forked from okta/terraform-provider-okta
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathresource.tf
72 lines (70 loc) · 1.91 KB
/
resource.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
resource "okta_policy_signon" "test" {
name = "Example Policy"
status = "ACTIVE"
description = "Example Policy"
}
data "okta_behavior" "new_city" {
name = "New City"
}
resource "okta_policy_rule_signon" "example" {
access = "CHALLENGE"
authtype = "RADIUS"
name = "Example Policy Rule"
network_connection = "ANYWHERE"
policy_id = okta_policy_signon.example.id
status = "ACTIVE"
risc_level = "HIGH"
behaviors = [data.okta_behavior.new_city.id]
factor_sequence {
primary_criteria_factor_type = "token:hotp" // TOTP
primary_criteria_provider = "CUSTOM"
secondary_criteria {
factor_type = "token:software:totp" // Okta Verify
provider = "OKTA"
}
secondary_criteria { // Okta Verify Push
factor_type = "push"
provider = "OKTA"
}
secondary_criteria { // Password
factor_type = "password"
provider = "OKTA"
}
secondary_criteria { // Security Question
factor_type = "question"
provider = "OKTA"
}
secondary_criteria { // SMS
factor_type = "sms"
provider = "OKTA"
}
secondary_criteria { // Google Auth
factor_type = "token:software:totp"
provider = "GOOGLE"
}
secondary_criteria { // Email
factor_type = "email"
provider = "OKTA"
}
secondary_criteria { // Voice Call
factor_type = "call"
provider = "OKTA"
}
secondary_criteria { // FIDO2 (WebAuthn)
factor_type = "webauthn"
provider = "FIDO"
}
secondary_criteria { // RSA
factor_type = "token"
provider = "RSA"
}
secondary_criteria { // Symantec VIP
factor_type = "token"
provider = "SYMANTEC"
}
}
factor_sequence {
primary_criteria_factor_type = "token:software:totp" // Okta Verify
primary_criteria_provider = "OKTA"
}
}