npm - @pulumi/okta - Versions diffs - 4.6.2 → 4.6.3 - Mend

@pulumi/okta 4.6.2 → 4.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (397) hide show

package/adminRoleCustom.d.ts +129 -10
package/adminRoleCustom.js +24 -1
package/adminRoleCustom.js.map +1 -1
package/adminRoleCustomAssignments.d.ts +25 -10
package/adminRoleCustomAssignments.js +13 -1
package/adminRoleCustomAssignments.js.map +1 -1
package/adminRoleTargets.d.ts +44 -14
package/adminRoleTargets.js +30 -0
package/adminRoleTargets.js.map +1 -1
package/app/accessPolicyAssignment.d.ts +20 -1
package/app/accessPolicyAssignment.js +20 -1
package/app/accessPolicyAssignment.js.map +1 -1
package/app/autoLogin.d.ts +119 -72
package/app/autoLogin.js +47 -0
package/app/autoLogin.js.map +1 -1
package/app/basicAuth.d.ts +66 -38
package/app/basicAuth.js +28 -0
package/app/basicAuth.js.map +1 -1
package/app/bookmark.d.ts +71 -35
package/app/bookmark.js +27 -0
package/app/bookmark.js.map +1 -1
package/app/getApp.d.ts +25 -58
package/app/getApp.js +2 -2
package/app/getApp.js.map +1 -1
package/app/getMetadataSaml.d.ts +5 -11
package/app/getMetadataSaml.js +2 -2
package/app/getMetadataSaml.js.map +1 -1
package/app/getOauth.d.ts +34 -62
package/app/getOauth.js +2 -2
package/app/getOauth.js.map +1 -1
package/app/getSaml.d.ts +55 -75
package/app/getSaml.js +2 -2
package/app/getSaml.js.map +1 -1
package/app/groupAssignment.d.ts +15 -6
package/app/groupAssignment.js +9 -0
package/app/groupAssignment.js.map +1 -1
package/app/oauth.d.ts +301 -123
package/app/oauth.js +82 -0
package/app/oauth.js.map +1 -1
package/app/oauthPostLogoutRedirectUri.d.ts +38 -3
package/app/oauthPostLogoutRedirectUri.js +35 -0
package/app/oauthPostLogoutRedirectUri.js.map +1 -1
package/app/oauthRedirectUri.d.ts +37 -3
package/app/oauthRedirectUri.js +34 -0
package/app/oauthRedirectUri.js.map +1 -1
package/app/saml.d.ts +303 -133
package/app/saml.js +161 -0
package/app/saml.js.map +1 -1
package/app/securePasswordStore.d.ts +109 -79
package/app/securePasswordStore.js +30 -0
package/app/securePasswordStore.js.map +1 -1
package/app/swa.d.ts +102 -72
package/app/swa.js +30 -0
package/app/swa.js.map +1 -1
package/app/threeField.d.ts +87 -72
package/app/threeField.js +15 -0
package/app/threeField.js.map +1 -1
package/app/user.d.ts +37 -12
package/app/user.js +22 -0
package/app/user.js.map +1 -1
package/appGroupAssignments.d.ts +40 -3
package/appGroupAssignments.js +37 -0
package/appGroupAssignments.js.map +1 -1
package/appOauthApiScope.d.ts +36 -3
package/appOauthApiScope.js +33 -0
package/appOauthApiScope.js.map +1 -1
package/appSamlAppSettings.d.ts +44 -6
package/appSamlAppSettings.js +38 -0
package/appSamlAppSettings.js.map +1 -1
package/appSharedCredentials.d.ts +115 -72
package/appSharedCredentials.js +43 -0
package/appSharedCredentials.js.map +1 -1
package/appSignonPolicy.d.ts +44 -6
package/appSignonPolicy.js +38 -0
package/appSignonPolicy.js.map +1 -1
package/appSignonPolicyRule.d.ts +327 -68
package/appSignonPolicyRule.js +244 -0
package/appSignonPolicyRule.js.map +1 -1
package/appUserBaseSchemaProperty.d.ts +52 -24
package/appUserBaseSchemaProperty.js +28 -0
package/appUserBaseSchemaProperty.js.map +1 -1
package/appUserSchemaProperty.d.ts +80 -54
package/appUserSchemaProperty.js +26 -0
package/appUserSchemaProperty.js.map +1 -1
package/auth/getServer.d.ts +11 -11
package/auth/getServer.js +2 -2
package/auth/getServerPolicy.d.ts +9 -15
package/auth/getServerPolicy.js +2 -2
package/auth/getServerPolicy.js.map +1 -1
package/auth/getServerScopes.d.ts +5 -8
package/auth/getServerScopes.js +2 -2
package/auth/getServerScopes.js.map +1 -1
package/auth/server.d.ts +49 -13
package/auth/server.js +27 -0
package/auth/server.js.map +1 -1
package/auth/serverClaim.d.ts +54 -18
package/auth/serverClaim.js +27 -0
package/auth/serverClaim.js.map +1 -1
package/auth/serverPolicy.d.ts +43 -6
package/auth/serverPolicy.js +28 -0
package/auth/serverPolicy.js.map +1 -1
package/auth/serverPolicyRule.d.ts +72 -29
package/auth/serverPolicyRule.js +25 -0
package/auth/serverPolicyRule.js.map +1 -1
package/auth/serverScope.d.ts +41 -15
package/auth/serverScope.js +26 -0
package/auth/serverScope.js.map +1 -1
package/authServerClaimDefault.d.ts +50 -13
package/authServerClaimDefault.js +31 -0
package/authServerClaimDefault.js.map +1 -1
package/authServerDefault.d.ts +47 -13
package/authServerDefault.js +25 -0
package/authServerDefault.js.map +1 -1
package/authenticator.d.ts +94 -38
package/authenticator.js +38 -0
package/authenticator.js.map +1 -1
package/behaviour.d.ts +78 -18
package/behaviour.js +42 -0
package/behaviour.js.map +1 -1
package/brand.d.ts +28 -19
package/brand.js +10 -1
package/brand.js.map +1 -1
package/captcha.d.ts +38 -12
package/captcha.js +26 -0
package/captcha.js.map +1 -1
package/captchaOrgWideSettings.d.ts +51 -6
package/captchaOrgWideSettings.js +45 -0
package/captchaOrgWideSettings.js.map +1 -1
package/domain.d.ts +39 -13
package/domain.js +20 -0
package/domain.js.map +1 -1
package/domainCertificate.d.ts +63 -15
package/domainCertificate.js +48 -0
package/domainCertificate.js.map +1 -1
package/domainVerification.d.ts +22 -3
package/domainVerification.js +19 -0
package/domainVerification.js.map +1 -1
package/emailCustomization.d.ts +224 -3
package/emailCustomization.js +41 -0
package/emailCustomization.js.map +1 -1
package/emailSender.d.ts +39 -13
package/emailSender.js +26 -0
package/emailSender.js.map +1 -1
package/emailSenderVerification.d.ts +26 -3
package/emailSenderVerification.js +23 -0
package/emailSenderVerification.js.map +1 -1
package/eventHook.d.ts +37 -0
package/eventHook.js +37 -0
package/eventHook.js.map +1 -1
package/eventHookVerification.d.ts +37 -3
package/eventHookVerification.js +34 -0
package/eventHookVerification.js.map +1 -1
package/factor/factor.d.ts +23 -6
package/factor/factor.js +14 -0
package/factor/factor.js.map +1 -1
package/factorTotp.d.ts +44 -12
package/factorTotp.js +23 -0
package/factorTotp.js.map +1 -1
package/getAppGroupAssignments.d.ts +6 -6
package/getAppGroupAssignments.js +2 -2
package/getAppSignonPolicy.d.ts +6 -16
package/getAppSignonPolicy.js +4 -8
package/getAppSignonPolicy.js.map +1 -1
package/getAppUserAssignments.d.ts +6 -6
package/getAppUserAssignments.js +2 -2
package/getAuthServerClaim.d.ts +12 -15
package/getAuthServerClaim.js +2 -2
package/getAuthServerClaim.js.map +1 -1
package/getAuthServerClaims.d.ts +5 -8
package/getAuthServerClaims.js +2 -2
package/getAuthServerClaims.js.map +1 -1
package/getAuthenticator.d.ts +26 -24
package/getAuthenticator.js +22 -14
package/getAuthenticator.js.map +1 -1
package/getBehaviour.d.ts +8 -6
package/getBehaviour.js +2 -2
package/getBehaviour.js.map +1 -1
package/getBehaviours.d.ts +7 -7
package/getBehaviours.js +2 -2
package/getBrand.d.ts +6 -9
package/getBrand.js +2 -2
package/getBrand.js.map +1 -1
package/getBrands.d.ts +2 -2
package/getBrands.js +2 -2
package/getEmailCustomization.d.ts +9 -14
package/getEmailCustomization.js +6 -2
package/getEmailCustomization.js.map +1 -1
package/getEmailCustomizations.d.ts +9 -11
package/getEmailCustomizations.js +6 -2
package/getEmailCustomizations.js.map +1 -1
package/getGroups.d.ts +25 -11
package/getGroups.js +2 -2
package/getGroups.js.map +1 -1
package/getNetworkZone.d.ts +12 -12
package/getNetworkZone.js +2 -2
package/getRoleSubscription.d.ts +35 -13
package/getRoleSubscription.js +2 -2
package/getRoleSubscription.js.map +1 -1
package/getTemplate.d.ts +8 -10
package/getTemplate.js +6 -2
package/getTemplate.js.map +1 -1
package/getTemplates.d.ts +7 -6
package/getTemplates.js +6 -2
package/getTemplates.js.map +1 -1
package/getTheme.d.ts +12 -14
package/getTheme.js +6 -2
package/getTheme.js.map +1 -1
package/getThemes.d.ts +7 -6
package/getThemes.js +6 -2
package/getThemes.js.map +1 -1
package/getTrustedOrigins.d.ts +4 -7
package/getTrustedOrigins.js +2 -2
package/getTrustedOrigins.js.map +1 -1
package/getUserSecurityQuestions.d.ts +8 -4
package/getUserSecurityQuestions.js +4 -0
package/getUserSecurityQuestions.js.map +1 -1
package/group/getEveryoneGroup.d.ts +5 -10
package/group/getEveryoneGroup.js +2 -4
package/group/getEveryoneGroup.js.map +1 -1
package/group/getGroup.d.ts +26 -17
package/group/getGroup.js +2 -2
package/group/getGroup.js.map +1 -1
package/group/getRule.d.ts +15 -6
package/group/getRule.js +2 -2
package/group/getRule.js.map +1 -1
package/group/group.d.ts +46 -9
package/group/group.js +37 -0
package/group/group.js.map +1 -1
package/group/role.d.ts +101 -15
package/group/role.js +26 -0
package/group/role.js.map +1 -1
package/group/rule.d.ts +80 -6
package/group/rule.js +23 -0
package/group/rule.js.map +1 -1
package/groupMemberships.d.ts +48 -7
package/groupMemberships.js +42 -1
package/groupMemberships.js.map +1 -1
package/groupSchemaProperty.d.ts +94 -51
package/groupSchemaProperty.js +25 -0
package/groupSchemaProperty.js.map +1 -1
package/idp/getMetadataSaml.d.ts +6 -9
package/idp/getMetadataSaml.js +2 -2
package/idp/getMetadataSaml.js.map +1 -1
package/idp/getOidc.d.ts +9 -9
package/idp/getOidc.js +2 -2
package/idp/getSaml.d.ts +13 -16
package/idp/getSaml.js +2 -2
package/idp/getSaml.js.map +1 -1
package/idp/getSocial.d.ts +2 -8
package/idp/getSocial.js +2 -2
package/idp/getSocial.js.map +1 -1
package/idp/oidc.d.ts +297 -12
package/idp/oidc.js +36 -0
package/idp/oidc.js.map +1 -1
package/idp/saml.d.ts +284 -18
package/idp/saml.js +32 -0
package/idp/saml.js.map +1 -1
package/idp/samlKey.d.ts +48 -3
package/idp/samlKey.js +9 -0
package/idp/samlKey.js.map +1 -1
package/idp/social.d.ts +251 -18
package/idp/social.js +32 -0
package/idp/social.js.map +1 -1
package/index/emailDomain.d.ts +41 -16
package/index/emailDomain.js +25 -0
package/index/emailDomain.js.map +1 -1
