@pulumi/okta 4.4.0 → 4.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/adminRoleCustom.d.ts +10 -129
- package/adminRoleCustom.js +1 -24
- package/adminRoleCustom.js.map +1 -1
- package/adminRoleCustomAssignments.d.ts +10 -25
- package/adminRoleCustomAssignments.js +1 -13
- package/adminRoleCustomAssignments.js.map +1 -1
- package/adminRoleTargets.d.ts +14 -44
- package/adminRoleTargets.js +0 -30
- package/adminRoleTargets.js.map +1 -1
- package/app/accessPolicyAssignment.d.ts +1 -20
- package/app/accessPolicyAssignment.js +1 -20
- package/app/accessPolicyAssignment.js.map +1 -1
- package/app/autoLogin.d.ts +72 -115
- package/app/autoLogin.js +0 -43
- package/app/autoLogin.js.map +1 -1
- package/app/basicAuth.d.ts +38 -62
- package/app/basicAuth.js +0 -24
- package/app/basicAuth.js.map +1 -1
- package/app/bookmark.d.ts +35 -67
- package/app/bookmark.js +0 -23
- package/app/bookmark.js.map +1 -1
- package/app/getApp.d.ts +58 -25
- package/app/getApp.js +2 -2
- package/app/getApp.js.map +1 -1
- package/app/getMetadataSaml.d.ts +11 -5
- package/app/getMetadataSaml.js +2 -2
- package/app/getMetadataSaml.js.map +1 -1
- package/app/getOauth.d.ts +62 -34
- package/app/getOauth.js +2 -2
- package/app/getOauth.js.map +1 -1
- package/app/getSaml.d.ts +75 -55
- package/app/getSaml.js +2 -2
- package/app/getSaml.js.map +1 -1
- package/app/groupAssignment.d.ts +6 -15
- package/app/groupAssignment.js +0 -9
- package/app/groupAssignment.js.map +1 -1
- package/app/oauth.d.ts +125 -299
- package/app/oauth.js +0 -78
- package/app/oauth.js.map +1 -1
- package/app/oauthPostLogoutRedirectUri.d.ts +0 -31
- package/app/oauthPostLogoutRedirectUri.js +0 -31
- package/app/oauthPostLogoutRedirectUri.js.map +1 -1
- package/app/oauthRedirectUri.d.ts +0 -30
- package/app/oauthRedirectUri.js +0 -30
- package/app/oauthRedirectUri.js.map +1 -1
- package/app/saml.d.ts +133 -299
- package/app/saml.js +0 -157
- package/app/saml.js.map +1 -1
- package/app/securePasswordStore.d.ts +79 -105
- package/app/securePasswordStore.js +0 -26
- package/app/securePasswordStore.js.map +1 -1
- package/app/swa.d.ts +72 -98
- package/app/swa.js +0 -26
- package/app/swa.js.map +1 -1
- package/app/threeField.d.ts +72 -83
- package/app/threeField.js +0 -11
- package/app/threeField.js.map +1 -1
- package/app/user.d.ts +12 -37
- package/app/user.js +0 -22
- package/app/user.js.map +1 -1
- package/appGroupAssignments.d.ts +3 -51
- package/appGroupAssignments.js +0 -48
- package/appGroupAssignments.js.map +1 -1
- package/appOauthApiScope.d.ts +3 -36
- package/appOauthApiScope.js +0 -33
- package/appOauthApiScope.js.map +1 -1
- package/appSamlAppSettings.d.ts +6 -44
- package/appSamlAppSettings.js +0 -38
- package/appSamlAppSettings.js.map +1 -1
- package/appSharedCredentials.d.ts +72 -111
- package/appSharedCredentials.js +0 -39
- package/appSharedCredentials.js.map +1 -1
- package/appSignonPolicy.d.ts +6 -44
- package/appSignonPolicy.js +0 -38
- package/appSignonPolicy.js.map +1 -1
- package/appSignonPolicyRule.d.ts +63 -322
- package/appSignonPolicyRule.js +0 -244
- package/appSignonPolicyRule.js.map +1 -1
- package/appUserBaseSchemaProperty.d.ts +24 -52
- package/appUserBaseSchemaProperty.js +0 -28
- package/appUserBaseSchemaProperty.js.map +1 -1
- package/appUserSchemaProperty.d.ts +54 -80
- package/appUserSchemaProperty.js +0 -26
- package/appUserSchemaProperty.js.map +1 -1
- package/auth/getServer.d.ts +11 -11
- package/auth/getServer.js +2 -2
- package/auth/getServerPolicy.d.ts +15 -9
- package/auth/getServerPolicy.js +2 -2
- package/auth/getServerPolicy.js.map +1 -1
- package/auth/getServerScopes.d.ts +8 -5
- package/auth/getServerScopes.js +2 -2
- package/auth/getServerScopes.js.map +1 -1
- package/auth/server.d.ts +13 -49
- package/auth/server.js +0 -27
- package/auth/server.js.map +1 -1
- package/auth/serverClaim.d.ts +18 -54
- package/auth/serverClaim.js +0 -27
- package/auth/serverClaim.js.map +1 -1
- package/auth/serverPolicy.d.ts +6 -43
- package/auth/serverPolicy.js +0 -28
- package/auth/serverPolicy.js.map +1 -1
- package/auth/serverPolicyClaim.d.ts +35 -71
- package/auth/serverPolicyClaim.js +4 -28
- package/auth/serverPolicyClaim.js.map +1 -1
- package/auth/serverPolicyRule.d.ts +27 -70
- package/auth/serverPolicyRule.js +0 -25
- package/auth/serverPolicyRule.js.map +1 -1
- package/auth/serverScope.d.ts +15 -41
- package/auth/serverScope.js +0 -26
- package/auth/serverScope.js.map +1 -1
- package/authServerClaimDefault.d.ts +13 -50
- package/authServerClaimDefault.js +0 -31
- package/authServerClaimDefault.js.map +1 -1
- package/authServerDefault.d.ts +13 -47
- package/authServerDefault.js +0 -25
- package/authServerDefault.js.map +1 -1
- package/authenticator.d.ts +38 -94
- package/authenticator.js +0 -38
- package/authenticator.js.map +1 -1
- package/behaviour.d.ts +18 -78
- package/behaviour.js +0 -42
- package/behaviour.js.map +1 -1
- package/brand.d.ts +17 -26
- package/brand.js +1 -10
- package/brand.js.map +1 -1
- package/captcha.d.ts +12 -38
- package/captcha.js +0 -26
- package/captcha.js.map +1 -1
- package/captchaOrgWideSettings.d.ts +6 -51
- package/captchaOrgWideSettings.js +0 -45
- package/captchaOrgWideSettings.js.map +1 -1
- package/domain.d.ts +13 -39
- package/domain.js +0 -20
- package/domain.js.map +1 -1
- package/domainCertificate.d.ts +15 -51
- package/domainCertificate.js +0 -36
- package/domainCertificate.js.map +1 -1
- package/domainVerification.d.ts +3 -22
- package/domainVerification.js +0 -19
- package/domainVerification.js.map +1 -1
- package/emailCustomization.d.ts +3 -224
- package/emailCustomization.js +0 -41
- package/emailCustomization.js.map +1 -1
- package/emailSender.d.ts +13 -39
- package/emailSender.js +0 -26
- package/emailSender.js.map +1 -1
- package/emailSenderVerification.d.ts +3 -26
- package/emailSenderVerification.js +0 -23
- package/emailSenderVerification.js.map +1 -1
- package/eventHook.d.ts +0 -37
- package/eventHook.js +0 -37
- package/eventHook.js.map +1 -1
- package/eventHookVerification.d.ts +3 -37
- package/eventHookVerification.js +0 -34
- package/eventHookVerification.js.map +1 -1
- package/factor/factor.d.ts +6 -23
- package/factor/factor.js +0 -14
- package/factor/factor.js.map +1 -1
- package/factorTotp.d.ts +12 -44
- package/factorTotp.js +0 -23
- package/factorTotp.js.map +1 -1
- package/getAppGroupAssignments.d.ts +6 -6
- package/getAppGroupAssignments.js +2 -2
- package/getAppSignonPolicy.d.ts +16 -6
- package/getAppSignonPolicy.js +8 -4
- package/getAppSignonPolicy.js.map +1 -1
- package/getAppUserAssignments.d.ts +6 -6
- package/getAppUserAssignments.js +2 -2
- package/getAuthServerClaim.d.ts +15 -12
- package/getAuthServerClaim.js +2 -2
- package/getAuthServerClaim.js.map +1 -1
- package/getAuthServerClaims.d.ts +8 -5
- package/getAuthServerClaims.js +2 -2
- package/getAuthServerClaims.js.map +1 -1
- package/getAuthenticator.d.ts +24 -26
- package/getAuthenticator.js +14 -22
- package/getAuthenticator.js.map +1 -1
- package/getBehaviour.d.ts +6 -8
- package/getBehaviour.js +2 -2
- package/getBehaviour.js.map +1 -1
- package/getBehaviours.d.ts +7 -7
- package/getBehaviours.js +2 -2
- package/getBrand.d.ts +9 -6
- package/getBrand.js +2 -2
- package/getBrand.js.map +1 -1
- package/getBrands.d.ts +2 -2
- package/getBrands.js +2 -2
- package/getEmailCustomization.d.ts +14 -9
- package/getEmailCustomization.js +2 -6
- package/getEmailCustomization.js.map +1 -1
- package/getEmailCustomizations.d.ts +11 -9
- package/getEmailCustomizations.js +2 -6
- package/getEmailCustomizations.js.map +1 -1
- package/getGroups.d.ts +11 -25
- package/getGroups.js +2 -2
- package/getGroups.js.map +1 -1
- package/getNetworkZone.d.ts +12 -12
- package/getNetworkZone.js +2 -2
- package/getRoleSubscription.d.ts +13 -35
- package/getRoleSubscription.js +2 -2
- package/getRoleSubscription.js.map +1 -1
- package/getTemplate.d.ts +10 -8
- package/getTemplate.js +2 -6
- package/getTemplate.js.map +1 -1
- package/getTemplates.d.ts +6 -7
- package/getTemplates.js +2 -6
- package/getTemplates.js.map +1 -1
- package/getTheme.d.ts +14 -12
- package/getTheme.js +2 -6
- package/getTheme.js.map +1 -1
- package/getThemes.d.ts +6 -7
- package/getThemes.js +2 -6
- package/getThemes.js.map +1 -1
- package/getTrustedOrigins.d.ts +7 -4
- package/getTrustedOrigins.js +2 -2
- package/getTrustedOrigins.js.map +1 -1
- package/getUserSecurityQuestions.d.ts +4 -8
- package/getUserSecurityQuestions.js +0 -4
- package/getUserSecurityQuestions.js.map +1 -1
- package/group/getEveryoneGroup.d.ts +10 -5
- package/group/getEveryoneGroup.js +4 -2
- package/group/getEveryoneGroup.js.map +1 -1
- package/group/getGroup.d.ts +17 -22
- package/group/getGroup.js +2 -2
- package/group/getGroup.js.map +1 -1
- package/group/getRule.d.ts +6 -15
- package/group/getRule.js +2 -2
- package/group/getRule.js.map +1 -1
- package/group/group.d.ts +9 -46
- package/group/group.js +0 -37
- package/group/group.js.map +1 -1
- package/group/role.d.ts +15 -101
- package/group/role.js +0 -26
- package/group/role.js.map +1 -1
- package/group/rule.d.ts +6 -84
- package/group/rule.js +0 -27
- package/group/rule.js.map +1 -1
- package/groupMemberships.d.ts +7 -42
- package/groupMemberships.js +1 -36
- package/groupMemberships.js.map +1 -1
- package/groupSchemaProperty.d.ts +51 -94
- package/groupSchemaProperty.js +0 -25
- package/groupSchemaProperty.js.map +1 -1
- package/idp/getMetadataSaml.d.ts +9 -6
- package/idp/getMetadataSaml.js +2 -2
- package/idp/getMetadataSaml.js.map +1 -1
- package/idp/getOidc.d.ts +9 -9
- package/idp/getOidc.js +2 -2
- package/idp/getSaml.d.ts +16 -13
- package/idp/getSaml.js +2 -2
- package/idp/getSaml.js.map +1 -1
- package/idp/getSocial.d.ts +8 -2
- package/idp/getSocial.js +2 -2
- package/idp/getSocial.js.map +1 -1
- package/idp/oidc.d.ts +12 -297
- package/idp/oidc.js +0 -36
- package/idp/oidc.js.map +1 -1
- package/idp/saml.d.ts +18 -284
- package/idp/saml.js +0 -32
- package/idp/saml.js.map +1 -1
- package/idp/samlKey.d.ts +3 -48
- package/idp/samlKey.js +0 -9
- package/idp/samlKey.js.map +1 -1
- package/idp/social.d.ts +18 -251
- package/idp/social.js +0 -32
- package/idp/social.js.map +1 -1
- package/index/emailDomain.d.ts +16 -41
- package/index/emailDomain.js +0 -25
- package/index/emailDomain.js.map +1 -1
- package/index/emailDomainVerification.d.ts +3 -25
- package/index/emailDomainVerification.js +0 -22
