Oracle Cloud Infrastructure v2.31.0, Apr 17 25

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

oci.Identity.getDomainsPasswordPolicy

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testPasswordPolicy = oci.Identity.getDomainsPasswordPolicy({
    idcsEndpoint: testDomain.url,
    passwordPolicyId: testPolicy.id,
    attributeSets: [],
    attributes: "",
    authorization: passwordPolicyAuthorization,
    resourceTypeSchemaVersion: passwordPolicyResourceTypeSchemaVersion,
});

import pulumi
import pulumi_oci as oci

test_password_policy = oci.Identity.get_domains_password_policy(idcs_endpoint=test_domain["url"],
    password_policy_id=test_policy["id"],
    attribute_sets=[],
    attributes="",
    authorization=password_policy_authorization,
    resource_type_schema_version=password_policy_resource_type_schema_version)

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.GetDomainsPasswordPolicy(ctx, &identity.GetDomainsPasswordPolicyArgs{
			IdcsEndpoint:              testDomain.Url,
			PasswordPolicyId:          testPolicy.Id,
			AttributeSets:             []interface{}{},
			Attributes:                pulumi.StringRef(""),
			Authorization:             pulumi.StringRef(passwordPolicyAuthorization),
			ResourceTypeSchemaVersion: pulumi.StringRef(passwordPolicyResourceTypeSchemaVersion),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testPasswordPolicy = Oci.Identity.GetDomainsPasswordPolicy.Invoke(new()
    {
        IdcsEndpoint = testDomain.Url,
        PasswordPolicyId = testPolicy.Id,
        AttributeSets = new() { },
        Attributes = "",
        Authorization = passwordPolicyAuthorization,
        ResourceTypeSchemaVersion = passwordPolicyResourceTypeSchemaVersion,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.IdentityFunctions;
import com.pulumi.oci.Identity.inputs.GetDomainsPasswordPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testPasswordPolicy = IdentityFunctions.getDomainsPasswordPolicy(GetDomainsPasswordPolicyArgs.builder()
            .idcsEndpoint(testDomain.url())
            .passwordPolicyId(testPolicy.id())
            .attributeSets()
            .attributes("")
            .authorization(passwordPolicyAuthorization)
            .resourceTypeSchemaVersion(passwordPolicyResourceTypeSchemaVersion)
            .build());

    }
}

variables:
  testPasswordPolicy:
    fn::invoke:
      function: oci:Identity:getDomainsPasswordPolicy
      arguments:
        idcsEndpoint: ${testDomain.url}
        passwordPolicyId: ${testPolicy.id}
        attributeSets: []
        attributes: ""
        authorization: ${passwordPolicyAuthorization}
        resourceTypeSchemaVersion: ${passwordPolicyResourceTypeSchemaVersion}

Using getDomainsPasswordPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDomainsPasswordPolicy(args: GetDomainsPasswordPolicyArgs, opts?: InvokeOptions): Promise<GetDomainsPasswordPolicyResult>
function getDomainsPasswordPolicyOutput(args: GetDomainsPasswordPolicyOutputArgs, opts?: InvokeOptions): Output<GetDomainsPasswordPolicyResult>

def get_domains_password_policy(attribute_sets: Optional[Sequence[str]] = None,
                                attributes: Optional[str] = None,
                                authorization: Optional[str] = None,
                                idcs_endpoint: Optional[str] = None,
                                password_policy_id: Optional[str] = None,
                                resource_type_schema_version: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetDomainsPasswordPolicyResult
def get_domains_password_policy_output(attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                attributes: Optional[pulumi.Input[str]] = None,
                                authorization: Optional[pulumi.Input[str]] = None,
                                idcs_endpoint: Optional[pulumi.Input[str]] = None,
                                password_policy_id: Optional[pulumi.Input[str]] = None,
                                resource_type_schema_version: Optional[pulumi.Input[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetDomainsPasswordPolicyResult]

func GetDomainsPasswordPolicy(ctx *Context, args *GetDomainsPasswordPolicyArgs, opts ...InvokeOption) (*GetDomainsPasswordPolicyResult, error)
func GetDomainsPasswordPolicyOutput(ctx *Context, args *GetDomainsPasswordPolicyOutputArgs, opts ...InvokeOption) GetDomainsPasswordPolicyResultOutput

