@pulumi/oci 0.11.0 → 0.12.0

package/identity/domainsPasswordPolicy.d.ts

@@ -0,0 +1,647 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as inputs from "../types/input";
+import * as outputs from "../types/output";
+/**
+ * This resource provides the Password Policy resource in Oracle Cloud Infrastructure Identity Domains service.
+ *
+ * Create a Password Policy
+ *
+ * ## Import
+ *
+ * PasswordPolicies can be imported using the `id`, e.g.
+ *
+ * ```sh
+ *  $ pulumi import oci:Identity/domainsPasswordPolicy:DomainsPasswordPolicy test_password_policy "idcsEndpoint/{idcsEndpoint}/passwordPolicies/{passwordPolicyId}"
+ * ```
+ */
+export declare class DomainsPasswordPolicy extends pulumi.CustomResource {
+    /**
+     * Get an existing DomainsPasswordPolicy resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DomainsPasswordPolicyState, opts?: pulumi.CustomResourceOptions): DomainsPasswordPolicy;
+    /**
+     * Returns true if the given object is an instance of DomainsPasswordPolicy.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is DomainsPasswordPolicy;
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
+     */
+    readonly allowedChars: pulumi.Output<string>;
+    /**
+     * (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
+     */
+    readonly attributeSets: pulumi.Output<string[] | undefined>;
+    /**
+     * (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
+     */
+    readonly attributes: pulumi.Output<string | undefined>;
+    /**
+     * (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
+     */
+    readonly authorization: pulumi.Output<string | undefined>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
+     */
+    readonly compartmentOcid: pulumi.Output<string>;
+    /**
+     * (Updatable) List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
+     */
+    readonly configuredPasswordPolicyRules: pulumi.Output<outputs.Identity.DomainsPasswordPolicyConfiguredPasswordPolicyRule[]>;
+    /**
+     * (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
+     */
+    readonly deleteInProgress: pulumi.Output<boolean>;
+    /**
+     * (Updatable) A String that describes the password policy
+     */
+    readonly description: pulumi.Output<string>;
+    /**
+     * (Updatable) A delimiter used to separate characters in the dictionary file
+     */
+    readonly dictionaryDelimiter: pulumi.Output<string>;
+    /**
+     * (Updatable) A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
+     */
+    readonly dictionaryLocation: pulumi.Output<string>;
+    /**
+     * (Updatable) Indicates whether the password can match a dictionary word
+     */
+    readonly dictionaryWordDisallowed: pulumi.Output<boolean>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
+     */
+    readonly disallowedChars: pulumi.Output<string>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
+     */
+    readonly disallowedSubstrings: pulumi.Output<string[]>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
+     */
+    readonly domainOcid: pulumi.Output<string>;
+    /**
+     * (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
+     */
+    readonly externalId: pulumi.Output<string>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
+     */
+    readonly firstNameDisallowed: pulumi.Output<boolean>;
+    /**
+     * (Updatable) Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
+     */
+    readonly forcePasswordReset: pulumi.Output<boolean>;
+    /**
+     * (Updatable) A list of groups that the password policy belongs to.
+     */
+    readonly groups: pulumi.Output<outputs.Identity.DomainsPasswordPolicyGroup[]>;
+    /**
+     * (Updatable) The User or App who created the Resource
+     */
+    readonly idcsCreatedBies: pulumi.Output<outputs.Identity.DomainsPasswordPolicyIdcsCreatedBy[]>;
+    /**
+     * The basic endpoint for the identity domain
+     */
+    readonly idcsEndpoint: pulumi.Output<string>;
+    /**
+     * (Updatable) The User or App who modified the Resource
+     */
+    readonly idcsLastModifiedBies: pulumi.Output<outputs.Identity.DomainsPasswordPolicyIdcsLastModifiedBy[]>;
+    /**
+     * (Updatable) The release number when the resource was upgraded.