package/index/emailDomainVerification.d.ts +25 -3
package/index/emailDomainVerification.js +22 -0
package/index/emailDomainVerification.js.map +1 -1
package/index/getDomain.d.ts +14 -11
package/index/getDomain.js +8 -2
package/index/getDomain.js.map +1 -1
package/inline/hook.d.ts +89 -0
package/inline/hook.js +35 -0
package/inline/hook.js.map +1 -1
package/linkDefinition.d.ts +30 -0
package/linkDefinition.js +30 -0
package/linkDefinition.js.map +1 -1
package/linkValue.d.ts +59 -6
package/linkValue.js +53 -0
package/linkValue.js.map +1 -1
package/network/zone.d.ts +74 -27
package/network/zone.js +44 -0
package/network/zone.js.map +1 -1
package/orgConfiguration.d.ts +25 -0
package/orgConfiguration.js +25 -0
package/orgConfiguration.js.map +1 -1
package/orgSupport.d.ts +20 -3
package/orgSupport.js +17 -0
package/orgSupport.js.map +1 -1
package/package.json +1 -1
package/policy/getDefaultPolicy.d.ts +7 -9
package/policy/getDefaultPolicy.js +2 -6
package/policy/getDefaultPolicy.js.map +1 -1
package/policy/getPolicy.d.ts +10 -11
package/policy/getPolicy.js +2 -2
package/policy/getPolicy.js.map +1 -1
package/policy/mfa.d.ts +259 -18
package/policy/mfa.js +49 -0
package/policy/mfa.js.map +1 -1
package/policy/password.d.ts +117 -90
package/policy/password.js +27 -0
package/policy/password.js.map +1 -1
package/policy/ruleIdpDiscovery.d.ts +149 -27
package/policy/ruleIdpDiscovery.js +65 -0
package/policy/ruleIdpDiscovery.js.map +1 -1
package/policy/ruleMfa.d.ts +35 -24
package/policy/ruleMfa.js +11 -0
package/policy/ruleMfa.js.map +1 -1
package/policy/rulePassword.d.ts +46 -33
package/policy/rulePassword.js +13 -0
package/policy/rulePassword.js.map +1 -1
package/policy/ruleSignon.d.ts +170 -57
package/policy/ruleSignon.js +92 -0
package/policy/ruleSignon.js.map +1 -1
package/policy/signon.d.ts +41 -15
package/policy/signon.js +26 -0
package/policy/signon.js.map +1 -1
package/policyMfaDefault.d.ts +250 -13
package/policyMfaDefault.js +45 -0
package/policyMfaDefault.js.map +1 -1
package/policyPasswordDefault.d.ts +88 -54
package/policyPasswordDefault.js +22 -0
package/policyPasswordDefault.js.map +1 -1
package/policyProfileEnrollment.d.ts +28 -6
package/policyProfileEnrollment.js +22 -0
package/policyProfileEnrollment.js.map +1 -1
package/policyProfileEnrollmentApps.d.ts +42 -5
package/policyProfileEnrollmentApps.js +37 -0
package/policyProfileEnrollmentApps.js.map +1 -1
package/policyRuleProfileEnrollment.d.ts +88 -26
package/policyRuleProfileEnrollment.js +62 -0
package/policyRuleProfileEnrollment.js.map +1 -1
package/profile/mapping.d.ts +95 -9
package/profile/mapping.js +41 -0
package/profile/mapping.js.map +1 -1
package/rateLimiting.d.ts +43 -9
package/rateLimiting.js +28 -0
package/rateLimiting.js.map +1 -1
package/resourceSet.d.ts +32 -10
package/resourceSet.js +20 -1
package/resourceSet.js.map +1 -1
package/roleSubscription.d.ts +110 -9
package/roleSubscription.js +26 -0
package/roleSubscription.js.map +1 -1
package/securityNotificationEmails.d.ts +45 -15
package/securityNotificationEmails.js +30 -0
package/securityNotificationEmails.js.map +1 -1
package/templateSms.d.ts +47 -3
package/templateSms.js +35 -0
package/templateSms.js.map +1 -1
package/theme.d.ts +59 -44
package/theme.js +15 -0
package/theme.js.map +1 -1
package/threatInsightSettings.d.ts +58 -6
package/threatInsightSettings.js +34 -0
package/threatInsightSettings.js.map +1 -1
package/trustedorigin/origin.d.ts +37 -12
package/trustedorigin/origin.js +25 -0
package/trustedorigin/origin.js.map +1 -1
package/types/input.d.ts +227 -60
package/types/output.d.ts +446 -56
package/user/getUser.d.ts +104 -32
package/user/getUser.js +2 -2
package/user/getUser.js.map +1 -1
package/user/getUserProfileMappingSource.d.ts +7 -9
package/user/getUserProfileMappingSource.js +4 -6
package/user/getUserProfileMappingSource.js.map +1 -1
package/user/getUserType.d.ts +7 -7
package/user/getUserType.js +2 -2
package/user/getUsers.d.ts +57 -61
package/user/getUsers.js +44 -30
package/user/getUsers.js.map +1 -1
package/user/user.d.ts +215 -117
package/user/user.js +71 -0
package/user/user.js.map +1 -1
package/user/userType.d.ts +34 -9
package/user/userType.js +25 -0
package/user/userType.js.map +1 -1
package/userAdminRoles.d.ts +41 -10
package/userAdminRoles.js +29 -1
package/userAdminRoles.js.map +1 -1
package/userBaseSchemaProperty.d.ts +67 -24
package/userBaseSchemaProperty.js +43 -0
package/userBaseSchemaProperty.js.map +1 -1
package/userFactorQuestion.d.ts +52 -14
package/userFactorQuestion.js +39 -1
package/userFactorQuestion.js.map +1 -1
package/userGroupMemberships.d.ts +23 -4
package/userGroupMemberships.js +20 -1
package/userGroupMemberships.js.map +1 -1
package/userSchemaProperty.d.ts +107 -57
package/userSchemaProperty.js +32 -0
package/userSchemaProperty.js.map +1 -1
package/utilities.d.ts +4 -0
package/utilities.js +33 -1
package/utilities.js.map +1 -1