> Note: This function is named GetDomainsPasswordPolicy in the Go SDK.

public static class GetDomainsPasswordPolicy 
{
    public static Task<GetDomainsPasswordPolicyResult> InvokeAsync(GetDomainsPasswordPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetDomainsPasswordPolicyResult> Invoke(GetDomainsPasswordPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetDomainsPasswordPolicyResult> getDomainsPasswordPolicy(GetDomainsPasswordPolicyArgs args, InvokeOptions options)
public static Output<GetDomainsPasswordPolicyResult> getDomainsPasswordPolicy(GetDomainsPasswordPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: oci:Identity/getDomainsPasswordPolicy:getDomainsPasswordPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

IdcsEndpoint string: The basic endpoint for the identity domain
PasswordPolicyId string: ID of the resource
AttributeSets List<string>: A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
Attributes string: A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
Authorization string: The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
ResourceTypeSchemaVersion string: An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

IdcsEndpoint string: The basic endpoint for the identity domain
PasswordPolicyId string: ID of the resource
AttributeSets []string: A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
Attributes string: A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
Authorization string: The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
ResourceTypeSchemaVersion string: An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint String: The basic endpoint for the identity domain
passwordPolicyId String: ID of the resource
attributeSets List<String>: A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes String: A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization String: The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resourceTypeSchemaVersion String: An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint string: The basic endpoint for the identity domain
passwordPolicyId string: ID of the resource
attributeSets string[]: A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes string: A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization string: The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resourceTypeSchemaVersion string: An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcs_endpoint str: The basic endpoint for the identity domain
password_policy_id str: ID of the resource
attribute_sets Sequence[str]: A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes str: A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization str: The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resource_type_schema_version str: An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint String: The basic endpoint for the identity domain
passwordPolicyId String: ID of the resource
attributeSets List<String>: A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes String: A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization String: The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resourceTypeSchemaVersion String: An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

getDomainsPasswordPolicy Result

The following output properties are available:

AllowedChars string: A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
CompartmentOcid string: Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
ConfiguredPasswordPolicyRules List<GetDomainsPasswordPolicyConfiguredPasswordPolicyRule>: List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
DeleteInProgress bool: A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
Description string: A String that describes the password policy
DictionaryDelimiter string: A delimiter used to separate characters in the dictionary file
DictionaryLocation string: A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
DictionaryWordDisallowed bool: Indicates whether the password can match a dictionary word
DisallowedChars string: A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
DisallowedSubstrings List<string>: A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
DisallowedUserAttributeValues List<string>: List of User attributes whose values are not allowed in the password.
DistinctCharacters int: The number of distinct characters between old password and new password
DomainOcid string: Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
ExternalId string: An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
FirstNameDisallowed bool: Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
ForcePasswordReset bool: Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
Groups List<GetDomainsPasswordPolicyGroup>: A list of groups that the password policy belongs to.
Id string: Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
IdcsCreatedBies List<GetDomainsPasswordPolicyIdcsCreatedBy>: The User or App who created the Resource
IdcsEndpoint string
IdcsLastModifiedBies List<GetDomainsPasswordPolicyIdcsLastModifiedBy>: The User or App who modified the Resource
IdcsLastUpgradedInRelease string: The release number when the resource was upgraded.
IdcsPreventedOperations List<string>: Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
LastNameDisallowed bool: Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
LockoutDuration int: The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
MaxIncorrectAttempts int: An integer that represents the maximum number of failed logins before an account is locked
MaxLength int: The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
MaxRepeatedChars int: The maximum number of repeated characters allowed in a password. A value of 0 or no value indicates no such restriction.
MaxSpecialChars int: The maximum number of special characters in a password. A value of 0 or no value indicates no maximum special characters restriction.
Metas List<GetDomainsPasswordPolicyMeta>: A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
MinAlphaNumerals int: The minimum number of a combination of alphabetic and numeric characters in a password. A value of 0 or no value indicates no minimum alphanumeric character restriction.
MinAlphas int: The minimum number of alphabetic characters in a password. A value of 0 or no value indicates no minimum alphas restriction.
MinLength int: The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
MinLowerCase int: The minimum number of lowercase alphabetic characters in a password. A value of 0 or no value indicates no minimum lowercase restriction.
MinNumerals int: The minimum number of numeric characters in a password. A value of 0 or no value indicates no minimum numeric character restriction.
MinPasswordAge int: Minimum time after which the user can resubmit the reset password request
MinSpecialChars int: The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
MinUniqueChars int: The minimum number of unique characters in a password. A value of 0 or no value indicates no minimum unique characters restriction.
MinUpperCase int: The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
Name string: A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
NumPasswordsInHistory int: The number of passwords that will be kept in history that may not be used as a password
Ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
PasswordExpireWarning int: An integer indicating the number of days before which the user should be warned about password expiry.
PasswordExpiresAfter int: The number of days after which the password expires automatically
PasswordPolicyId string
PasswordStrength string: Indicates whether the password policy is configured as Simple, Standard, or Custom.
Priority int: Password policy priority
RequiredChars string: A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
Schemas List<string>: REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
StartsWithAlphabet bool: Indicates that the password must begin with an alphabetic character
Tags List<GetDomainsPasswordPolicyTag>: A list of tags on this resource.
TenancyOcid string: Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
UserNameDisallowed bool: Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
AttributeSets List<string>
Attributes string
Authorization string
ResourceTypeSchemaVersion string

AllowedChars string: A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
CompartmentOcid string: Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
ConfiguredPasswordPolicyRules []GetDomainsPasswordPolicyConfiguredPasswordPolicyRule: List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
DeleteInProgress bool: A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
Description string: A String that describes the password policy
DictionaryDelimiter string: A delimiter used to separate characters in the dictionary file
DictionaryLocation string: A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
DictionaryWordDisallowed bool: Indicates whether the password can match a dictionary word
DisallowedChars string: A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
DisallowedSubstrings []string: A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
DisallowedUserAttributeValues []string: List of User attributes whose values are not allowed in the password.
DistinctCharacters int: The number of distinct characters between old password and new password
DomainOcid string: Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
ExternalId string: An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
FirstNameDisallowed bool: Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
ForcePasswordReset bool: Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
Groups []GetDomainsPasswordPolicyGroup: A list of groups that the password policy belongs to.
Id string: Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
IdcsCreatedBies []GetDomainsPasswordPolicyIdcsCreatedBy: The User or App who created the Resource
IdcsEndpoint string
IdcsLastModifiedBies []GetDomainsPasswordPolicyIdcsLastModifiedBy: The User or App who modified the Resource
IdcsLastUpgradedInRelease string: The release number when the resource was upgraded.
IdcsPreventedOperations []string: Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
LastNameDisallowed bool: Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
LockoutDuration int: The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
MaxIncorrectAttempts int: An integer that represents the maximum number of failed logins before an account is locked
MaxLength int: The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
MaxRepeatedChars int: The maximum number of repeated characters allowed in a password. A value of 0 or no value indicates no such restriction.
MaxSpecialChars int: The maximum number of special characters in a password. A value of 0 or no value indicates no maximum special characters restriction.
Metas []GetDomainsPasswordPolicyMeta: A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
MinAlphaNumerals int: The minimum number of a combination of alphabetic and numeric characters in a password. A value of 0 or no value indicates no minimum alphanumeric character restriction.
MinAlphas int: The minimum number of alphabetic characters in a password. A value of 0 or no value indicates no minimum alphas restriction.
MinLength int: The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
MinLowerCase int: The minimum number of lowercase alphabetic characters in a password. A value of 0 or no value indicates no minimum lowercase restriction.
MinNumerals int: The minimum number of numeric characters in a password. A value of 0 or no value indicates no minimum numeric character restriction.
MinPasswordAge int: Minimum time after which the user can resubmit the reset password request
MinSpecialChars int: The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
MinUniqueChars int: The minimum number of unique characters in a password. A value of 0 or no value indicates no minimum unique characters restriction.
MinUpperCase int: The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
Name string: A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
NumPasswordsInHistory int: The number of passwords that will be kept in history that may not be used as a password
Ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
PasswordExpireWarning int: An integer indicating the number of days before which the user should be warned about password expiry.
PasswordExpiresAfter int: The number of days after which the password expires automatically
PasswordPolicyId string
PasswordStrength string: Indicates whether the password policy is configured as Simple, Standard, or Custom.
Priority int: Password policy priority
RequiredChars string: A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
Schemas []string: REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
StartsWithAlphabet bool: Indicates that the password must begin with an alphabetic character
Tags []GetDomainsPasswordPolicyTag: A list of tags on this resource.
TenancyOcid string: Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
UserNameDisallowed bool: Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
AttributeSets []string
Attributes string
Authorization string
ResourceTypeSchemaVersion string

