pulumi-google-native-kotlin/com.pulumi.googlenative.identitytoolkit.v2.kotlin.outputs

Package-level declarations

Types

Link copied to clipboard
data class GetDefaultSupportedIdpConfigResult(val appleSignInConfig: GoogleCloudIdentitytoolkitAdminV2AppleSignInConfigResponse, val clientId: String, val clientSecret: String, val enabled: Boolean, val name: String)
Link copied to clipboard
Link copied to clipboard
data class GetOauthIdpConfigResult(val clientId: String, val clientSecret: String, val displayName: String, val enabled: Boolean, val issuer: String, val name: String, val responseType: GoogleCloudIdentitytoolkitAdminV2OAuthResponseTypeResponse)
Link copied to clipboard
data class GetTenantIamPolicyResult(val auditConfigs: List<GoogleIamV1AuditConfigResponse>, val bindings: List<GoogleIamV1BindingResponse>, val etag: String, val version: Int)
Link copied to clipboard
data class GetTenantResult(val allowPasswordSignup: Boolean, val autodeleteAnonymousUsers: Boolean, val client: GoogleCloudIdentitytoolkitAdminV2ClientPermissionConfigResponse, val disableAuth: Boolean, val displayName: String, val emailPrivacyConfig: GoogleCloudIdentitytoolkitAdminV2EmailPrivacyConfigResponse, val enableAnonymousUser: Boolean, val enableEmailLinkSignin: Boolean, val hashConfig: GoogleCloudIdentitytoolkitAdminV2HashConfigResponse, val inheritance: GoogleCloudIdentitytoolkitAdminV2InheritanceResponse, val mfaConfig: GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfigResponse, val monitoring: GoogleCloudIdentitytoolkitAdminV2MonitoringConfigResponse, val name: String, val passwordPolicyConfig: GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfigResponse, val recaptchaConfig: GoogleCloudIdentitytoolkitAdminV2RecaptchaConfigResponse, val smsRegionConfig: GoogleCloudIdentitytoolkitAdminV2SmsRegionConfigResponse, val testPhoneNumbers: Map<String, String>)
data class GoogleCloudIdentitytoolkitAdminV2AllowByDefaultResponse(val disallowedRegions: List<String>)

Defines a policy of allowing every region by default and adding disallowed regions to a disallow list.

data class GoogleCloudIdentitytoolkitAdminV2AllowlistOnlyResponse(val allowedRegions: List<String>)

Defines a policy of only allowing regions by explicitly adding them to an allowlist.

data class GoogleCloudIdentitytoolkitAdminV2AppleSignInConfigResponse(val bundleIds: List<String>, val codeFlowConfig: GoogleCloudIdentitytoolkitAdminV2CodeFlowConfigResponse)

Additional config for SignInWithApple.

data class GoogleCloudIdentitytoolkitAdminV2ClientPermissionConfigResponse(val permissions: GoogleCloudIdentitytoolkitAdminV2ClientPermissionsResponse)

Options related to how clients making requests on behalf of a tenant should be configured.

data class GoogleCloudIdentitytoolkitAdminV2ClientPermissionsResponse(val disabledUserDeletion: Boolean, val disabledUserSignup: Boolean)

Configuration related to restricting a user's ability to affect their account.

data class GoogleCloudIdentitytoolkitAdminV2CodeFlowConfigResponse(val keyId: String, val privateKey: String, val teamId: String)

Additional config for Apple for code flow.

data class GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptionsResponse(val containsLowercaseCharacter: Boolean, val containsNonAlphanumericCharacter: Boolean, val containsNumericCharacter: Boolean, val containsUppercaseCharacter: Boolean, val maxPasswordLength: Int, val minPasswordLength: Int)

Custom strength options to enforce on user passwords.

data class GoogleCloudIdentitytoolkitAdminV2EmailPrivacyConfigResponse(val enableImprovedEmailPrivacy: Boolean)

Configuration for settings related to email privacy and public visibility. Settings in this config protect against email enumeration, but may make some trade-offs in user-friendliness.

data class GoogleCloudIdentitytoolkitAdminV2HashConfigResponse(val algorithm: String, val memoryCost: Int, val rounds: Int, val saltSeparator: String, val signerKey: String)

History information of the hash algorithm and key. Different accounts' passwords may be generated by different version.

data class GoogleCloudIdentitytoolkitAdminV2IdpCertificateResponse(val x509Certificate: String)

The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.

