ibm 1.78.0, Apr 30 25

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm.IamAccountSettingsTemplate

Explore with Pulumi AI

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

Create IamAccountSettingsTemplate Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new IamAccountSettingsTemplate(name: string, args?: IamAccountSettingsTemplateArgs, opts?: CustomResourceOptions);

@overload
def IamAccountSettingsTemplate(resource_name: str,
                               args: Optional[IamAccountSettingsTemplateArgs] = None,
                               opts: Optional[ResourceOptions] = None)

@overload
def IamAccountSettingsTemplate(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               account_settings: Optional[IamAccountSettingsTemplateAccountSettingsArgs] = None,
                               committed: Optional[bool] = None,
                               description: Optional[str] = None,
                               name: Optional[str] = None,
                               template_id: Optional[str] = None)

func NewIamAccountSettingsTemplate(ctx *Context, name string, args *IamAccountSettingsTemplateArgs, opts ...ResourceOption) (*IamAccountSettingsTemplate, error)

public IamAccountSettingsTemplate(string name, IamAccountSettingsTemplateArgs? args = null, CustomResourceOptions? opts = null)

public IamAccountSettingsTemplate(String name, IamAccountSettingsTemplateArgs args)
public IamAccountSettingsTemplate(String name, IamAccountSettingsTemplateArgs args, CustomResourceOptions options)

type: ibm:IamAccountSettingsTemplate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args IamAccountSettingsTemplateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args IamAccountSettingsTemplateArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args IamAccountSettingsTemplateArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args IamAccountSettingsTemplateArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args IamAccountSettingsTemplateArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var iamAccountSettingsTemplateResource = new Ibm.IamAccountSettingsTemplate("iamAccountSettingsTemplateResource", new()
{
    AccountSettings = new Ibm.Inputs.IamAccountSettingsTemplateAccountSettingsArgs
    {
        AllowedIpAddresses = "string",
        MaxSessionsPerIdentity = "string",
        Mfa = "string",
        RestrictCreatePlatformApikey = "string",
        RestrictCreateServiceId = "string",
        SessionExpirationInSeconds = "string",
        SessionInvalidationInSeconds = "string",
        SystemAccessTokenExpirationInSeconds = "string",
        SystemRefreshTokenExpirationInSeconds = "string",
        UserMfas = new[]
        {
            new Ibm.Inputs.IamAccountSettingsTemplateAccountSettingsUserMfaArgs
            {
                IamId = "string",
                Mfa = "string",
            },
        },
    },
    Committed = false,
    Description = "string",
    Name = "string",
    TemplateId = "string",
});

example, err := ibm.NewIamAccountSettingsTemplate(ctx, "iamAccountSettingsTemplateResource", &ibm.IamAccountSettingsTemplateArgs{
	AccountSettings: &ibm.IamAccountSettingsTemplateAccountSettingsArgs{
		AllowedIpAddresses:                    pulumi.String("string"),
		MaxSessionsPerIdentity:                pulumi.String("string"),
		Mfa:                                   pulumi.String("string"),
		RestrictCreatePlatformApikey:          pulumi.String("string"),
		RestrictCreateServiceId:               pulumi.String("string"),
		SessionExpirationInSeconds:            pulumi.String("string"),
		SessionInvalidationInSeconds:          pulumi.String("string"),
		SystemAccessTokenExpirationInSeconds:  pulumi.String("string"),
		SystemRefreshTokenExpirationInSeconds: pulumi.String("string"),
		UserMfas: ibm.IamAccountSettingsTemplateAccountSettingsUserMfaArray{
			&ibm.IamAccountSettingsTemplateAccountSettingsUserMfaArgs{
				IamId: pulumi.String("string"),
				Mfa:   pulumi.String("string"),
			},
		},
	},
	Committed:   pulumi.Bool(false),
	Description: pulumi.String("string"),
	Name:        pulumi.String("string"),
	TemplateId:  pulumi.String("string"),
})

