okta.PolicyRuleProfileEnrollment
Explore with Pulumi AI
Creates a Profile Enrollment Policy Rule.
WARNING: This feature is only available as a part of the Identity Engine. Contact support for further information. A profile enrollment policy is limited to one default rule. This resource does not create a rule for an enrollment policy, it allows the default policy rule to be updated.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const example = new okta.PolicyProfileEnrollment("example", {name: "My Enrollment Policy"});
const exampleHook = new okta.inline.Hook("example", {
name: "My Inline Hook",
status: "ACTIVE",
type: "com.okta.user.pre-registration",
version: "1.0.3",
channel: {
type: "HTTP",
version: "1.0.0",
uri: "https://example.com/test2",
method: "POST",
},
});
const exampleGroup = new okta.group.Group("example", {
name: "My Group",
description: "Group of some users",
});
const examplePolicyRuleProfileEnrollment = new okta.PolicyRuleProfileEnrollment("example", {
policyId: example.id,
inlineHookId: exampleHook.id,
targetGroupId: exampleGroup.id,
unknownUserAction: "REGISTER",
emailVerification: true,
access: "ALLOW",
profileAttributes: [
{
name: "email",
label: "Email",
required: true,
},
{
name: "name",
label: "Name",
required: true,
},
{
name: "t-shirt",
label: "T-Shirt Size",
required: false,
},
],
});
import pulumi
import pulumi_okta as okta
example = okta.PolicyProfileEnrollment("example", name="My Enrollment Policy")
example_hook = okta.inline.Hook("example",
name="My Inline Hook",
status="ACTIVE",
type="com.okta.user.pre-registration",
version="1.0.3",
channel={
"type": "HTTP",
"version": "1.0.0",
"uri": "https://example.com/test2",
"method": "POST",
})
example_group = okta.group.Group("example",
name="My Group",
description="Group of some users")
example_policy_rule_profile_enrollment = okta.PolicyRuleProfileEnrollment("example",
policy_id=example.id,
inline_hook_id=example_hook.id,
target_group_id=example_group.id,
unknown_user_action="REGISTER",
email_verification=True,
access="ALLOW",
profile_attributes=[
{
"name": "email",
"label": "Email",
"required": True,
},
{
"name": "name",
"label": "Name",
"required": True,
},
{
"name": "t-shirt",
"label": "T-Shirt Size",
"required": False,
},
])
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta"
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/group"
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/inline"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := okta.NewPolicyProfileEnrollment(ctx, "example", &okta.PolicyProfileEnrollmentArgs{
Name: pulumi.String("My Enrollment Policy"),
})
if err != nil {
return err
}
exampleHook, err := inline.NewHook(ctx, "example", &inline.HookArgs{
Name: pulumi.String("My Inline Hook"),
Status: pulumi.String("ACTIVE"),
Type: pulumi.String("com.okta.user.pre-registration"),
Version: pulumi.String("1.0.3"),
Channel: pulumi.StringMap{
"type": pulumi.String("HTTP"),
"version": pulumi.String("1.0.0"),
"uri": pulumi.String("https://example.com/test2"),
"method": pulumi.String("POST"),
},
})
if err != nil {
return err
}
exampleGroup, err := group.NewGroup(ctx, "example", &group.GroupArgs{
Name: pulumi.String("My Group"),
Description: pulumi.String("Group of some users"),
})
if err != nil {
return err
}
_, err = okta.NewPolicyRuleProfileEnrollment(ctx, "example", &okta.PolicyRuleProfileEnrollmentArgs{
PolicyId: example.ID(),
InlineHookId: exampleHook.ID(),
TargetGroupId: exampleGroup.ID(),
UnknownUserAction: pulumi.String("REGISTER"),
EmailVerification: pulumi.Bool(true),
Access: pulumi.String("ALLOW"),
ProfileAttributes: okta.PolicyRuleProfileEnrollmentProfileAttributeArray{
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Name: pulumi.String("email"),
Label: pulumi.String("Email"),
Required: pulumi.Bool(true),
},
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Name: pulumi.String("name"),
Label: pulumi.String("Name"),
Required: pulumi.Bool(true),
},
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Name: pulumi.String("t-shirt"),
Label: pulumi.String("T-Shirt Size"),
Required: pulumi.Bool(false),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var example = new Okta.PolicyProfileEnrollment("example", new()
{
Name = "My Enrollment Policy",
});
var exampleHook = new Okta.Inline.Hook("example", new()
{
Name = "My Inline Hook",
Status = "ACTIVE",
Type = "com.okta.user.pre-registration",
Version = "1.0.3",
Channel =
{
{ "type", "HTTP" },
{ "version", "1.0.0" },
{ "uri", "https://example.com/test2" },
{ "method", "POST" },
},
});
var exampleGroup = new Okta.Group.Group("example", new()
{
Name = "My Group",
Description = "Group of some users",
});
var examplePolicyRuleProfileEnrollment = new Okta.PolicyRuleProfileEnrollment("example", new()
{
PolicyId = example.Id,
InlineHookId = exampleHook.Id,
TargetGroupId = exampleGroup.Id,
UnknownUserAction = "REGISTER",
EmailVerification = true,
Access = "ALLOW",
ProfileAttributes = new[]
{
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Name = "email",