package/adminRoleCustom.d.ts CHANGED Viewed

@@ -1,6 +1,29 @@
 import * as pulumi from "@pulumi/pulumi";
 /**
- * Resource to manage administrative Role assignments for a User
+ * These operations allow the creation and manipulation of custom roles as custom collections of permissions.
+ *
+ * > **NOTE:** This an `Early Access` feature.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.AdminRoleCustom("example", {
+ *     description: "This role allows app assignment management",
+ *     label: "AppAssignmentManager",
+ *     permissions: ["okta.apps.assignment.manage"],
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * Okta Custom Admin Role can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/adminRoleCustom:AdminRoleCustom example &#60;custom role id&#62;
+ * ```
  */
 export declare class AdminRoleCustom extends pulumi.CustomResource {
     /**
@@ -19,15 +42,47 @@ export declare class AdminRoleCustom extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is AdminRoleCustom;
     /**
-     * A human-readable description of the new Role
+     * A human-readable description of the new Role.
      */
     readonly description: pulumi.Output<string>;
     /**
-     * The name given to the new Role
+     * The name given to the new Role.
      */
     readonly label: pulumi.Output<string>;
     /**
-     * The permissions that the new Role grants.
+     * The permissions that the new Role grants. At least one
+     * permission must be specified when creating custom role. Valid values: `"okta.authzServers.manage"`,
+     * `"okta.authzServers.read"`,
+     * `"okta.apps.assignment.manage"`,
+     * `"okta.apps.manage"`,
+     * `"okta.apps.read"`,
+     * `"okta.customizations.manage"`,
+     * `"okta.customizations.read"`,
+     * `"okta.groups.appAssignment.manage"`,
+     * `"okta.groups.create"`,
+     * `"okta.groups.manage"`,
+     * `"okta.groups.members.manage"`,
+     * `"okta.groups.read"`,
+     * `"okta.profilesources.import.run"`,
+     * `"okta.users.appAssignment.manage"`,
+     * `"okta.users.create"`,
+     * `"okta.users.credentials.expirePassword"`,
+     * `"okta.users.credentials.manage"`,
+     * `"okta.users.credentials.resetFactors"`,
+     * `"okta.users.credentials.resetPassword"`,
+     * `"okta.users.groupMembership.manage"`,
+     * `"okta.users.lifecycle.activate"`,
+     * `"okta.users.lifecycle.clearSessions"`,
+     * `"okta.users.lifecycle.deactivate"`,
+     * `"okta.users.lifecycle.delete"`,
+     * `"okta.users.lifecycle.manage"`,
+     * `"okta.users.lifecycle.suspend"`,
+     * `"okta.users.lifecycle.unlock"`,
+     * `"okta.users.lifecycle.unsuspend"`,
+     * `"okta.users.manage"`,
+     * `"okta.users.read"`,
+     * `"okta.users.userprofile.manage"`,
+     * `"okta.workflows.invoke"`.,
      */
     readonly permissions: pulumi.Output<string[] | undefined>;
     /**
@@ -44,15 +99,47 @@ export declare class AdminRoleCustom extends pulumi.CustomResource {
  */
 export interface AdminRoleCustomState {
     /**
-     * A human-readable description of the new Role
+     * A human-readable description of the new Role.
      */
     description?: pulumi.Input<string>;
     /**
-     * The name given to the new Role
+     * The name given to the new Role.
      */
     label?: pulumi.Input<string>;
     /**
-     * The permissions that the new Role grants.
+     * The permissions that the new Role grants. At least one
+     * permission must be specified when creating custom role. Valid values: `"okta.authzServers.manage"`,
+     * `"okta.authzServers.read"`,
+     * `"okta.apps.assignment.manage"`,
+     * `"okta.apps.manage"`,
+     * `"okta.apps.read"`,
+     * `"okta.customizations.manage"`,
+     * `"okta.customizations.read"`,
+     * `"okta.groups.appAssignment.manage"`,
+     * `"okta.groups.create"`,