var iamAccountSettingsTemplateResource = new IamAccountSettingsTemplate("iamAccountSettingsTemplateResource", IamAccountSettingsTemplateArgs.builder()
    .accountSettings(IamAccountSettingsTemplateAccountSettingsArgs.builder()
        .allowedIpAddresses("string")
        .maxSessionsPerIdentity("string")
        .mfa("string")
        .restrictCreatePlatformApikey("string")
        .restrictCreateServiceId("string")
        .sessionExpirationInSeconds("string")
        .sessionInvalidationInSeconds("string")
        .systemAccessTokenExpirationInSeconds("string")
        .systemRefreshTokenExpirationInSeconds("string")
        .userMfas(IamAccountSettingsTemplateAccountSettingsUserMfaArgs.builder()
            .iamId("string")
            .mfa("string")
            .build())
        .build())
    .committed(false)
    .description("string")
    .name("string")
    .templateId("string")
    .build());

iam_account_settings_template_resource = ibm.IamAccountSettingsTemplate("iamAccountSettingsTemplateResource",
    account_settings={
        "allowed_ip_addresses": "string",
        "max_sessions_per_identity": "string",
        "mfa": "string",
        "restrict_create_platform_apikey": "string",
        "restrict_create_service_id": "string",
        "session_expiration_in_seconds": "string",
        "session_invalidation_in_seconds": "string",
        "system_access_token_expiration_in_seconds": "string",
        "system_refresh_token_expiration_in_seconds": "string",
        "user_mfas": [{
            "iam_id": "string",
            "mfa": "string",
        }],
    },
    committed=False,
    description="string",
    name="string",
    template_id="string")

const iamAccountSettingsTemplateResource = new ibm.IamAccountSettingsTemplate("iamAccountSettingsTemplateResource", {
    accountSettings: {
        allowedIpAddresses: "string",
        maxSessionsPerIdentity: "string",
        mfa: "string",
        restrictCreatePlatformApikey: "string",
        restrictCreateServiceId: "string",
        sessionExpirationInSeconds: "string",
        sessionInvalidationInSeconds: "string",
        systemAccessTokenExpirationInSeconds: "string",
        systemRefreshTokenExpirationInSeconds: "string",
        userMfas: [{
            iamId: "string",
            mfa: "string",
        }],
    },
    committed: false,
    description: "string",
    name: "string",
    templateId: "string",
});

type: ibm:IamAccountSettingsTemplate
properties:
    accountSettings:
        allowedIpAddresses: string
        maxSessionsPerIdentity: string
        mfa: string
        restrictCreatePlatformApikey: string
        restrictCreateServiceId: string
        sessionExpirationInSeconds: string
        sessionInvalidationInSeconds: string
        systemAccessTokenExpirationInSeconds: string
        systemRefreshTokenExpirationInSeconds: string
        userMfas:
            - iamId: string
              mfa: string
    committed: false
    description: string
    name: string
    templateId: string

IamAccountSettingsTemplate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The IamAccountSettingsTemplate resource accepts the following input properties:

AccountSettings IamAccountSettingsTemplateAccountSettings
Committed bool: Committed flag determines if the template is ready for assignment.
Description string: The description of the trusted profile template. Describe the template for enterprise account users.
Name string: The name of the trusted profile template. This is visible only in the enterprise account.
TemplateId string: ID of the the template.

