okta.PolicyRuleProfileEnrollment
Explore with Pulumi AI
WARNING: This feature is only available as a part of the Identity Engine. Contact support for further information.
A profile enrollment policy is limited to one default rule. This resource does not create a rule for an enrollment policy, it allows the default policy rule to be updated.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const examplePolicyProfileEnrollment = new okta.PolicyProfileEnrollment("examplePolicyProfileEnrollment", {});
const exampleHook = new okta.inline.Hook("exampleHook", {
status: "ACTIVE",
type: "com.okta.user.pre-registration",
version: "1.0.3",
channel: {
type: "HTTP",
version: "1.0.0",
uri: "https://example.com/test2",
method: "POST",
},
});
const exampleGroup = new okta.group.Group("exampleGroup", {description: "Group of some users"});
const examplePolicyRuleProfileEnrollment = new okta.PolicyRuleProfileEnrollment("examplePolicyRuleProfileEnrollment", {
policyId: examplePolicyProfileEnrollment.id,
inlineHookId: exampleHook.id,
targetGroupId: exampleGroup.id,
unknownUserAction: "REGISTER",
emailVerification: true,
access: "ALLOW",
profileAttributes: [
{
name: "email",
label: "Email",
required: true,
},
{
name: "name",
label: "Name",
required: true,
},
{
name: "t-shirt",
label: "T-Shirt Size",
required: false,
},
],
});
import pulumi
import pulumi_okta as okta
example_policy_profile_enrollment = okta.PolicyProfileEnrollment("examplePolicyProfileEnrollment")
example_hook = okta.inline.Hook("exampleHook",
status="ACTIVE",
type="com.okta.user.pre-registration",
version="1.0.3",
channel={
"type": "HTTP",
"version": "1.0.0",
"uri": "https://example.com/test2",
"method": "POST",
})
example_group = okta.group.Group("exampleGroup", description="Group of some users")
example_policy_rule_profile_enrollment = okta.PolicyRuleProfileEnrollment("examplePolicyRuleProfileEnrollment",
policy_id=example_policy_profile_enrollment.id,
inline_hook_id=example_hook.id,
target_group_id=example_group.id,
unknown_user_action="REGISTER",
email_verification=True,
access="ALLOW",
profile_attributes=[
okta.PolicyRuleProfileEnrollmentProfileAttributeArgs(
name="email",
label="Email",
required=True,
),
okta.PolicyRuleProfileEnrollmentProfileAttributeArgs(
name="name",
label="Name",
required=True,
),
okta.PolicyRuleProfileEnrollmentProfileAttributeArgs(
name="t-shirt",
label="T-Shirt Size",
required=False,
),
])
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta"
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/group"
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/inline"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
examplePolicyProfileEnrollment, err := okta.NewPolicyProfileEnrollment(ctx, "examplePolicyProfileEnrollment", nil)
if err != nil {
return err
}
exampleHook, err := inline.NewHook(ctx, "exampleHook", &inline.HookArgs{
Status: pulumi.String("ACTIVE"),
Type: pulumi.String("com.okta.user.pre-registration"),
Version: pulumi.String("1.0.3"),
Channel: pulumi.StringMap{
"type": pulumi.String("HTTP"),
"version": pulumi.String("1.0.0"),
"uri": pulumi.String("https://example.com/test2"),
"method": pulumi.String("POST"),
},
})
if err != nil {
return err
}
exampleGroup, err := group.NewGroup(ctx, "exampleGroup", &group.GroupArgs{
Description: pulumi.String("Group of some users"),
})
if err != nil {
return err
}
_, err = okta.NewPolicyRuleProfileEnrollment(ctx, "examplePolicyRuleProfileEnrollment", &okta.PolicyRuleProfileEnrollmentArgs{
PolicyId: examplePolicyProfileEnrollment.ID(),
InlineHookId: exampleHook.ID(),
TargetGroupId: exampleGroup.ID(),
UnknownUserAction: pulumi.String("REGISTER"),
EmailVerification: pulumi.Bool(true),
Access: pulumi.String("ALLOW"),
ProfileAttributes: okta.PolicyRuleProfileEnrollmentProfileAttributeArray{
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Name: pulumi.String("email"),
Label: pulumi.String("Email"),
Required: pulumi.Bool(true),
},
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Name: pulumi.String("name"),
Label: pulumi.String("Name"),
Required: pulumi.Bool(true),
},
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Name: pulumi.String("t-shirt"),
Label: pulumi.String("T-Shirt Size"),
Required: pulumi.Bool(false),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var examplePolicyProfileEnrollment = new Okta.PolicyProfileEnrollment("examplePolicyProfileEnrollment");
var exampleHook = new Okta.Inline.Hook("exampleHook", new()
{
Status = "ACTIVE",
Type = "com.okta.user.pre-registration",
Version = "1.0.3",
Channel =
{
{ "type", "HTTP" },
{ "version", "1.0.0" },
{ "uri", "https://example.com/test2" },
{ "method", "POST" },
},
});
var exampleGroup = new Okta.Group.Group("exampleGroup", new()
{
Description = "Group of some users",
});
var examplePolicyRuleProfileEnrollment = new Okta.PolicyRuleProfileEnrollment("examplePolicyRuleProfileEnrollment", new()
{
PolicyId = examplePolicyProfileEnrollment.Id,
InlineHookId = exampleHook.Id,
TargetGroupId = exampleGroup.Id,
UnknownUserAction = "REGISTER",
EmailVerification = true,
Access = "ALLOW",
ProfileAttributes = new[]
{
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Name = "email",
Label = "Email",
Required = true,
},
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Name = "name",
Label = "Name",
Required = true,
},
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Name = "t-shirt",
Label = "T-Shirt Size",
Required = false,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.PolicyProfileEnrollment;
import com.pulumi.okta.inline.Hook;
import com.pulumi.okta.inline.HookArgs;
import com.pulumi.okta.group.Group;
import com.pulumi.okta.group.GroupArgs;
import com.pulumi.okta.PolicyRuleProfileEnrollment;
import com.pulumi.okta.PolicyRuleProfileEnrollmentArgs;
import com.pulumi.okta.inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var examplePolicyProfileEnrollment = new PolicyProfileEnrollment("examplePolicyProfileEnrollment");
var exampleHook = new Hook("exampleHook", HookArgs.builder()
.status("ACTIVE")
.type("com.okta.user.pre-registration")
.version("1.0.3")
.channel(Map.ofEntries(
Map.entry("type", "HTTP"),
Map.entry("version", "1.0.0"),
Map.entry("uri", "https://example.com/test2"),
Map.entry("method", "POST")
))
.build());
var exampleGroup = new Group("exampleGroup", GroupArgs.builder()
.description("Group of some users")
.build());
var examplePolicyRuleProfileEnrollment = new PolicyRuleProfileEnrollment("examplePolicyRuleProfileEnrollment", PolicyRuleProfileEnrollmentArgs.builder()
.policyId(examplePolicyProfileEnrollment.id())
.inlineHookId(exampleHook.id())
.targetGroupId(exampleGroup.id())
.unknownUserAction("REGISTER")
.emailVerification(true)
.access("ALLOW")
.profileAttributes(
PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.name("email")
.label("Email")
.required(true)
.build(),
PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.name("name")
.label("Name")
.required(true)
.build(),
PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.name("t-shirt")
.label("T-Shirt Size")
.required(false)
.build())
.build());
}
}
resources:
examplePolicyProfileEnrollment:
type: okta:PolicyProfileEnrollment
exampleHook:
type: okta:inline:Hook
properties:
status: ACTIVE
type: com.okta.user.pre-registration
version: 1.0.3
channel:
type: HTTP
version: 1.0.0
uri: https://example.com/test2
method: POST
exampleGroup:
type: okta:group:Group
properties:
description: Group of some users
examplePolicyRuleProfileEnrollment:
type: okta:PolicyRuleProfileEnrollment
properties:
policyId: ${examplePolicyProfileEnrollment.id}
inlineHookId: ${exampleHook.id}
targetGroupId: ${exampleGroup.id}
unknownUserAction: REGISTER
emailVerification: true
access: ALLOW
profileAttributes:
- name: email
label: Email
required: true
- name: name
label: Name
required: true
- name: t-shirt
label: T-Shirt Size
required: false
Create PolicyRuleProfileEnrollment Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyRuleProfileEnrollment(name: string, args: PolicyRuleProfileEnrollmentArgs, opts?: CustomResourceOptions);
@overload
def PolicyRuleProfileEnrollment(resource_name: str,
args: PolicyRuleProfileEnrollmentArgs,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyRuleProfileEnrollment(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy_id: Optional[str] = None,
unknown_user_action: Optional[str] = None,
access: Optional[str] = None,
email_verification: Optional[bool] = None,
inline_hook_id: Optional[str] = None,
profile_attributes: Optional[Sequence[PolicyRuleProfileEnrollmentProfileAttributeArgs]] = None,
progressive_profiling_action: Optional[str] = None,
target_group_id: Optional[str] = None,
ui_schema_id: Optional[str] = None)
func NewPolicyRuleProfileEnrollment(ctx *Context, name string, args PolicyRuleProfileEnrollmentArgs, opts ...ResourceOption) (*PolicyRuleProfileEnrollment, error)
public PolicyRuleProfileEnrollment(string name, PolicyRuleProfileEnrollmentArgs args, CustomResourceOptions? opts = null)
public PolicyRuleProfileEnrollment(String name, PolicyRuleProfileEnrollmentArgs args)
public PolicyRuleProfileEnrollment(String name, PolicyRuleProfileEnrollmentArgs args, CustomResourceOptions options)
type: okta:PolicyRuleProfileEnrollment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var policyRuleProfileEnrollmentResource = new Okta.PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource", new()
{
PolicyId = "string",
UnknownUserAction = "string",
Access = "string",
EmailVerification = false,
InlineHookId = "string",
ProfileAttributes = new[]
{
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Label = "string",
Name = "string",
Required = false,
},
},
ProgressiveProfilingAction = "string",