+     * `"okta.groups.manage"`,
+     * `"okta.groups.members.manage"`,
+     * `"okta.groups.read"`,
+     * `"okta.profilesources.import.run"`,
+     * `"okta.users.appAssignment.manage"`,
+     * `"okta.users.create"`,
+     * `"okta.users.credentials.expirePassword"`,
+     * `"okta.users.credentials.manage"`,
+     * `"okta.users.credentials.resetFactors"`,
+     * `"okta.users.credentials.resetPassword"`,
+     * `"okta.users.groupMembership.manage"`,
+     * `"okta.users.lifecycle.activate"`,
+     * `"okta.users.lifecycle.clearSessions"`,
+     * `"okta.users.lifecycle.deactivate"`,
+     * `"okta.users.lifecycle.delete"`,
+     * `"okta.users.lifecycle.manage"`,
+     * `"okta.users.lifecycle.suspend"`,
+     * `"okta.users.lifecycle.unlock"`,
+     * `"okta.users.lifecycle.unsuspend"`,
+     * `"okta.users.manage"`,
+     * `"okta.users.read"`,
+     * `"okta.users.userprofile.manage"`,
+     * `"okta.workflows.invoke"`.,
      */
     permissions?: pulumi.Input<pulumi.Input<string>[]>;
 }
@@ -61,15 +148,47 @@ export interface AdminRoleCustomState {
  */
 export interface AdminRoleCustomArgs {
     /**
-     * A human-readable description of the new Role
+     * A human-readable description of the new Role.
      */
     description: pulumi.Input<string>;
     /**
-     * The name given to the new Role
+     * The name given to the new Role.
      */
     label: pulumi.Input<string>;
     /**
-     * The permissions that the new Role grants.
+     * The permissions that the new Role grants. At least one
+     * permission must be specified when creating custom role. Valid values: `"okta.authzServers.manage"`,
+     * `"okta.authzServers.read"`,
+     * `"okta.apps.assignment.manage"`,
+     * `"okta.apps.manage"`,
+     * `"okta.apps.read"`,
+     * `"okta.customizations.manage"`,
+     * `"okta.customizations.read"`,
+     * `"okta.groups.appAssignment.manage"`,
+     * `"okta.groups.create"`,
+     * `"okta.groups.manage"`,
+     * `"okta.groups.members.manage"`,
+     * `"okta.groups.read"`,
+     * `"okta.profilesources.import.run"`,
+     * `"okta.users.appAssignment.manage"`,
+     * `"okta.users.create"`,
+     * `"okta.users.credentials.expirePassword"`,
+     * `"okta.users.credentials.manage"`,
+     * `"okta.users.credentials.resetFactors"`,
+     * `"okta.users.credentials.resetPassword"`,
+     * `"okta.users.groupMembership.manage"`,
+     * `"okta.users.lifecycle.activate"`,
+     * `"okta.users.lifecycle.clearSessions"`,
+     * `"okta.users.lifecycle.deactivate"`,
+     * `"okta.users.lifecycle.delete"`,
+     * `"okta.users.lifecycle.manage"`,
+     * `"okta.users.lifecycle.suspend"`,
+     * `"okta.users.lifecycle.unlock"`,
+     * `"okta.users.lifecycle.unsuspend"`,
+     * `"okta.users.manage"`,
+     * `"okta.users.read"`,
+     * `"okta.users.userprofile.manage"`,
+     * `"okta.workflows.invoke"`.,
      */
     permissions?: pulumi.Input<pulumi.Input<string>[]>;
 }

package/adminRoleCustom.js CHANGED Viewed

@@ -6,7 +6,30 @@ exports.AdminRoleCustom = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
 /**
- * Resource to manage administrative Role assignments for a User
+ * These operations allow the creation and manipulation of custom roles as custom collections of permissions.
+ *
+ * > **NOTE:** This an `Early Access` feature.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.AdminRoleCustom("example", {
+ *     description: "This role allows app assignment management",
+ *     label: "AppAssignmentManager",
+ *     permissions: ["okta.apps.assignment.manage"],
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * Okta Custom Admin Role can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/adminRoleCustom:AdminRoleCustom example &#60;custom role id&#62;
+ * ```
  */
 class AdminRoleCustom extends pulumi.CustomResource {
     /**