Label = "Email",
Required = true,
},
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Name = "name",
Label = "Name",
Required = true,
},
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Name = "t-shirt",
Label = "T-Shirt Size",
Required = false,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.PolicyProfileEnrollment;
import com.pulumi.okta.PolicyProfileEnrollmentArgs;
import com.pulumi.okta.inline.Hook;
import com.pulumi.okta.inline.HookArgs;
import com.pulumi.okta.group.Group;
import com.pulumi.okta.group.GroupArgs;
import com.pulumi.okta.PolicyRuleProfileEnrollment;
import com.pulumi.okta.PolicyRuleProfileEnrollmentArgs;
import com.pulumi.okta.inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new PolicyProfileEnrollment("example", PolicyProfileEnrollmentArgs.builder()
.name("My Enrollment Policy")
.build());
var exampleHook = new Hook("exampleHook", HookArgs.builder()
.name("My Inline Hook")
.status("ACTIVE")
.type("com.okta.user.pre-registration")
.version("1.0.3")
.channel(Map.ofEntries(
Map.entry("type", "HTTP"),
Map.entry("version", "1.0.0"),
Map.entry("uri", "https://example.com/test2"),
Map.entry("method", "POST")
))
.build());
var exampleGroup = new Group("exampleGroup", GroupArgs.builder()
.name("My Group")
.description("Group of some users")
.build());
var examplePolicyRuleProfileEnrollment = new PolicyRuleProfileEnrollment("examplePolicyRuleProfileEnrollment", PolicyRuleProfileEnrollmentArgs.builder()
.policyId(example.id())
.inlineHookId(exampleHook.id())
.targetGroupId(exampleGroup.id())
.unknownUserAction("REGISTER")
.emailVerification(true)
.access("ALLOW")
.profileAttributes(
PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.name("email")
.label("Email")
.required(true)
.build(),
PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.name("name")
.label("Name")
.required(true)
.build(),
PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.name("t-shirt")
.label("T-Shirt Size")
.required(false)
.build())
.build());
}
}
resources:
example:
type: okta:PolicyProfileEnrollment
properties:
name: My Enrollment Policy
exampleHook:
type: okta:inline:Hook
name: example
properties:
name: My Inline Hook
status: ACTIVE
type: com.okta.user.pre-registration
version: 1.0.3
channel:
type: HTTP
version: 1.0.0
uri: https://example.com/test2
method: POST
exampleGroup:
type: okta:group:Group
name: example
properties:
name: My Group
description: Group of some users
examplePolicyRuleProfileEnrollment:
type: okta:PolicyRuleProfileEnrollment
name: example
properties:
policyId: ${example.id}
inlineHookId: ${exampleHook.id}
targetGroupId: ${exampleGroup.id}
unknownUserAction: REGISTER
emailVerification: true
access: ALLOW
profileAttributes:
- name: email
label: Email
required: true
- name: name
label: Name
required: true
- name: t-shirt
label: T-Shirt Size
required: false
Create PolicyRuleProfileEnrollment Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyRuleProfileEnrollment(name: string, args: PolicyRuleProfileEnrollmentArgs, opts?: CustomResourceOptions);
@overload
def PolicyRuleProfileEnrollment(resource_name: str,
args: PolicyRuleProfileEnrollmentArgs,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyRuleProfileEnrollment(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy_id: Optional[str] = None,
unknown_user_action: Optional[str] = None,
access: Optional[str] = None,
email_verification: Optional[bool] = None,
inline_hook_id: Optional[str] = None,
profile_attributes: Optional[Sequence[PolicyRuleProfileEnrollmentProfileAttributeArgs]] = None,
progressive_profiling_action: Optional[str] = None,
target_group_id: Optional[str] = None,
ui_schema_id: Optional[str] = None)
func NewPolicyRuleProfileEnrollment(ctx *Context, name string, args PolicyRuleProfileEnrollmentArgs, opts ...ResourceOption) (*PolicyRuleProfileEnrollment, error)
public PolicyRuleProfileEnrollment(string name, PolicyRuleProfileEnrollmentArgs args, CustomResourceOptions? opts = null)
public PolicyRuleProfileEnrollment(String name, PolicyRuleProfileEnrollmentArgs args)
public PolicyRuleProfileEnrollment(String name, PolicyRuleProfileEnrollmentArgs args, CustomResourceOptions options)
type: okta:PolicyRuleProfileEnrollment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyRuleProfileEnrollmentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var policyRuleProfileEnrollmentResource = new Okta.PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource", new()
{
PolicyId = "string",
UnknownUserAction = "string",
Access = "string",
EmailVerification = false,
InlineHookId = "string",
ProfileAttributes = new[]
{
new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs
{
Label = "string",
Name = "string",
Required = false,
},
},
ProgressiveProfilingAction = "string",
TargetGroupId = "string",
UiSchemaId = "string",
});
example, err := okta.NewPolicyRuleProfileEnrollment(ctx, "policyRuleProfileEnrollmentResource", &okta.PolicyRuleProfileEnrollmentArgs{
PolicyId: pulumi.String("string"),