AccountSettings IamAccountSettingsTemplateAccountSettingsArgs
Committed bool: Committed flag determines if the template is ready for assignment.
Description string: The description of the trusted profile template. Describe the template for enterprise account users.
Name string: The name of the trusted profile template. This is visible only in the enterprise account.
TemplateId string: ID of the the template.

accountSettings IamAccountSettingsTemplateAccountSettings
committed Boolean: Committed flag determines if the template is ready for assignment.
description String: The description of the trusted profile template. Describe the template for enterprise account users.
name String: The name of the trusted profile template. This is visible only in the enterprise account.
templateId String: ID of the the template.

accountSettings IamAccountSettingsTemplateAccountSettings
committed boolean: Committed flag determines if the template is ready for assignment.
description string: The description of the trusted profile template. Describe the template for enterprise account users.
name string: The name of the trusted profile template. This is visible only in the enterprise account.
templateId string: ID of the the template.

account_settings IamAccountSettingsTemplateAccountSettingsArgs
committed bool: Committed flag determines if the template is ready for assignment.
description str: The description of the trusted profile template. Describe the template for enterprise account users.
name str: The name of the trusted profile template. This is visible only in the enterprise account.
template_id str: ID of the the template.

accountSettings Property Map
committed Boolean: Committed flag determines if the template is ready for assignment.
description String: The description of the trusted profile template. Describe the template for enterprise account users.
name String: The name of the trusted profile template. This is visible only in the enterprise account.
templateId String: ID of the the template.

Outputs

All input properties are implicitly available as output properties. Additionally, the IamAccountSettingsTemplate resource produces the following output properties:

AccountId string: ID of the account where the template resides.
CreatedAt string: Template Created At.
CreatedById string: IAMid of the creator.
Crn string: Cloud resource name.
EntityTag string: Entity tag for this templateId-version combination.
Histories List<IamAccountSettingsTemplateHistory>: History of the Template.
Id string: The provider-assigned unique ID for this managed resource.
LastModifiedAt string: Template last modified at.
LastModifiedById string: IAMid of the identity that made the latest modification.
Version double: Version of the the template.

AccountId string: ID of the account where the template resides.
CreatedAt string: Template Created At.
CreatedById string: IAMid of the creator.
Crn string: Cloud resource name.
EntityTag string: Entity tag for this templateId-version combination.
Histories []IamAccountSettingsTemplateHistory: History of the Template.
Id string: The provider-assigned unique ID for this managed resource.
LastModifiedAt string: Template last modified at.
LastModifiedById string: IAMid of the identity that made the latest modification.
Version float64: Version of the the template.

accountId String: ID of the account where the template resides.
createdAt String: Template Created At.
createdById String: IAMid of the creator.
crn String: Cloud resource name.
entityTag String: Entity tag for this templateId-version combination.
histories List<IamAccountSettingsTemplateHistory>: History of the Template.
id String: The provider-assigned unique ID for this managed resource.
lastModifiedAt String: Template last modified at.
lastModifiedById String: IAMid of the identity that made the latest modification.
version Double: Version of the the template.

accountId string: ID of the account where the template resides.
createdAt string: Template Created At.
createdById string: IAMid of the creator.
crn string: Cloud resource name.
entityTag string: Entity tag for this templateId-version combination.
histories IamAccountSettingsTemplateHistory[]: History of the Template.
id string: The provider-assigned unique ID for this managed resource.
lastModifiedAt string: Template last modified at.
lastModifiedById string: IAMid of the identity that made the latest modification.
version number: Version of the the template.

account_id str: ID of the account where the template resides.
created_at str: Template Created At.
created_by_id str: IAMid of the creator.
crn str: Cloud resource name.
entity_tag str: Entity tag for this templateId-version combination.
histories Sequence[IamAccountSettingsTemplateHistory]: History of the Template.
id str: The provider-assigned unique ID for this managed resource.
last_modified_at str: Template last modified at.
last_modified_by_id str: IAMid of the identity that made the latest modification.
version float: Version of the the template.

accountId String: ID of the account where the template resides.
createdAt String: Template Created At.
createdById String: IAMid of the creator.
crn String: Cloud resource name.
entityTag String: Entity tag for this templateId-version combination.
histories List<Property Map>: History of the Template.
id String: The provider-assigned unique ID for this managed resource.
lastModifiedAt String: Template last modified at.
lastModifiedById String: IAMid of the identity that made the latest modification.
version Number: Version of the the template.