allowedChars String: A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
compartmentOcid String: Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
configuredPasswordPolicyRules List<GetDomainsPasswordPolicyConfiguredPasswordPolicyRule>: List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
deleteInProgress Boolean: A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description String: A String that describes the password policy
dictionaryDelimiter String: A delimiter used to separate characters in the dictionary file
dictionaryLocation String: A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
dictionaryWordDisallowed Boolean: Indicates whether the password can match a dictionary word
disallowedChars String: A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
disallowedSubstrings List<String>: A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
disallowedUserAttributeValues List<String>: List of User attributes whose values are not allowed in the password.
distinctCharacters Integer: The number of distinct characters between old password and new password
domainOcid String: Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
externalId String: An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
firstNameDisallowed Boolean: Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
forcePasswordReset Boolean: Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
groups List<GetDomainsPasswordPolicyGroup>: A list of groups that the password policy belongs to.
id String: Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcsCreatedBies List<GetDomainsPasswordPolicyIdcsCreatedBy>: The User or App who created the Resource
idcsEndpoint String
idcsLastModifiedBies List<GetDomainsPasswordPolicyIdcsLastModifiedBy>: The User or App who modified the Resource
idcsLastUpgradedInRelease String: The release number when the resource was upgraded.
idcsPreventedOperations List<String>: Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
lastNameDisallowed Boolean: Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
lockoutDuration Integer: The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
maxIncorrectAttempts Integer: An integer that represents the maximum number of failed logins before an account is locked
maxLength Integer: The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
maxRepeatedChars Integer: The maximum number of repeated characters allowed in a password. A value of 0 or no value indicates no such restriction.
maxSpecialChars Integer: The maximum number of special characters in a password. A value of 0 or no value indicates no maximum special characters restriction.
metas List<GetDomainsPasswordPolicyMeta>: A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
minAlphaNumerals Integer: The minimum number of a combination of alphabetic and numeric characters in a password. A value of 0 or no value indicates no minimum alphanumeric character restriction.
minAlphas Integer: The minimum number of alphabetic characters in a password. A value of 0 or no value indicates no minimum alphas restriction.
minLength Integer: The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
minLowerCase Integer: The minimum number of lowercase alphabetic characters in a password. A value of 0 or no value indicates no minimum lowercase restriction.
minNumerals Integer: The minimum number of numeric characters in a password. A value of 0 or no value indicates no minimum numeric character restriction.
minPasswordAge Integer: Minimum time after which the user can resubmit the reset password request
minSpecialChars Integer: The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
minUniqueChars Integer: The minimum number of unique characters in a password. A value of 0 or no value indicates no minimum unique characters restriction.
minUpperCase Integer: The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
name String: A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
numPasswordsInHistory Integer: The number of passwords that will be kept in history that may not be used as a password
ocid String: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
passwordExpireWarning Integer: An integer indicating the number of days before which the user should be warned about password expiry.
passwordExpiresAfter Integer: The number of days after which the password expires automatically
passwordPolicyId String
passwordStrength String: Indicates whether the password policy is configured as Simple, Standard, or Custom.
priority Integer: Password policy priority
requiredChars String: A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
schemas List<String>: REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
startsWithAlphabet Boolean: Indicates that the password must begin with an alphabetic character
tags List<GetDomainsPasswordPolicyTag>: A list of tags on this resource.
tenancyOcid String: Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
userNameDisallowed Boolean: Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
attributeSets List<String>
attributes String
authorization String
resourceTypeSchemaVersion String

