RuleSignon

Creates a Sign On Policy Rule.

Create a RuleSignon Resource

new RuleSignon(name: string, args: RuleSignonArgs, opts?: CustomResourceOptions);

def RuleSignon(resource_name, opts=None, access=None, authtype=None, mfa_lifetime=None, mfa_prompt=None, mfa_remember_device=None, mfa_required=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, session_idle=None, session_lifetime=None, session_persistent=None, status=None, users_excludeds=None, __props__=None);

func NewRuleSignon(ctx *Context, name string, args RuleSignonArgs, opts ...ResourceOption) (*RuleSignon, error)

public RuleSignon(string name, RuleSignonArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args RuleSignonArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RuleSignonArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RuleSignonArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

RuleSignon Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The RuleSignon resource accepts the following input properties:

Policyid string: Policy ID.
Access string: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
Authtype string: Authentication entrypoint: "ANY" or "RADIUS".
MfaLifetime int: Elapsed time before the next MFA challenge.
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
MfaRememberDevice bool: Remember MFA device. The default false.
MfaRequired bool: Require MFA. By default is false.
Name string: Policy Rule Name.
NetworkConnection string: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
NetworkExcludes List<string>: The network zones to exclude. Conflicts with network_includes.
NetworkIncludes List<string>: The network zones to include. Conflicts with network_excludes.
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.“,
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: "ACTIVE" or "INACTIVE".
UsersExcludeds List<string>: Set of User IDs to Exclude

Policyid string: Policy ID.
Access string: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
Authtype string: Authentication entrypoint: "ANY" or "RADIUS".
MfaLifetime int: Elapsed time before the next MFA challenge.
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
MfaRememberDevice bool: Remember MFA device. The default false.
MfaRequired bool: Require MFA. By default is false.
Name string: Policy Rule Name.
NetworkConnection string: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
NetworkExcludes []string: The network zones to exclude. Conflicts with network_includes.
NetworkIncludes []string: The network zones to include. Conflicts with network_excludes.
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.“,
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: "ACTIVE" or "INACTIVE".
UsersExcludeds []string: Set of User IDs to Exclude

policyid string: Policy ID.
access string: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
authtype string: Authentication entrypoint: "ANY" or "RADIUS".
mfaLifetime number: Elapsed time before the next MFA challenge.
mfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
mfaRememberDevice boolean: Remember MFA device. The default false.
mfaRequired boolean: Require MFA. By default is false.
name string: Policy Rule Name.
networkConnection string: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
networkExcludes string[]: The network zones to exclude. Conflicts with network_includes.
networkIncludes string[]: The network zones to include. Conflicts with network_excludes.
priority number: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
sessionIdle number: Max minutes a session can be idle.“,
sessionLifetime number: Max minutes a session is active: Disable = 0.
sessionPersistent boolean: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status string: Policy Rule Status: "ACTIVE" or "INACTIVE".
usersExcludeds string[]: Set of User IDs to Exclude

policyid str: Policy ID.
access str: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
authtype str: Authentication entrypoint: "ANY" or "RADIUS".
mfa_lifetime float: Elapsed time before the next MFA challenge.
mfa_prompt str: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
mfa_remember_device bool: Remember MFA device. The default false.
mfa_required bool: Require MFA. By default is false.
name str: Policy Rule Name.
network_connection str: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
network_excludes List[str]: The network zones to exclude. Conflicts with network_includes.
network_includes List[str]: The network zones to include. Conflicts with network_excludes.
priority float: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
session_idle float: Max minutes a session can be idle.“,
session_lifetime float: Max minutes a session is active: Disable = 0.
session_persistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status str: Policy Rule Status: "ACTIVE" or "INACTIVE".
users_excludeds List[str]: Set of User IDs to Exclude

Outputs

All input properties are implicitly available as output properties. Additionally, the RuleSignon resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