UnknownUserAction: pulumi.String("string"),
Access: pulumi.String("string"),
EmailVerification: pulumi.Bool(false),
InlineHookId: pulumi.String("string"),
ProfileAttributes: okta.PolicyRuleProfileEnrollmentProfileAttributeArray{
&okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{
Label: pulumi.String("string"),
Name: pulumi.String("string"),
Required: pulumi.Bool(false),
},
},
ProgressiveProfilingAction: pulumi.String("string"),
TargetGroupId: pulumi.String("string"),
UiSchemaId: pulumi.String("string"),
})
var policyRuleProfileEnrollmentResource = new PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource", PolicyRuleProfileEnrollmentArgs.builder()
.policyId("string")
.unknownUserAction("string")
.access("string")
.emailVerification(false)
.inlineHookId("string")
.profileAttributes(PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()
.label("string")
.name("string")
.required(false)
.build())
.progressiveProfilingAction("string")
.targetGroupId("string")
.uiSchemaId("string")
.build());
policy_rule_profile_enrollment_resource = okta.PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource",
policy_id="string",
unknown_user_action="string",
access="string",
email_verification=False,
inline_hook_id="string",
profile_attributes=[{
"label": "string",
"name": "string",
"required": False,
}],
progressive_profiling_action="string",
target_group_id="string",
ui_schema_id="string")
const policyRuleProfileEnrollmentResource = new okta.PolicyRuleProfileEnrollment("policyRuleProfileEnrollmentResource", {
policyId: "string",
unknownUserAction: "string",
access: "string",
emailVerification: false,
inlineHookId: "string",
profileAttributes: [{
label: "string",
name: "string",
required: false,
}],
progressiveProfilingAction: "string",
targetGroupId: "string",
uiSchemaId: "string",
});
type: okta:PolicyRuleProfileEnrollment
properties:
access: string
emailVerification: false
inlineHookId: string
policyId: string
profileAttributes:
- label: string
name: string
required: false
progressiveProfilingAction: string
targetGroupId: string
uiSchemaId: string
unknownUserAction: string
PolicyRuleProfileEnrollment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The PolicyRuleProfileEnrollment resource accepts the following input properties:
- Policy
Id string - ID of the policy
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- Access string
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default:
true
. - Inline
Hook stringId - ID of a Registration Inline Hook
- Profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- Target
Group stringId - The ID of a Group that this User should be added to
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- Policy
Id string - ID of the policy
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- Access string
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default:
true
. - Inline
Hook stringId - ID of a Registration Inline Hook
- Profile
Attributes []PolicyRule Profile Enrollment Profile Attribute Args - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- Target
Group stringId - The ID of a Group that this User should be added to
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- policy
Id String - ID of the policy
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access String
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default:
true
. - inline
Hook StringId - ID of a Registration Inline Hook
- profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- target
Group StringId - The ID of a Group that this User should be added to
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
- policy
Id string - ID of the policy
- unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access string
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email
Verification boolean - Indicates whether email verification should occur before access is granted. Default:
true
. - inline
Hook stringId - ID of a Registration Inline Hook
- profile
Attributes PolicyRule Profile Enrollment Profile Attribute[] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- target
Group stringId - The ID of a Group that this User should be added to
- ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- policy_
id str - ID of the policy
- unknown_
user_ straction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access str
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email_
verification bool - Indicates whether email verification should occur before access is granted. Default:
true
. - inline_
hook_ strid - ID of a Registration Inline Hook
- profile_
attributes Sequence[PolicyRule Profile Enrollment Profile Attribute Args] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive_
profiling_ straction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- target_
group_ strid - The ID of a Group that this User should be added to
- ui_
schema_ strid - Value created by the backend. If present all policy updates must include this attribute/value.
