yandex_organizationmanager_idp_user (Resource)

A user in the Identity Provider system.

Users are created within a userpool and can authenticate to access cloud resources.
Each user has a unique identifier, credentials, and profile information.

Example usageExample usage

//
// Create a new OrganizationManager Idp User.
//
resource "yandex_organizationmanager_idp_user" "example_user" {
  userpool_id = yandex_organizationmanager_idp_userpool.your_userpool.userpool_id
  username    = "example@your-domain.com"
  full_name   = "Test User"
  given_name  = "Test"
  family_name = "User"
  email       = "test-userov@example.com"
  is_active   = true
  password_spec = {
    password = "secret-password"
  }
}

SchemaSchema

RequiredRequired

• full_name (String) User's full name (display name).
  This is typically shown in the UI and used for identification purposes.
• username (String) Username used for authentication.
  Usually in the format of an email address.
• userpool_id (String) ID of the userpool this user belongs to.
  To get the userpool ID, make a [UserpoolService.List] request.

OptionalOptional

• email (String) User's email address.
• external_id (String) External identifier for federation with external identity systems.
  This ID can be used to link this user with an account in an external system.
• family_name (String) User's last name.
  Part of the user's profile information.
• given_name (String) User's first name.
  Part of the user's profile information.
• id (String) ID of the user to return.
• is_active (Boolean) Whether the user is active. Default is true.
• password_hash (Attributes) Password hash. Credentials type. Exactly one of credentials type must be specified. (see below for nested schema)
• password_spec (Attributes) Password specification. Credentials type. Exactly one of credentials type must be specified. (see below for nested schema)
• phone_number (String) User's phone number.
• timeouts (Attributes) (see below for nested schema)
• user_id (String) ID of the user to return.

Read-OnlyRead-Only

• created_at (String) Timestamp when the user was created.
• status (String) Current status of the user.
  Determines whether the user can authenticate and access the system.
• updated_at (String) Timestamp when the user was last updated.

Nested Schema for Nested Schema for password_hash

Required:

• password_hash (String, Sensitive) The password hash string.
• password_hash_type (String) Type of the password hash.

Nested Schema for Nested Schema for password_spec

Required:

• password (String, Sensitive) The password string.

Optional:

• generation_proof (String, Sensitive) Proof that the password was generated by the system.

Nested Schema for Nested Schema for timeouts

Optional:

• create (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
• delete (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
• read (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled.
• update (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).