Look up an Existing RuleSignon Resource

Get an existing RuleSignon resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RuleSignonState, opts?: CustomResourceOptions): RuleSignon

static get(resource_name, id, opts=None, access=None, authtype=None, mfa_lifetime=None, mfa_prompt=None, mfa_remember_device=None, mfa_required=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, session_idle=None, session_lifetime=None, session_persistent=None, status=None, users_excludeds=None, __props__=None);

func GetRuleSignon(ctx *Context, name string, id IDInput, state *RuleSignonState, opts ...ResourceOption) (*RuleSignon, error)

public static RuleSignon Get(string name, Input<string> id, RuleSignonState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Access string: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
Authtype string: Authentication entrypoint: "ANY" or "RADIUS".
MfaLifetime int: Elapsed time before the next MFA challenge.
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
MfaRememberDevice bool: Remember MFA device. The default false.
MfaRequired bool: Require MFA. By default is false.
Name string: Policy Rule Name.
NetworkConnection string: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
NetworkExcludes List<string>: The network zones to exclude. Conflicts with network_includes.
NetworkIncludes List<string>: The network zones to include. Conflicts with network_excludes.
Policyid string: Policy ID.
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.“,
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: "ACTIVE" or "INACTIVE".
UsersExcludeds List<string>: Set of User IDs to Exclude

Access string: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
Authtype string: Authentication entrypoint: "ANY" or "RADIUS".
MfaLifetime int: Elapsed time before the next MFA challenge.
MfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
MfaRememberDevice bool: Remember MFA device. The default false.
MfaRequired bool: Require MFA. By default is false.
Name string: Policy Rule Name.
NetworkConnection string: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
NetworkExcludes []string: The network zones to exclude. Conflicts with network_includes.
NetworkIncludes []string: The network zones to include. Conflicts with network_excludes.
Policyid string: Policy ID.
Priority int: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
SessionIdle int: Max minutes a session can be idle.“,
SessionLifetime int: Max minutes a session is active: Disable = 0.
SessionPersistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
Status string: Policy Rule Status: "ACTIVE" or "INACTIVE".
UsersExcludeds []string: Set of User IDs to Exclude

access string: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
authtype string: Authentication entrypoint: "ANY" or "RADIUS".
mfaLifetime number: Elapsed time before the next MFA challenge.
mfaPrompt string: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
mfaRememberDevice boolean: Remember MFA device. The default false.
mfaRequired boolean: Require MFA. By default is false.
name string: Policy Rule Name.
networkConnection string: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
networkExcludes string[]: The network zones to exclude. Conflicts with network_includes.
networkIncludes string[]: The network zones to include. Conflicts with network_excludes.
policyid string: Policy ID.
priority number: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
sessionIdle number: Max minutes a session can be idle.“,
sessionLifetime number: Max minutes a session is active: Disable = 0.
sessionPersistent boolean: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status string: Policy Rule Status: "ACTIVE" or "INACTIVE".
usersExcludeds string[]: Set of User IDs to Exclude

access str: Allow or deny access based on the rule conditions: "ALLOW" or "DENY". The default is "ALLOW".
authtype str: Authentication entrypoint: "ANY" or "RADIUS".
mfa_lifetime float: Elapsed time before the next MFA challenge.
mfa_prompt str: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: "DEVICE", "SESSION" or "ALWAYS".
mfa_remember_device bool: Remember MFA device. The default false.
mfa_required bool: Require MFA. By default is false.
name str: Policy Rule Name.
network_connection str: Network selection mode: "ANYWHERE", "ZONE", "ON_NETWORK", or "OFF_NETWORK".
network_excludes List[str]: The network zones to exclude. Conflicts with network_includes.
network_includes List[str]: The network zones to include. Conflicts with network_excludes.
policyid str: Policy ID.
priority float: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.
session_idle float: Max minutes a session can be idle.“,
session_lifetime float: Max minutes a session is active: Disable = 0.
session_persistent bool: Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.
status str: Policy Rule Status: "ACTIVE" or "INACTIVE".
users_excludeds List[str]: Set of User IDs to Exclude

Package Details

Repository: https://github.com/pulumi/pulumi-okta
License: Apache-2.0
Notes: This Pulumi package is based on the okta Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud