AppRule
Manage App Rule resources.
This resource allows you to create and configure App Rules.
Important Note Regarding Position
The position field indicates the order in which rules are applied. They behave like progressive filters and as such, their positioning is strictly enforced. Your options for this field are to either:
Accept any ordering - Do not fill out any position field and each rule will be inserted in the order received by the API.
Strict Ordering - Enter a position number for each app rule. You’ll need to ensure there are no duplicates and no gaps in numbering.
Dependency based ordering - Use the
depends_onfield to specify an app rule’s predecessor to ensure rules are received by the API in the order in which they should be applied. e.g.depends_on = [onelogin_app_rules.test]
Example Usage
Strict Ordering
using Pulumi;
using Onelogin = Pulumi.Onelogin;
class MyStack : Stack
{
public MyStack()
{
var check = new Onelogin.AppRule("check", new Onelogin.AppRuleArgs
{
AppId = onelogin_saml_apps.My_saml_app.Id,
Position = 1,
Enabled = true,
Match = "all",
Conditions =
{
{ "operator", "ri" },
{ "source", "has_role" },
{ "value", "340475" },
},
Actions =
{
{ "action", "set_amazonusername" },
{ "expression", ".*" },
{ "values",
{
"member_of",
} },
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-onelogin/sdk/go/onelogin"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := onelogin.NewAppRule(ctx, "check", &onelogin.AppRuleArgs{
AppId: pulumi.Any(onelogin_saml_apps.My_saml_app.Id),
Position: pulumi.Int(1),
Enabled: pulumi.Bool(true),
Match: pulumi.String("all"),
Conditions: AppRuleConditionArray{
Operator: "ri",
Source: "has_role",
Value: "340475",
},
Actions: AppRuleActionArray{
Action: "set_amazonusername",
Expression: ".*",
Values: AppRuleActionArgs{
"member_of",
},
},
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_onelogin as onelogin
check = onelogin.AppRule("check",
app_id=onelogin_saml_apps["my_saml_app"]["id"],
position=1,
enabled=True,
match="all",
conditions={
"operator": "ri",
"source": "has_role",
"value": "340475",
},
actions={
"action": "set_amazonusername",
"expression": ".*",
"values": ["member_of"],
})
import * as pulumi from "@pulumi/pulumi";
import * as onelogin from "@pulumi/onelogin";
const check = new onelogin.AppRule("check", {
appId: onelogin_saml_apps.my_saml_app.id,
position: 1,
enabled: true,
match: "all",
conditions: {
operator: "ri",
source: "has_role",
value: "340475",
},
actions: {
action: "set_amazonusername",
expression: ".*",
values: ["member_of"],
},
});
Coming soon!
Dependency Based Ordering
using Pulumi;
using Onelogin = Pulumi.Onelogin;
class MyStack : Stack
{
public MyStack()
{
var test = new Onelogin.AppRule("test", new Onelogin.AppRuleArgs
{
AppId = onelogin_saml_apps.My_saml_app.Id,
Enabled = true,
Match = "all",
Conditions =
{
{ "operator", "ri" },
{ "source", "has_role" },
{ "value", "340475" },
},
Actions =
{
{ "action", "set_amazonusername" },
{ "expression", ".*" },
{ "values",
{
"member_of",
} },
},
});
var check = new Onelogin.AppRule("check", new Onelogin.AppRuleArgs
{
AppId = onelogin_saml_apps.My_saml_app.Id,
Enabled = true,
Match = "all",
Conditions =
{
{ "operator", "ri" },
{ "source", "has_role" },
{ "value", "340475" },
},
Actions =
{
{ "action", "set_amazonusername" },
{ "expression", ".*" },
{ "values",
{
"member_of",
} },
},
}, new CustomResourceOptions
{
DependsOn =
{
test,
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-onelogin/sdk/go/onelogin"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
test, err := onelogin.NewAppRule(ctx, "test", &onelogin.AppRuleArgs{
AppId: pulumi.Any(onelogin_saml_apps.My_saml_app.Id),
Enabled: pulumi.Bool(true),
Match: pulumi.String("all"),
Conditions: AppRuleConditionArray{
Operator: "ri",
Source: "has_role",
Value: "340475",
},
Actions: AppRuleActionArray{
Action: "set_amazonusername",
Expression: ".*",
Values: AppRuleActionArgs{
"member_of",
},
},
})
if err != nil {
return err
}
_, err = onelogin.NewAppRule(ctx, "check", &onelogin.AppRuleArgs{
