1. Packages
  2. Okta Provider
  3. API Docs
  4. AdminRoleCustom
Okta v4.11.3 published on Monday, Oct 21, 2024 by Pulumi

okta.AdminRoleCustom

Explore with Pulumi AI

okta logo
Okta v4.11.3 published on Monday, Oct 21, 2024 by Pulumi

    Resource to manage administrative Role assignments for a User

    These operations allow the creation and manipulation of custom roles as custom collections of permissions.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as okta from "@pulumi/okta";
    
    const example = new okta.AdminRoleCustom("example", {
        label: "AppAssignmentManager",
        description: "This role allows app assignment management",
        permissions: ["okta.apps.assignment.manage"],
    });
    
    import pulumi
    import pulumi_okta as okta
    
    example = okta.AdminRoleCustom("example",
        label="AppAssignmentManager",
        description="This role allows app assignment management",
        permissions=["okta.apps.assignment.manage"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-okta/sdk/v4/go/okta"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := okta.NewAdminRoleCustom(ctx, "example", &okta.AdminRoleCustomArgs{
    			Label:       pulumi.String("AppAssignmentManager"),
    			Description: pulumi.String("This role allows app assignment management"),
    			Permissions: pulumi.StringArray{
    				pulumi.String("okta.apps.assignment.manage"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Okta = Pulumi.Okta;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Okta.AdminRoleCustom("example", new()
        {
            Label = "AppAssignmentManager",
            Description = "This role allows app assignment management",
            Permissions = new[]
            {
                "okta.apps.assignment.manage",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.okta.AdminRoleCustom;
    import com.pulumi.okta.AdminRoleCustomArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new AdminRoleCustom("example", AdminRoleCustomArgs.builder()
                .label("AppAssignmentManager")
                .description("This role allows app assignment management")
                .permissions("okta.apps.assignment.manage")
                .build());
    
        }
    }
    
    resources:
      example:
        type: okta:AdminRoleCustom
        properties:
          label: AppAssignmentManager
          description: This role allows app assignment management
          permissions:
            - okta.apps.assignment.manage
    

    Create AdminRoleCustom Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AdminRoleCustom(name: string, args: AdminRoleCustomArgs, opts?: CustomResourceOptions);
    @overload
    def AdminRoleCustom(resource_name: str,
                        args: AdminRoleCustomArgs,
                        opts: Optional[ResourceOptions] = None)
    
    @overload
    def AdminRoleCustom(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        description: Optional[str] = None,
                        label: Optional[str] = None,
                        permissions: Optional[Sequence[str]] = None)
    func NewAdminRoleCustom(ctx *Context, name string, args AdminRoleCustomArgs, opts ...ResourceOption) (*AdminRoleCustom, error)
    public AdminRoleCustom(string name, AdminRoleCustomArgs args, CustomResourceOptions? opts = null)
    public AdminRoleCustom(String name, AdminRoleCustomArgs args)
    public AdminRoleCustom(String name, AdminRoleCustomArgs args, CustomResourceOptions options)
    
    type: okta:AdminRoleCustom
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AdminRoleCustomArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AdminRoleCustomArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AdminRoleCustomArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AdminRoleCustomArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AdminRoleCustomArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var adminRoleCustomResource = new Okta.AdminRoleCustom("adminRoleCustomResource", new()
    {
        Description = "string",
        Label = "string",
        Permissions = new[]
        {
            "string",
        },
    });
    
    example, err := okta.NewAdminRoleCustom(ctx, "adminRoleCustomResource", &okta.AdminRoleCustomArgs{
    	Description: pulumi.String("string"),
    	Label:       pulumi.String("string"),
    	Permissions: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    })
    
    var adminRoleCustomResource = new AdminRoleCustom("adminRoleCustomResource", AdminRoleCustomArgs.builder()
        .description("string")
        .label("string")
        .permissions("string")
        .build());
    
    admin_role_custom_resource = okta.AdminRoleCustom("adminRoleCustomResource",
        description="string",
        label="string",
        permissions=["string"])
    
    const adminRoleCustomResource = new okta.AdminRoleCustom("adminRoleCustomResource", {
        description: "string",
        label: "string",
        permissions: ["string"],
    });
    
    type: okta:AdminRoleCustom
    properties:
        description: string
        label: string
        permissions:
            - string
    

