Docs Home
HashiCorp Vault v6.6.0 published on Thursday, Mar 13, 2025 by Pulumi
vault.identity.MfaLoginEnforcement
Explore with Pulumi AI
Resource for configuring MFA login-enforcement
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const example = new vault.identity.MfaDuo("example", {
secretKey: "secret-key",
integrationKey: "int-key",
apiHostname: "foo.baz",
pushInfo: "push-info",
});
const exampleMfaLoginEnforcement = new vault.identity.MfaLoginEnforcement("example", {
name: "default",
mfaMethodIds: [example.methodId],
});
import pulumi
import pulumi_vault as vault
example = vault.identity.MfaDuo("example",
secret_key="secret-key",
integration_key="int-key",
api_hostname="foo.baz",
push_info="push-info")
example_mfa_login_enforcement = vault.identity.MfaLoginEnforcement("example",
name="default",
mfa_method_ids=[example.method_id])
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := identity.NewMfaDuo(ctx, "example", &identity.MfaDuoArgs{
SecretKey: pulumi.String("secret-key"),
IntegrationKey: pulumi.String("int-key"),
ApiHostname: pulumi.String("foo.baz"),
PushInfo: pulumi.String("push-info"),
})
if err != nil {
return err
}
_, err = identity.NewMfaLoginEnforcement(ctx, "example", &identity.MfaLoginEnforcementArgs{
Name: pulumi.String("default"),
MfaMethodIds: pulumi.StringArray{
example.MethodId,
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var example = new Vault.Identity.MfaDuo("example", new()
{
SecretKey = "secret-key",
IntegrationKey = "int-key",
ApiHostname = "foo.baz",
PushInfo = "push-info",
});
var exampleMfaLoginEnforcement = new Vault.Identity.MfaLoginEnforcement("example", new()
{
Name = "default",
MfaMethodIds = new[]
{
example.MethodId,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.identity.MfaDuo;
import com.pulumi.vault.identity.MfaDuoArgs;
import com.pulumi.vault.identity.MfaLoginEnforcement;
import com.pulumi.vault.identity.MfaLoginEnforcementArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new MfaDuo("example", MfaDuoArgs.builder()
.secretKey("secret-key")
.integrationKey("int-key")
.apiHostname("foo.baz")
.pushInfo("push-info")
.build());
var exampleMfaLoginEnforcement = new MfaLoginEnforcement("exampleMfaLoginEnforcement", MfaLoginEnforcementArgs.builder()
.name("default")
.mfaMethodIds(example.methodId())
.build());
}
}
resources:
example:
type: vault:identity:MfaDuo
properties:
secretKey: secret-key
integrationKey: int-key
apiHostname: foo.baz
pushInfo: push-info
exampleMfaLoginEnforcement:
type: vault:identity:MfaLoginEnforcement
name: example
properties:
name: default
mfaMethodIds:
- ${example.methodId}
Create MfaLoginEnforcement Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MfaLoginEnforcement(name: string, args: MfaLoginEnforcementArgs, opts?: CustomResourceOptions);@overload
def MfaLoginEnforcement(resource_name: str,
args: MfaLoginEnforcementArgs,
opts: Optional[ResourceOptions] = None)
@overload
def MfaLoginEnforcement(resource_name: str,
opts: Optional[ResourceOptions] = None,
mfa_method_ids: Optional[Sequence[str]] = None,
auth_method_accessors: Optional[Sequence[str]] = None,
auth_method_types: Optional[Sequence[str]] = None,
identity_entity_ids: Optional[Sequence[str]] = None,
identity_group_ids: Optional[Sequence[str]] = None,
name: Optional[str] = None,
namespace: Optional[str] = None)func NewMfaLoginEnforcement(ctx *Context, name string, args MfaLoginEnforcementArgs, opts ...ResourceOption) (*MfaLoginEnforcement, error)public MfaLoginEnforcement(string name, MfaLoginEnforcementArgs args, CustomResourceOptions? opts = null)
public MfaLoginEnforcement(String name, MfaLoginEnforcementArgs args)
public MfaLoginEnforcement(String name, MfaLoginEnforcementArgs args, CustomResourceOptions options)
type: vault:identity:MfaLoginEnforcement
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args MfaLoginEnforcementArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args MfaLoginEnforcementArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args MfaLoginEnforcementArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args MfaLoginEnforcementArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args MfaLoginEnforcementArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var mfaLoginEnforcementResource = new Vault.Identity.MfaLoginEnforcement("mfaLoginEnforcementResource", new()
{
MfaMethodIds = new[]
{
"string",
},
AuthMethodAccessors = new[]
{
"string",
},
AuthMethodTypes = new[]
{
"string",
},
IdentityEntityIds = new[]
{
"string",
},
IdentityGroupIds = new[]
{
"string",
},
Name = "string",
Namespace = "string",
});
example, err := identity.NewMfaLoginEnforcement(ctx, "mfaLoginEnforcementResource", &identity.MfaLoginEnforcementArgs{
MfaMethodIds: pulumi.StringArray{
pulumi.String("string"),
},
AuthMethodAccessors: pulumi.StringArray{
pulumi.String("string"),
},
AuthMethodTypes: pulumi.StringArray{
pulumi.String("string"),
},