- policy
Id String - ID of the policy
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access String
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default:
true
. - inline
Hook StringId - ID of a Registration Inline Hook
- profile
Attributes List<Property Map> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- target
Group StringId - The ID of a Group that this User should be added to
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyRuleProfileEnrollment resource produces the following output properties:
Look up Existing PolicyRuleProfileEnrollment Resource
Get an existing PolicyRuleProfileEnrollment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PolicyRuleProfileEnrollmentState, opts?: CustomResourceOptions): PolicyRuleProfileEnrollment
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access: Optional[str] = None,
email_verification: Optional[bool] = None,
inline_hook_id: Optional[str] = None,
name: Optional[str] = None,
policy_id: Optional[str] = None,
profile_attributes: Optional[Sequence[PolicyRuleProfileEnrollmentProfileAttributeArgs]] = None,
progressive_profiling_action: Optional[str] = None,
status: Optional[str] = None,
target_group_id: Optional[str] = None,
ui_schema_id: Optional[str] = None,
unknown_user_action: Optional[str] = None) -> PolicyRuleProfileEnrollment
func GetPolicyRuleProfileEnrollment(ctx *Context, name string, id IDInput, state *PolicyRuleProfileEnrollmentState, opts ...ResourceOption) (*PolicyRuleProfileEnrollment, error)
public static PolicyRuleProfileEnrollment Get(string name, Input<string> id, PolicyRuleProfileEnrollmentState? state, CustomResourceOptions? opts = null)
public static PolicyRuleProfileEnrollment get(String name, Output<String> id, PolicyRuleProfileEnrollmentState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access string
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default:
true
. - Inline
Hook stringId - ID of a Registration Inline Hook
- Name string
- Name of the rule
- Policy
Id string - ID of the policy
- Profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- Status string
- Status of the rule
- Target
Group stringId - The ID of a Group that this User should be added to
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- Access string
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - Email
Verification bool - Indicates whether email verification should occur before access is granted. Default:
true
. - Inline
Hook stringId - ID of a Registration Inline Hook
- Name string
- Name of the rule
- Policy
Id string - ID of the policy
- Profile
Attributes []PolicyRule Profile Enrollment Profile Attribute Args - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- Progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- Status string
- Status of the rule
- Target
Group stringId - The ID of a Group that this User should be added to
- Ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- Unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access String
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default:
true
. - inline
Hook StringId - ID of a Registration Inline Hook
- name String
- Name of the rule
- policy
Id String - ID of the policy
- profile
Attributes List<PolicyRule Profile Enrollment Profile Attribute> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- status String
- Status of the rule
- target
Group StringId - The ID of a Group that this User should be added to
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access string
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email
Verification boolean - Indicates whether email verification should occur before access is granted. Default:
true
. - inline
Hook stringId - ID of a Registration Inline Hook
- name string
- Name of the rule
- policy
Id string - ID of the policy
- profile
Attributes PolicyRule Profile Enrollment Profile Attribute[] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive
Profiling stringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- status string
- Status of the rule
- target
Group stringId - The ID of a Group that this User should be added to
- ui
Schema stringId - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown
User stringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access str
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email_
verification bool - Indicates whether email verification should occur before access is granted. Default:
true
. - inline_
hook_ strid - ID of a Registration Inline Hook
- name str
- Name of the rule
- policy_
id str - ID of the policy
- profile_
attributes Sequence[PolicyRule Profile Enrollment Profile Attribute Args] - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive_
profiling_ straction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- status str
- Status of the rule
- target_
group_ strid - The ID of a Group that this User should be added to
- ui_
schema_ strid - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown_
user_ straction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
- access String
- Allow or deny access based on the rule conditions. Valid values are:
ALLOW
,DENY
. Default:ALLOW
. - email
Verification Boolean - Indicates whether email verification should occur before access is granted. Default:
true
. - inline
Hook StringId - ID of a Registration Inline Hook
- name String
- Name of the rule
- policy
Id String - ID of the policy
- profile
Attributes List<Property Map> - A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported. - 'label' - (Required) A display-friendly label for this property - 'name' - (Required) The name of a User Profile property - 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'.
- progressive
Profiling StringAction - Enabled or disabled progressive profiling action rule conditions:
ENABLED
orDISABLED
. Default:DISABLED
- status String
- Status of the rule
- target
Group StringId - The ID of a Group that this User should be added to
- ui
Schema StringId - Value created by the backend. If present all policy updates must include this attribute/value.
- unknown
User StringAction - Which action should be taken if this User is new. Valid values are:
DENY
,REGISTER
Supporting Types
PolicyRuleProfileEnrollmentProfileAttribute, PolicyRuleProfileEnrollmentProfileAttributeArgs
Import
$ pulumi import okta:index/policyRuleProfileEnrollment:PolicyRuleProfileEnrollment example <policy_id>/<rule_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
okta
Terraform Provider.