TargetGroupId = "string",
UiSchemaId = "string",
});
example, err := okta.NewPolicyRuleProfileEnrollment(ctx, "policyRuleProfileEnrollmentResource", &okta.PolicyRuleProfileEnrollmentArgs{
PolicyId: pulumi.String("string"),
UnknownUserAction: pulumi.String("string"),
Access: pulumi.String("string"),
EmailVerification: pulumi.Bool(false),
InlineHookId: pulumi.String("string"),
ProfileAttributes: okta.PolicyRuleProfileEnrollmentProfileAttributeArray{
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Label: pulumi.String("string"),
Name: pulumi.String("string"),
Required: pulumi.Bool(false),
},
},
ProgressiveProfilingAction: pulumi.String("string"),
TargetGroupId: pulumi.String("string"),
UiSchemaId: pulumi.String("string"),
})
var policyRuleProfileEnrollmentResource = new PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource", PolicyRuleProfileEnrollmentArgs.builder()
.policyId("string")
.unknownUserAction("string")
.access("string")
.emailVerification(false)
.inlineHookId("string")
.profileAttributes(PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.label("string")
.name("string")
.required(false)
.build())
.progressiveProfilingAction("string")
.targetGroupId("string")
.uiSchemaId("string")
.build());
policy_rule_profile_enrollment_resource = okta.PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource",
policy_id="string",
unknown_user_action="string",
access="string",
email_verification=False,
inline_hook_id="string",
profile_attributes=[okta.PolicyRuleProfileEnrollmentProfileAttributeArgs(
label="string",
name="string",
required=False,
)],
progressive_profiling_action="string",
target_group_id="string",
ui_schema_id="string")
const policyRuleProfileEnrollmentResource = new okta.PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource", {
policyId: "string",
unknownUserAction: "string",
access: "string",
emailVerification: false,
inlineHookId: "string",
profileAttributes: [{
label: "string",
name: "string",
required: false,
}],
progressiveProfilingAction: "string",
targetGroupId: "string",
uiSchemaId: "string",
});
type: okta:PolicyRuleProfileEnrollment
properties:
access: string
emailVerification: false
inlineHookId: string
policyId: string
profileAttributes:
- label: string
name: string
required: false
progressiveProfilingAction: string
targetGroupId: string
uiSchemaId: string
unknownUserAction: string
PolicyRuleProfileEnrollment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The PolicyRuleProfileEnrollment resource accepts the following input properties:
- Policy
Id string - Policy ID.
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
. - Access string
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default is
true
. - Inline
Hook stringId - ID of a Registration Inline Hook.
- Profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - Target
Group stringId - The ID of a Group that this User should be added to.
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- Policy
Id string - Policy ID.
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
. - Access string
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default is
true
. - Inline
Hook stringId - ID of a Registration Inline Hook.
- Profile
Attributes []PolicyRule Profile Enrollment Profile Attribute Args - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - Target
Group stringId - The ID of a Group that this User should be added to.
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- policy
Id String - Policy ID.
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
. - access String
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default is
true
. - inline
Hook StringId - ID of a Registration Inline Hook.
- profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - target
Group StringId - The ID of a Group that this User should be added to.
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
- policy
Id string - Policy ID.
- unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
. - access string
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email
Verification boolean - Indicates whether email verification should occur before access is granted. Default is
true
. - inline
Hook stringId - ID of a Registration Inline Hook.
- profile
Attributes PolicyRule Profile Enrollment Profile Attribute[] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - target
Group stringId - The ID of a Group that this User should be added to.
- ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- policy_
id str - Policy ID.
- unknown_
user_ straction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
. - access str
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email_
verification bool - Indicates whether email verification should occur before access is granted. Default is
true
. - inline_
hook_ strid - ID of a Registration Inline Hook.