data class GoogleCloudIdentitytoolkitAdminV2IdpConfigResponse(val idpCertificates: List<GoogleCloudIdentitytoolkitAdminV2IdpCertificateResponse>, val idpEntityId: String, val signRequest: Boolean, val ssoUrl: String)

The SAML IdP (Identity Provider) configuration when the project acts as the relying party.

data class GoogleCloudIdentitytoolkitAdminV2InheritanceResponse(val emailSendingConfig: Boolean)

Settings that the tenants will inherit from project level.

data class GoogleCloudIdentitytoolkitAdminV2MonitoringConfigResponse(val requestLogging: GoogleCloudIdentitytoolkitAdminV2RequestLoggingResponse)

Configuration related to monitoring project activity.

data class GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfigResponse(val enabledProviders: List<String>, val providerConfigs: List<GoogleCloudIdentitytoolkitAdminV2ProviderConfigResponse>, val state: String)

Options related to MultiFactor Authentication for the project.

data class GoogleCloudIdentitytoolkitAdminV2OAuthResponseTypeResponse(val code: Boolean, val idToken: Boolean, val token: Boolean)

The response type to request for in the OAuth authorization flow. You can set either id_token or code to true, but not both. Setting both types to be simultaneously true ({code: true, id_token: true}) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow.

data class GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfigResponse(val forceUpgradeOnSignin: Boolean, val lastUpdateTime: String, val passwordPolicyEnforcementState: String, val passwordPolicyVersions: List<GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersionResponse>)

The configuration for the password policy on the project.

data class GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersionResponse(val customStrengthOptions: GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptionsResponse, val schemaVersion: Int)

The strength attributes for the password policy on the project.

data class GoogleCloudIdentitytoolkitAdminV2ProviderConfigResponse(val state: String, val totpProviderConfig: GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfigResponse)

ProviderConfig describes the supported MFA providers along with their configurations.

data class GoogleCloudIdentitytoolkitAdminV2RecaptchaConfigResponse(val emailPasswordEnforcementState: String, val managedRules: List<GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRuleResponse>, val recaptchaKeys: List<GoogleCloudIdentitytoolkitAdminV2RecaptchaKeyResponse>, val useAccountDefender: Boolean)

The reCAPTCHA Enterprise integration config.

data class GoogleCloudIdentitytoolkitAdminV2RecaptchaKeyResponse(val key: String, val type: String)

The reCAPTCHA key config. reCAPTCHA Enterprise offers different keys for different client platforms.

data class GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRuleResponse(val action: String, val endScore: Double)

The config for a reCAPTCHA managed rule. Models a single interval start_score, end_score. The start_score is implicit. It is either the closest smaller end_score (if one is available) or 0. Intervals in aggregate span 0, 1 without overlapping.

data class GoogleCloudIdentitytoolkitAdminV2RequestLoggingResponse(val enabled: Boolean)

Configuration for logging requests made to this project to Stackdriver Logging

data class GoogleCloudIdentitytoolkitAdminV2SmsRegionConfigResponse(val allowByDefault: GoogleCloudIdentitytoolkitAdminV2AllowByDefaultResponse, val allowlistOnly: GoogleCloudIdentitytoolkitAdminV2AllowlistOnlyResponse)

Configures the regions where users are allowed to send verification SMS for the project or tenant. This is based on the calling code of the destination phone number.

data class GoogleCloudIdentitytoolkitAdminV2SpCertificateResponse(val expiresAt: String, val x509Certificate: String)

The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.

data class GoogleCloudIdentitytoolkitAdminV2SpConfigResponse(val callbackUri: String, val spCertificates: List<GoogleCloudIdentitytoolkitAdminV2SpCertificateResponse>, val spEntityId: String)

The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.

data class GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfigResponse(val adjacentIntervals: Int)

TotpMFAProviderConfig represents the TOTP based MFA provider.

Link copied to clipboard
data class GoogleIamV1AuditConfigResponse(val auditLogConfigs: List<GoogleIamV1AuditLogConfigResponse>, val service: String)

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": "user:aliya@example.com" } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

Link copied to clipboard
data class GoogleIamV1AuditLogConfigResponse(val exemptedMembers: List<String>, val logType: String)

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

Link copied to clipboard
data class GoogleIamV1BindingResponse(val condition: GoogleTypeExprResponse, val members: List<String>, val role: String)

Associates members, or principals, with a role.

Link copied to clipboard
data class GoogleTypeExprResponse(val description: String, val expression: String, val location: String, val title: String)

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.