SignonPolicyRule

Create a SignonPolicyRule Resource

new SignonPolicyRule(name: string, args: SignonPolicyRuleArgs, opts?: CustomResourceOptions);

def SignonPolicyRule(resource_name, opts=None, access=None, authtype=None, mfa_lifetime=None, mfa_prompt=None, mfa_remember_device=None, mfa_required=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, session_idle=None, session_lifetime=None, session_persistent=None, status=None, users_excludeds=None, __props__=None);

func NewSignonPolicyRule(ctx *Context, name string, args SignonPolicyRuleArgs, opts ...ResourceOption) (*SignonPolicyRule, error)

public SignonPolicyRule(string name, SignonPolicyRuleArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args SignonPolicyRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SignonPolicyRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SignonPolicyRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

SignonPolicyRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The SignonPolicyRule resource accepts the following input properties:

Policyid string: Policy ID of the Rule
Access string: Allow or deny access based on the rule conditions: ALLOW or DENY.
Authtype string: Authentication entrypoint: ANY or RADIUS.
MfaLifetime int: Elapsed time before the next MFA challenge
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
MfaRememberDevice bool: Remember MFA device.
MfaRequired bool: Require MFA.
Name string: Policy Rule Name
NetworkConnection string: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
NetworkExcludes List<string>: The zones to exclude
NetworkIncludes List<string>: The zones to include
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: ACTIVE or INACTIVE.
UsersExcludeds List<string>: Set of User IDs to Exclude

Policyid string: Policy ID of the Rule
Access string: Allow or deny access based on the rule conditions: ALLOW or DENY.
Authtype string: Authentication entrypoint: ANY or RADIUS.
MfaLifetime int: Elapsed time before the next MFA challenge
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
MfaRememberDevice bool: Remember MFA device.
MfaRequired bool: Require MFA.
Name string: Policy Rule Name
NetworkConnection string: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
NetworkExcludes []string: The zones to exclude
NetworkIncludes []string: The zones to include
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: ACTIVE or INACTIVE.
UsersExcludeds []string: Set of User IDs to Exclude

policyid string: Policy ID of the Rule
access string: Allow or deny access based on the rule conditions: ALLOW or DENY.
authtype string: Authentication entrypoint: ANY or RADIUS.
mfaLifetime number: Elapsed time before the next MFA challenge
mfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
mfaRememberDevice boolean: Remember MFA device.
mfaRequired boolean: Require MFA.
name string: Policy Rule Name
networkConnection string: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
networkExcludes string[]: The zones to exclude
networkIncludes string[]: The zones to include
priority number: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
sessionIdle number: Max minutes a session can be idle.
sessionLifetime number: Max minutes a session is active: Disable = 0.
sessionPersistent boolean: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status string: Policy Rule Status: ACTIVE or INACTIVE.
usersExcludeds string[]: Set of User IDs to Exclude

policyid str: Policy ID of the Rule
access str: Allow or deny access based on the rule conditions: ALLOW or DENY.
authtype str: Authentication entrypoint: ANY or RADIUS.
mfa_lifetime float: Elapsed time before the next MFA challenge
mfa_prompt str: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
mfa_remember_device bool: Remember MFA device.
mfa_required bool: Require MFA.
name str: Policy Rule Name
network_connection str: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
network_excludes List[str]: The zones to exclude
network_includes List[str]: The zones to include
priority float: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
session_idle float: Max minutes a session can be idle.
session_lifetime float: Max minutes a session is active: Disable = 0.
session_persistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status str: Policy Rule Status: ACTIVE or INACTIVE.
users_excludeds List[str]: Set of User IDs to Exclude

Outputs

All input properties are implicitly available as output properties. Additionally, the SignonPolicyRule resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

Look up an Existing SignonPolicyRule Resource

Get an existing SignonPolicyRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SignonPolicyRuleState, opts?: CustomResourceOptions): SignonPolicyRule

static get(resource_name, id, opts=None, access=None, authtype=None, mfa_lifetime=None, mfa_prompt=None, mfa_remember_device=None, mfa_required=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, session_idle=None, session_lifetime=None, session_persistent=None, status=None, users_excludeds=None, __props__=None);

func GetSignonPolicyRule(ctx *Context, name string, id IDInput, state *SignonPolicyRuleState, opts ...ResourceOption) (*SignonPolicyRule, error)

public static SignonPolicyRule Get(string name, Input<string> id, SignonPolicyRuleState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Access string: Allow or deny access based on the rule conditions: ALLOW or DENY.
Authtype string: Authentication entrypoint: ANY or RADIUS.
MfaLifetime int: Elapsed time before the next MFA challenge
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
MfaRememberDevice bool: Remember MFA device.
MfaRequired bool: Require MFA.
Name string: Policy Rule Name
NetworkConnection string: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
NetworkExcludes List<string>: The zones to exclude
NetworkIncludes List<string>: The zones to include
Policyid string: Policy ID of the Rule
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: ACTIVE or INACTIVE.
UsersExcludeds List<string>: Set of User IDs to Exclude

Access string: Allow or deny access based on the rule conditions: ALLOW or DENY.
Authtype string: Authentication entrypoint: ANY or RADIUS.
MfaLifetime int: Elapsed time before the next MFA challenge
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
MfaRememberDevice bool: Remember MFA device.
MfaRequired bool: Require MFA.
Name string: Policy Rule Name
NetworkConnection string: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
NetworkExcludes []string: The zones to exclude
NetworkIncludes []string: The zones to include
Policyid string: Policy ID of the Rule
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: ACTIVE or INACTIVE.
UsersExcludeds []string: Set of User IDs to Exclude

access string: Allow or deny access based on the rule conditions: ALLOW or DENY.
authtype string: Authentication entrypoint: ANY or RADIUS.
mfaLifetime number: Elapsed time before the next MFA challenge
mfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
mfaRememberDevice boolean: Remember MFA device.
mfaRequired boolean: Require MFA.
name string: Policy Rule Name
networkConnection string: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
networkExcludes string[]: The zones to exclude
networkIncludes string[]: The zones to include
policyid string: Policy ID of the Rule
priority number: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
sessionIdle number: Max minutes a session can be idle.
sessionLifetime number: Max minutes a session is active: Disable = 0.
sessionPersistent boolean: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status string: Policy Rule Status: ACTIVE or INACTIVE.
usersExcludeds string[]: Set of User IDs to Exclude

access str: Allow or deny access based on the rule conditions: ALLOW or DENY.
authtype str: Authentication entrypoint: ANY or RADIUS.
mfa_lifetime float: Elapsed time before the next MFA challenge
mfa_prompt str: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS
mfa_remember_device bool: Remember MFA device.
mfa_required bool: Require MFA.
name str: Policy Rule Name
network_connection str: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.
network_excludes List[str]: The zones to exclude
network_includes List[str]: The zones to include
policyid str: Policy ID of the Rule
priority float: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
session_idle float: Max minutes a session can be idle.
session_lifetime float: Max minutes a session is active: Disable = 0.
session_persistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status str: Policy Rule Status: ACTIVE or INACTIVE.
users_excludeds List[str]: Set of User IDs to Exclude

Package Details

Repository: https://github.com/pulumi/pulumi-okta
License: Apache-2.0
Notes: This Pulumi package is based on the okta Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud