1. Docs
2. Reference
3. API
4. @pulumi/okta
5. group

Module group

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-okta repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-okta repo.

Resources

• Group
• Roles
• Rule

Functions

• getEveryoneGroup
• getGroup

Others

• GetEveryoneGroupArgs
• GetEveryoneGroupResult
• GetGroupArgs
• GetGroupResult
• GroupArgs
• GroupState
• RolesArgs
• RolesState
• RuleArgs
• RuleState

Resources

Resource Group

class Group extends CustomResource

Creates an Okta Group.

This resource allows you to create and configure an Okta Group.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.group.Group("example", {
    description: "My Example Group",
});

constructor

new Group(name: string, args?: GroupArgs, opts?: pulumi.CustomResourceOptions)

Create a Group resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GroupState, opts?: pulumi.CustomResourceOptions): Group

Get an existing Group resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Group

Returns true if the given object is an instance of Group. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;

The description of the Okta Group.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the Okta Group.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property users

public users: pulumi.Output<string[] | undefined>;

Users associated with the group. This can also be done per user.

Resource Roles

class Roles extends CustomResource

Creates Group level Admin Role Assignments.

This resource allows you to create and configure Group level Admin Role Assignments.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.group.Roles("example", {
    adminRoles: ["SUPER_ADMIN"],
    groupId: "<group id>",
});

constructor

new Roles(name: string, args: RolesArgs, opts?: pulumi.CustomResourceOptions)

Create a Roles resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RolesState, opts?: pulumi.CustomResourceOptions): Roles

Get an existing Roles resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Roles

Returns true if the given object is an instance of Roles. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property adminRoles

public adminRoles: pulumi.Output<string[] | undefined>;

Admin roles associated with the group. It can be any of the following values "SUPER_ADMIN", "ORG_ADMIN", "APP_ADMIN", "USER_ADMIN", "HELP_DESK_ADMIN", "READ_ONLY_ADMIN", "MOBILE_ADMIN", "API_ACCESS_MANAGEMENT_ADMIN", "REPORT_ADMIN".

property groupId

public groupId: pulumi.Output<string>;

The ID of group to attach admin roles to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Rule

class Rule extends CustomResource

Creates an Okta Group Rule.

This resource allows you to create and configure an Okta Group Rule.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.group.Rule("example", {
    expressionType: "urn:okta:expression:1.0",
    expressionValue: "String.startsWith(user.firstName,\"andy\")",
    groupAssignments: ["<group id>"],
    status: "ACTIVE",
});

constructor

new Rule(name: string, args: RuleArgs, opts?: pulumi.CustomResourceOptions)

Create a Rule resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RuleState, opts?: pulumi.CustomResourceOptions): Rule

Get an existing Rule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Rule

Returns true if the given object is an instance of Rule. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property expressionType

public expressionType: pulumi.Output<string | undefined>;

The expression type to use to invoke the rule. The default is "urn:okta:expression:1.0".

property expressionValue

public expressionValue: pulumi.Output<string>;

The expression value.

property groupAssignments

public groupAssignments: pulumi.Output<string[]>;

The list of group ids to assign the users to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the Group Rule.

property status

public status: pulumi.Output<string | undefined>;

The status of the group rule.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Functions

Function getEveryoneGroup

getEveryoneGroup(args?: GetEveryoneGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetEveryoneGroupResult>

Use this data source to retrieve the Everyone group from Okta. The same can be achieved with the okta.group.Group data source with name = "Everyone". This is simply a shortcut.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = pulumi.output(okta.group.getEveryoneGroup({ async: true }));

Function getGroup

getGroup(args: GetGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetGroupResult>

Use this data source to retrieve a group from Okta.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = pulumi.output(okta.group.getGroup({
    name: "Example App",
}, { async: true }));

Others

interface GetEveryoneGroupArgs

interface GetEveryoneGroupArgs

A collection of arguments for invoking getEveryoneGroup.