allowedChars string: A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
compartmentOcid string: Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
configuredPasswordPolicyRules GetDomainsPasswordPolicyConfiguredPasswordPolicyRule[]: List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
deleteInProgress boolean: A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description string: A String that describes the password policy
dictionaryDelimiter string: A delimiter used to separate characters in the dictionary file
dictionaryLocation string: A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
dictionaryWordDisallowed boolean: Indicates whether the password can match a dictionary word
disallowedChars string: A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
disallowedSubstrings string[]: A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
disallowedUserAttributeValues string[]: List of User attributes whose values are not allowed in the password.
distinctCharacters number: The number of distinct characters between old password and new password
domainOcid string: Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
externalId string: An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
firstNameDisallowed boolean: Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
forcePasswordReset boolean: Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
groups GetDomainsPasswordPolicyGroup[]: A list of groups that the password policy belongs to.
id string: Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcsCreatedBies GetDomainsPasswordPolicyIdcsCreatedBy[]: The User or App who created the Resource
idcsEndpoint string
idcsLastModifiedBies GetDomainsPasswordPolicyIdcsLastModifiedBy[]: The User or App who modified the Resource
idcsLastUpgradedInRelease string: The release number when the resource was upgraded.
idcsPreventedOperations string[]: Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
lastNameDisallowed boolean: Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
lockoutDuration number: The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
maxIncorrectAttempts number: An integer that represents the maximum number of failed logins before an account is locked
maxLength number: The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
maxRepeatedChars number: The maximum number of repeated characters allowed in a password. A value of 0 or no value indicates no such restriction.
maxSpecialChars number: The maximum number of special characters in a password. A value of 0 or no value indicates no maximum special characters restriction.
metas GetDomainsPasswordPolicyMeta[]: A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
minAlphaNumerals number: The minimum number of a combination of alphabetic and numeric characters in a password. A value of 0 or no value indicates no minimum alphanumeric character restriction.
minAlphas number: The minimum number of alphabetic characters in a password. A value of 0 or no value indicates no minimum alphas restriction.
minLength number: The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
minLowerCase number: The minimum number of lowercase alphabetic characters in a password. A value of 0 or no value indicates no minimum lowercase restriction.
minNumerals number: The minimum number of numeric characters in a password. A value of 0 or no value indicates no minimum numeric character restriction.
minPasswordAge number: Minimum time after which the user can resubmit the reset password request
minSpecialChars number: The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
minUniqueChars number: The minimum number of unique characters in a password. A value of 0 or no value indicates no minimum unique characters restriction.
minUpperCase number: The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
name string: A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
numPasswordsInHistory number: The number of passwords that will be kept in history that may not be used as a password
ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
passwordExpireWarning number: An integer indicating the number of days before which the user should be warned about password expiry.
passwordExpiresAfter number: The number of days after which the password expires automatically
passwordPolicyId string
passwordStrength string: Indicates whether the password policy is configured as Simple, Standard, or Custom.
priority number: Password policy priority
requiredChars string: A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
schemas string[]: REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
startsWithAlphabet boolean: Indicates that the password must begin with an alphabetic character
tags GetDomainsPasswordPolicyTag[]: A list of tags on this resource.
tenancyOcid string: Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
userNameDisallowed boolean: Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
attributeSets string[]
attributes string
authorization string
resourceTypeSchemaVersion string