IdentityEntityIds: pulumi.StringArray{
pulumi.String("string"),
},
IdentityGroupIds: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
Namespace: pulumi.String("string"),
})
var mfaLoginEnforcementResource = new MfaLoginEnforcement("mfaLoginEnforcementResource", MfaLoginEnforcementArgs.builder()
.mfaMethodIds("string")
.authMethodAccessors("string")
.authMethodTypes("string")
.identityEntityIds("string")
.identityGroupIds("string")
.name("string")
.namespace("string")
.build());
mfa_login_enforcement_resource = vault.identity.MfaLoginEnforcement("mfaLoginEnforcementResource",
mfa_method_ids=["string"],
auth_method_accessors=["string"],
auth_method_types=["string"],
identity_entity_ids=["string"],
identity_group_ids=["string"],
name="string",
namespace="string")
const mfaLoginEnforcementResource = new vault.identity.MfaLoginEnforcement("mfaLoginEnforcementResource", {
mfaMethodIds: ["string"],
authMethodAccessors: ["string"],
authMethodTypes: ["string"],
identityEntityIds: ["string"],
identityGroupIds: ["string"],
name: "string",
namespace: "string",
});
type: vault:identity:MfaLoginEnforcement
properties:
authMethodAccessors:
- string
authMethodTypes:
- string
identityEntityIds:
- string
identityGroupIds:
- string
mfaMethodIds:
- string
name: string
namespace: string
MfaLoginEnforcement Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The MfaLoginEnforcement resource accepts the following input properties:
- Mfa
Method List<string>Ids - Set of MFA method UUIDs.
- Auth
Method List<string>Accessors - Set of auth method accessor IDs.
- Auth
Method List<string>Types - Set of auth method types.
- Identity
Entity List<string>Ids - Set of identity entity IDs.
- Identity
Group List<string>Ids - Set of identity group IDs.
- Name string
- Login enforcement name.
- Namespace string
- Target namespace. (requires Enterprise)
- Mfa
Method []stringIds - Set of MFA method UUIDs.
- Auth
Method []stringAccessors - Set of auth method accessor IDs.
- Auth
Method []stringTypes - Set of auth method types.
- Identity
Entity []stringIds - Set of identity entity IDs.
- Identity
Group []stringIds - Set of identity group IDs.
- Name string
- Login enforcement name.
- Namespace string
- Target namespace. (requires Enterprise)
- mfa
Method List<String>Ids - Set of MFA method UUIDs.
- auth
Method List<String>Accessors - Set of auth method accessor IDs.
- auth
Method List<String>Types - Set of auth method types.
- identity
Entity List<String>Ids - Set of identity entity IDs.
- identity
Group List<String>Ids - Set of identity group IDs.
- name String
- Login enforcement name.
- namespace String
- Target namespace. (requires Enterprise)
- mfa
Method string[]Ids - Set of MFA method UUIDs.
- auth
Method string[]Accessors - Set of auth method accessor IDs.
- auth
Method string[]Types - Set of auth method types.
- identity
Entity string[]Ids - Set of identity entity IDs.
- identity
Group string[]Ids - Set of identity group IDs.
- name string
- Login enforcement name.
- namespace string
- Target namespace. (requires Enterprise)
- mfa_
method_ Sequence[str]ids - Set of MFA method UUIDs.
- auth_
method_ Sequence[str]accessors - Set of auth method accessor IDs.
- auth_
method_ Sequence[str]types - Set of auth method types.
- identity_
entity_ Sequence[str]ids - Set of identity entity IDs.
- identity_
group_ Sequence[str]ids - Set of identity group IDs.
- name str
- Login enforcement name.
- namespace str
- Target namespace. (requires Enterprise)
- mfa
Method List<String>Ids - Set of MFA method UUIDs.
- auth
Method List<String>Accessors - Set of auth method accessor IDs.
- auth
Method List<String>Types - Set of auth method types.
- identity
Entity List<String>Ids - Set of identity entity IDs.
- identity
Group List<String>Ids - Set of identity group IDs.
- name String
- Login enforcement name.
- namespace String
- Target namespace. (requires Enterprise)
Outputs
All input properties are implicitly available as output properties. Additionally, the MfaLoginEnforcement resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Namespace
Id string - Method's namespace ID.
- Namespace
Path string - Method's namespace path.
- Uuid string
- Resource UUID.
- Id string
- The provider-assigned unique ID for this managed resource.
- Namespace
Id string - Method's namespace ID.
- Namespace
Path string - Method's namespace path.
- Uuid string
- Resource UUID.
- id String
- The provider-assigned unique ID for this managed resource.
- namespace
Id String - Method's namespace ID.
- namespace
Path String - Method's namespace path.
- uuid String
- Resource UUID.
- id string
- The provider-assigned unique ID for this managed resource.
- namespace
Id string - Method's namespace ID.
- namespace
Path string - Method's namespace path.
- uuid string
- Resource UUID.
- id str
- The provider-assigned unique ID for this managed resource.
- namespace_
id str - Method's namespace ID.
