
PasswordMinLength int: Minimum password length. Default is 8.
PasswordMinLowercase int: Minimum number of lower case characters in a password.
PasswordMinNumber int: Minimum number of numbers in a password.
PasswordMinSymbol int: Minimum number of symbols in a password.
PasswordMinUppercase int: Minimum number of upper case characters in a password.
PasswordShowLockoutFailures bool: If a user should be informed when their account is locked.
Priority int: Default policy priority.
QuestionMinLength int: Min length of the password recovery question answer.
QuestionRecovery string: Enable or disable security question password recovery: ACTIVE or INACTIVE.
RecoveryEmailToken int: Lifetime in minutes of the recovery email token.
SkipUnlock bool: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
SmsRecovery string: Enable or disable SMS password recovery: ACTIVE or INACTIVE.
Status string: Default policy status.

callRecovery String: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
defaultAuthProvider String: Default authentication provider.
defaultIncludedGroupId String: ID of the default Okta group.
description String: Default policy description.
emailRecovery String: Enable or disable email password recovery: ACTIVE or INACTIVE.
name String: Default policy name.
passwordAutoUnlockMinutes Integer: Number of minutes before a locked account is unlocked: 0 = no limit.
passwordDictionaryLookup Boolean: Check Passwords Against Common Password Dictionary.
passwordExcludeFirstName Boolean: User firstName attribute must be excluded from the password.
passwordExcludeLastName Boolean: User lastName attribute must be excluded from the password.
passwordExcludeUsername Boolean: If the username must be excluded from the password.
passwordExpireWarnDays Integer: Length in days a user will be warned before password expiry: 0 = no warning.
passwordHistoryCount Integer: Number of distinct passwords that must be created before they can be reused: 0 = none.
passwordLockoutNotificationChannels List<String>: Notification channels to use to notify a user when their account has been locked.
passwordMaxAgeDays Integer: Length in days a password is valid before expiry: 0 = no limit.,
passwordMaxLockoutAttempts Integer: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
passwordMinAgeMinutes Integer: Minimum time interval in minutes between password changes: 0 = no limit.
passwordMinLength Integer: Minimum password length. Default is 8.
passwordMinLowercase Integer: Minimum number of lower case characters in a password.
passwordMinNumber Integer: Minimum number of numbers in a password.
passwordMinSymbol Integer: Minimum number of symbols in a password.
passwordMinUppercase Integer: Minimum number of upper case characters in a password.
passwordShowLockoutFailures Boolean: If a user should be informed when their account is locked.
priority Integer: Default policy priority.
questionMinLength Integer: Min length of the password recovery question answer.
questionRecovery String: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recoveryEmailToken Integer: Lifetime in minutes of the recovery email token.
skipUnlock Boolean: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
smsRecovery String: Enable or disable SMS password recovery: ACTIVE or INACTIVE.
status String: Default policy status.

callRecovery string: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
defaultAuthProvider string: Default authentication provider.
defaultIncludedGroupId string: ID of the default Okta group.
description string: Default policy description.
emailRecovery string: Enable or disable email password recovery: ACTIVE or INACTIVE.
name string: Default policy name.
passwordAutoUnlockMinutes number: Number of minutes before a locked account is unlocked: 0 = no limit.
passwordDictionaryLookup boolean: Check Passwords Against Common Password Dictionary.
passwordExcludeFirstName boolean: User firstName attribute must be excluded from the password.
passwordExcludeLastName boolean: User lastName attribute must be excluded from the password.
passwordExcludeUsername boolean: If the username must be excluded from the password.
passwordExpireWarnDays number: Length in days a user will be warned before password expiry: 0 = no warning.
passwordHistoryCount number: Number of distinct passwords that must be created before they can be reused: 0 = none.
passwordLockoutNotificationChannels string[]: Notification channels to use to notify a user when their account has been locked.
passwordMaxAgeDays number: Length in days a password is valid before expiry: 0 = no limit.,
passwordMaxLockoutAttempts number: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
passwordMinAgeMinutes number: Minimum time interval in minutes between password changes: 0 = no limit.
passwordMinLength number: Minimum password length. Default is 8.
passwordMinLowercase number: Minimum number of lower case characters in a password.
passwordMinNumber number: Minimum number of numbers in a password.
passwordMinSymbol number: Minimum number of symbols in a password.
passwordMinUppercase number: Minimum number of upper case characters in a password.
passwordShowLockoutFailures boolean: If a user should be informed when their account is locked.
priority number: Default policy priority.
questionMinLength number: Min length of the password recovery question answer.
questionRecovery string: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recoveryEmailToken number: Lifetime in minutes of the recovery email token.
skipUnlock boolean: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
smsRecovery string: Enable or disable SMS password recovery: ACTIVE or INACTIVE.
status string: Default policy status.