+     */
+    readonly idcsLastUpgradedInRelease: pulumi.Output<string>;
+    /**
+     * (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
+     */
+    readonly idcsPreventedOperations: pulumi.Output<string[]>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
+     */
+    readonly lastNameDisallowed: pulumi.Output<boolean>;
+    /**
+     * (Updatable) The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
+     */
+    readonly lockoutDuration: pulumi.Output<number>;
+    /**
+     * (Updatable) An integer that represents the maximum number of failed logins before an account is locked
+     */
+    readonly maxIncorrectAttempts: pulumi.Output<number>;
+    /**
+     * (Updatable) The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
+     */
+    readonly maxLength: pulumi.Output<number>;
+    /**
+     * (Updatable) The maximum number of repeated characters allowed in a password.  A value of 0 or no value indicates no such restriction.
+     */
+    readonly maxRepeatedChars: pulumi.Output<number>;
+    /**
+     * (Updatable) The maximum number of special characters in a password.  A value of 0 or no value indicates no maximum special characters restriction.
+     */
+    readonly maxSpecialChars: pulumi.Output<number>;
+    /**
+     * (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
+     */
+    readonly metas: pulumi.Output<outputs.Identity.DomainsPasswordPolicyMeta[]>;
+    /**
+     * (Updatable) The minimum number of a combination of alphabetic and numeric characters in a password.  A value of 0 or no value indicates no minimum alphanumeric character restriction.
+     */
+    readonly minAlphaNumerals: pulumi.Output<number>;
+    /**
+     * (Updatable) The minimum number of alphabetic characters in a password.  A value of 0 or no value indicates no minimum alphas restriction.
+     */
+    readonly minAlphas: pulumi.Output<number>;
+    /**
+     * (Updatable) The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
+     */
+    readonly minLength: pulumi.Output<number>;
+    /**
+     * (Updatable) The minimum number of lowercase alphabetic characters in a password.  A value of 0 or no value indicates no minimum lowercase restriction.
+     */
+    readonly minLowerCase: pulumi.Output<number>;
+    /**
+     * (Updatable) The minimum number of numeric characters in a password.  A value of 0 or no value indicates no minimum numeric character restriction.
+     */
+    readonly minNumerals: pulumi.Output<number>;
+    /**
+     * (Updatable) Minimum time after which the user can resubmit the reset password request
+     */
+    readonly minPasswordAge: pulumi.Output<number>;
+    /**
+     * (Updatable) The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
+     */
+    readonly minSpecialChars: pulumi.Output<number>;
+    /**
+     * (Updatable) The minimum number of unique characters in a password.  A value of 0 or no value indicates no minimum unique characters restriction.
+     */
+    readonly minUniqueChars: pulumi.Output<number>;
+    /**
+     * (Updatable) The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
+     */
+    readonly minUpperCase: pulumi.Output<number>;
+    /**
+     * (Updatable) A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
+     */
+    readonly name: pulumi.Output<string>;
+    /**
+     * (Updatable) The number of passwords that will be kept in history that may not be used as a password
+     */
+    readonly numPasswordsInHistory: pulumi.Output<number>;
+    /**
+     * (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
+     */
+    readonly ocid: pulumi.Output<string>;
+    /**
+     * (Updatable) An integer indicating the number of days before which the user should be warned about password expiry.
+     */
+    readonly passwordExpireWarning: pulumi.Output<number>;
+    /**
+     * (Updatable) The number of days after which the password expires automatically
+     */
+    readonly passwordExpiresAfter: pulumi.Output<number>;
+    /**
+     * (Updatable) Indicates whether the password policy is configured as Simple, Standard, or Custom.
+     */
+    readonly passwordStrength: pulumi.Output<string>;
+    /**
+     * (Updatable) Password policy priority
+     */
+    readonly priority: pulumi.Output<number>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
+     */
+    readonly requiredChars: pulumi.Output<string>;
+    /**
+     * (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
+     */
+    readonly resourceTypeSchemaVersion: pulumi.Output<string | undefined>;
+    /**
+     * (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
+     */
+    readonly schemas: pulumi.Output<string[]>;
+    /**
+     * (Updatable) Indicates that the password must begin with an alphabetic character
+     */
+    readonly startsWithAlphabet: pulumi.Output<boolean>;
+    /**
+     * (Updatable) A list of tags on this resource.