- namespace_
path str - Method's namespace path.
- uuid str
- Resource UUID.
- id String
- The provider-assigned unique ID for this managed resource.
- namespace
Id String - Method's namespace ID.
- namespace
Path String - Method's namespace path.
- uuid String
- Resource UUID.
Look up Existing MfaLoginEnforcement Resource
Get an existing MfaLoginEnforcement resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: MfaLoginEnforcementState, opts?: CustomResourceOptions): MfaLoginEnforcement@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auth_method_accessors: Optional[Sequence[str]] = None,
auth_method_types: Optional[Sequence[str]] = None,
identity_entity_ids: Optional[Sequence[str]] = None,
identity_group_ids: Optional[Sequence[str]] = None,
mfa_method_ids: Optional[Sequence[str]] = None,
name: Optional[str] = None,
namespace: Optional[str] = None,
namespace_id: Optional[str] = None,
namespace_path: Optional[str] = None,
uuid: Optional[str] = None) -> MfaLoginEnforcementfunc GetMfaLoginEnforcement(ctx *Context, name string, id IDInput, state *MfaLoginEnforcementState, opts ...ResourceOption) (*MfaLoginEnforcement, error)public static MfaLoginEnforcement Get(string name, Input<string> id, MfaLoginEnforcementState? state, CustomResourceOptions? opts = null)public static MfaLoginEnforcement get(String name, Output<String> id, MfaLoginEnforcementState state, CustomResourceOptions options)resources: _: type: vault:identity:MfaLoginEnforcement get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auth
Method List<string>Accessors - Set of auth method accessor IDs.
- Auth
Method List<string>Types - Set of auth method types.
- Identity
Entity List<string>Ids - Set of identity entity IDs.
- Identity
Group List<string>Ids - Set of identity group IDs.
- Mfa
Method List<string>Ids - Set of MFA method UUIDs.
- Name string
- Login enforcement name.
- Namespace string
- Target namespace. (requires Enterprise)
- Namespace
Id string - Method's namespace ID.
- Namespace
Path string - Method's namespace path.
- Uuid string
- Resource UUID.
- Auth
Method []stringAccessors - Set of auth method accessor IDs.
- Auth
Method []stringTypes - Set of auth method types.
- Identity
Entity []stringIds - Set of identity entity IDs.
- Identity
Group []stringIds - Set of identity group IDs.
- Mfa
Method []stringIds - Set of MFA method UUIDs.
- Name string
- Login enforcement name.
- Namespace string
- Target namespace. (requires Enterprise)
- Namespace
Id string - Method's namespace ID.
- Namespace
Path string - Method's namespace path.
- Uuid string
- Resource UUID.
- auth
Method List<String>Accessors - Set of auth method accessor IDs.
- auth
Method List<String>Types - Set of auth method types.
- identity
Entity List<String>Ids - Set of identity entity IDs.
- identity
Group List<String>Ids - Set of identity group IDs.
- mfa
Method List<String>Ids - Set of MFA method UUIDs.
- name String
- Login enforcement name.
- namespace String
- Target namespace. (requires Enterprise)
- namespace
Id String - Method's namespace ID.
- namespace
Path String - Method's namespace path.
- uuid String
- Resource UUID.
- auth
Method string[]Accessors - Set of auth method accessor IDs.
- auth
Method string[]Types - Set of auth method types.
- identity
Entity string[]Ids - Set of identity entity IDs.
- identity
Group string[]Ids - Set of identity group IDs.
- mfa
Method string[]Ids - Set of MFA method UUIDs.
- name string
- Login enforcement name.
- namespace string
- Target namespace. (requires Enterprise)
- namespace
Id string - Method's namespace ID.
- namespace
Path string - Method's namespace path.
- uuid string
- Resource UUID.
- auth_
method_ Sequence[str]accessors - Set of auth method accessor IDs.
- auth_
method_ Sequence[str]types - Set of auth method types.
- identity_
entity_ Sequence[str]ids - Set of identity entity IDs.
- identity_
group_ Sequence[str]ids - Set of identity group IDs.
- mfa_
method_ Sequence[str]ids - Set of MFA method UUIDs.
- name str
- Login enforcement name.
- namespace str
- Target namespace. (requires Enterprise)
- namespace_
id str - Method's namespace ID.
- namespace_
path str - Method's namespace path.
- uuid str
- Resource UUID.
- auth
Method List<String>Accessors - Set of auth method accessor IDs.
- auth
Method List<String>Types - Set of auth method types.
- identity
Entity List<String>Ids - Set of identity entity IDs.
- identity
Group List<String>Ids - Set of identity group IDs.
- mfa
Method List<String>Ids - Set of MFA method UUIDs.
- name String
- Login enforcement name.
- namespace String
- Target namespace. (requires Enterprise)
- namespace
Id String - Method's namespace ID.
- namespace
Path String - Method's namespace path.
- uuid String
- Resource UUID.
Import
Resource can be imported using its name field, e.g.
$ pulumi import vault:identity/mfaLoginEnforcement:MfaLoginEnforcement example default
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Vault pulumi/pulumi-vault
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
vaultTerraform Provider.