AppId: pulumi.Any(onelogin_saml_apps.My_saml_app.Id),
Enabled: pulumi.Bool(true),
Match: pulumi.String("all"),
Conditions: AppRuleConditionArray{
Operator: "ri",
Source: "has_role",
Value: "340475",
},
Actions: AppRuleActionArray{
Action: "set_amazonusername",
Expression: ".*",
Values: AppRuleActionArgs{
"member_of",
},
},
}, pulumi.DependsOn([]pulumi.Resource{
test,
}))
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_onelogin as onelogin
test = onelogin.AppRule("test",
app_id=onelogin_saml_apps["my_saml_app"]["id"],
enabled=True,
match="all",
conditions={
"operator": "ri",
"source": "has_role",
"value": "340475",
},
actions={
"action": "set_amazonusername",
"expression": ".*",
"values": ["member_of"],
})
check = onelogin.AppRule("check",
app_id=onelogin_saml_apps["my_saml_app"]["id"],
enabled=True,
match="all",
conditions={
"operator": "ri",
"source": "has_role",
"value": "340475",
},
actions={
"action": "set_amazonusername",
"expression": ".*",
"values": ["member_of"],
},
opts=pulumi.ResourceOptions(depends_on=[test]))
import * as pulumi from "@pulumi/pulumi";
import * as onelogin from "@pulumi/onelogin";
const test = new onelogin.AppRule("test", {
appId: onelogin_saml_apps.my_saml_app.id,
enabled: true,
match: "all",
conditions: {
operator: "ri",
source: "has_role",
value: "340475",
},
actions: {
action: "set_amazonusername",
expression: ".*",
values: ["member_of"],
},
});
const check = new onelogin.AppRule("check", {
appId: onelogin_saml_apps.my_saml_app.id,
enabled: true,
match: "all",
conditions: {
operator: "ri",
source: "has_role",
value: "340475",
},
actions: {
action: "set_amazonusername",
expression: ".*",
values: ["member_of"],
},
}, {
dependsOn: [test],
});
Coming soon!
Create AppRule Resource
new AppRule(name: string, args: AppRuleArgs, opts?: CustomResourceOptions);@overload
def AppRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
actions: Optional[Sequence[AppRuleActionArgs]] = None,
app_id: Optional[str] = None,
conditions: Optional[Sequence[AppRuleConditionArgs]] = None,
enabled: Optional[bool] = None,
match: Optional[str] = None,
name: Optional[str] = None,
position: Optional[int] = None)
@overload
def AppRule(resource_name: str,
args: AppRuleArgs,
opts: Optional[ResourceOptions] = None)func NewAppRule(ctx *Context, name string, args AppRuleArgs, opts ...ResourceOption) (*AppRule, error)public AppRule(string name, AppRuleArgs args, CustomResourceOptions? opts = null)
public AppRule(String name, AppRuleArgs args)
public AppRule(String name, AppRuleArgs args, CustomResourceOptions options)
type: onelogin:AppRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AppRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AppRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AppRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AppRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AppRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AppRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AppRule resource accepts the following input properties:
- App
Id string The id of the App resource to which the rule should belong.
- Match string
Indicates how conditions should be matched. Must be one of
allorany.- Actions
List<App
Rule Action Args> An array of actions that will be applied to the users that are matched by the conditions.
- Conditions
List<App
Rule Condition Args> An array of conditions that the user must meet in order for the rule to be applied.
- Enabled bool
Indicate if the rule should go into effect.
- Name string
The Rule's name
- Position int
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- App
Id string The id of the App resource to which the rule should belong.
- Match string
Indicates how conditions should be matched. Must be one of
allorany.- Actions
[]App
Rule Action Args An array of actions that will be applied to the users that are matched by the conditions.
- Conditions
[]App
Rule Condition Args An array of conditions that the user must meet in order for the rule to be applied.
- Enabled bool
Indicate if the rule should go into effect.
