1. Docs
  2. Reference
  3. API
  4. Okta
  5. policy
  6. RuleIdpDiscovery

RuleIdpDiscovery

Creates an IdP Discovery Policy Rule.

This resource allows you to create and configure an IdP Discovery Policy Rule.

Example Usage

using Pulumi;
using Okta = Pulumi.Okta;

class MyStack : Stack
{
    public MyStack()
    {
        var example = new Okta.Policy.RuleIdpDiscovery("example", new Okta.Policy.RuleIdpDiscoveryArgs
        {
            IdpId = "<idp id>",
            IdpType = "SAML2",
            Policyid = "<policy id>",
            Priority = 1,
            UserIdentifierAttribute = "company",
            UserIdentifierPatterns = 
            {
                new Okta.Policy.Inputs.RuleIdpDiscoveryUserIdentifierPatternArgs
                {
                    MatchType = "EQUALS",
                    Value = "Articulate",
                },
            },
            UserIdentifierType = "ATTRIBUTE",
        });
    }

}

Coming soon!

import pulumi
import pulumi_okta as okta

example = okta.policy.RuleIdpDiscovery("example",
    idp_id="<idp id>",
    idp_type="SAML2",
    policyid="<policy id>",
    priority=1,
    user_identifier_attribute="company",
    user_identifier_patterns=[{
        "match_type": "EQUALS",
        "value": "Articulate",
    }],
    user_identifier_type="ATTRIBUTE")
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.policy.RuleIdpDiscovery("example", {
    idpId: "<idp id>",
    idpType: "SAML2",
    policyid: "<policy id>",
    priority: 1,
    userIdentifierAttribute: "company",
    userIdentifierPatterns: [{
        matchType: "EQUALS",
        value: "Articulate",
    }],
    userIdentifierType: "ATTRIBUTE",
});

Create a RuleIdpDiscovery Resource

new RuleIdpDiscovery(name: string, args: RuleIdpDiscoveryArgs, opts?: CustomResourceOptions);
def RuleIdpDiscovery(resource_name, opts=None, app_excludes=None, app_includes=None, idp_id=None, idp_type=None, name=None, network_connection=None, network_excludes=None, network_includes=None, platform_includes=None, policyid=None, priority=None, status=None, user_identifier_attribute=None, user_identifier_patterns=None, user_identifier_type=None, __props__=None);
func NewRuleIdpDiscovery(ctx *Context, name string, args RuleIdpDiscoveryArgs, opts ...ResourceOption) (*RuleIdpDiscovery, error)
public RuleIdpDiscovery(string name, RuleIdpDiscoveryArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args RuleIdpDiscoveryArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args RuleIdpDiscoveryArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args RuleIdpDiscoveryArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

RuleIdpDiscovery Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The RuleIdpDiscovery resource accepts the following input properties:

Policyid string

Policy ID.

AppExcludes List<RuleIdpDiscoveryAppExcludeArgs>

Applications to exclude in discovery rule

AppIncludes List<RuleIdpDiscoveryAppIncludeArgs>

Applications to include in discovery rule

IdpId string
IdpType string
Name string

Policy Rule Name.

NetworkConnection string

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

NetworkExcludes List<string>

The network zones to exclude. Conflicts with network_includes.

NetworkIncludes List<string>

The network zones to include. Conflicts with network_excludes.

PlatformIncludes List<RuleIdpDiscoveryPlatformIncludeArgs>
Priority int

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

Status string

Policy Rule Status: "ACTIVE" or "INACTIVE".

UserIdentifierAttribute string
UserIdentifierPatterns List<RuleIdpDiscoveryUserIdentifierPatternArgs>
UserIdentifierType string
Policyid string

Policy ID.

AppExcludes []RuleIdpDiscoveryAppExclude

Applications to exclude in discovery rule

AppIncludes []RuleIdpDiscoveryAppInclude

Applications to include in discovery rule

IdpId string
IdpType string
Name string

Policy Rule Name.

NetworkConnection string

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

NetworkExcludes []string

The network zones to exclude. Conflicts with network_includes.

NetworkIncludes []string

The network zones to include. Conflicts with network_excludes.

PlatformIncludes []RuleIdpDiscoveryPlatformInclude
Priority int

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

Status string

Policy Rule Status: "ACTIVE" or "INACTIVE".

UserIdentifierAttribute string
UserIdentifierPatterns []RuleIdpDiscoveryUserIdentifierPattern
UserIdentifierType string
policyid string

Policy ID.

appExcludes RuleIdpDiscoveryAppExclude[]

Applications to exclude in discovery rule

appIncludes RuleIdpDiscoveryAppInclude[]

Applications to include in discovery rule

idpId string
idpType string
name string

Policy Rule Name.

networkConnection string

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

networkExcludes string[]

The network zones to exclude. Conflicts with network_includes.

networkIncludes string[]

The network zones to include. Conflicts with network_excludes.

platformIncludes RuleIdpDiscoveryPlatformInclude[]
priority number

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status string

Policy Rule Status: "ACTIVE" or "INACTIVE".

userIdentifierAttribute string
userIdentifierPatterns RuleIdpDiscoveryUserIdentifierPattern[]
userIdentifierType string
policyid str

Policy ID.

app_excludes List[RuleIdpDiscoveryAppExclude]

Applications to exclude in discovery rule

app_includes List[RuleIdpDiscoveryAppInclude]

Applications to include in discovery rule

idp_id str
idp_type str
name str

Policy Rule Name.

network_connection str

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

network_excludes List[str]

The network zones to exclude. Conflicts with network_includes.

network_includes List[str]

