Docs Home
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm.IamTrustedProfileClaimRule
Explore with Pulumi AI
Create, update, or delete an IAM trusted profiles claim rule resource. For more information, about IAM trusted profiles claim rule, see https://cloud.ibm.com/apidocs/iam-identity-token-api#create-claim-rule
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const iamTrustedProfile = new ibm.IamTrustedProfile("iamTrustedProfile", {});
const iamTrustedProfileClaimRule = new ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRule", {
profileId: iamTrustedProfile.iamTrustedProfileId,
type: "Profile-CR",
conditions: [{
claim: "blueGroups",
operator: "CONTAINS",
value: "\"cloud-docs-dev\"",
}],
crType: "IKS_SA",
});
import pulumi
import pulumi_ibm as ibm
iam_trusted_profile = ibm.IamTrustedProfile("iamTrustedProfile")
iam_trusted_profile_claim_rule = ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRule",
profile_id=iam_trusted_profile.iam_trusted_profile_id,
type="Profile-CR",
conditions=[{
"claim": "blueGroups",
"operator": "CONTAINS",
"value": "\"cloud-docs-dev\"",
}],
cr_type="IKS_SA")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
iamTrustedProfile, err := ibm.NewIamTrustedProfile(ctx, "iamTrustedProfile", nil)
if err != nil {
return err
}
_, err = ibm.NewIamTrustedProfileClaimRule(ctx, "iamTrustedProfileClaimRule", &ibm.IamTrustedProfileClaimRuleArgs{
ProfileId: iamTrustedProfile.IamTrustedProfileId,
Type: pulumi.String("Profile-CR"),
Conditions: ibm.IamTrustedProfileClaimRuleConditionArray{
&ibm.IamTrustedProfileClaimRuleConditionArgs{
Claim: pulumi.String("blueGroups"),
Operator: pulumi.String("CONTAINS"),
Value: pulumi.String("\"cloud-docs-dev\""),
},
},
CrType: pulumi.String("IKS_SA"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var iamTrustedProfile = new Ibm.IamTrustedProfile("iamTrustedProfile");
var iamTrustedProfileClaimRule = new Ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRule", new()
{
ProfileId = iamTrustedProfile.IamTrustedProfileId,
Type = "Profile-CR",
Conditions = new[]
{
new Ibm.Inputs.IamTrustedProfileClaimRuleConditionArgs
{
Claim = "blueGroups",
Operator = "CONTAINS",
Value = "\"cloud-docs-dev\"",
},
},
CrType = "IKS_SA",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IamTrustedProfile;
import com.pulumi.ibm.IamTrustedProfileClaimRule;
import com.pulumi.ibm.IamTrustedProfileClaimRuleArgs;
import com.pulumi.ibm.inputs.IamTrustedProfileClaimRuleConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var iamTrustedProfile = new IamTrustedProfile("iamTrustedProfile");
var iamTrustedProfileClaimRule = new IamTrustedProfileClaimRule("iamTrustedProfileClaimRule", IamTrustedProfileClaimRuleArgs.builder()
.profileId(iamTrustedProfile.iamTrustedProfileId())
.type("Profile-CR")
.conditions(IamTrustedProfileClaimRuleConditionArgs.builder()
.claim("blueGroups")
.operator("CONTAINS")
.value("\"cloud-docs-dev\"")
.build())
.crType("IKS_SA")
.build());
}
}
resources:
iamTrustedProfile:
type: ibm:IamTrustedProfile
iamTrustedProfileClaimRule:
type: ibm:IamTrustedProfileClaimRule
properties:
profileId: ${iamTrustedProfile.iamTrustedProfileId}
type: Profile-CR
conditions:
- claim: blueGroups
operator: CONTAINS
value: '"cloud-docs-dev"'
crType: IKS_SA
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const iamTrustedProfile = new ibm.IamTrustedProfile("iamTrustedProfile", {});
const iamTrustedProfileClaimRule = new ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRule", {
profileId: iamTrustedProfile.iamTrustedProfileId,
type: "Profile-SAML",
realmName: _var.realm_name,
expiration: 43200,
conditions: [{
claim: "blueGroups",
operator: "NOT_EQUALS_IGNORE_CASE",
value: "\"cloud-docs-dev\"",
}],
});
import pulumi
import pulumi_ibm as ibm
iam_trusted_profile = ibm.IamTrustedProfile("iamTrustedProfile")
iam_trusted_profile_claim_rule = ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRule",
profile_id=iam_trusted_profile.iam_trusted_profile_id,
type="Profile-SAML",
realm_name=var["realm_name"],
expiration=43200,
conditions=[{
"claim": "blueGroups",
"operator": "NOT_EQUALS_IGNORE_CASE",
"value": "\"cloud-docs-dev\"",
}])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
iamTrustedProfile, err := ibm.NewIamTrustedProfile(ctx, "iamTrustedProfile", nil)
if err != nil {
return err
}