- Name string
The Rule's name
- Position int
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- app
Id String The id of the App resource to which the rule should belong.
- match String
Indicates how conditions should be matched. Must be one of
allorany.- actions
List<App
Rule Action Args> An array of actions that will be applied to the users that are matched by the conditions.
- conditions
List<App
Rule Condition Args> An array of conditions that the user must meet in order for the rule to be applied.
- enabled Boolean
Indicate if the rule should go into effect.
- name String
The Rule's name
- position Integer
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- app
Id string The id of the App resource to which the rule should belong.
- match string
Indicates how conditions should be matched. Must be one of
allorany.- actions
App
Rule Action Args[] An array of actions that will be applied to the users that are matched by the conditions.
- conditions
App
Rule Condition Args[] An array of conditions that the user must meet in order for the rule to be applied.
- enabled boolean
Indicate if the rule should go into effect.
- name string
The Rule's name
- position number
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- app_
id str The id of the App resource to which the rule should belong.
- match str
Indicates how conditions should be matched. Must be one of
allorany.- actions
Sequence[App
Rule Action Args] An array of actions that will be applied to the users that are matched by the conditions.
- conditions
Sequence[App
Rule Condition Args] An array of conditions that the user must meet in order for the rule to be applied.
- enabled bool
Indicate if the rule should go into effect.
- name str
The Rule's name
- position int
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- app
Id String The id of the App resource to which the rule should belong.
- match String
Indicates how conditions should be matched. Must be one of
allorany.- actions List<Property Map>
An array of actions that will be applied to the users that are matched by the conditions.
- conditions List<Property Map>
An array of conditions that the user must meet in order for the rule to be applied.
- enabled Boolean
Indicate if the rule should go into effect.
- name String
The Rule's name
- position Number
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
Outputs
All input properties are implicitly available as output properties. Additionally, the AppRule resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing AppRule Resource
Get an existing AppRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AppRuleState, opts?: CustomResourceOptions): AppRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
actions: Optional[Sequence[AppRuleActionArgs]] = None,
app_id: Optional[str] = None,
conditions: Optional[Sequence[AppRuleConditionArgs]] = None,
enabled: Optional[bool] = None,
match: Optional[str] = None,
name: Optional[str] = None,
position: Optional[int] = None) -> AppRulefunc GetAppRule(ctx *Context, name string, id IDInput, state *AppRuleState, opts ...ResourceOption) (*AppRule, error)public static AppRule Get(string name, Input<string> id, AppRuleState? state, CustomResourceOptions? opts = null)public static AppRule get(String name, Output<String> id, AppRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Actions
List<App
Rule Action Args> An array of actions that will be applied to the users that are matched by the conditions.
- App
Id string The id of the App resource to which the rule should belong.
- Conditions
List<App
Rule Condition Args> An array of conditions that the user must meet in order for the rule to be applied.
- Enabled bool
Indicate if the rule should go into effect.
- Match string
Indicates how conditions should be matched. Must be one of
allorany.- Name string
The Rule's name
- Position int
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- Actions
[]App
Rule Action Args An array of actions that will be applied to the users that are matched by the conditions.
- App
Id string The id of the App resource to which the rule should belong.
- Conditions
[]App
Rule Condition Args An array of conditions that the user must meet in order for the rule to be applied.
- Enabled bool
Indicate if the rule should go into effect.
- Match string
Indicates how conditions should be matched. Must be one of
allorany.- Name string
The Rule's name
- Position int
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- actions
List<App
Rule Action Args> An array of actions that will be applied to the users that are matched by the conditions.
- app
Id String The id of the App resource to which the rule should belong.
- conditions
List<App
Rule Condition Args> An array of conditions that the user must meet in order for the rule to be applied.
- enabled Boolean
Indicate if the rule should go into effect.
- match String
Indicates how conditions should be matched. Must be one of
allorany.- name String
The Rule's name
- position Integer
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- actions
App
Rule Action Args[] An array of actions that will be applied to the users that are matched by the conditions.
- app
Id string The id of the App resource to which the rule should belong.
- conditions
App
Rule Condition Args[] An array of conditions that the user must meet in order for the rule to be applied.
- enabled boolean
Indicate if the rule should go into effect.
- match string
Indicates how conditions should be matched. Must be one of
allorany.- name string
The Rule's name
- position number
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- actions
Sequence[App
Rule Action Args] An array of actions that will be applied to the users that are matched by the conditions.
- app_
id str The id of the App resource to which the rule should belong.
- conditions
Sequence[App
Rule Condition Args] An array of conditions that the user must meet in order for the rule to be applied.
- enabled bool
Indicate if the rule should go into effect.
- match str
Indicates how conditions should be matched. Must be one of
allorany.- name str
The Rule's name
- position int
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
- actions List<Property Map>
An array of actions that will be applied to the users that are matched by the conditions.
- app
Id String The id of the App resource to which the rule should belong.
- conditions List<Property Map>
An array of conditions that the user must meet in order for the rule to be applied.
- enabled Boolean
Indicate if the rule should go into effect.
- match String
Indicates how conditions should be matched. Must be one of
allorany.- name String
The Rule's name
- position Number
Indicates the ordering of the rule. When not supplied the rule will be put at the end of the list on create and managed by the provider. '0' can be supplied to consistently push this rule to the end of the list on every update.
Supporting Types
AppRuleAction
- Action string
The action to apply. See List Actions for possible values. Note: The action
set_role_from_existingmay also be used, however doing so will always clear theexpressionfield as it is not accepted when mapping a rule from existing roles.- Values List<string>
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- Expression string
A regular expression to extract a value. Applies to provisionable, multi-selects, and string actions.
- Action string
The action to apply. See List Actions for possible values. Note: The action
set_role_from_existingmay also be used, however doing so will always clear theexpressionfield as it is not accepted when mapping a rule from existing roles.- Values []string
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- Expression string
A regular expression to extract a value. Applies to provisionable, multi-selects, and string actions.
- action String
The action to apply. See List Actions for possible values. Note: The action
set_role_from_existingmay also be used, however doing so will always clear theexpressionfield as it is not accepted when mapping a rule from existing roles.- values List<String>
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- expression String
A regular expression to extract a value. Applies to provisionable, multi-selects, and string actions.
- action string
The action to apply. See List Actions for possible values. Note: The action
set_role_from_existingmay also be used, however doing so will always clear theexpressionfield as it is not accepted when mapping a rule from existing roles.- values string[]
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- expression string
A regular expression to extract a value. Applies to provisionable, multi-selects, and string actions.
- action str
The action to apply. See List Actions for possible values. Note: The action
set_role_from_existingmay also be used, however doing so will always clear theexpressionfield as it is not accepted when mapping a rule from existing roles.- values Sequence[str]
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- expression str
A regular expression to extract a value. Applies to provisionable, multi-selects, and string actions.
- action String
The action to apply. See List Actions for possible values. Note: The action
set_role_from_existingmay also be used, however doing so will always clear theexpressionfield as it is not accepted when mapping a rule from existing roles.- values List<String>
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- expression String
A regular expression to extract a value. Applies to provisionable, multi-selects, and string actions.
AppRuleCondition
- Operator string
A valid operator for the selected condition source. See List Condition Operators for possible values.
- Source string
The source field to check. See List Conditions for possible values.
- Value string
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- Operator string
A valid operator for the selected condition source. See List Condition Operators for possible values.
- Source string
The source field to check. See List Conditions for possible values.
- Value string
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- operator String
A valid operator for the selected condition source. See List Condition Operators for possible values.
- source String
The source field to check. See List Conditions for possible values.
- value String
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- operator string
A valid operator for the selected condition source. See List Condition Operators for possible values.
- source string
The source field to check. See List Conditions for possible values.
- value string
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- operator str
A valid operator for the selected condition source. See List Condition Operators for possible values.
- source str
The source field to check. See List Conditions for possible values.
- value str
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
- operator String
A valid operator for the selected condition source. See List Condition Operators for possible values.
- source String
The source field to check. See List Conditions for possible values.
- value String
An array of strings. Only applicable to provisioned and set_* actions. Items in the array will be a plain text string or valid value for the selected action. See List Action Values for possible values. In most cases only a single item will be accepted in the array.
Import
An App Rule cannot be imported at this time.
Package Details
- Repository
- https://github.com/pulumi/pulumi-onelogin
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
oneloginTerraform Provider.