Look up Existing IamAccountSettingsTemplate Resource

Get an existing IamAccountSettingsTemplate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IamAccountSettingsTemplateState, opts?: CustomResourceOptions): IamAccountSettingsTemplate

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        account_settings: Optional[IamAccountSettingsTemplateAccountSettingsArgs] = None,
        committed: Optional[bool] = None,
        created_at: Optional[str] = None,
        created_by_id: Optional[str] = None,
        crn: Optional[str] = None,
        description: Optional[str] = None,
        entity_tag: Optional[str] = None,
        histories: Optional[Sequence[IamAccountSettingsTemplateHistoryArgs]] = None,
        last_modified_at: Optional[str] = None,
        last_modified_by_id: Optional[str] = None,
        name: Optional[str] = None,
        template_id: Optional[str] = None,
        version: Optional[float] = None) -> IamAccountSettingsTemplate

func GetIamAccountSettingsTemplate(ctx *Context, name string, id IDInput, state *IamAccountSettingsTemplateState, opts ...ResourceOption) (*IamAccountSettingsTemplate, error)

public static IamAccountSettingsTemplate Get(string name, Input<string> id, IamAccountSettingsTemplateState? state, CustomResourceOptions? opts = null)

public static IamAccountSettingsTemplate get(String name, Output<String> id, IamAccountSettingsTemplateState state, CustomResourceOptions options)

resources:  _:    type: ibm:IamAccountSettingsTemplate    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountId string: ID of the account where the template resides.
AccountSettings IamAccountSettingsTemplateAccountSettings
Committed bool: Committed flag determines if the template is ready for assignment.
CreatedAt string: Template Created At.
CreatedById string: IAMid of the creator.
Crn string: Cloud resource name.
Description string: The description of the trusted profile template. Describe the template for enterprise account users.
EntityTag string: Entity tag for this templateId-version combination.
Histories List<IamAccountSettingsTemplateHistory>: History of the Template.
LastModifiedAt string: Template last modified at.
LastModifiedById string: IAMid of the identity that made the latest modification.
Name string: The name of the trusted profile template. This is visible only in the enterprise account.
TemplateId string: ID of the the template.
Version double: Version of the the template.

AccountId string: ID of the account where the template resides.
AccountSettings IamAccountSettingsTemplateAccountSettingsArgs
Committed bool: Committed flag determines if the template is ready for assignment.
CreatedAt string: Template Created At.
CreatedById string: IAMid of the creator.
Crn string: Cloud resource name.
Description string: The description of the trusted profile template. Describe the template for enterprise account users.
EntityTag string: Entity tag for this templateId-version combination.
Histories []IamAccountSettingsTemplateHistoryArgs: History of the Template.
LastModifiedAt string: Template last modified at.
LastModifiedById string: IAMid of the identity that made the latest modification.
Name string: The name of the trusted profile template. This is visible only in the enterprise account.
TemplateId string: ID of the the template.
Version float64: Version of the the template.

accountId String: ID of the account where the template resides.
accountSettings IamAccountSettingsTemplateAccountSettings
committed Boolean: Committed flag determines if the template is ready for assignment.
createdAt String: Template Created At.
createdById String: IAMid of the creator.
crn String: Cloud resource name.
description String: The description of the trusted profile template. Describe the template for enterprise account users.
entityTag String: Entity tag for this templateId-version combination.
histories List<IamAccountSettingsTemplateHistory>: History of the Template.
lastModifiedAt String: Template last modified at.
lastModifiedById String: IAMid of the identity that made the latest modification.
name String: The name of the trusted profile template. This is visible only in the enterprise account.
templateId String: ID of the the template.
version Double: Version of the the template.