allowed_chars str: A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
compartment_ocid str: Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
configured_password_policy_rules Sequence[identity.GetDomainsPasswordPolicyConfiguredPasswordPolicyRule]: List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
delete_in_progress bool: A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description str: A String that describes the password policy
dictionary_delimiter str: A delimiter used to separate characters in the dictionary file
dictionary_location str: A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
dictionary_word_disallowed bool: Indicates whether the password can match a dictionary word
disallowed_chars str: A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
disallowed_substrings Sequence[str]: A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
disallowed_user_attribute_values Sequence[str]: List of User attributes whose values are not allowed in the password.
distinct_characters int: The number of distinct characters between old password and new password
domain_ocid str: Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
external_id str: An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
first_name_disallowed bool: Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
force_password_reset bool: Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
groups Sequence[identity.GetDomainsPasswordPolicyGroup]: A list of groups that the password policy belongs to.
id str: Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcs_created_bies Sequence[identity.GetDomainsPasswordPolicyIdcsCreatedBy]: The User or App who created the Resource
idcs_endpoint str
idcs_last_modified_bies Sequence[identity.GetDomainsPasswordPolicyIdcsLastModifiedBy]: The User or App who modified the Resource
idcs_last_upgraded_in_release str: The release number when the resource was upgraded.
idcs_prevented_operations Sequence[str]: Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
last_name_disallowed bool: Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
lockout_duration int: The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
max_incorrect_attempts int: An integer that represents the maximum number of failed logins before an account is locked
max_length int: The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
max_repeated_chars int: The maximum number of repeated characters allowed in a password. A value of 0 or no value indicates no such restriction.
max_special_chars int: The maximum number of special characters in a password. A value of 0 or no value indicates no maximum special characters restriction.
metas Sequence[identity.GetDomainsPasswordPolicyMeta]: A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
min_alpha_numerals int: The minimum number of a combination of alphabetic and numeric characters in a password. A value of 0 or no value indicates no minimum alphanumeric character restriction.
min_alphas int: The minimum number of alphabetic characters in a password. A value of 0 or no value indicates no minimum alphas restriction.
min_length int: The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
min_lower_case int: The minimum number of lowercase alphabetic characters in a password. A value of 0 or no value indicates no minimum lowercase restriction.
min_numerals int: The minimum number of numeric characters in a password. A value of 0 or no value indicates no minimum numeric character restriction.
min_password_age int: Minimum time after which the user can resubmit the reset password request
min_special_chars int: The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
min_unique_chars int: The minimum number of unique characters in a password. A value of 0 or no value indicates no minimum unique characters restriction.
min_upper_case int: The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
name str: A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
num_passwords_in_history int: The number of passwords that will be kept in history that may not be used as a password
ocid str: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
password_expire_warning int: An integer indicating the number of days before which the user should be warned about password expiry.
password_expires_after int: The number of days after which the password expires automatically
password_policy_id str
password_strength str: Indicates whether the password policy is configured as Simple, Standard, or Custom.
priority int: Password policy priority
required_chars str: A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
schemas Sequence[str]: REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
starts_with_alphabet bool: Indicates that the password must begin with an alphabetic character
tags Sequence[identity.GetDomainsPasswordPolicyTag]: A list of tags on this resource.
tenancy_ocid str: Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
user_name_disallowed bool: Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
attribute_sets Sequence[str]
attributes str
authorization str
resource_type_schema_version str

allowedChars String: A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
compartmentOcid String: Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
configuredPasswordPolicyRules List<Property Map>: List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
deleteInProgress Boolean: A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description String: A String that describes the password policy
dictionaryDelimiter String: A delimiter used to separate characters in the dictionary file
dictionaryLocation String: A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
dictionaryWordDisallowed Boolean: Indicates whether the password can match a dictionary word
disallowedChars String: A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
disallowedSubstrings List<String>: A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
disallowedUserAttributeValues List<String>: List of User attributes whose values are not allowed in the password.
distinctCharacters Number: The number of distinct characters between old password and new password
domainOcid String: Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
externalId String: An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
firstNameDisallowed Boolean: Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
forcePasswordReset Boolean: Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
groups List<Property Map>: A list of groups that the password policy belongs to.
id String: Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcsCreatedBies List<Property Map>: The User or App who created the Resource
idcsEndpoint String
idcsLastModifiedBies List<Property Map>: The User or App who modified the Resource
idcsLastUpgradedInRelease String: The release number when the resource was upgraded.
idcsPreventedOperations List<String>: Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
lastNameDisallowed Boolean: Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
lockoutDuration Number: The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
maxIncorrectAttempts Number: An integer that represents the maximum number of failed logins before an account is locked
maxLength Number: The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
maxRepeatedChars Number: The maximum number of repeated characters allowed in a password. A value of 0 or no value indicates no such restriction.
maxSpecialChars Number: The maximum number of special characters in a password. A value of 0 or no value indicates no maximum special characters restriction.
metas List<Property Map>: A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
minAlphaNumerals Number: The minimum number of a combination of alphabetic and numeric characters in a password. A value of 0 or no value indicates no minimum alphanumeric character restriction.
minAlphas Number: The minimum number of alphabetic characters in a password. A value of 0 or no value indicates no minimum alphas restriction.
minLength Number: The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
minLowerCase Number: The minimum number of lowercase alphabetic characters in a password. A value of 0 or no value indicates no minimum lowercase restriction.
minNumerals Number: The minimum number of numeric characters in a password. A value of 0 or no value indicates no minimum numeric character restriction.
minPasswordAge Number: Minimum time after which the user can resubmit the reset password request
minSpecialChars Number: The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
minUniqueChars Number: The minimum number of unique characters in a password. A value of 0 or no value indicates no minimum unique characters restriction.
minUpperCase Number: The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
name String: A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
numPasswordsInHistory Number: The number of passwords that will be kept in history that may not be used as a password
ocid String: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
passwordExpireWarning Number: An integer indicating the number of days before which the user should be warned about password expiry.
passwordExpiresAfter Number: The number of days after which the password expires automatically
passwordPolicyId String
passwordStrength String: Indicates whether the password policy is configured as Simple, Standard, or Custom.
priority Number: Password policy priority
requiredChars String: A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
schemas List<String>: REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
startsWithAlphabet Boolean: Indicates that the password must begin with an alphabetic character
tags List<Property Map>: A list of tags on this resource.
tenancyOcid String: Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
userNameDisallowed Boolean: Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
attributeSets List<String>
attributes String
authorization String
resourceTypeSchemaVersion String

Supporting Types

GetDomainsPasswordPolicyConfiguredPasswordPolicyRule

Key string: Key or name of the tag.
Value string: Value of the tag.

Key string: Key or name of the tag.
Value string: Value of the tag.

key String: Key or name of the tag.
value String: Value of the tag.

key string: Key or name of the tag.
value string: Value of the tag.

key str: Key or name of the tag.
value str: Value of the tag.

key String: Key or name of the tag.
value String: Value of the tag.

GetDomainsPasswordPolicyGroup

Display string: The displayName of the User or App who modified this Resource
Ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
Value string: Value of the tag.

Display string: The displayName of the User or App who modified this Resource
Ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
Value string: Value of the tag.

display String: The displayName of the User or App who modified this Resource
ref String: The URI of the SCIM resource that represents the User or App who modified this Resource
value String: Value of the tag.

display string: The displayName of the User or App who modified this Resource
ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
value string: Value of the tag.

display str: The displayName of the User or App who modified this Resource
ref str: The URI of the SCIM resource that represents the User or App who modified this Resource
value str: Value of the tag.

display String: The displayName of the User or App who modified this Resource
ref String: The URI of the SCIM resource that represents the User or App who modified this Resource
value String: Value of the tag.

GetDomainsPasswordPolicyIdcsCreatedBy

Display string: The displayName of the User or App who modified this Resource
Ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
Type string: The type of resource, User or App, that modified this Resource
Value string: Value of the tag.