- package/index/emailDomainVerification.js.map +1 -1
- package/index/getDomain.d.ts +11 -14
- package/index/getDomain.js +2 -8
- package/index/getDomain.js.map +1 -1
- package/inline/hook.d.ts +0 -89
- package/inline/hook.js +0 -35
- package/inline/hook.js.map +1 -1
- package/linkDefinition.d.ts +0 -30
- package/linkDefinition.js +0 -30
- package/linkDefinition.js.map +1 -1
- package/linkValue.d.ts +6 -59
- package/linkValue.js +0 -53
- package/linkValue.js.map +1 -1
- package/network/zone.d.ts +27 -74
- package/network/zone.js +0 -44
- package/network/zone.js.map +1 -1
- package/orgConfiguration.d.ts +0 -25
- package/orgConfiguration.js +0 -25
- package/orgConfiguration.js.map +1 -1
- package/orgSupport.d.ts +3 -20
- package/orgSupport.js +0 -17
- package/orgSupport.js.map +1 -1
- package/package.json +2 -2
- package/package.json.bak +1 -1
- package/policy/getDefaultPolicy.d.ts +9 -7
- package/policy/getDefaultPolicy.js +6 -2
- package/policy/getDefaultPolicy.js.map +1 -1
- package/policy/getPolicy.d.ts +11 -10
- package/policy/getPolicy.js +2 -2
- package/policy/getPolicy.js.map +1 -1
- package/policy/mfa.d.ts +18 -259
- package/policy/mfa.js +0 -49
- package/policy/mfa.js.map +1 -1
- package/policy/password.d.ts +90 -117
- package/policy/password.js +0 -27
- package/policy/password.js.map +1 -1
- package/policy/ruleIdpDiscovery.d.ts +27 -149
- package/policy/ruleIdpDiscovery.js +0 -65
- package/policy/ruleIdpDiscovery.js.map +1 -1
- package/policy/ruleMfa.d.ts +24 -35
- package/policy/ruleMfa.js +0 -11
- package/policy/ruleMfa.js.map +1 -1
- package/policy/rulePassword.d.ts +33 -46
- package/policy/rulePassword.js +0 -13
- package/policy/rulePassword.js.map +1 -1
- package/policy/ruleSignon.d.ts +57 -170
- package/policy/ruleSignon.js +0 -92
- package/policy/ruleSignon.js.map +1 -1
- package/policy/signon.d.ts +15 -41
- package/policy/signon.js +0 -26
- package/policy/signon.js.map +1 -1
- package/policyMfaDefault.d.ts +13 -250
- package/policyMfaDefault.js +0 -45
- package/policyMfaDefault.js.map +1 -1
- package/policyPasswordDefault.d.ts +54 -88
- package/policyPasswordDefault.js +0 -22
- package/policyPasswordDefault.js.map +1 -1
- package/policyProfileEnrollment.d.ts +6 -28
- package/policyProfileEnrollment.js +0 -22
- package/policyProfileEnrollment.js.map +1 -1
- package/policyProfileEnrollmentApps.d.ts +5 -42
- package/policyProfileEnrollmentApps.js +0 -37
- package/policyProfileEnrollmentApps.js.map +1 -1
- package/policyRuleProfileEnrollment.d.ts +23 -85
- package/policyRuleProfileEnrollment.js +0 -62
- package/policyRuleProfileEnrollment.js.map +1 -1
- package/profile/mapping.d.ts +9 -95
- package/profile/mapping.js +0 -41
- package/profile/mapping.js.map +1 -1
- package/rateLimiting.d.ts +9 -43
- package/rateLimiting.js +0 -28
- package/rateLimiting.js.map +1 -1
- package/resourceSet.d.ts +10 -32
- package/resourceSet.js +1 -20
- package/resourceSet.js.map +1 -1
- package/roleSubscription.d.ts +9 -110
- package/roleSubscription.js +0 -26
- package/roleSubscription.js.map +1 -1
- package/securityNotificationEmails.d.ts +15 -45
- package/securityNotificationEmails.js +0 -30
- package/securityNotificationEmails.js.map +1 -1
- package/templateSms.d.ts +3 -47
- package/templateSms.js +0 -35
- package/templateSms.js.map +1 -1
- package/theme.d.ts +44 -53
- package/theme.js +0 -9
- package/theme.js.map +1 -1
- package/threatInsightSettings.d.ts +6 -58
- package/threatInsightSettings.js +0 -34
- package/threatInsightSettings.js.map +1 -1
- package/trustedorigin/origin.d.ts +12 -37
- package/trustedorigin/origin.js +0 -25
- package/trustedorigin/origin.js.map +1 -1
- package/types/input.d.ts +60 -227
- package/types/output.d.ts +56 -446
- package/user/getUser.d.ts +32 -104
- package/user/getUser.js +2 -2
- package/user/getUser.js.map +1 -1
- package/user/getUserProfileMappingSource.d.ts +9 -7
- package/user/getUserProfileMappingSource.js +6 -4
- package/user/getUserProfileMappingSource.js.map +1 -1
- package/user/getUserType.d.ts +7 -7
- package/user/getUserType.js +2 -2
- package/user/getUsers.d.ts +61 -57
- package/user/getUsers.js +30 -44
- package/user/getUsers.js.map +1 -1
- package/user/user.d.ts +117 -215
- package/user/user.js +0 -71
- package/user/user.js.map +1 -1
- package/user/userType.d.ts +9 -34
- package/user/userType.js +0 -25
- package/user/userType.js.map +1 -1
- package/userAdminRoles.d.ts +10 -41
- package/userAdminRoles.js +1 -29
- package/userAdminRoles.js.map +1 -1
- package/userBaseSchemaProperty.d.ts +24 -67
- package/userBaseSchemaProperty.js +0 -43
- package/userBaseSchemaProperty.js.map +1 -1
- package/userFactorQuestion.d.ts +14 -52
- package/userFactorQuestion.js +1 -39
- package/userFactorQuestion.js.map +1 -1
- package/userGroupMemberships.d.ts +4 -23
- package/userGroupMemberships.js +1 -20
- package/userGroupMemberships.js.map +1 -1
- package/userSchemaProperty.d.ts +57 -107
- package/userSchemaProperty.js +0 -32
- package/userSchemaProperty.js.map +1 -1
- package/scripts/install-pulumi-plugin.js +0 -21
package/policy/mfa.d.ts
CHANGED
|
@@ -1,53 +1,4 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
-
/**
|
|
3
|
-
* Creates an MFA Policy.