package/adminRoleCustom.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"adminRoleCustom.js","sourceRoot":"","sources":["../adminRoleCustom.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC~~;;GAEG~~;AACH,MAAa,eAAgB,SAAQ,MAAM,CAAC,cAAc;IACtD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA4B,EAAE,IAAmC;QAC1H,OAAO,IAAI,eAAe,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACtE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,eAAe,CAAC,YAAY,CAAC;IAChE,CAAC;~~IAuBD~~,YAAY,IAAY,EAAE,WAAwD,EAAE,IAAmC;QACnH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA+C,CAAC;YAC9D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACzE;aAAM;YACH,MAAM,IAAI,GAAG,WAA8C,CAAC;YAC5D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC9D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACvE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACpE,CAAC;;~~AAvEL~~,~~0CAwEC~~;~~AA1DG~~,gBAAgB;AACO,4BAAY,GAAG,4CAA4C,CAAC"}
1	+ {"version":3,"file":"adminRoleCustom.js","sourceRoot":"","sources":["../adminRoleCustom.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAa,eAAgB,SAAQ,MAAM,CAAC,cAAc;IACtD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA4B,EAAE,IAAmC;QAC1H,OAAO,IAAI,eAAe,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACtE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,eAAe,CAAC,YAAY,CAAC;IAChE,CAAC;IAuDD,YAAY,IAAY,EAAE,WAAwD,EAAE,IAAmC;QACnH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA+C,CAAC;YAC9D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACzE;aAAM;YACH,MAAM,IAAI,GAAG,WAA8C,CAAC;YAC5D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC9D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACvE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACpE,CAAC;;AAvGL,0CAwGC;AA1FG,gBAAgB;AACO,4BAAY,GAAG,4CAA4C,CAAC"}

package/adminRoleCustomAssignments.d.ts CHANGED Viewed

@@ -1,6 +1,18 @@
 import * as pulumi from "@pulumi/pulumi";
 /**
- * Resource to manage the assignment and unassignment of Custom Roles
+ * This resource allows the assignment and unassignment of Custom Roles. The `members` field supports these type of resources:
+ *  - Groups
+ *  - Users
+ *
+ * > **NOTE:** This an `Early Access` feature.
+ *
+ * ## Import
+ *
+ * Okta Custom Admin Role Assignments can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/adminRoleCustomAssignments:AdminRoleCustomAssignments example &#60;resource_set_id&#62;/&#60;custom_role_id&#62;
+ * ```
  */
 export declare class AdminRoleCustomAssignments extends pulumi.CustomResource {
     /**
@@ -19,15 +31,16 @@ export declare class AdminRoleCustomAssignments extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is AdminRoleCustomAssignments;
     /**
-     * ID of the Custom Role
+     * ID of the Custom Role.
      */
     readonly customRoleId: pulumi.Output<string>;
     /**
-     * The hrefs that point to User(s) and/or Group(s) that receive the Role
+     * The hrefs that point to User(s) and/or Group(s) that receive the Role. At least one
+     * permission must be specified when creating custom role.
      */
     readonly members: pulumi.Output<string[] | undefined>;
     /**
-     * ID of the target Resource Set
+     * ID of the target Resource Set.
      */
     readonly resourceSetId: pulumi.Output<string>;
     /**
@@ -44,15 +57,16 @@ export declare class AdminRoleCustomAssignments extends pulumi.CustomResource {
  */
 export interface AdminRoleCustomAssignmentsState {
     /**
-     * ID of the Custom Role
+     * ID of the Custom Role.
      */
     customRoleId?: pulumi.Input<string>;
     /**
-     * The hrefs that point to User(s) and/or Group(s) that receive the Role
+     * The hrefs that point to User(s) and/or Group(s) that receive the Role. At least one
+     * permission must be specified when creating custom role.
      */
     members?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * ID of the target Resource Set
+     * ID of the target Resource Set.
      */
     resourceSetId?: pulumi.Input<string>;
 }
@@ -61,15 +75,16 @@ export interface AdminRoleCustomAssignmentsState {
  */
 export interface AdminRoleCustomAssignmentsArgs {
     /**
-     * ID of the Custom Role
+     * ID of the Custom Role.
      */
     customRoleId: pulumi.Input<string>;
     /**
-     * The hrefs that point to User(s) and/or Group(s) that receive the Role
+     * The hrefs that point to User(s) and/or Group(s) that receive the Role. At least one
+     * permission must be specified when creating custom role.
      */
     members?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * ID of the target Resource Set
+     * ID of the target Resource Set.
      */
     resourceSetId: pulumi.Input<string>;
 }

package/adminRoleCustomAssignments.js CHANGED Viewed

@@ -6,7 +6,19 @@ exports.AdminRoleCustomAssignments = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
 /**
- * Resource to manage the assignment and unassignment of Custom Roles
+ * This resource allows the assignment and unassignment of Custom Roles. The `members` field supports these type of resources:
+ *  - Groups
+ *  - Users
+ *
+ * > **NOTE:** This an `Early Access` feature.
+ *
+ * ## Import
+ *
+ * Okta Custom Admin Role Assignments can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/adminRoleCustomAssignments:AdminRoleCustomAssignments example &#60;resource_set_id&#62;/&#60;custom_role_id&#62;
+ * ```
  */
 class AdminRoleCustomAssignments extends pulumi.CustomResource {
     /**