- profile_
attributes Sequence[PolicyRule Profile Enrollment Profile Attribute Args] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive_
profiling_ straction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - target_
group_ strid - The ID of a Group that this User should be added to.
- ui_
schema_ strid - Value created by the backend. If present all policy updates must include this attribute/value.
- policy
Id String - Policy ID.
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
. - access String
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default is
true
. - inline
Hook StringId - ID of a Registration Inline Hook.
- profile
Attributes List<Property Map> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - target
Group StringId - The ID of a Group that this User should be added to.
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyRuleProfileEnrollment resource produces the following output properties:
Look up Existing PolicyRuleProfileEnrollment Resource
Get an existing PolicyRuleProfileEnrollment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PolicyRuleProfileEnrollmentState, opts?: CustomResourceOptions): PolicyRuleProfileEnrollment
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access: Optional[str] = None,
email_verification: Optional[bool] = None,
inline_hook_id: Optional[str] = None,
name: Optional[str] = None,
policy_id: Optional[str] = None,
profile_attributes: Optional[Sequence[PolicyRuleProfileEnrollmentProfileAttributeArgs]] = None,
progressive_profiling_action: Optional[str] = None,
status: Optional[str] = None,
target_group_id: Optional[str] = None,
ui_schema_id: Optional[str] = None,
unknown_user_action: Optional[str] = None) -> PolicyRuleProfileEnrollment
func GetPolicyRuleProfileEnrollment(ctx *Context, name string, id IDInput, state *PolicyRuleProfileEnrollmentState, opts ...ResourceOption) (*PolicyRuleProfileEnrollment, error)
public static PolicyRuleProfileEnrollment Get(string name, Input<string> id, PolicyRuleProfileEnrollmentState? state, CustomResourceOptions? opts = null)
public static PolicyRuleProfileEnrollment get(String name, Output<String> id, PolicyRuleProfileEnrollmentState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access string
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default is
true
. - Inline
Hook stringId - ID of a Registration Inline Hook.
- Name string
- The name of a User Profile property
- Policy
Id string - Policy ID.
- Profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - Status string
- Status of the Rule.
- Target
Group stringId - The ID of a Group that this User should be added to.
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
.
- Access string
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default is
true
. - Inline
Hook stringId - ID of a Registration Inline Hook.
- Name string
- The name of a User Profile property
- Policy
Id string - Policy ID.
- Profile
Attributes []PolicyRule Profile Enrollment Profile Attribute Args - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - Status string
- Status of the Rule.
- Target
Group stringId - The ID of a Group that this User should be added to.
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
.
- access String
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default is
true
. - inline
Hook StringId - ID of a Registration Inline Hook.
- name String
- The name of a User Profile property
- policy
Id String - Policy ID.
- profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - status String
- Status of the Rule.
- target
Group StringId - The ID of a Group that this User should be added to.
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
.
- access string
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email
Verification boolean - Indicates whether email verification should occur before access is granted. Default is
true
. - inline
Hook stringId - ID of a Registration Inline Hook.
- name string
- The name of a User Profile property
- policy
Id string - Policy ID.
- profile
Attributes PolicyRule Profile Enrollment Profile Attribute[] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - status string
- Status of the Rule.
- target
Group stringId - The ID of a Group that this User should be added to.
- ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
.
- access str
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email_
verification bool - Indicates whether email verification should occur before access is granted. Default is
true
. - inline_
hook_ strid - ID of a Registration Inline Hook.
- name str
- The name of a User Profile property
- policy_
id str - Policy ID.
- profile_
attributes Sequence[PolicyRule Profile Enrollment Profile Attribute Args] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive_
profiling_ straction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - status str
- Status of the Rule.
- target_
group_ strid - The ID of a Group that this User should be added to.
- ui_
schema_ strid - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown_
user_ straction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
.
- access String
- Allow or deny access based on the rule conditions. Valid values are:
"ALLOW"
,"DENY"
. Default is"ALLOW"
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default is
true
. - inline
Hook StringId - ID of a Registration Inline Hook.
- name String
- The name of a User Profile property
- policy
Id String - Policy ID.
- profile
Attributes List<Property Map> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions. Valid values are:
"ENABLED"
,"DISABLED"
. Default is"DISABLED"
. - status String
- Status of the Rule.
- target
Group StringId - The ID of a Group that this User should be added to.
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
"DENY"
,"REGISTER"
.
Supporting Types
PolicyRuleProfileEnrollmentProfileAttribute, PolicyRuleProfileEnrollmentProfileAttributeArgs
Import
A Policy Rule can be imported via the Policy and Rule ID.
$ pulumi import okta:index/policyRuleProfileEnrollment:PolicyRuleProfileEnrollment example <policy id>/<rule id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
okta
Terraform Provider.