property includeUsers

includeUsers?: undefined | false | true;

interface GetEveryoneGroupResult

interface GetEveryoneGroupResult

A collection of values returned by getEveryoneGroup.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property includeUsers

includeUsers?: undefined | false | true;

interface GetGroupArgs

interface GetGroupArgs

A collection of arguments for invoking getGroup.

property includeUsers

includeUsers?: undefined | false | true;

whether or not to retrieve all member ids.

property name

name: string;

name of group to retrieve.

interface GetGroupResult

interface GetGroupResult

A collection of values returned by getGroup.

property description

description: string;

description of group.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property includeUsers

includeUsers?: undefined | false | true;

property name

name: string;

name of group.

property users

users: string[];

user ids that are members of this group, only included if includeUsers is set to true.

interface GroupArgs

interface GroupArgs

The set of arguments for constructing a Group resource.

property description

description?: pulumi.Input<string>;

The description of the Okta Group.

property name

name?: pulumi.Input<string>;

The name of the Okta Group.

property users

users?: pulumi.Input<pulumi.Input<string>[]>;

Users associated with the group. This can also be done per user.

interface GroupState

interface GroupState

Input properties used for looking up and filtering Group resources.

property description

description?: pulumi.Input<string>;

The description of the Okta Group.

property name

name?: pulumi.Input<string>;

The name of the Okta Group.

property users

users?: pulumi.Input<pulumi.Input<string>[]>;

Users associated with the group. This can also be done per user.

interface RolesArgs

interface RolesArgs

The set of arguments for constructing a Roles resource.

property adminRoles

adminRoles?: pulumi.Input<pulumi.Input<string>[]>;

Admin roles associated with the group. It can be any of the following values "SUPER_ADMIN", "ORG_ADMIN", "APP_ADMIN", "USER_ADMIN", "HELP_DESK_ADMIN", "READ_ONLY_ADMIN", "MOBILE_ADMIN", "API_ACCESS_MANAGEMENT_ADMIN", "REPORT_ADMIN".

property groupId

groupId: pulumi.Input<string>;

The ID of group to attach admin roles to.

interface RolesState

interface RolesState

Input properties used for looking up and filtering Roles resources.

property adminRoles

adminRoles?: pulumi.Input<pulumi.Input<string>[]>;

Admin roles associated with the group. It can be any of the following values "SUPER_ADMIN", "ORG_ADMIN", "APP_ADMIN", "USER_ADMIN", "HELP_DESK_ADMIN", "READ_ONLY_ADMIN", "MOBILE_ADMIN", "API_ACCESS_MANAGEMENT_ADMIN", "REPORT_ADMIN".

property groupId

groupId?: pulumi.Input<string>;

The ID of group to attach admin roles to.

interface RuleArgs

interface RuleArgs

The set of arguments for constructing a Rule resource.

property expressionType

expressionType?: pulumi.Input<string>;

The expression type to use to invoke the rule. The default is "urn:okta:expression:1.0".

property expressionValue

expressionValue: pulumi.Input<string>;

The expression value.

property groupAssignments

groupAssignments: pulumi.Input<pulumi.Input<string>[]>;

The list of group ids to assign the users to.

property name

name?: pulumi.Input<string>;

The name of the Group Rule.

property status

status?: pulumi.Input<string>;

The status of the group rule.

interface RuleState

interface RuleState

Input properties used for looking up and filtering Rule resources.

property expressionType

expressionType?: pulumi.Input<string>;

The expression type to use to invoke the rule. The default is "urn:okta:expression:1.0".

property expressionValue

expressionValue?: pulumi.Input<string>;

The expression value.

property groupAssignments

groupAssignments?: pulumi.Input<pulumi.Input<string>[]>;

The list of group ids to assign the users to.

property name

name?: pulumi.Input<string>;

The name of the Group Rule.

property status

status?: pulumi.Input<string>;

The status of the group rule.