accountId string: ID of the account where the template resides.
accountSettings IamAccountSettingsTemplateAccountSettings
committed boolean: Committed flag determines if the template is ready for assignment.
createdAt string: Template Created At.
createdById string: IAMid of the creator.
crn string: Cloud resource name.
description string: The description of the trusted profile template. Describe the template for enterprise account users.
entityTag string: Entity tag for this templateId-version combination.
histories IamAccountSettingsTemplateHistory[]: History of the Template.
lastModifiedAt string: Template last modified at.
lastModifiedById string: IAMid of the identity that made the latest modification.
name string: The name of the trusted profile template. This is visible only in the enterprise account.
templateId string: ID of the the template.
version number: Version of the the template.

account_id str: ID of the account where the template resides.
account_settings IamAccountSettingsTemplateAccountSettingsArgs
committed bool: Committed flag determines if the template is ready for assignment.
created_at str: Template Created At.
created_by_id str: IAMid of the creator.
crn str: Cloud resource name.
description str: The description of the trusted profile template. Describe the template for enterprise account users.
entity_tag str: Entity tag for this templateId-version combination.
histories Sequence[IamAccountSettingsTemplateHistoryArgs]: History of the Template.
last_modified_at str: Template last modified at.
last_modified_by_id str: IAMid of the identity that made the latest modification.
name str: The name of the trusted profile template. This is visible only in the enterprise account.
template_id str: ID of the the template.
version float: Version of the the template.

accountId String: ID of the account where the template resides.
accountSettings Property Map
committed Boolean: Committed flag determines if the template is ready for assignment.
createdAt String: Template Created At.
createdById String: IAMid of the creator.
crn String: Cloud resource name.
description String: The description of the trusted profile template. Describe the template for enterprise account users.
entityTag String: Entity tag for this templateId-version combination.
histories List<Property Map>: History of the Template.
lastModifiedAt String: Template last modified at.
lastModifiedById String: IAMid of the identity that made the latest modification.
name String: The name of the trusted profile template. This is visible only in the enterprise account.
templateId String: ID of the the template.
version Number: Version of the the template.

Supporting Types

IamAccountSettingsTemplateAccountSettings, IamAccountSettingsTemplateAccountSettingsArgs

AllowedIpAddresses string: Defines the IP addresses and subnets from which IAM tokens can be created for the account.
MaxSessionsPerIdentity string: Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.
Mfa string: Defines the MFA trait for the account. Valid values: * NONE - No MFA trait set * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.
RestrictCreatePlatformApikey string: Defines whether or not creating platform API keys is access controlled. Valid values: * RESTRICTED - to apply access control * NOT_RESTRICTED - to remove access control * NOT_SET - to 'unset' a previous set value.
RestrictCreateServiceId string: Defines whether or not creating a service ID is access controlled. Valid values: * RESTRICTED - only users assigned the 'Service ID creator' role on the IAM Identity Service can create service IDs, including the account owner * NOT_RESTRICTED - all members of an account can create service IDs * NOT_SET - to 'unset' a previous set value.
SessionExpirationInSeconds string: Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.
SessionInvalidationInSeconds string: Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default.
SystemAccessTokenExpirationInSeconds string: Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.
SystemRefreshTokenExpirationInSeconds string: Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.
UserMfas List<IamAccountSettingsTemplateAccountSettingsUserMfa>: List of users that are exempted from the MFA requirement of the account.

AllowedIpAddresses string: Defines the IP addresses and subnets from which IAM tokens can be created for the account.
MaxSessionsPerIdentity string: Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.
Mfa string: Defines the MFA trait for the account. Valid values: * NONE - No MFA trait set * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.
RestrictCreatePlatformApikey string: Defines whether or not creating platform API keys is access controlled. Valid values: * RESTRICTED - to apply access control * NOT_RESTRICTED - to remove access control * NOT_SET - to 'unset' a previous set value.
RestrictCreateServiceId string: Defines whether or not creating a service ID is access controlled. Valid values: * RESTRICTED - only users assigned the 'Service ID creator' role on the IAM Identity Service can create service IDs, including the account owner * NOT_RESTRICTED - all members of an account can create service IDs * NOT_SET - to 'unset' a previous set value.
SessionExpirationInSeconds string: Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.
SessionInvalidationInSeconds string: Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default.
SystemAccessTokenExpirationInSeconds string: Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.
SystemRefreshTokenExpirationInSeconds string: Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.
UserMfas []IamAccountSettingsTemplateAccountSettingsUserMfa: List of users that are exempted from the MFA requirement of the account.