call_recovery str: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
default_auth_provider str: Default authentication provider.
default_included_group_id str: ID of the default Okta group.
description str: Default policy description.
email_recovery str: Enable or disable email password recovery: ACTIVE or INACTIVE.
name str: Default policy name.
password_auto_unlock_minutes int: Number of minutes before a locked account is unlocked: 0 = no limit.
password_dictionary_lookup bool: Check Passwords Against Common Password Dictionary.
password_exclude_first_name bool: User firstName attribute must be excluded from the password.
password_exclude_last_name bool: User lastName attribute must be excluded from the password.
password_exclude_username bool: If the username must be excluded from the password.
password_expire_warn_days int: Length in days a user will be warned before password expiry: 0 = no warning.
password_history_count int: Number of distinct passwords that must be created before they can be reused: 0 = none.
password_lockout_notification_channels Sequence[str]: Notification channels to use to notify a user when their account has been locked.
password_max_age_days int: Length in days a password is valid before expiry: 0 = no limit.,
password_max_lockout_attempts int: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
password_min_age_minutes int: Minimum time interval in minutes between password changes: 0 = no limit.
password_min_length int: Minimum password length. Default is 8.
password_min_lowercase int: Minimum number of lower case characters in a password.
password_min_number int: Minimum number of numbers in a password.
password_min_symbol int: Minimum number of symbols in a password.
password_min_uppercase int: Minimum number of upper case characters in a password.
password_show_lockout_failures bool: If a user should be informed when their account is locked.
priority int: Default policy priority.
question_min_length int: Min length of the password recovery question answer.
question_recovery str: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recovery_email_token int: Lifetime in minutes of the recovery email token.
skip_unlock bool: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
sms_recovery str: Enable or disable SMS password recovery: ACTIVE or INACTIVE.
status str: Default policy status.

callRecovery String: Enable or disable voice call password recovery: ACTIVE or INACTIVE.
defaultAuthProvider String: Default authentication provider.
defaultIncludedGroupId String: ID of the default Okta group.
description String: Default policy description.
emailRecovery String: Enable or disable email password recovery: ACTIVE or INACTIVE.
name String: Default policy name.
passwordAutoUnlockMinutes Number: Number of minutes before a locked account is unlocked: 0 = no limit.
passwordDictionaryLookup Boolean: Check Passwords Against Common Password Dictionary.
passwordExcludeFirstName Boolean: User firstName attribute must be excluded from the password.
passwordExcludeLastName Boolean: User lastName attribute must be excluded from the password.
passwordExcludeUsername Boolean: If the username must be excluded from the password.
passwordExpireWarnDays Number: Length in days a user will be warned before password expiry: 0 = no warning.
passwordHistoryCount Number: Number of distinct passwords that must be created before they can be reused: 0 = none.
passwordLockoutNotificationChannels List<String>: Notification channels to use to notify a user when their account has been locked.
passwordMaxAgeDays Number: Length in days a password is valid before expiry: 0 = no limit.,
passwordMaxLockoutAttempts Number: Number of unsuccessful login attempts allowed before lockout: 0 = no limit.
passwordMinAgeMinutes Number: Minimum time interval in minutes between password changes: 0 = no limit.
passwordMinLength Number: Minimum password length. Default is 8.
passwordMinLowercase Number: Minimum number of lower case characters in a password.
passwordMinNumber Number: Minimum number of numbers in a password.
passwordMinSymbol Number: Minimum number of symbols in a password.
passwordMinUppercase Number: Minimum number of upper case characters in a password.
passwordShowLockoutFailures Boolean: If a user should be informed when their account is locked.
priority Number: Default policy priority.
questionMinLength Number: Min length of the password recovery question answer.
questionRecovery String: Enable or disable security question password recovery: ACTIVE or INACTIVE.
recoveryEmailToken Number: Lifetime in minutes of the recovery email token.
skipUnlock Boolean: When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account.
smsRecovery String: Enable or disable SMS password recovery: ACTIVE or INACTIVE.
status String: Default policy status.

Import

Default Password Policy can be imported without providing Okta ID.

$ pulumi import okta:index/policyPasswordDefault:PolicyPasswordDefault example .

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Okta pulumi/pulumi-okta
License: Apache-2.0
Notes: This Pulumi package is based on the okta Terraform Provider.

Okta v4.8.1 published on Thursday, Apr 18, 2024 by Pulumi

pulumi/pulumi-okta

okta.PolicyPasswordDefault

On this page

On this page

Example Usage

Create PolicyPasswordDefault Resource

Constructor syntax

Parameters

Example

PolicyPasswordDefault Resource Properties

Inputs

Outputs

Look up Existing PolicyPasswordDefault Resource

Import

Package Details

On this page

On this page