@pulumi/okta 4.6.2 → 4.6.3

package/captchaOrgWideSettings.js

@@ -5,6 +5,51 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.CaptchaOrgWideSettings = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
+/**
+ * > **WARNING:** This feature is only available as a part of the Identity Engine. Contact support for further information.
+ *
+ * This resource allows you to configure which parts of the authentication flow requires users to pass the CAPTCHA logic.
+ * CAPTCHA org-wide settings can be disabled by unsetting `captchaId` and `enabledFor`.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const exampleCaptcha = new okta.Captcha("exampleCaptcha", {
+ *     type: "HCAPTCHA",
+ *     siteKey: "some_key",
+ *     secretKey: "some_secret_key",
+ * });
+ * const exampleCaptchaOrgWideSettings = new okta.CaptchaOrgWideSettings("exampleCaptchaOrgWideSettings", {
+ *     captchaId: okta_captcha.test.id,
+ *     enabledFors: ["SSR"],
+ * });
+ * ```
+ *
+ * The following example disables org-wide CAPTCHA.
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const exampleCaptcha = new okta.Captcha("exampleCaptcha", {
+ *     secretKey: "some_secret_key",
+ *     siteKey: "some_key",
+ *     type: "HCAPTCHA",
+ * });
+ * const exampleCaptchaOrgWideSettings = new okta.CaptchaOrgWideSettings("exampleCaptchaOrgWideSettings", {});
+ * ```
+ *
+ * ## Import
+ *
+ * Org-Wide CAPTCHA settings can be imported without any parameters.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/captchaOrgWideSettings:CaptchaOrgWideSettings example _
+ * ```
+ */
 class CaptchaOrgWideSettings extends pulumi.CustomResource {
     /**
      * Get an existing CaptchaOrgWideSettings resource's state with the given name, ID, and optional extra

package/captchaOrgWideSettings.js.map

@@ -1 +1 @@
-{"version":3,"file":"captchaOrgWideSettings.js","sourceRoot":"","sources":["../captchaOrgWideSettings.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,sBAAuB,SAAQ,MAAM,CAAC,cAAc;IAC7D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmC,EAAE,IAAmC;QACjI,OAAO,IAAI,sBAAsB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,sBAAsB,CAAC,YAAY,CAAC;IACvE,CAAC;IAmBD,YAAY,IAAY,EAAE,WAAsE,EAAE,IAAmC;QACjI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsD,CAAC;YACrE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACzE;aAAM;YACH,MAAM,IAAI,GAAG,WAAqD,CAAC;YACnE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACvE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,sBAAsB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3E,CAAC;;AA3DL,wDA4DC;AA9CG,gBAAgB;AACO,mCAAY,GAAG,0DAA0D,CAAC"}
+{"version":3,"file":"captchaOrgWideSettings.js","sourceRoot":"","sources":["../captchaOrgWideSettings.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,MAAa,sBAAuB,SAAQ,MAAM,CAAC,cAAc;IAC7D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmC,EAAE,IAAmC;QACjI,OAAO,IAAI,sBAAsB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,sBAAsB,CAAC,YAAY,CAAC;IACvE,CAAC;IAmBD,YAAY,IAAY,EAAE,WAAsE,EAAE,IAAmC;QACjI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsD,CAAC;YACrE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACzE;aAAM;YACH,MAAM,IAAI,GAAG,WAAqD,CAAC;YACnE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;SACvE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,sBAAsB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3E,CAAC;;AA3DL,wDA4DC;AA9CG,gBAAgB;AACO,mCAAY,GAAG,0DAA0D,CAAC"}