allowedIpAddresses String: Defines the IP addresses and subnets from which IAM tokens can be created for the account.
maxSessionsPerIdentity String: Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.
mfa String: Defines the MFA trait for the account. Valid values: * NONE - No MFA trait set * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.
restrictCreatePlatformApikey String: Defines whether or not creating platform API keys is access controlled. Valid values: * RESTRICTED - to apply access control * NOT_RESTRICTED - to remove access control * NOT_SET - to 'unset' a previous set value.
restrictCreateServiceId String: Defines whether or not creating a service ID is access controlled. Valid values: * RESTRICTED - only users assigned the 'Service ID creator' role on the IAM Identity Service can create service IDs, including the account owner * NOT_RESTRICTED - all members of an account can create service IDs * NOT_SET - to 'unset' a previous set value.
sessionExpirationInSeconds String: Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.
sessionInvalidationInSeconds String: Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default.
systemAccessTokenExpirationInSeconds String: Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.
systemRefreshTokenExpirationInSeconds String: Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.
userMfas List<IamAccountSettingsTemplateAccountSettingsUserMfa>: List of users that are exempted from the MFA requirement of the account.

allowedIpAddresses string: Defines the IP addresses and subnets from which IAM tokens can be created for the account.
maxSessionsPerIdentity string: Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.
mfa string: Defines the MFA trait for the account. Valid values: * NONE - No MFA trait set * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.
restrictCreatePlatformApikey string: Defines whether or not creating platform API keys is access controlled. Valid values: * RESTRICTED - to apply access control * NOT_RESTRICTED - to remove access control * NOT_SET - to 'unset' a previous set value.
restrictCreateServiceId string: Defines whether or not creating a service ID is access controlled. Valid values: * RESTRICTED - only users assigned the 'Service ID creator' role on the IAM Identity Service can create service IDs, including the account owner * NOT_RESTRICTED - all members of an account can create service IDs * NOT_SET - to 'unset' a previous set value.
sessionExpirationInSeconds string: Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.
sessionInvalidationInSeconds string: Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default.
systemAccessTokenExpirationInSeconds string: Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.
systemRefreshTokenExpirationInSeconds string: Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.
userMfas IamAccountSettingsTemplateAccountSettingsUserMfa[]: List of users that are exempted from the MFA requirement of the account.

allowed_ip_addresses str: Defines the IP addresses and subnets from which IAM tokens can be created for the account.
max_sessions_per_identity str: Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.
mfa str: Defines the MFA trait for the account. Valid values: * NONE - No MFA trait set * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.
restrict_create_platform_apikey str: Defines whether or not creating platform API keys is access controlled. Valid values: * RESTRICTED - to apply access control * NOT_RESTRICTED - to remove access control * NOT_SET - to 'unset' a previous set value.
restrict_create_service_id str: Defines whether or not creating a service ID is access controlled. Valid values: * RESTRICTED - only users assigned the 'Service ID creator' role on the IAM Identity Service can create service IDs, including the account owner * NOT_RESTRICTED - all members of an account can create service IDs * NOT_SET - to 'unset' a previous set value.
session_expiration_in_seconds str: Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.
session_invalidation_in_seconds str: Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default.
system_access_token_expiration_in_seconds str: Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.
system_refresh_token_expiration_in_seconds str: Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.
user_mfas Sequence[IamAccountSettingsTemplateAccountSettingsUserMfa]: List of users that are exempted from the MFA requirement of the account.

allowedIpAddresses String: Defines the IP addresses and subnets from which IAM tokens can be created for the account.
maxSessionsPerIdentity String: Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.
mfa String: Defines the MFA trait for the account. Valid values: * NONE - No MFA trait set * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.
restrictCreatePlatformApikey String: Defines whether or not creating platform API keys is access controlled. Valid values: * RESTRICTED - to apply access control * NOT_RESTRICTED - to remove access control * NOT_SET - to 'unset' a previous set value.
restrictCreateServiceId String: Defines whether or not creating a service ID is access controlled. Valid values: * RESTRICTED - only users assigned the 'Service ID creator' role on the IAM Identity Service can create service IDs, including the account owner * NOT_RESTRICTED - all members of an account can create service IDs * NOT_SET - to 'unset' a previous set value.
sessionExpirationInSeconds String: Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.
sessionInvalidationInSeconds String: Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default.
systemAccessTokenExpirationInSeconds String: Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.
systemRefreshTokenExpirationInSeconds String: Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.
userMfas List<Property Map>: List of users that are exempted from the MFA requirement of the account.

IamAccountSettingsTemplateAccountSettingsUserMfa, IamAccountSettingsTemplateAccountSettingsUserMfaArgs

IamId string: The iam_id of the user.
Mfa string: Defines the MFA requirement for the user. Valid values: * NONE - No MFA trait set * NONE_NO_ROPC- No MFA, disable CLI logins with only a password * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.

IamId string: The iam_id of the user.
Mfa string: Defines the MFA requirement for the user. Valid values: * NONE - No MFA trait set * NONE_NO_ROPC- No MFA, disable CLI logins with only a password * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.

iamId String: The iam_id of the user.
mfa String: Defines the MFA requirement for the user. Valid values: * NONE - No MFA trait set * NONE_NO_ROPC- No MFA, disable CLI logins with only a password * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.

iamId string: The iam_id of the user.
mfa string: Defines the MFA requirement for the user. Valid values: * NONE - No MFA trait set * NONE_NO_ROPC- No MFA, disable CLI logins with only a password * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.

iam_id str: The iam_id of the user.
mfa str: Defines the MFA requirement for the user. Valid values: * NONE - No MFA trait set * NONE_NO_ROPC- No MFA, disable CLI logins with only a password * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.

iamId String: The iam_id of the user.
mfa String: Defines the MFA requirement for the user. Valid values: * NONE - No MFA trait set * NONE_NO_ROPC- No MFA, disable CLI logins with only a password * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.

IamAccountSettingsTemplateHistory, IamAccountSettingsTemplateHistoryArgs

Action string
IamId string
IamIdAccount string
Message string
Params List<string>
Timestamp string

Action string
IamId string
IamIdAccount string
Message string
Params []string
Timestamp string

action String
iamId String
iamIdAccount String
message String
params List<String>
timestamp String

action string
iamId string
iamIdAccount string
message string
params string[]
timestamp string

action str
iam_id str
iam_id_account str
message str
params Sequence[str]
timestamp str

action String
iamId String
iamIdAccount String
message String
params List<String>
timestamp String

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

ibm.IamAccountSettingsTemplate

On this page

On this page

Create IamAccountSettingsTemplate Resource

Constructor syntax

Parameters

Constructor example

IamAccountSettingsTemplate Resource Properties

Inputs

Outputs

Look up Existing IamAccountSettingsTemplate Resource

Supporting Types

IamAccountSettingsTemplateAccountSettings, IamAccountSettingsTemplateAccountSettingsArgs

IamAccountSettingsTemplateAccountSettingsUserMfa, IamAccountSettingsTemplateAccountSettingsUserMfaArgs

IamAccountSettingsTemplateHistory, IamAccountSettingsTemplateHistoryArgs

Package Details

On this page

On this page