|
|
4
|
-
*
|
|
5
|
-
* This resource allows you to create and configure an MFA Policy.
|
|
6
|
-
*
|
|
7
|
-
* > Requires Org Feature Flag `OKTA_MFA_POLICY`. Contact support to have this feature flag ***enabled***.
|
|
8
|
-
*
|
|
9
|
-
* > Unless Org Feature Flag `ENG_ENABLE_OPTIONAL_PASSWORD_ENROLLMENT` is ***disabled*** `oktaPassword` or `oktaEmail` must be present and its `enroll` value set to `REQUIRED`. Contact support to have this feature flag ***disabled***.
|
|
10
|
-
*
|
|
11
|
-
* ## Example Usage
|
|
12
|
-
*
|
|
13
|
-
* ```typescript
|
|
14
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
15
|
-
* import * as okta from "@pulumi/okta";
|
|
16
|
-
*
|
|
17
|
-
* const classicExample = new okta.policy.Mfa("classicExample", {
|
|
18
|
-
* description: "Example MFA policy using Okta Classic engine with factors.",
|
|
19
|
-
* groupsIncludeds: [data.okta_group.everyone.id],
|
|
20
|
-
* isOie: false,
|
|
21
|
-
* oktaOtp: {
|
|
22
|
-
* enroll: "REQUIRED",
|
|
23
|
-
* },
|
|
24
|
-
* oktaPassword: {
|
|
25
|
-
* enroll: "REQUIRED",
|
|
26
|
-
* },
|
|
27
|
-
* status: "ACTIVE",
|
|
28
|
-
* });
|
|
29
|
-
* const oieExample = new okta.policy.Mfa("oieExample", {
|
|
30
|
-
* description: "Example MFA policy that uses Okta Identity Engine (OIE) with authenticators",
|
|
31
|
-
* groupsIncludeds: [data.okta_group.everyone.id],
|
|
32
|
-
* isOie: true,
|
|
33
|
-
* oktaPassword: {
|
|
34
|
-
* enroll: "REQUIRED",
|
|
35
|
-
* },
|
|
36
|
-
* oktaVerify: {
|
|
37
|
-
* enroll: "REQUIRED",
|
|
38
|
-
* },
|
|
39
|
-
* status: "ACTIVE",
|
|
40
|
-
* });
|
|
41
|
-
* ```
|
|
42
|
-
*
|
|
43
|
-
* ## Import
|
|
44
|
-
*
|
|
45
|
-
* An MFA Policy can be imported via the Okta ID.
|
|
46
|
-
*
|
|
47
|
-
* ```sh
|
|
48
|
-
* $ pulumi import okta:policy/mfa:Mfa example <policy id>
|
|
49
|
-
* ```
|
|
50
|
-
*/
|
|
51
2
|
export declare class Mfa extends pulumi.CustomResource {
|
|
52
3
|
/**
|
|
53
4
|
* Get an existing Mfa resource's state with the given name, ID, and optional extra
|
|
@@ -65,153 +16,89 @@ export declare class Mfa extends pulumi.CustomResource {
|
|
|
65
16
|
*/
|
|
66
17
|
static isInstance(obj: any): obj is Mfa;
|
|
67
18
|
/**
|
|
68
|
-
* Policy Description
|
|
19
|
+
* Policy Description
|
|
69
20
|
*/
|
|
70
21
|
readonly description: pulumi.Output<string | undefined>;
|
|
71
|
-
/**
|
|
72
|
-
* DUO MFA policy settings (✓ Classic, ✓ OIE).
|
|
73
|
-
*/
|
|
74
22
|
readonly duo: pulumi.Output<{
|
|
75
23
|
[key: string]: string;
|
|
76
24
|
} | undefined>;
|
|
77
|
-
/**
|
|
78
|
-
* External IDP MFA policy settings (✓ OIE).
|
|
79
|
-
*/
|
|
80
25
|
readonly externalIdp: pulumi.Output<{
|
|
81
26
|
[key: string]: string;
|
|
82
27
|
} | undefined>;
|
|
83
|
-
/**
|
|
84
|
-
* Fido U2F MFA policy settings (✓ Classic).
|
|
85
|
-
*/
|
|
86
28
|
readonly fidoU2f: pulumi.Output<{
|
|
87
29
|
[key: string]: string;
|
|
88
30
|
} | undefined>;
|
|
89
|
-
/**
|
|
90
|
-
* Fido Web Authn MFA policy settings (✓ Classic).
|
|
91
|
-
*/
|
|
92
31
|
readonly fidoWebauthn: pulumi.Output<{
|
|
93
32
|
[key: string]: string;
|
|
94
33
|
} | undefined>;
|
|
95
|
-
/**
|
|
96
|
-
* Google OTP MFA policy settings (✓ Classic, ✓ OIE).
|
|
97
|
-
*/
|
|
98
34
|
readonly googleOtp: pulumi.Output<{
|
|
99
35
|
[key: string]: string;
|
|
100
36
|
} | undefined>;
|
|
101
37
|
/**
|
|
102
|
-
* List of Group IDs to Include
|
|
38
|
+
* List of Group IDs to Include
|
|
103
39
|
*/
|
|
104
40
|
readonly groupsIncludeds: pulumi.Output<string[] | undefined>;
|
|
105
|
-
/**
|
|
106
|
-
* HMAC-based One-Time Password MFA policy settings (✓ Classic).
|
|
107
|
-
*/
|
|
108
41
|
readonly hotp: pulumi.Output<{
|
|
109
42
|
[key: string]: string;
|
|
110
43
|
} | undefined>;
|
|
111
44
|
/**
|
|
112
|
-
*
|
|
113
|
-
* > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.
|
|
45
|
+
* Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
|
|
114
46
|
*/
|
|
115
47
|
readonly isOie: pulumi.Output<boolean | undefined>;
|
|
116
48
|
/**
|
|
117
|
-
* Policy Name
|
|
49
|
+
* Policy Name
|
|
118
50
|
*/
|
|
119
51
|
readonly name: pulumi.Output<string>;
|
|
120
|
-
/**
|
|
121
|
-
* Okta Call MFA policy settings (✓ Classic).