The network zones to include. Conflicts with network_excludes.

platform_includes List[RuleIdpDiscoveryPlatformInclude]
priority float

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status str

Policy Rule Status: "ACTIVE" or "INACTIVE".

user_identifier_attribute str
user_identifier_patterns List[RuleIdpDiscoveryUserIdentifierPattern]
user_identifier_type str

Outputs

All input properties are implicitly available as output properties. Additionally, the RuleIdpDiscovery resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing RuleIdpDiscovery Resource

Get an existing RuleIdpDiscovery resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RuleIdpDiscoveryState, opts?: CustomResourceOptions): RuleIdpDiscovery
static get(resource_name, id, opts=None, app_excludes=None, app_includes=None, idp_id=None, idp_type=None, name=None, network_connection=None, network_excludes=None, network_includes=None, platform_includes=None, policyid=None, priority=None, status=None, user_identifier_attribute=None, user_identifier_patterns=None, user_identifier_type=None, __props__=None);
func GetRuleIdpDiscovery(ctx *Context, name string, id IDInput, state *RuleIdpDiscoveryState, opts ...ResourceOption) (*RuleIdpDiscovery, error)
public static RuleIdpDiscovery Get(string name, Input<string> id, RuleIdpDiscoveryState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AppExcludes List<RuleIdpDiscoveryAppExcludeArgs>

Applications to exclude in discovery rule

AppIncludes List<RuleIdpDiscoveryAppIncludeArgs>

Applications to include in discovery rule

IdpId string
IdpType string
Name string

Policy Rule Name.

NetworkConnection string

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

NetworkExcludes List<string>

The network zones to exclude. Conflicts with network_includes.

NetworkIncludes List<string>

The network zones to include. Conflicts with network_excludes.

PlatformIncludes List<RuleIdpDiscoveryPlatformIncludeArgs>
Policyid string

Policy ID.

Priority int

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

Status string

Policy Rule Status: "ACTIVE" or "INACTIVE".

UserIdentifierAttribute string
UserIdentifierPatterns List<RuleIdpDiscoveryUserIdentifierPatternArgs>
UserIdentifierType string
AppExcludes []RuleIdpDiscoveryAppExclude

Applications to exclude in discovery rule

AppIncludes []RuleIdpDiscoveryAppInclude

Applications to include in discovery rule

IdpId string
IdpType string
Name string

Policy Rule Name.

NetworkConnection string

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

NetworkExcludes []string

The network zones to exclude. Conflicts with network_includes.

NetworkIncludes []string

The network zones to include. Conflicts with network_excludes.

PlatformIncludes []RuleIdpDiscoveryPlatformInclude
Policyid string

Policy ID.

Priority int

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

Status string

Policy Rule Status: "ACTIVE" or "INACTIVE".

UserIdentifierAttribute string
UserIdentifierPatterns []RuleIdpDiscoveryUserIdentifierPattern
UserIdentifierType string
appExcludes RuleIdpDiscoveryAppExclude[]

Applications to exclude in discovery rule

appIncludes RuleIdpDiscoveryAppInclude[]

Applications to include in discovery rule

idpId string
idpType string
name string

Policy Rule Name.

networkConnection string

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

networkExcludes string[]

The network zones to exclude. Conflicts with network_includes.

networkIncludes string[]

The network zones to include. Conflicts with network_excludes.

platformIncludes RuleIdpDiscoveryPlatformInclude[]
policyid string

Policy ID.

priority number

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status string

Policy Rule Status: "ACTIVE" or "INACTIVE".

userIdentifierAttribute string
userIdentifierPatterns RuleIdpDiscoveryUserIdentifierPattern[]
userIdentifierType string
app_excludes List[RuleIdpDiscoveryAppExclude]

Applications to exclude in discovery rule

app_includes List[RuleIdpDiscoveryAppInclude]

Applications to include in discovery rule

idp_id str
idp_type str
name str

Policy Rule Name.

network_connection str

Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".

network_excludes List[str]

The network zones to exclude. Conflicts with network_includes.

network_includes List[str]

The network zones to include. Conflicts with network_excludes.

platform_includes List[RuleIdpDiscoveryPlatformInclude]
policyid str

Policy ID.

priority float

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status str

Policy Rule Status: "ACTIVE" or "INACTIVE".

user_identifier_attribute str
user_identifier_patterns List[RuleIdpDiscoveryUserIdentifierPattern]
user_identifier_type str

Supporting Types

RuleIdpDiscoveryAppExclude

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Id string

ID of the Rule.

Name string

Policy Rule Name.

Type string
Id string

ID of the Rule.

Name string

Policy Rule Name.

Type string
id string

ID of the Rule.

name string

Policy Rule Name.

type string
id str

ID of the Rule.

name str

Policy Rule Name.

type str

RuleIdpDiscoveryAppInclude

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Id string

ID of the Rule.

Name string

Policy Rule Name.

Type string
Id string

ID of the Rule.

Name string

Policy Rule Name.

Type string
id string

ID of the Rule.

name string

Policy Rule Name.

type string
id str

ID of the Rule.

name str

Policy Rule Name.

type str

RuleIdpDiscoveryPlatformInclude

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

OsExpression string
OsType string
Type string
OsExpression string
OsType string
Type string
osExpression string
osType string
type string
osExpression str
osType str
type str

RuleIdpDiscoveryUserIdentifierPattern

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

MatchType string
Value string
MatchType string
Value string
matchType string
value string
match_type str
value str

Package Details

Repository
https://github.com/pulumi/pulumi-okta
License
Apache-2.0
Notes
This Pulumi package is based on the okta Terraform Provider.