package/domain.d.ts

@@ -1,6 +1,26 @@
 import * as pulumi from "@pulumi/pulumi";
 import * as inputs from "./types/input";
 import * as outputs from "./types/output";
+/**
+ * Manages custom domain for your organization.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.Domain("example", {});
+ * ```
+ *
+ * ## Import
+ *
+ * Okta Admin Role Targets can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/domain:Domain example <domain_id>
+ * ```
+ */
 export declare class Domain extends pulumi.CustomResource {
     /**
      * Get an existing Domain resource's state with the given name, ID, and optional extra
@@ -18,23 +38,25 @@ export declare class Domain extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is Domain;
     /**
-     * Brand id of the domain
+     * The Brand ID of the domain
      */
     readonly brandId: pulumi.Output<string | undefined>;
     /**
-     * Optional. Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: MANUAL, OKTA*MANAGED. Warning: Use of OKTA*MANAGED requires a feature flag to be enabled. Default value = MANUAL
+     * Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: `MANUAL`, `OKTA_MANAGED`. Default value = `MANUAL`
+     *
+     * > **WARNING**: Use of `OKTA_MANAGED` requires a feature flag to be enabled.
      */
     readonly certificateSourceType: pulumi.Output<string | undefined>;
     /**
-     * TXT and CNAME records to be registered for the Domain
+     * TXT and CNAME records to be registered for the Domain.
      */
     readonly dnsRecords: pulumi.Output<outputs.DomainDnsRecord[]>;
     /**
-     * Custom Domain name
+     * Custom Domain name.
      */
     readonly name: pulumi.Output<string>;
     /**
-     * Status of the domain
+     * Status of the domain.
      */
     readonly validationStatus: pulumi.Output<string>;
     /**
@@ -51,23 +73,25 @@ export declare class Domain extends pulumi.CustomResource {
  */
 export interface DomainState {
     /**
-     * Brand id of the domain
+     * The Brand ID of the domain
      */
     brandId?: pulumi.Input<string>;
     /**
-     * Optional. Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: MANUAL, OKTA*MANAGED. Warning: Use of OKTA*MANAGED requires a feature flag to be enabled. Default value = MANUAL
+     * Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: `MANUAL`, `OKTA_MANAGED`. Default value = `MANUAL`
+     *
+     * > **WARNING**: Use of `OKTA_MANAGED` requires a feature flag to be enabled.
      */
     certificateSourceType?: pulumi.Input<string>;
     /**
-     * TXT and CNAME records to be registered for the Domain
+     * TXT and CNAME records to be registered for the Domain.
      */
     dnsRecords?: pulumi.Input<pulumi.Input<inputs.DomainDnsRecord>[]>;
     /**
-     * Custom Domain name
+     * Custom Domain name.
      */
     name?: pulumi.Input<string>;
     /**
-     * Status of the domain
+     * Status of the domain.
      */
     validationStatus?: pulumi.Input<string>;
 }
@@ -76,15 +100,17 @@ export interface DomainState {
  */
 export interface DomainArgs {
     /**
-     * Brand id of the domain
+     * The Brand ID of the domain
      */
     brandId?: pulumi.Input<string>;
     /**
-     * Optional. Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: MANUAL, OKTA*MANAGED. Warning: Use of OKTA*MANAGED requires a feature flag to be enabled. Default value = MANUAL
+     * Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: `MANUAL`, `OKTA_MANAGED`. Default value = `MANUAL`
+     *
+     * > **WARNING**: Use of `OKTA_MANAGED` requires a feature flag to be enabled.
      */
     certificateSourceType?: pulumi.Input<string>;
     /**
-     * Custom Domain name
+     * Custom Domain name.
      */
     name?: pulumi.Input<string>;
 }

package/domain.js

@@ -5,6 +5,26 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Domain = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
+/**
+ * Manages custom domain for your organization.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.Domain("example", {});
+ * ```
+ *
+ * ## Import
+ *
+ * Okta Admin Role Targets can be imported via the Okta ID.
+ *
+ * ```sh
+ *  $ pulumi import okta:index/domain:Domain example <domain_id>
+ * ```
+ */
 class Domain extends pulumi.CustomResource {
     /**
      * Get an existing Domain resource's state with the given name, ID, and optional extra

package/domain.js.map

@@ -1 +1 @@
-{"version":3,"file":"domain.js","sourceRoot":"","sources":["../domain.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;IA+BD,YAAY,IAAY,EAAE,WAAsC,EAAE,IAAmC;QACjG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsC,CAAC;YACrD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;SACnF;aAAM;YACH,MAAM,IAAI,GAAG,WAAqC,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACjD,cAAc,CAAC,kBAAkB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC1D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;;AA7EL,wBA8EC;AAhEG,gBAAgB;AACO,mBAAY,GAAG,0BAA0B,CAAC"}
+{"version":3,"file":"domain.js","sourceRoot":"","sources":["../domain.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;IAiCD,YAAY,IAAY,EAAE,WAAsC,EAAE,IAAmC;QACjG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsC,CAAC;YACrD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;SACnF;aAAM;YACH,MAAM,IAAI,GAAG,WAAqC,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACjD,cAAc,CAAC,kBAAkB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC1D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;;AA/EL,wBAgFC;AAlEG,gBAAgB;AACO,mBAAY,GAAG,0BAA0B,CAAC"}

package/domainCertificate.d.ts

@@ -1,4 +1,52 @@
 import * as pulumi from "@pulumi/pulumi";
+/**
+ * Manages certificate for the domain.
+ *
+ * This resource's `certificate`, `privateKey`, and `certificateChain` attributes
+ * hold actual PEM values and can be referred to by other configs requiring
+ * certificate and private key inputs. This is inline with TF's best
+ * practices
+ * of not encrypting state.
+ *
+ * See Let's Encrypt Certbot notes at the end of this
+ * documentation for notes on how to generate a domain certificate with Let's
+ * Encrypt Certbot
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.Domain("example", {});
+ * const test = new okta.DomainCertificate("test", {
+ *     domainId: okta_domain.test.id,
+ *     type: "PEM",
+ *     certificate: `-----BEGIN CERTIFICATE-----
+ * MIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA
+ * ...
+ * NSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==
+ * -----END CERTIFICATE-----
+ * `,
+ *     certificateChain: `-----BEGIN CERTIFICATE-----
+ * MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
+ * ...
+ * Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
+ * -----END CERTIFICATE-----
+ * `,
+ *     privateKey: `-----BEGIN PRIVATE KEY-----
+ * MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW
+ * ...
+ * nUFLNE8pXSnsqb0eOL74f3uQ
+ * -----END PRIVATE KEY-----
+ * `,
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * This resource does not support importing.
+ */
 export declare class DomainCertificate extends pulumi.CustomResource {
     /**
      * Get an existing DomainCertificate resource's state with the given name, ID, and optional extra
@@ -16,23 +64,23 @@ export declare class DomainCertificate extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is DomainCertificate;
     /**
-     * Certificate content
+     * Certificate content.
      */
     readonly certificate: pulumi.Output<string>;
     /**
-     * Certificate chain
+     * Certificate certificate chain.
      */
     readonly certificateChain: pulumi.Output<string>;
     /**
-     * Domain's ID
+     * Domain ID.
      */
     readonly domainId: pulumi.Output<string>;
     /**
-     * Certificate private key
+     * Certificate private key.
      */
     readonly privateKey: pulumi.Output<string>;
     /**
-     * Certificate type
+     * Certificate type. Valid value is `"PEM"`.
      */
     readonly type: pulumi.Output<string>;
     /**
@@ -49,23 +97,23 @@ export declare class DomainCertificate extends pulumi.CustomResource {
  */
 export interface DomainCertificateState {
     /**
-     * Certificate content
+     * Certificate content.
      */
     certificate?: pulumi.Input<string>;
     /**
-     * Certificate chain
+     * Certificate certificate chain.
      */
     certificateChain?: pulumi.Input<string>;
     /**
-     * Domain's ID
+     * Domain ID.
      */
     domainId?: pulumi.Input<string>;
     /**
-     * Certificate private key
+     * Certificate private key.
      */
     privateKey?: pulumi.Input<string>;
     /**
-     * Certificate type
+     * Certificate type. Valid value is `"PEM"`.
      */
     type?: pulumi.Input<string>;
 }
@@ -74,23 +122,23 @@ export interface DomainCertificateState {
  */
 export interface DomainCertificateArgs {
     /**
-     * Certificate content
+     * Certificate content.
      */
     certificate: pulumi.Input<string>;
     /**
-     * Certificate chain
+     * Certificate certificate chain.
      */
     certificateChain: pulumi.Input<string>;
     /**
-     * Domain's ID
+     * Domain ID.
      */
     domainId: pulumi.Input<string>;
     /**
-     * Certificate private key
+     * Certificate private key.
      */
     privateKey: pulumi.Input<string>;
     /**
-     * Certificate type
+     * Certificate type. Valid value is `"PEM"`.
      */
     type: pulumi.Input<string>;
 }

package/domainCertificate.js

@@ -5,6 +5,54 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.DomainCertificate = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
+/**
+ * Manages certificate for the domain.
+ *
+ * This resource's `certificate`, `privateKey`, and `certificateChain` attributes
+ * hold actual PEM values and can be referred to by other configs requiring
+ * certificate and private key inputs. This is inline with TF's best
+ * practices
+ * of not encrypting state.
+ *
+ * See Let's Encrypt Certbot notes at the end of this
+ * documentation for notes on how to generate a domain certificate with Let's
+ * Encrypt Certbot
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const example = new okta.Domain("example", {});
+ * const test = new okta.DomainCertificate("test", {
+ *     domainId: okta_domain.test.id,
+ *     type: "PEM",
+ *     certificate: `-----BEGIN CERTIFICATE-----
+ * MIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA
+ * ...
+ * NSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==
+ * -----END CERTIFICATE-----
+ * `,
+ *     certificateChain: `-----BEGIN CERTIFICATE-----
+ * MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
+ * ...
+ * Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
+ * -----END CERTIFICATE-----
+ * `,
+ *     privateKey: `-----BEGIN PRIVATE KEY-----
+ * MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW
+ * ...
+ * nUFLNE8pXSnsqb0eOL74f3uQ
+ * -----END PRIVATE KEY-----
+ * `,
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * This resource does not support importing.
+ */
 class DomainCertificate extends pulumi.CustomResource {
     /**
      * Get an existing DomainCertificate resource's state with the given name, ID, and optional extra

package/domainCertificate.js.map

@@ -1 +1 @@
-{"version":3,"file":"domainCertificate.js","sourceRoot":"","sources":["../domainCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IA+BD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC9D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC7D,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SACzD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA5FL,8CA6FC;AA/EG,gBAAgB;AACO,8BAAY,GAAG,gDAAgD,CAAC"}
+{"version":3,"file":"domainCertificate.js","sourceRoot":"","sources":["../domainCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IA+BD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC9D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC7D,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SACzD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA5FL,8CA6FC;AA/EG,gBAAgB;AACO,8BAAY,GAAG,gDAAgD,CAAC"}

package/domainVerification.d.ts

@@ -1,4 +1,23 @@
 import * as pulumi from "@pulumi/pulumi";
+/**
+ * Verifies the Domain. This is replacement for the `verify` field from the `okta.Domain` resource. The resource won't be
+ * created if the domain could not be verified. The provider will make several requests to verify the domain until
+ * the API returns `VERIFIED` verification status.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const exampleDomain = new okta.Domain("exampleDomain", {});
+ * const exampleDomainVerification = new okta.DomainVerification("exampleDomainVerification", {domainId: okta_domain.test.id});
+ * ```
+ *
+ * ## Import
+ *
+ * This resource does not support importing.
+ */
 export declare class DomainVerification extends pulumi.CustomResource {
     /**
      * Get an existing DomainVerification resource's state with the given name, ID, and optional extra
@@ -16,7 +35,7 @@ export declare class DomainVerification extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is DomainVerification;
     /**
-     * Domain's ID
+     * Domain ID.
      */
     readonly domainId: pulumi.Output<string>;
     /**
@@ -33,7 +52,7 @@ export declare class DomainVerification extends pulumi.CustomResource {
  */
 export interface DomainVerificationState {
     /**
-     * Domain's ID
+     * Domain ID.
      */
     domainId?: pulumi.Input<string>;
 }
@@ -42,7 +61,7 @@ export interface DomainVerificationState {
  */
 export interface DomainVerificationArgs {
     /**
-     * Domain's ID
+     * Domain ID.
      */
     domainId: pulumi.Input<string>;
 }

package/domainVerification.js

@@ -5,6 +5,25 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.DomainVerification = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
+/**
+ * Verifies the Domain. This is replacement for the `verify` field from the `okta.Domain` resource. The resource won't be
+ * created if the domain could not be verified. The provider will make several requests to verify the domain until
+ * the API returns `VERIFIED` verification status.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as okta from "@pulumi/okta";
+ *
+ * const exampleDomain = new okta.Domain("exampleDomain", {});
+ * const exampleDomainVerification = new okta.DomainVerification("exampleDomainVerification", {domainId: okta_domain.test.id});
+ * ```
+ *
+ * ## Import
+ *
+ * This resource does not support importing.
+ */
 class DomainVerification extends pulumi.CustomResource {
     /**
      * Get an existing DomainVerification resource's state with the given name, ID, and optional extra

package/domainVerification.js.map

@@ -1 +1 @@
-{"version":3,"file":"domainVerification.js","sourceRoot":"","sources":["../domainVerification.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC,MAAa,kBAAmB,SAAQ,MAAM,CAAC,cAAc;IACzD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA+B,EAAE,IAAmC;QAC7H,OAAO,IAAI,kBAAkB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACzE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,kBAAkB,CAAC,YAAY,CAAC;IACnE,CAAC;IAeD,YAAY,IAAY,EAAE,WAA8D,EAAE,IAAmC;QACzH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAkD,CAAC;YACjE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;aAAM;YACH,MAAM,IAAI,GAAG,WAAiD,CAAC;YAC/D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,kBAAkB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACvE,CAAC;;AAxDL,gDAyDC;AA3CG,gBAAgB;AACO,+BAAY,GAAG,kDAAkD,CAAC"}
+{"version":3,"file":"domainVerification.js","sourceRoot":"","sources":["../domainVerification.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAa,kBAAmB,SAAQ,MAAM,CAAC,cAAc;IACzD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA+B,EAAE,IAAmC;QAC7H,OAAO,IAAI,kBAAkB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACzE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,kBAAkB,CAAC,YAAY,CAAC;IACnE,CAAC;IAeD,YAAY,IAAY,EAAE,WAA8D,EAAE,IAAmC;QACzH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAkD,CAAC;YACjE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;aAAM;YACH,MAAM,IAAI,GAAG,WAAiD,CAAC;YAC/D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,kBAAkB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACvE,CAAC;;AAxDL,gDAyDC;AA3CG,gBAAgB;AACO,+BAAY,GAAG,kDAAkD,CAAC"}