package/adminRoleCustomAssignments.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"adminRoleCustomAssignments.js","sourceRoot":"","sources":["../adminRoleCustomAssignments.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC~~;;GAEG~~;AACH,MAAa,0BAA2B,SAAQ,MAAM,CAAC,cAAc;IACjE;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAuC,EAAE,IAAmC;QACrI,OAAO,IAAI,0BAA0B,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACjF,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,0BAA0B,CAAC,YAAY,CAAC;IAC3E,CAAC;~~IAuBD~~,YAAY,IAAY,EAAE,WAA8E,EAAE,IAAmC;QACzI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA0D,CAAC;YACzE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;SAC7E;aAAM;YACH,MAAM,IAAI,GAAG,WAAyD,CAAC;YACvE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;aAC/D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3E;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,0BAA0B,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC/E,CAAC;;~~AAvEL~~,~~gEAwEC~~;~~AA1DG~~,gBAAgB;AACO,uCAAY,GAAG,kEAAkE,CAAC"}
1	+ {"version":3,"file":"adminRoleCustomAssignments.js","sourceRoot":"","sources":["../adminRoleCustomAssignments.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;GAcG;AACH,MAAa,0BAA2B,SAAQ,MAAM,CAAC,cAAc;IACjE;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAuC,EAAE,IAAmC;QACrI,OAAO,IAAI,0BAA0B,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACjF,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,0BAA0B,CAAC,YAAY,CAAC;IAC3E,CAAC;IAwBD,YAAY,IAAY,EAAE,WAA8E,EAAE,IAAmC;QACzI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA0D,CAAC;YACzE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;SAC7E;aAAM;YACH,MAAM,IAAI,GAAG,WAAyD,CAAC;YACvE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;aAC/D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3E;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,0BAA0B,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC/E,CAAC;;AAxEL,gEAyEC;AA3DG,gBAAgB;AACO,uCAAY,GAAG,kEAAkE,CAAC"}

package/adminRoleTargets.d.ts CHANGED Viewed

@@ -1,4 +1,34 @@
 import * as pulumi from "@pulumi/pulumi";
+/**
+ * Manages targets for administrator roles.
+ *
+ * This resource allows you to define permissions for admin roles into a smaller subset of Groups or Apps within your org.
+ * You can define admin roles to target Groups, Applications, and Application Instances.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.AdminRoleTargets("example", {
+ *     apps: [
+ *         "oidc_client.<app_id>",
+ *         "facebook",
+ *     ],
+ *     roleType: "APP_ADMIN",
+ *     userId: "<user_id>",
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * Okta Admin Role Targets can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/adminRoleTargets:AdminRoleTargets example &#60;user id&#62;/&#60;role type&#62;
+ * ```
+ */
 export declare class AdminRoleTargets extends pulumi.CustomResource {
     /**
      * Get an existing AdminRoleTargets resource's state with the given name, ID, and optional extra
@@ -16,23 +46,23 @@ export declare class AdminRoleTargets extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is AdminRoleTargets;
     /**
-     * List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3')
+     * List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3').
      */
     readonly apps: pulumi.Output<string[] | undefined>;
     /**
-     * List of group IDs
+     * List of group IDs. Conflicts with `apps`.
      */
     readonly groups: pulumi.Output<string[] | undefined>;
     /**
-     * ID of a role
+     * Role ID.
      */
     readonly roleId: pulumi.Output<string>;
     /**
-     * Type of the role that is assigned to the user and supports optional targets
+     * Name of the role associated with the user. See [API Docs](https://developer.okta.com/docs/reference/api/roles/#role-types).
      */
     readonly roleType: pulumi.Output<string>;
     /**
-     * User associated with the role
+     * ID of the user.
      */
     readonly userId: pulumi.Output<string>;
     /**
@@ -49,23 +79,23 @@ export declare class AdminRoleTargets extends pulumi.CustomResource {
  */
 export interface AdminRoleTargetsState {
     /**
-     * List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3')
+     * List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3').
      */
     apps?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * List of group IDs
+     * List of group IDs. Conflicts with `apps`.
      */
     groups?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * ID of a role
+     * Role ID.
      */
     roleId?: pulumi.Input<string>;
     /**
-     * Type of the role that is assigned to the user and supports optional targets
+     * Name of the role associated with the user. See [API Docs](https://developer.okta.com/docs/reference/api/roles/#role-types).
      */
     roleType?: pulumi.Input<string>;
     /**
-     * User associated with the role
+     * ID of the user.
      */
     userId?: pulumi.Input<string>;
 }
@@ -74,19 +104,19 @@ export interface AdminRoleTargetsState {
  */
 export interface AdminRoleTargetsArgs {
     /**
-     * List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3')
+     * List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3').
      */
     apps?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * List of group IDs
+     * List of group IDs. Conflicts with `apps`.
      */
     groups?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * Type of the role that is assigned to the user and supports optional targets
+     * Name of the role associated with the user. See [API Docs](https://developer.okta.com/docs/reference/api/roles/#role-types).
      */
     roleType: pulumi.Input<string>;
     /**
-     * User associated with the role
+     * ID of the user.
      */
     userId: pulumi.Input<string>;
 }

package/adminRoleTargets.js CHANGED Viewed

@@ -5,6 +5,36 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AdminRoleTargets = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
+/**
+ * Manages targets for administrator roles.
+ *
+ * This resource allows you to define permissions for admin roles into a smaller subset of Groups or Apps within your org.
+ * You can define admin roles to target Groups, Applications, and Application Instances.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.AdminRoleTargets("example", {
+ *     apps: [
+ *         "oidc_client.<app_id>",
+ *         "facebook",
+ *     ],
+ *     roleType: "APP_ADMIN",
+ *     userId: "<user_id>",
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * Okta Admin Role Targets can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/adminRoleTargets:AdminRoleTargets example &#60;user id&#62;/&#60;role type&#62;
+ * ```
+ */
 class AdminRoleTargets extends pulumi.CustomResource {
     /**
      * Get an existing AdminRoleTargets resource's state with the given name, ID, and optional extra