|
|
122
|
-
*/
|
|
123
52
|
readonly oktaCall: pulumi.Output<{
|
|
124
53
|
[key: string]: string;
|
|
125
54
|
} | undefined>;
|
|
126
|
-
/**
|
|
127
|
-
* Okta Email MFA policy settings (✓ Classic, ✓ OIE).
|
|
128
|
-
*/
|
|
129
55
|
readonly oktaEmail: pulumi.Output<{
|
|
130
56
|
[key: string]: string;
|
|
131
57
|
} | undefined>;
|
|
132
|
-
/**
|
|
133
|
-
* Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).
|
|
134
|
-
*/
|
|
135
58
|
readonly oktaOtp: pulumi.Output<{
|
|
136
59
|
[key: string]: string;
|
|
137
60
|
} | undefined>;
|
|
138
|
-
/**
|
|
139
|
-
* Okta Password MFA policy settings (✓ Classic, ✓ OIE).
|
|
140
|
-
*/
|
|
141
61
|
readonly oktaPassword: pulumi.Output<{
|
|
142
62
|
[key: string]: string;
|
|
143
63
|
} | undefined>;
|
|
144
|
-
/**
|
|
145
|
-
* Okta Push MFA policy settings (✓ Classic).
|
|
146
|
-
*/
|
|
147
64
|
readonly oktaPush: pulumi.Output<{
|
|
148
65
|
[key: string]: string;
|
|
149
66
|
} | undefined>;
|
|
150
|
-
/**
|
|
151
|
-
* Okta Question MFA policy settings (✓ Classic).
|
|
152
|
-
*/
|
|
153
67
|
readonly oktaQuestion: pulumi.Output<{
|
|
154
68
|
[key: string]: string;
|
|
155
69
|
} | undefined>;
|
|
156
|
-
/**
|
|
157
|
-
* Okta SMS MFA policy settings (✓ Classic).
|
|
158
|
-
*/
|
|
159
70
|
readonly oktaSms: pulumi.Output<{
|
|
160
71
|
[key: string]: string;
|
|
161
72
|
} | undefined>;
|
|
162
|
-
/**
|
|
163
|
-
* Okta Verify MFA policy settings (✓ OIE).
|
|
164
|
-
*/
|
|
165
73
|
readonly oktaVerify: pulumi.Output<{
|
|
166
74
|
[key: string]: string;
|
|
167
75
|
} | undefined>;
|
|
168
|
-
/**
|
|
169
|
-
* On-Prem MFA MFA policy settings (✓ OIE).
|
|
170
|
-
*/
|
|
171
76
|
readonly onpremMfa: pulumi.Output<{
|
|
172
77
|
[key: string]: string;
|
|
173
78
|
} | undefined>;
|
|
174
|
-
/**
|
|
175
|
-
* Phone Number MFA policy settings (✓ OIE).
|
|
176
|
-
*/
|
|
177
79
|
readonly phoneNumber: pulumi.Output<{
|
|
178
80
|
[key: string]: string;
|
|
179
81
|
} | undefined>;
|
|
180
82
|
/**
|
|
181
|
-
* Priority
|
|
83
|
+
* Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
|
|
182
84
|
*/
|
|
183
85
|
readonly priority: pulumi.Output<number | undefined>;
|
|
184
|
-
/**
|
|
185
|
-
* RSA Token MFA policy settings (✓ Classic, ✓ OIE).
|
|
186
|
-
*/
|
|
187
86
|
readonly rsaToken: pulumi.Output<{
|
|
188
87
|
[key: string]: string;
|
|
189
88
|
} | undefined>;
|
|
190
|
-
/**
|
|
191
|
-
* Security Question MFA policy settings (✓ OIE).
|
|
192
|
-
*/
|
|
193
89
|
readonly securityQuestion: pulumi.Output<{
|
|
194
90
|
[key: string]: string;
|
|
195
91
|
} | undefined>;
|
|
196
92
|
/**
|
|
197
|
-
* Policy Status:
|
|
93
|
+
* Policy Status: ACTIVE or INACTIVE.
|
|
198
94
|
*/
|
|
199
95
|
readonly status: pulumi.Output<string | undefined>;
|
|
200
|
-
/**
|
|
201
|
-
* Symantec VIP MFA policy settings (✓ Classic).
|
|
202
|
-
*/
|
|
203
96
|
readonly symantecVip: pulumi.Output<{
|
|
204
97
|
[key: string]: string;
|
|
205
98
|
} | undefined>;
|
|
206
|
-
/**
|
|
207
|
-
* FIDO2 (WebAuthn) MFA policy settings (✓ OIE).
|
|
208
|
-
*/
|
|
209
99
|
readonly webauthn: pulumi.Output<{
|
|
210
100
|
[key: string]: string;
|
|
211
101
|
} | undefined>;
|
|
212
|
-
/**
|
|
213
|
-
* Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).
|
|
214
|
-
*/
|
|
215
102
|
readonly yubikeyToken: pulumi.Output<{
|
|
216
103
|
[key: string]: string;
|
|
217
104
|
} | undefined>;
|
|
@@ -229,153 +116,89 @@ export declare class Mfa extends pulumi.CustomResource {
|
|
|
229
116
|
*/
|
|
230
117
|
export interface MfaState {
|
|
231
118
|
/**
|
|
232
|
-
* Policy Description
|
|
119
|
+
* Policy Description
|
|
233
120
|
*/
|
|
234
121
|
description?: pulumi.Input<string>;
|
|
235
|
-
/**
|
|
236
|
-
* DUO MFA policy settings (✓ Classic, ✓ OIE).
|
|
237
|
-
*/
|
|
238
122
|
duo?: pulumi.Input<{
|
|
239
123
|
[key: string]: pulumi.Input<string>;
|
|
240
124
|
}>;
|
|
241
|
-
/**
|
|
242
|
-
* External IDP MFA policy settings (✓ OIE).
|
|
243
|
-
*/
|
|
244
125
|
externalIdp?: pulumi.Input<{
|
|
245
126
|
[key: string]: pulumi.Input<string>;
|
|
246
127
|
}>;
|
|
247
|
-
/**
|
|
248
|
-
* Fido U2F MFA policy settings (✓ Classic).
|
|
249
|
-
*/
|
|
250
128
|
fidoU2f?: pulumi.Input<{
|
|
251
129
|
[key: string]: pulumi.Input<string>;
|
|
252
130
|
}>;
|
|
253
|
-
/**
|
|
254
|
-
* Fido Web Authn MFA policy settings (✓ Classic).
|
|
255
|
-
*/
|
|
256
131
|
fidoWebauthn?: pulumi.Input<{
|
|
257
132
|
[key: string]: pulumi.Input<string>;
|
|
258
133
|
}>;
|
|
259
|
-
/**
|
|
260
|
-
* Google OTP MFA policy settings (✓ Classic, ✓ OIE).
|
|
261
|
-
*/
|
|
262
134
|
googleOtp?: pulumi.Input<{
|
|
263
135
|
[key: string]: pulumi.Input<string>;
|
|
264
136
|
}>;
|
|
265
137
|
/**
|
|
266
|
-
* List of Group IDs to Include
|
|
138
|
+
* List of Group IDs to Include
|
|
267
139
|
*/
|
|
268
140
|
groupsIncludeds?: pulumi.Input<pulumi.Input<string>[]>;
|
|
269
|
-
/**
|
|
270
|
-
* HMAC-based One-Time Password MFA policy settings (✓ Classic).
|
|
271
|
-
*/
|
|
272
141
|
hotp?: pulumi.Input<{
|
|
273
142
|
[key: string]: pulumi.Input<string>;
|
|
274
143
|
}>;
|
|
275
144
|
/**
|
|
276
|
-
*
|
|
277
|
-
* > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.
|
|
145
|
+
* Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
|
|
278
146
|
*/
|
|
279
147
|
isOie?: pulumi.Input<boolean>;
|
|
280
148
|
/**
|
|
281
|
-
* Policy Name
|
|
149
|
+
* Policy Name
|
|
282
150
|
*/
|
|
283
151
|
name?: pulumi.Input<string>;
|
|
284
|
-
/**
|
|
285
|
-
* Okta Call MFA policy settings (✓ Classic).
|
|
286
|
-
*/
|
|
287
152
|
oktaCall?: pulumi.Input<{
|
|
288
153
|
[key: string]: pulumi.Input<string>;
|
|
289
154
|
}>;
|
|
290
|
-
/**
|
|
291
|
-
* Okta Email MFA policy settings (✓ Classic, ✓ OIE).
|
|
292
|
-
*/
|
|
293
155
|
oktaEmail?: pulumi.Input<{
|
|
294
156
|
[key: string]: pulumi.Input<string>;
|
|
295
157
|
}>;
|
|
296
|
-
/**
|
|
297
|
-
* Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).
|
|
298
|
-
*/
|
|
299
158
|
oktaOtp?: pulumi.Input<{
|
|
300
159
|
[key: string]: pulumi.Input<string>;
|
|
301
160
|
}>;
|
|
302
|
-
/**
|
|
303
|
-
* Okta Password MFA policy settings (✓ Classic, ✓ OIE).
|
|
304
|
-
*/
|
|
305
161
|
oktaPassword?: pulumi.Input<{
|
|
306
162
|
[key: string]: pulumi.Input<string>;
|
|
307
163
|
}>;
|
|
308
|
-
/**
|
|
309
|
-
* Okta Push MFA policy settings (✓ Classic).
|
|
310
|
-
*/
|
|
311
164
|
oktaPush?: pulumi.Input<{
|
|
312
165
|
[key: string]: pulumi.Input<string>;
|
|
313
166
|
}>;
|
|
314
|
-
/**
|
|
315
|
-
* Okta Question MFA policy settings (✓ Classic).
|
|
316
|
-
*/
|
|
317
167
|
oktaQuestion?: pulumi.Input<{
|
|
318
168
|
[key: string]: pulumi.Input<string>;
|
|
319
169
|
}>;
|
|
320
|
-
/**
|
|
321
|
-
* Okta SMS MFA policy settings (✓ Classic).
|
|
322
|
-
*/
|
|
323
170
|
oktaSms?: pulumi.Input<{
|
|
324
171
|
[key: string]: pulumi.Input<string>;
|
|
325
172
|
}>;
|
|
326
|
-
/**
|
|
327
|
-
* Okta Verify MFA policy settings (✓ OIE).
|
|
328
|
-
*/
|
|
329
173
|
oktaVerify?: pulumi.Input<{
|
|
330
174
|
[key: string]: pulumi.Input<string>;
|
|
331
175
|
}>;
|
|
332
|
-
/**
|
|
333
|
-
* On-Prem MFA MFA policy settings (✓ OIE).
|
|
334
|
-
*/
|
|
335
176
|
onpremMfa?: pulumi.Input<{
|
|
336
177
|
[key: string]: pulumi.Input<string>;
|
|
337
178
|
}>;
|
|
338
|
-
/**
|
|
339
|
-
* Phone Number MFA policy settings (✓ OIE).
|
|
340
|
-
*/
|
|
341
179
|
phoneNumber?: pulumi.Input<{
|
|
342
180
|
[key: string]: pulumi.Input<string>;
|
|
343
181
|
}>;
|
|
344
182
|
/**
|
|
345
|
-
* Priority
|
|
183
|
+
* Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
|
|
346
184
|
*/
|
|
347
185
|
priority?: pulumi.Input<number>;
|
|
348
|
-
/**
|
|
349
|
-
* RSA Token MFA policy settings (✓ Classic, ✓ OIE).
|
|
350
|
-
*/
|
|
351
186
|
rsaToken?: pulumi.Input<{
|
|
352
187
|
[key: string]: pulumi.Input<string>;
|
|
353
188
|
}>;
|
|
354
|
-
/**
|
|
355
|
-
* Security Question MFA policy settings (✓ OIE).
|
|
356
|
-
*/
|
|
357
189
|
securityQuestion?: pulumi.Input<{
|
|
358
190
|
[key: string]: pulumi.Input<string>;
|
|
359
191
|
}>;
|
|
360
192
|
/**
|
|
361
|
-
* Policy Status:
|
|
193
|
+
* Policy Status: ACTIVE or INACTIVE.
|
|
362
194
|
*/
|
|
363
195
|
status?: pulumi.Input<string>;
|
|
364
|
-
/**
|
|
365
|
-
* Symantec VIP MFA policy settings (✓ Classic).
|
|
366
|
-
*/
|
|
367
196
|
symantecVip?: pulumi.Input<{
|
|
368
197
|
[key: string]: pulumi.Input<string>;
|
|
369
198
|
}>;
|
|
370
|
-
/**
|
|
371
|
-
* FIDO2 (WebAuthn) MFA policy settings (✓ OIE).
|
|
372
|
-
*/
|
|
373
199
|
webauthn?: pulumi.Input<{
|
|
374
200
|
[key: string]: pulumi.Input<string>;
|
|
375
201
|
}>;
|
|
376
|
-
/**
|
|
377
|
-
* Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).
|
|
378
|
-
*/
|
|
379
202
|
yubikeyToken?: pulumi.Input<{
|
|
380
203
|
[key: string]: pulumi.Input<string>;
|
|
381
204
|
}>;
|
|
@@ -385,153 +208,89 @@ export interface MfaState {
|
|
|
385
208
|
*/
|
|
386
209
|
export interface MfaArgs {
|
|
387
210
|
/**
|
|
388
|
-
* Policy Description
|
|
211
|
+
* Policy Description
|
|
389
212
|
*/
|
|
390
213
|
description?: pulumi.Input<string>;
|
|
391
|
-
/**
|
|
392
|
-
* DUO MFA policy settings (✓ Classic, ✓ OIE).
|
|
393
|
-
*/
|
|
394
214
|
duo?: pulumi.Input<{
|
|
395
215
|
[key: string]: pulumi.Input<string>;
|
|
396
216
|
}>;
|
|
397
|
-
/**
|
|
398
|
-
* External IDP MFA policy settings (✓ OIE).
|
|
399
|
-
*/
|
|
400
217
|
externalIdp?: pulumi.Input<{
|
|
401
218
|
[key: string]: pulumi.Input<string>;
|
|
402
219
|
}>;
|
|
403
|
-
/**
|
|
404
|
-
* Fido U2F MFA policy settings (✓ Classic).
|
|
405
|
-
*/
|
|
406
220
|
fidoU2f?: pulumi.Input<{
|
|
407
221
|
[key: string]: pulumi.Input<string>;
|
|
408
222
|
}>;
|
|
409
|
-
/**
|
|
410
|
-
* Fido Web Authn MFA policy settings (✓ Classic).
|
|
411
|
-
*/
|
|
412
223
|
fidoWebauthn?: pulumi.Input<{
|
|
413
224
|
[key: string]: pulumi.Input<string>;
|
|
414
225
|
}>;
|
|
415
|
-
/**
|
|
416
|
-
* Google OTP MFA policy settings (✓ Classic, ✓ OIE).
|
|
417
|
-
*/
|
|
418
226
|
googleOtp?: pulumi.Input<{
|
|
419
227
|
[key: string]: pulumi.Input<string>;
|
|
420
228
|
}>;
|
|
421
229
|
/**
|
|
422
|
-
* List of Group IDs to Include
|
|
230
|
+
* List of Group IDs to Include
|
|
423
231
|
*/
|
|
424
232
|
groupsIncludeds?: pulumi.Input<pulumi.Input<string>[]>;
|
|
425
|
-
/**
|
|
426
|
-
* HMAC-based One-Time Password MFA policy settings (✓ Classic).
|
|
427
|
-
*/
|
|
428
233
|
hotp?: pulumi.Input<{
|
|
429
234
|
[key: string]: pulumi.Input<string>;
|
|
430
235
|
}>;
|
|
431
236
|
/**
|
|
432
|
-
*
|
|
433
|
-
* > **WARNING:** Tenant must have the Okta Identity Engine enabled in order to use this feature.
|
|
237
|
+
* Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
|
|
434
238
|
*/
|
|
435
239
|
isOie?: pulumi.Input<boolean>;
|
|
436
240
|
/**
|
|
437
|
-
* Policy Name
|
|
241
|
+
* Policy Name
|
|
438
242
|
*/
|
|
439
243
|
name?: pulumi.Input<string>;
|
|
440
|
-
/**
|
|
441
|
-
* Okta Call MFA policy settings (✓ Classic).
|
|
442
|
-
*/
|
|
443
244
|
oktaCall?: pulumi.Input<{
|
|
444
245
|
[key: string]: pulumi.Input<string>;
|
|
445
246
|
}>;
|
|
446
|
-
/**
|
|
447
|
-
* Okta Email MFA policy settings (✓ Classic, ✓ OIE).
|
|
448
|
-
*/
|
|
449
247
|
oktaEmail?: pulumi.Input<{
|
|
450
248
|
[key: string]: pulumi.Input<string>;
|
|
451
249
|
}>;
|
|
452
|
-
/**
|
|
453
|
-
* Okta OTP (via the Okta Verify app) MFA policy settings (✓ Classic).
|
|
454
|
-
*/
|
|
455
250
|
oktaOtp?: pulumi.Input<{
|
|
456
251
|
[key: string]: pulumi.Input<string>;
|
|
457
252
|
}>;
|
|
458
|
-
/**
|
|
459
|
-
* Okta Password MFA policy settings (✓ Classic, ✓ OIE).
|
|
460
|
-
*/
|
|
461
253
|
oktaPassword?: pulumi.Input<{
|
|
462
254
|
[key: string]: pulumi.Input<string>;
|
|
463
255
|
}>;
|
|
464
|
-
/**
|
|
465
|
-
* Okta Push MFA policy settings (✓ Classic).
|
|
466
|
-
*/
|
|
467
256
|
oktaPush?: pulumi.Input<{
|
|
468
257
|
[key: string]: pulumi.Input<string>;
|
|
469
258
|
}>;
|
|
470
|
-
/**
|
|
471
|
-
* Okta Question MFA policy settings (✓ Classic).
|
|
472
|
-
*/
|
|
473
259
|
oktaQuestion?: pulumi.Input<{
|
|
474
260
|
[key: string]: pulumi.Input<string>;
|
|
475
261
|
}>;
|
|
476
|
-
/**
|
|
477
|
-
* Okta SMS MFA policy settings (✓ Classic).
|
|
478
|
-
*/
|
|
479
262
|
oktaSms?: pulumi.Input<{
|
|
480
263
|
[key: string]: pulumi.Input<string>;
|
|
481
264
|
}>;
|
|
482
|
-
/**
|
|
483
|
-
* Okta Verify MFA policy settings (✓ OIE).
|
|
484
|
-
*/
|
|
485
265
|
oktaVerify?: pulumi.Input<{
|
|
486
266
|
[key: string]: pulumi.Input<string>;
|
|
487
267
|
}>;
|
|
488
|
-
/**
|
|
489
|
-
* On-Prem MFA MFA policy settings (✓ OIE).
|
|
490
|
-
*/
|
|
491
268
|
onpremMfa?: pulumi.Input<{
|
|
492
269
|
[key: string]: pulumi.Input<string>;
|
|
493
270
|
}>;
|
|
494
|
-
/**
|
|
495
|
-
* Phone Number MFA policy settings (✓ OIE).
|
|
496
|
-
*/
|
|
497
271
|
phoneNumber?: pulumi.Input<{
|
|
498
272
|
[key: string]: pulumi.Input<string>;
|
|
499
273
|
}>;
|
|
500
274
|
/**
|
|
501
|
-
* Priority
|
|
275
|
+
* Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
|
|
502
276
|
*/
|
|
503
277
|
priority?: pulumi.Input<number>;
|
|
504
|
-
/**
|
|
505
|
-
* RSA Token MFA policy settings (✓ Classic, ✓ OIE).
|
|
506
|
-
*/
|
|
507
278
|
rsaToken?: pulumi.Input<{
|
|
508
279
|
[key: string]: pulumi.Input<string>;
|
|
509
280
|
}>;
|
|
510
|
-
/**
|
|
511
|
-
* Security Question MFA policy settings (✓ OIE).
|
|
512
|
-
*/
|
|
513
281
|
securityQuestion?: pulumi.Input<{
|
|
514
282
|
[key: string]: pulumi.Input<string>;
|
|
515
283
|
}>;
|
|
516
284
|
/**
|
|
517
|
-
* Policy Status:
|
|
285
|
+
* Policy Status: ACTIVE or INACTIVE.
|
|
518
286
|
*/
|
|
519
287
|
status?: pulumi.Input<string>;
|
|
520
|
-
/**
|
|
521
|
-
* Symantec VIP MFA policy settings (✓ Classic).
|
|
522
|
-
*/
|
|
523
288
|
symantecVip?: pulumi.Input<{
|
|
524
289
|
[key: string]: pulumi.Input<string>;
|
|
525
290
|
}>;
|
|
526
|
-
/**
|
|
527
|
-
* FIDO2 (WebAuthn) MFA policy settings (✓ OIE).
|
|
528
|
-
*/
|
|
529
291
|
webauthn?: pulumi.Input<{
|
|
530
292
|
[key: string]: pulumi.Input<string>;
|
|
531
293
|
}>;
|
|
532
|
-
/**
|
|
533
|
-
* Yubikey Token MFA policy settings (✓ Classic, ✓ OIE).
|
|
534
|
-
*/
|
|
535
294
|
yubikeyToken?: pulumi.Input<{
|
|
536
295
|
[key: string]: pulumi.Input<string>;
|
|
537
296
|
}>;
|
package/policy/mfa.js
CHANGED
|
@@ -5,55 +5,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
5
5
|
exports.Mfa = void 0;
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
|
-
/**
|
|
9
|
-
* Creates an MFA Policy.
|
|
10
|
-
*
|
|
11
|
-
* This resource allows you to create and configure an MFA Policy.
|
|
12
|
-
*
|
|
13
|
-
* > Requires Org Feature Flag `OKTA_MFA_POLICY`. Contact support to have this feature flag ***enabled***.
|
|
14
|
-
*
|
|
15
|
-
* > Unless Org Feature Flag `ENG_ENABLE_OPTIONAL_PASSWORD_ENROLLMENT` is ***disabled*** `oktaPassword` or `oktaEmail` must be present and its `enroll` value set to `REQUIRED`. Contact support to have this feature flag ***disabled***.
|
|
16
|
-
*
|
|
17
|
-
* ## Example Usage
|
|
18
|
-
*
|
|
19
|
-
* ```typescript
|
|
20
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
21
|
-
* import * as okta from "@pulumi/okta";
|
|
22
|
-
*
|
|
23
|
-
* const classicExample = new okta.policy.Mfa("classicExample", {
|
|
24
|
-
* description: "Example MFA policy using Okta Classic engine with factors.",
|
|
25
|
-
* groupsIncludeds: [data.okta_group.everyone.id],
|
|
26
|
-
* isOie: false,
|
|
27
|
-
* oktaOtp: {
|
|
28
|
-
* enroll: "REQUIRED",
|
|
29
|
-
* },
|
|
30
|
-
* oktaPassword: {
|
|
31
|
-
* enroll: "REQUIRED",
|
|
32
|
-
* },
|
|
33
|
-
* status: "ACTIVE",
|
|
34
|
-
* });
|
|
35
|
-
* const oieExample = new okta.policy.Mfa("oieExample", {
|
|
36
|
-
* description: "Example MFA policy that uses Okta Identity Engine (OIE) with authenticators",
|
|
37
|
-
* groupsIncludeds: [data.okta_group.everyone.id],
|
|
38
|
-
* isOie: true,
|
|
39
|
-
* oktaPassword: {
|
|
40
|
-
* enroll: "REQUIRED",
|
|
41
|
-
* },
|
|
42
|
-
* oktaVerify: {
|
|
43
|
-
* enroll: "REQUIRED",
|
|
44
|
-
* },
|
|
45
|
-
* status: "ACTIVE",
|
|
46
|
-
* });
|
|
47
|
-
* ```
|
|
48
|
-
*
|
|
49
|
-
* ## Import
|
|
50
|
-
*
|
|
51
|
-
* An MFA Policy can be imported via the Okta ID.
|
|
52
|
-
*
|
|
53
|
-
* ```sh
|
|
54
|
-
* $ pulumi import okta:policy/mfa:Mfa example <policy id>
|
|
55
|
-
* ```
|
|
56
|
-
*/
|
|
57
8
|
class Mfa extends pulumi.CustomResource {
|
|
58
9
|
/**
|
|
59
10
|
* Get an existing Mfa resource's state with the given name, ID, and optional extra
|
package/policy/mfa.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mfa.js","sourceRoot":"","sources":["../../policy/mfa.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"mfa.js","sourceRoot":"","sources":["../../policy/mfa.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C,MAAa,GAAI,SAAQ,MAAM,CAAC,cAAc;IAC1C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAgB,EAAE,IAAmC;QAC9G,OAAO,IAAI,GAAG,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC1D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,GAAG,CAAC,YAAY,CAAC;IACpD,CAAC;IAwDD,YAAY,IAAY,EAAE,WAAgC,EAAE,IAAmC;QAC3F,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAmC,CAAC;YAClD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3E;aAAM;YACH,MAAM,IAAI,GAAG,WAAkC,CAAC;YAChD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACpD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;SACzE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACxD,CAAC;;AAlJL,kBAmJC;AArIG,gBAAgB;AACO,gBAAY,GAAG,qBAAqB,CAAC"}
|