_, err = ibm.NewIamTrustedProfileClaimRule(ctx, "iamTrustedProfileClaimRule", &ibm.IamTrustedProfileClaimRuleArgs{
ProfileId: iamTrustedProfile.IamTrustedProfileId,
Type: pulumi.String("Profile-SAML"),
RealmName: pulumi.Any(_var.Realm_name),
Expiration: pulumi.Float64(43200),
Conditions: ibm.IamTrustedProfileClaimRuleConditionArray{
&ibm.IamTrustedProfileClaimRuleConditionArgs{
Claim: pulumi.String("blueGroups"),
Operator: pulumi.String("NOT_EQUALS_IGNORE_CASE"),
Value: pulumi.String("\"cloud-docs-dev\""),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var iamTrustedProfile = new Ibm.IamTrustedProfile("iamTrustedProfile");
var iamTrustedProfileClaimRule = new Ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRule", new()
{
ProfileId = iamTrustedProfile.IamTrustedProfileId,
Type = "Profile-SAML",
RealmName = @var.Realm_name,
Expiration = 43200,
Conditions = new[]
{
new Ibm.Inputs.IamTrustedProfileClaimRuleConditionArgs
{
Claim = "blueGroups",
Operator = "NOT_EQUALS_IGNORE_CASE",
Value = "\"cloud-docs-dev\"",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IamTrustedProfile;
import com.pulumi.ibm.IamTrustedProfileClaimRule;
import com.pulumi.ibm.IamTrustedProfileClaimRuleArgs;
import com.pulumi.ibm.inputs.IamTrustedProfileClaimRuleConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var iamTrustedProfile = new IamTrustedProfile("iamTrustedProfile");
var iamTrustedProfileClaimRule = new IamTrustedProfileClaimRule("iamTrustedProfileClaimRule", IamTrustedProfileClaimRuleArgs.builder()
.profileId(iamTrustedProfile.iamTrustedProfileId())
.type("Profile-SAML")
.realmName(var_.realm_name())
.expiration(43200)
.conditions(IamTrustedProfileClaimRuleConditionArgs.builder()
.claim("blueGroups")
.operator("NOT_EQUALS_IGNORE_CASE")
.value("\"cloud-docs-dev\"")
.build())
.build());
}
}
resources:
iamTrustedProfile:
type: ibm:IamTrustedProfile
iamTrustedProfileClaimRule:
type: ibm:IamTrustedProfileClaimRule
properties:
profileId: ${iamTrustedProfile.iamTrustedProfileId}
type: Profile-SAML
realmName: ${var.realm_name}
expiration: 43200
conditions:
- claim: blueGroups
operator: NOT_EQUALS_IGNORE_CASE
value: '"cloud-docs-dev"'
Create IamTrustedProfileClaimRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IamTrustedProfileClaimRule(name: string, args: IamTrustedProfileClaimRuleArgs, opts?: CustomResourceOptions);@overload
def IamTrustedProfileClaimRule(resource_name: str,
args: IamTrustedProfileClaimRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IamTrustedProfileClaimRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
conditions: Optional[Sequence[IamTrustedProfileClaimRuleConditionArgs]] = None,
profile_id: Optional[str] = None,
type: Optional[str] = None,
cr_type: Optional[str] = None,
expiration: Optional[float] = None,
iam_trusted_profile_claim_rule_id: Optional[str] = None,
name: Optional[str] = None,
realm_name: Optional[str] = None)func NewIamTrustedProfileClaimRule(ctx *Context, name string, args IamTrustedProfileClaimRuleArgs, opts ...ResourceOption) (*IamTrustedProfileClaimRule, error)public IamTrustedProfileClaimRule(string name, IamTrustedProfileClaimRuleArgs args, CustomResourceOptions? opts = null)
public IamTrustedProfileClaimRule(String name, IamTrustedProfileClaimRuleArgs args)
public IamTrustedProfileClaimRule(String name, IamTrustedProfileClaimRuleArgs args, CustomResourceOptions options)
type: ibm:IamTrustedProfileClaimRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IamTrustedProfileClaimRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IamTrustedProfileClaimRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IamTrustedProfileClaimRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IamTrustedProfileClaimRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IamTrustedProfileClaimRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var iamTrustedProfileClaimRuleResource = new Ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRuleResource", new()
{
Conditions = new[]
{
new Ibm.Inputs.IamTrustedProfileClaimRuleConditionArgs
{
Claim = "string",
Operator = "string",
Value = "string",
},
},
ProfileId = "string",
Type = "string",
CrType = "string",
Expiration = 0,
IamTrustedProfileClaimRuleId = "string",
Name = "string",
RealmName = "string",
});
example, err := ibm.NewIamTrustedProfileClaimRule(ctx, "iamTrustedProfileClaimRuleResource", &ibm.IamTrustedProfileClaimRuleArgs{