package/adminRoleTargets.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"adminRoleTargets.js","sourceRoot":"","sources":["../adminRoleTargets.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,gBAAiB,SAAQ,MAAM,CAAC,cAAc;IACvD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA6B,EAAE,IAAmC;QAC3H,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACvE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,gBAAgB,CAAC,YAAY,CAAC;IACjE,CAAC;IA+BD,YAAY,IAAY,EAAE,WAA0D,EAAE,IAAmC;QACrH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAgD,CAAC;YAC/D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;aAAM;YACH,MAAM,IAAI,GAAG,WAA+C,CAAC;YAC7D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAChD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACrE,CAAC;;AAnFL,4CAoFC;AAtEG,gBAAgB;AACO,6BAAY,GAAG,8CAA8C,CAAC"}
1	+ {"version":3,"file":"adminRoleTargets.js","sourceRoot":"","sources":["../adminRoleTargets.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,MAAa,gBAAiB,SAAQ,MAAM,CAAC,cAAc;IACvD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA6B,EAAE,IAAmC;QAC3H,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACvE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,gBAAgB,CAAC,YAAY,CAAC;IACjE,CAAC;IA+BD,YAAY,IAAY,EAAE,WAA0D,EAAE,IAAmC;QACrH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAgD,CAAC;YAC/D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;aAAM;YACH,MAAM,IAAI,GAAG,WAA+C,CAAC;YAC7D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAChD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACrE,CAAC;;AAnFL,4CAoFC;AAtEG,gBAAgB;AACO,6BAAY,GAAG,8CAA8C,CAAC"}

package/app/accessPolicyAssignment.d.ts CHANGED Viewed

@@ -1,6 +1,25 @@
 import * as pulumi from "@pulumi/pulumi";
 /**
- * Manages assignment of Access Policy to an Application
+ * Assigns an access policy (colloquially known as a sign-on policy and/or an
+ * authentication policy) to an application. This resource does not perform true
+ * delete as it will not delete an application and the app's access policy can't be
+ * removed; it can only be changed to a different access policy. This resource is
+ * only logical within the context of an application therefore `appId` is
+ * immutable once set. Use this resource to manage assigning an access policy to an
+ * application. It will assign the given `policyId` to the application at creation
+ * and during update.
+ *
+ * > Inside the product a sign-on policy is referenced as an _authentication
+ * policy_, in the public API the policy is of type
+ * [`ACCESS_POLICY`](https://developer.okta.com/docs/reference/api/policy/#policy-object).
+ *
+ * ## Import
+ *
+ * An Okta App's Access Policy Assignment can be imported via its associated Application ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:app/accessPolicyAssignment:AccessPolicyAssignment example &#60;app id&#62;
+ * ```
  */
 export declare class AccessPolicyAssignment extends pulumi.CustomResource {
     /**

package/app/accessPolicyAssignment.js CHANGED Viewed

@@ -6,7 +6,26 @@ exports.AccessPolicyAssignment = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("../utilities");
 /**
- * Manages assignment of Access Policy to an Application
+ * Assigns an access policy (colloquially known as a sign-on policy and/or an
+ * authentication policy) to an application. This resource does not perform true
+ * delete as it will not delete an application and the app's access policy can't be
+ * removed; it can only be changed to a different access policy. This resource is
+ * only logical within the context of an application therefore `appId` is
+ * immutable once set. Use this resource to manage assigning an access policy to an
+ * application. It will assign the given `policyId` to the application at creation
+ * and during update.
+ *
+ * > Inside the product a sign-on policy is referenced as an _authentication
+ * policy_, in the public API the policy is of type
+ * [`ACCESS_POLICY`](https://developer.okta.com/docs/reference/api/policy/#policy-object).
+ *
+ * ## Import
+ *
+ * An Okta App's Access Policy Assignment can be imported via its associated Application ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:app/accessPolicyAssignment:AccessPolicyAssignment example &#60;app id&#62;
+ * ```
  */
 class AccessPolicyAssignment extends pulumi.CustomResource {
     /**

package/app/accessPolicyAssignment.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"accessPolicyAssignment.js","sourceRoot":"","sources":["../../app/accessPolicyAssignment.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C~~;;GAEG~~;AACH,MAAa,sBAAuB,SAAQ,MAAM,CAAC,cAAc;IAC7D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmC,EAAE,IAAmC;QACjI,OAAO,IAAI,sBAAsB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,sBAAsB,CAAC,YAAY,CAAC;IACvE,CAAC;IAmBD,YAAY,IAAY,EAAE,WAAsE,EAAE,IAAmC;QACjI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsD,CAAC;YACrE,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;aAAM;YACH,MAAM,IAAI,GAAG,WAAqD,CAAC;YACnE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,sBAAsB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3E,CAAC;;AAjEL,wDAkEC;AApDG,gBAAgB;AACO,mCAAY,GAAG,wDAAwD,CAAC"}
1	+ {"version":3,"file":"accessPolicyAssignment.js","sourceRoot":"","sources":["../../app/accessPolicyAssignment.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAa,sBAAuB,SAAQ,MAAM,CAAC,cAAc;IAC7D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmC,EAAE,IAAmC;QACjI,OAAO,IAAI,sBAAsB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,sBAAsB,CAAC,YAAY,CAAC;IACvE,CAAC;IAmBD,YAAY,IAAY,EAAE,WAAsE,EAAE,IAAmC;QACjI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsD,CAAC;YACrE,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;aAAM;YACH,MAAM,IAAI,GAAG,WAAqD,CAAC;YACnE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,sBAAsB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3E,CAAC;;AAjEL,wDAkEC;AApDG,gBAAgB;AACO,mCAAY,GAAG,wDAAwD,CAAC"}