Display string: The displayName of the User or App who modified this Resource
Ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
Type string: The type of resource, User or App, that modified this Resource
Value string: Value of the tag.

display String: The displayName of the User or App who modified this Resource
ocid String: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref String: The URI of the SCIM resource that represents the User or App who modified this Resource
type String: The type of resource, User or App, that modified this Resource
value String: Value of the tag.

display string: The displayName of the User or App who modified this Resource
ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
type string: The type of resource, User or App, that modified this Resource
value string: Value of the tag.

display str: The displayName of the User or App who modified this Resource
ocid str: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref str: The URI of the SCIM resource that represents the User or App who modified this Resource
type str: The type of resource, User or App, that modified this Resource
value str: Value of the tag.

display String: The displayName of the User or App who modified this Resource
ocid String: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref String: The URI of the SCIM resource that represents the User or App who modified this Resource
type String: The type of resource, User or App, that modified this Resource
value String: Value of the tag.

GetDomainsPasswordPolicyIdcsLastModifiedBy

Display string: The displayName of the User or App who modified this Resource
Ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
Type string: The type of resource, User or App, that modified this Resource
Value string: Value of the tag.

Display string: The displayName of the User or App who modified this Resource
Ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
Type string: The type of resource, User or App, that modified this Resource
Value string: Value of the tag.

display String: The displayName of the User or App who modified this Resource
ocid String: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref String: The URI of the SCIM resource that represents the User or App who modified this Resource
type String: The type of resource, User or App, that modified this Resource
value String: Value of the tag.

display string: The displayName of the User or App who modified this Resource
ocid string: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref string: The URI of the SCIM resource that represents the User or App who modified this Resource
type string: The type of resource, User or App, that modified this Resource
value string: Value of the tag.

display str: The displayName of the User or App who modified this Resource
ocid str: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref str: The URI of the SCIM resource that represents the User or App who modified this Resource
type str: The type of resource, User or App, that modified this Resource
value str: Value of the tag.

display String: The displayName of the User or App who modified this Resource
ocid String: Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref String: The URI of the SCIM resource that represents the User or App who modified this Resource
type String: The type of resource, User or App, that modified this Resource
value String: Value of the tag.

GetDomainsPasswordPolicyMeta

Created string: The DateTime the Resource was added to the Service Provider
LastModified string: The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
Location string: The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
ResourceType string: Name of the resource type of the resource--for example, Users or Groups
Version string: The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

Created string: The DateTime the Resource was added to the Service Provider
LastModified string: The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
Location string: The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
ResourceType string: Name of the resource type of the resource--for example, Users or Groups
Version string: The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String: The DateTime the Resource was added to the Service Provider
lastModified String: The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location String: The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resourceType String: Name of the resource type of the resource--for example, Users or Groups
version String: The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created string: The DateTime the Resource was added to the Service Provider
lastModified string: The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location string: The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resourceType string: Name of the resource type of the resource--for example, Users or Groups
version string: The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created str: The DateTime the Resource was added to the Service Provider
last_modified str: The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location str: The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resource_type str: Name of the resource type of the resource--for example, Users or Groups
version str: The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String: The DateTime the Resource was added to the Service Provider
lastModified String: The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location String: The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resourceType String: Name of the resource type of the resource--for example, Users or Groups
version String: The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

GetDomainsPasswordPolicyTag

Key string: Key or name of the tag.
Value string: Value of the tag.

Key string: Key or name of the tag.
Value string: Value of the tag.

key String: Key or name of the tag.
value String: Value of the tag.

key string: Key or name of the tag.
value string: Value of the tag.

key str: Key or name of the tag.
value str: Value of the tag.

key String: Key or name of the tag.
value String: Value of the tag.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

pulumi/pulumi-oci

oci.Identity.getDomainsPasswordPolicy

On this page

On this page

Example Usage

Using getDomainsPasswordPolicy

getDomainsPasswordPolicy Result

Supporting Types

GetDomainsPasswordPolicyConfiguredPasswordPolicyRule

GetDomainsPasswordPolicyGroup

GetDomainsPasswordPolicyIdcsCreatedBy

GetDomainsPasswordPolicyIdcsLastModifiedBy

GetDomainsPasswordPolicyMeta

GetDomainsPasswordPolicyTag

Package Details

On this page

On this page