    AdminRoleCustom Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The AdminRoleCustom resource accepts the following input properties:

    Description string
    A human-readable description of the new Role
    Label string
    The name given to the new Role
    Permissions List<string>
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    Description string
    A human-readable description of the new Role
    Label string
    The name given to the new Role
    Permissions []string
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description String
    A human-readable description of the new Role
    label String
    The name given to the new Role
    permissions List<String>
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description string
    A human-readable description of the new Role
    label string
    The name given to the new Role
    permissions string[]
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description str
    A human-readable description of the new Role
    label str
    The name given to the new Role
    permissions Sequence[str]
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description String
    A human-readable description of the new Role
    label String
    The name given to the new Role
    permissions List<String>
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AdminRoleCustom resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing AdminRoleCustom Resource

    Get an existing AdminRoleCustom resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AdminRoleCustomState, opts?: CustomResourceOptions): AdminRoleCustom
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            description: Optional[str] = None,
            label: Optional[str] = None,
            permissions: Optional[Sequence[str]] = None) -> AdminRoleCustom
    func GetAdminRoleCustom(ctx *Context, name string, id IDInput, state *AdminRoleCustomState, opts ...ResourceOption) (*AdminRoleCustom, error)
    public static AdminRoleCustom Get(string name, Input<string> id, AdminRoleCustomState? state, CustomResourceOptions? opts = null)
    public static AdminRoleCustom get(String name, Output<String> id, AdminRoleCustomState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Description string
    A human-readable description of the new Role
    Label string
    The name given to the new Role
    Permissions List<string>
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    Description string
    A human-readable description of the new Role
    Label string
    The name given to the new Role
    Permissions []string
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description String
    A human-readable description of the new Role
    label String
    The name given to the new Role
    permissions List<String>
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description string
    A human-readable description of the new Role
    label string
    The name given to the new Role
    permissions string[]
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description str
    A human-readable description of the new Role
    label str
    The name given to the new Role
    permissions Sequence[str]
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,
    description String
    A human-readable description of the new Role
    label String
    The name given to the new Role
    permissions List<String>
    The permissions that the new Role grants. At least one permission must be specified when creating custom role. Valid values: "okta.authzServers.manage", "okta.authzServers.read", "okta.apps.assignment.manage", "okta.apps.manage", "okta.apps.read", "okta.customizations.manage", "okta.customizations.read", "okta.groups.appAssignment.manage", "okta.groups.create", "okta.groups.manage", "okta.groups.members.manage", "okta.groups.read", "okta.profilesources.import.run", "okta.users.appAssignment.manage", "okta.users.create", "okta.users.credentials.expirePassword", "okta.users.credentials.manage", "okta.users.credentials.resetFactors", "okta.users.credentials.resetPassword", "okta.users.groupMembership.manage", "okta.users.lifecycle.activate", "okta.users.lifecycle.clearSessions", "okta.users.lifecycle.deactivate", "okta.users.lifecycle.delete", "okta.users.lifecycle.manage", "okta.users.lifecycle.suspend", "okta.users.lifecycle.unlock", "okta.users.lifecycle.unsuspend", "okta.users.manage", "okta.users.read", "okta.users.userprofile.manage", "okta.workflows.invoke".,

    Import

    $ pulumi import okta:index/adminRoleCustom:AdminRoleCustom example <custom_role_id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Okta pulumi/pulumi-okta
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the okta Terraform Provider.
    okta logo
    Okta v4.11.3 published on Monday, Oct 21, 2024 by Pulumi