+     */
+    readonly tags: pulumi.Output<outputs.Identity.DomainsPasswordPolicyTag[]>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
+     */
+    readonly tenancyOcid: pulumi.Output<string>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
+     */
+    readonly userNameDisallowed: pulumi.Output<boolean>;
+    /**
+     * Create a DomainsPasswordPolicy resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: DomainsPasswordPolicyArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering DomainsPasswordPolicy resources.
+ */
+export interface DomainsPasswordPolicyState {
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
+     */
+    allowedChars?: pulumi.Input<string>;
+    /**
+     * (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
+     */
+    attributeSets?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
+     */
+    attributes?: pulumi.Input<string>;
+    /**
+     * (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
+     */
+    authorization?: pulumi.Input<string>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
+     */
+    compartmentOcid?: pulumi.Input<string>;
+    /**
+     * (Updatable) List of password policy rules that have values set. This map of stringKey:stringValue pairs can be used to aid users while setting/resetting password
+     */
+    configuredPasswordPolicyRules?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyConfiguredPasswordPolicyRule>[]>;
+    /**
+     * (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
+     */
+    deleteInProgress?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A String that describes the password policy
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * (Updatable) A delimiter used to separate characters in the dictionary file
+     */
+    dictionaryDelimiter?: pulumi.Input<string>;
+    /**
+     * (Updatable) A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
+     */
+    dictionaryLocation?: pulumi.Input<string>;
+    /**
+     * (Updatable) Indicates whether the password can match a dictionary word
+     */
+    dictionaryWordDisallowed?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
+     */
+    disallowedChars?: pulumi.Input<string>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
+     */
+    disallowedSubstrings?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
+     */
+    domainOcid?: pulumi.Input<string>;
+    /**
+     * (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
+     */
+    externalId?: pulumi.Input<string>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
+     */
+    firstNameDisallowed?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
+     */
+    forcePasswordReset?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A list of groups that the password policy belongs to.
+     */
+    groups?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyGroup>[]>;
+    /**
+     * (Updatable) The User or App who created the Resource
+     */
+    idcsCreatedBies?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyIdcsCreatedBy>[]>;
+    /**
+     * The basic endpoint for the identity domain
+     */
+    idcsEndpoint?: pulumi.Input<string>;
+    /**
+     * (Updatable) The User or App who modified the Resource
+     */
+    idcsLastModifiedBies?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyIdcsLastModifiedBy>[]>;
+    /**
+     * (Updatable) The release number when the resource was upgraded.
+     */
+    idcsLastUpgradedInRelease?: pulumi.Input<string>;
+    /**
+     * (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
+     */
+    idcsPreventedOperations?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
+     */
+    lastNameDisallowed?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
+     */
+    lockoutDuration?: pulumi.Input<number>;
+    /**
+     * (Updatable) An integer that represents the maximum number of failed logins before an account is locked
+     */
+    maxIncorrectAttempts?: pulumi.Input<number>;
+    /**
+     * (Updatable) The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
+     */
+    maxLength?: pulumi.Input<number>;
+    /**
+     * (Updatable) The maximum number of repeated characters allowed in a password.  A value of 0 or no value indicates no such restriction.
+     */
+    maxRepeatedChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) The maximum number of special characters in a password.  A value of 0 or no value indicates no maximum special characters restriction.
+     */
+    maxSpecialChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
+     */
+    metas?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyMeta>[]>;
+    /**
+     * (Updatable) The minimum number of a combination of alphabetic and numeric characters in a password.  A value of 0 or no value indicates no minimum alphanumeric character restriction.
+     */
+    minAlphaNumerals?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of alphabetic characters in a password.  A value of 0 or no value indicates no minimum alphas restriction.
+     */
+    minAlphas?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
+     */
+    minLength?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of lowercase alphabetic characters in a password.  A value of 0 or no value indicates no minimum lowercase restriction.
+     */
+    minLowerCase?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of numeric characters in a password.  A value of 0 or no value indicates no minimum numeric character restriction.
+     */
+    minNumerals?: pulumi.Input<number>;
+    /**
+     * (Updatable) Minimum time after which the user can resubmit the reset password request
+     */
+    minPasswordAge?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
+     */
+    minSpecialChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of unique characters in a password.  A value of 0 or no value indicates no minimum unique characters restriction.
+     */
+    minUniqueChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
+     */
+    minUpperCase?: pulumi.Input<number>;
+    /**
+     * (Updatable) A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Updatable) The number of passwords that will be kept in history that may not be used as a password
+     */
+    numPasswordsInHistory?: pulumi.Input<number>;
+    /**
+     * (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
+     */
+    ocid?: pulumi.Input<string>;
+    /**
+     * (Updatable) An integer indicating the number of days before which the user should be warned about password expiry.
+     */
+    passwordExpireWarning?: pulumi.Input<number>;
+    /**
+     * (Updatable) The number of days after which the password expires automatically
+     */
+    passwordExpiresAfter?: pulumi.Input<number>;
+    /**
+     * (Updatable) Indicates whether the password policy is configured as Simple, Standard, or Custom.
+     */
+    passwordStrength?: pulumi.Input<string>;
+    /**
+     * (Updatable) Password policy priority
+     */
+    priority?: pulumi.Input<number>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
+     */
+    requiredChars?: pulumi.Input<string>;
+    /**
+     * (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
+     */
+    resourceTypeSchemaVersion?: pulumi.Input<string>;
+    /**
+     * (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
+     */
+    schemas?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) Indicates that the password must begin with an alphabetic character
+     */
+    startsWithAlphabet?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A list of tags on this resource.
+     */
+    tags?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyTag>[]>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
+     */
+    tenancyOcid?: pulumi.Input<string>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
+     */
+    userNameDisallowed?: pulumi.Input<boolean>;
+}
+/**
+ * The set of arguments for constructing a DomainsPasswordPolicy resource.
+ */
+export interface DomainsPasswordPolicyArgs {
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that can appear, in any sequence, in a password value
+     */
+    allowedChars?: pulumi.Input<string>;
+    /**
+     * (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
+     */
+    attributeSets?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
+     */
+    attributes?: pulumi.Input<string>;
+    /**
+     * (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
+     */
+    authorization?: pulumi.Input<string>;
+    /**
+     * (Updatable) A String that describes the password policy
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * (Updatable) A delimiter used to separate characters in the dictionary file
+     */
+    dictionaryDelimiter?: pulumi.Input<string>;
+    /**
+     * (Updatable) A Reference value that contains the URI of a dictionary of words not allowed to appear within a password value
+     */
+    dictionaryLocation?: pulumi.Input<string>;
+    /**
+     * (Updatable) Indicates whether the password can match a dictionary word
+     */
+    dictionaryWordDisallowed?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that cannot appear, in any sequence, in a password value
+     */
+    disallowedChars?: pulumi.Input<string>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of substrings that cannot appear, in any sequence, in a password value
+     */
+    disallowedSubstrings?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
+     */
+    externalId?: pulumi.Input<string>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the user's first name of given name cannot be the password. Password validation against policy will be ignored if length of first name is less than or equal to 3 characters.
+     */
+    firstNameDisallowed?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Indicates whether all of the users should be forced to reset their password on the next login (to comply with new password policy changes)
+     */
+    forcePasswordReset?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A list of groups that the password policy belongs to.
+     */
+    groups?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyGroup>[]>;
+    /**
+     * The basic endpoint for the identity domain
+     */
+    idcsEndpoint: pulumi.Input<string>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the user's last name of given name cannot be the password. Password validation against policy will be ignored if length of last name is less than or equal to 3 characters.
+     */
+    lastNameDisallowed?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) The time period in minutes to lock out a user account when the threshold of invalid login attempts is reached. The available range is from 5 through 1440 minutes (24 hours).
+     */
+    lockoutDuration?: pulumi.Input<number>;
+    /**
+     * (Updatable) An integer that represents the maximum number of failed logins before an account is locked
+     */
+    maxIncorrectAttempts?: pulumi.Input<number>;
+    /**
+     * (Updatable) The maximum password length (in characters). A value of 0 or no value indicates no maximum length restriction.
+     */
+    maxLength?: pulumi.Input<number>;
+    /**
+     * (Updatable) The maximum number of repeated characters allowed in a password.  A value of 0 or no value indicates no such restriction.
+     */
+    maxRepeatedChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) The maximum number of special characters in a password.  A value of 0 or no value indicates no maximum special characters restriction.
+     */
+    maxSpecialChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of a combination of alphabetic and numeric characters in a password.  A value of 0 or no value indicates no minimum alphanumeric character restriction.
+     */
+    minAlphaNumerals?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of alphabetic characters in a password.  A value of 0 or no value indicates no minimum alphas restriction.
+     */
+    minAlphas?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum password length (in characters). A value of 0 or no value indicates no minimum length restriction.
+     */
+    minLength?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of lowercase alphabetic characters in a password.  A value of 0 or no value indicates no minimum lowercase restriction.
+     */
+    minLowerCase?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of numeric characters in a password.  A value of 0 or no value indicates no minimum numeric character restriction.
+     */
+    minNumerals?: pulumi.Input<number>;
+    /**
+     * (Updatable) Minimum time after which the user can resubmit the reset password request
+     */
+    minPasswordAge?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of special characters in a password. A value of 0 or no value indicates no minimum special characters restriction.
+     */
+    minSpecialChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of unique characters in a password.  A value of 0 or no value indicates no minimum unique characters restriction.
+     */
+    minUniqueChars?: pulumi.Input<number>;
+    /**
+     * (Updatable) The minimum number of uppercase alphabetic characters in a password. A value of 0 or no value indicates no minimum uppercase restriction.
+     */
+    minUpperCase?: pulumi.Input<number>;
+    /**
+     * (Updatable) A String that is the name of the policy to display to the user. This is the only mandatory attribute for a password policy.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Updatable) The number of passwords that will be kept in history that may not be used as a password
+     */
+    numPasswordsInHistory?: pulumi.Input<number>;
+    /**
+     * (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
+     */
+    ocid?: pulumi.Input<string>;
+    /**
+     * (Updatable) An integer indicating the number of days before which the user should be warned about password expiry.
+     */
+    passwordExpireWarning?: pulumi.Input<number>;
+    /**
+     * (Updatable) The number of days after which the password expires automatically
+     */
+    passwordExpiresAfter?: pulumi.Input<number>;
+    /**
+     * (Updatable) Indicates whether the password policy is configured as Simple, Standard, or Custom.
+     */
+    passwordStrength?: pulumi.Input<string>;
+    /**
+     * (Updatable) Password policy priority
+     */
+    priority?: pulumi.Input<number>;
+    /**
+     * (Updatable) A String value whose contents indicate a set of characters that must appear, in any sequence, in a password value
+     */
+    requiredChars?: pulumi.Input<string>;
+    /**
+     * (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
+     */
+    resourceTypeSchemaVersion?: pulumi.Input<string>;
+    /**
+     * (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
+     */
+    schemas: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) Indicates that the password must begin with an alphabetic character
+     */
+    startsWithAlphabet?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A list of tags on this resource.
+     */
+    tags?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsPasswordPolicyTag>[]>;
+    /**
+     * (Updatable) Indicates a sequence of characters that match the username cannot be the password. Password validation against policy will be ignored if length of user name is less than or equal to 3 characters.
+     */
+    userNameDisallowed?: pulumi.Input<boolean>;
+}