Conditions: ibm.IamTrustedProfileClaimRuleConditionArray{
&ibm.IamTrustedProfileClaimRuleConditionArgs{
Claim: pulumi.String("string"),
Operator: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ProfileId: pulumi.String("string"),
Type: pulumi.String("string"),
CrType: pulumi.String("string"),
Expiration: pulumi.Float64(0),
IamTrustedProfileClaimRuleId: pulumi.String("string"),
Name: pulumi.String("string"),
RealmName: pulumi.String("string"),
})
var iamTrustedProfileClaimRuleResource = new IamTrustedProfileClaimRule("iamTrustedProfileClaimRuleResource", IamTrustedProfileClaimRuleArgs.builder()
.conditions(IamTrustedProfileClaimRuleConditionArgs.builder()
.claim("string")
.operator("string")
.value("string")
.build())
.profileId("string")
.type("string")
.crType("string")
.expiration(0)
.iamTrustedProfileClaimRuleId("string")
.name("string")
.realmName("string")
.build());
iam_trusted_profile_claim_rule_resource = ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRuleResource",
conditions=[{
"claim": "string",
"operator": "string",
"value": "string",
}],
profile_id="string",
type="string",
cr_type="string",
expiration=0,
iam_trusted_profile_claim_rule_id="string",
name="string",
realm_name="string")
const iamTrustedProfileClaimRuleResource = new ibm.IamTrustedProfileClaimRule("iamTrustedProfileClaimRuleResource", {
conditions: [{
claim: "string",
operator: "string",
value: "string",
}],
profileId: "string",
type: "string",
crType: "string",
expiration: 0,
iamTrustedProfileClaimRuleId: "string",
name: "string",
realmName: "string",
});
type: ibm:IamTrustedProfileClaimRule
properties:
conditions:
- claim: string
operator: string
value: string
crType: string
expiration: 0
iamTrustedProfileClaimRuleId: string
name: string
profileId: string
realmName: string
type: string
IamTrustedProfileClaimRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IamTrustedProfileClaimRule resource accepts the following input properties:
- Conditions
List<Iam
Trusted Profile Claim Rule Condition> - The conditions of this claim rule. Nested scheme for conditions:
- Profile
Id string - ID of the trusted profile to create a claim rule.
- Type string
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- Cr
Type string - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- Expiration double
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- Iam
Trusted stringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - Name string
- Name of the claim rule to be created or updated.
- Realm
Name string - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- Conditions
[]Iam
Trusted Profile Claim Rule Condition Args - The conditions of this claim rule. Nested scheme for conditions:
- Profile
Id string - ID of the trusted profile to create a claim rule.
- Type string
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- Cr
Type string - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- Expiration float64
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- Iam
Trusted stringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - Name string
- Name of the claim rule to be created or updated.
- Realm
Name string - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- conditions
List<Iam
Trusted Profile Claim Rule Condition> - The conditions of this claim rule. Nested scheme for conditions:
- profile
Id String - ID of the trusted profile to create a claim rule.
- type String
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- cr
Type String - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- expiration Double
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam
Trusted StringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - name String
- Name of the claim rule to be created or updated.
- realm
Name String - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- conditions
Iam
Trusted Profile Claim Rule Condition[] - The conditions of this claim rule. Nested scheme for conditions:
- profile
Id string - ID of the trusted profile to create a claim rule.
- type string
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- cr
Type string - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- expiration number
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam
Trusted stringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - name string
- Name of the claim rule to be created or updated.
- realm
Name string - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- conditions
Sequence[Iam
Trusted Profile Claim Rule Condition Args] - The conditions of this claim rule. Nested scheme for conditions:
- profile_
id str - ID of the trusted profile to create a claim rule.
- type str
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- cr_
type str - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- expiration float
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam_
trusted_ strprofile_ claim_ rule_ id - Id is combination of
profile_id/rule_id. - name str
- Name of the claim rule to be created or updated.
- realm_
name str - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- conditions List<Property Map>
- The conditions of this claim rule. Nested scheme for conditions:
- profile
Id String - ID of the trusted profile to create a claim rule.
- type String
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- cr
Type String - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- expiration Number
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam
Trusted StringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - name String
- Name of the claim rule to be created or updated.
- realm
Name String - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
Outputs
All input properties are implicitly available as output properties. Additionally, the IamTrustedProfileClaimRule resource produces the following output properties:
- Created
At string - (String) If set contains a date time string of the creation date in ISO format.
- Entity
Tag string - (String) The version of the claim rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
At string - (String) If set contains a date time string of the last modification date in ISO format.
- Rule
Id string - (String) The unique identifier of the
iam_trusted_profiles_claim_rule.
- Created
At string - (String) If set contains a date time string of the creation date in ISO format.
- Entity
Tag string - (String) The version of the claim rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
At string - (String) If set contains a date time string of the last modification date in ISO format.
- Rule
Id string - (String) The unique identifier of the
iam_trusted_profiles_claim_rule.
- created
At String - (String) If set contains a date time string of the creation date in ISO format.
- entity
Tag String - (String) The version of the claim rule.
- id String
- The provider-assigned unique ID for this managed resource.
- modified
At String - (String) If set contains a date time string of the last modification date in ISO format.
- rule
Id String - (String) The unique identifier of the
iam_trusted_profiles_claim_rule.
- created
At string - (String) If set contains a date time string of the creation date in ISO format.
- entity
Tag string - (String) The version of the claim rule.
- id string
- The provider-assigned unique ID for this managed resource.
- modified
At string - (String) If set contains a date time string of the last modification date in ISO format.
- rule
Id string - (String) The unique identifier of the
iam_trusted_profiles_claim_rule.
- created_
at str - (String) If set contains a date time string of the creation date in ISO format.
- entity_
tag str - (String) The version of the claim rule.
- id str
- The provider-assigned unique ID for this managed resource.
- modified_
at str - (String) If set contains a date time string of the last modification date in ISO format.
- rule_
id str - (String) The unique identifier of the
iam_trusted_profiles_claim_rule.
- created
At String - (String) If set contains a date time string of the creation date in ISO format.
- entity
Tag String - (String) The version of the claim rule.
- id String
- The provider-assigned unique ID for this managed resource.
- modified
At String - (String) If set contains a date time string of the last modification date in ISO format.
- rule
Id String - (String) The unique identifier of the
iam_trusted_profiles_claim_rule.
Look up Existing IamTrustedProfileClaimRule Resource
Get an existing IamTrustedProfileClaimRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IamTrustedProfileClaimRuleState, opts?: CustomResourceOptions): IamTrustedProfileClaimRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
conditions: Optional[Sequence[IamTrustedProfileClaimRuleConditionArgs]] = None,
cr_type: Optional[str] = None,
created_at: Optional[str] = None,
entity_tag: Optional[str] = None,
expiration: Optional[float] = None,
iam_trusted_profile_claim_rule_id: Optional[str] = None,
modified_at: Optional[str] = None,
name: Optional[str] = None,
profile_id: Optional[str] = None,
realm_name: Optional[str] = None,
rule_id: Optional[str] = None,
type: Optional[str] = None) -> IamTrustedProfileClaimRulefunc GetIamTrustedProfileClaimRule(ctx *Context, name string, id IDInput, state *IamTrustedProfileClaimRuleState, opts ...ResourceOption) (*IamTrustedProfileClaimRule, error)public static IamTrustedProfileClaimRule Get(string name, Input<string> id, IamTrustedProfileClaimRuleState? state, CustomResourceOptions? opts = null)public static IamTrustedProfileClaimRule get(String name, Output<String> id, IamTrustedProfileClaimRuleState state, CustomResourceOptions options)resources: _: type: ibm:IamTrustedProfileClaimRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Conditions
List<Iam
Trusted Profile Claim Rule Condition> - The conditions of this claim rule. Nested scheme for conditions:
- Cr
Type string - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- Created
At string - (String) If set contains a date time string of the creation date in ISO format.
- Entity
Tag string - (String) The version of the claim rule.
- Expiration double
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- Iam
Trusted stringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - Modified
At string - (String) If set contains a date time string of the last modification date in ISO format.
- Name string
- Name of the claim rule to be created or updated.
- Profile
Id string - ID of the trusted profile to create a claim rule.
- Realm
Name string - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- Rule
Id string - (String) The unique identifier of the
iam_trusted_profiles_claim_rule. - Type string
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- Conditions
[]Iam
Trusted Profile Claim Rule Condition Args - The conditions of this claim rule. Nested scheme for conditions:
- Cr
Type string - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- Created
At string - (String) If set contains a date time string of the creation date in ISO format.
- Entity
Tag string - (String) The version of the claim rule.
- Expiration float64
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- Iam
Trusted stringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - Modified
At string - (String) If set contains a date time string of the last modification date in ISO format.
- Name string
- Name of the claim rule to be created or updated.
- Profile
Id string - ID of the trusted profile to create a claim rule.
- Realm
Name string - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- Rule
Id string - (String) The unique identifier of the
iam_trusted_profiles_claim_rule. - Type string
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- conditions
List<Iam
Trusted Profile Claim Rule Condition> - The conditions of this claim rule. Nested scheme for conditions:
- cr
Type String - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- created
At String - (String) If set contains a date time string of the creation date in ISO format.
- entity
Tag String - (String) The version of the claim rule.
- expiration Double
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam
Trusted StringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - modified
At String - (String) If set contains a date time string of the last modification date in ISO format.
- name String
- Name of the claim rule to be created or updated.
- profile
Id String - ID of the trusted profile to create a claim rule.
- realm
Name String - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- rule
Id String - (String) The unique identifier of the
iam_trusted_profiles_claim_rule. - type String
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- conditions
Iam
Trusted Profile Claim Rule Condition[] - The conditions of this claim rule. Nested scheme for conditions:
- cr
Type string - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- created
At string - (String) If set contains a date time string of the creation date in ISO format.
- entity
Tag string - (String) The version of the claim rule.
- expiration number
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam
Trusted stringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - modified
At string - (String) If set contains a date time string of the last modification date in ISO format.
- name string
- Name of the claim rule to be created or updated.
- profile
Id string - ID of the trusted profile to create a claim rule.
- realm
Name string - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- rule
Id string - (String) The unique identifier of the
iam_trusted_profiles_claim_rule. - type string
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- conditions
Sequence[Iam
Trusted Profile Claim Rule Condition Args] - The conditions of this claim rule. Nested scheme for conditions:
- cr_
type str - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- created_
at str - (String) If set contains a date time string of the creation date in ISO format.
- entity_
tag str - (String) The version of the claim rule.
- expiration float
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam_
trusted_ strprofile_ claim_ rule_ id - Id is combination of
profile_id/rule_id. - modified_
at str - (String) If set contains a date time string of the last modification date in ISO format.
- name str
- Name of the claim rule to be created or updated.
- profile_
id str - ID of the trusted profile to create a claim rule.
- realm_
name str - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- rule_
id str - (String) The unique identifier of the
iam_trusted_profiles_claim_rule. - type str
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
- conditions List<Property Map>
- The conditions of this claim rule. Nested scheme for conditions:
- cr
Type String - The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Supported values are VSI, IKS_SA, ROKS_SA.
- created
At String - (String) If set contains a date time string of the creation date in ISO format.
- entity
Tag String - (String) The version of the claim rule.
- expiration Number
- Session expiration in seconds, only required if type is 'Profile-SAML'.
- iam
Trusted StringProfile Claim Rule Id - Id is combination of
profile_id/rule_id. - modified
At String - (String) If set contains a date time string of the last modification date in ISO format.
- name String
- Name of the claim rule to be created or updated.
- profile
Id String - ID of the trusted profile to create a claim rule.
- realm
Name String - The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
- rule
Id String - (String) The unique identifier of the
iam_trusted_profiles_claim_rule. - type String
- The type of the calim rule, either 'Profile-SAML', or 'Profile-CR'.
Supporting Types
IamTrustedProfileClaimRuleCondition, IamTrustedProfileClaimRuleConditionArgs
Import
The ibm_iam_trusted_profile_claim_rule resource can be imported by using profile ID and trusted profile claim rule ID
Syntax
$ pulumi import ibm:index/iamTrustedProfileClaimRule:IamTrustedProfileClaimRule example <profile_id>/<claim_rule_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.