Связаться с намиПопробовать бесплатно
Создавайте контент и получайте гранты!Готовы написать своё руководство? Участвуйте в контент-программе и получайте гранты на работу с облачными сервисами!
Подробнее о программе
Проект Яндекса
© 2026 ТОО «Облачные Сервисы Казахстан»

yandex_organizationmanager_mfa_enforcement (Resource)

Статья создана
Обновлена 20 января 2026 г.

MFA enforcement resource

Example usage

//
// Create a new OrganizationManager MFA Enforcement.
//
resource "yandex_organizationmanager_mfa_enforcement" "example_mfa_enforcement" {
  name            = "example-mfa-enforcement"
  organization_id = "your_organization_id"
  acr_id 	 	      = "any-mfa"
  ttl 			      = "2h45m"
  status 		      = "MFA_ENFORCEMENT_STATUS_ACTIVE"
  enroll_window   = "2h45m"
  description     = "Description example"
}

Schema

Required

  • acr_id (String) acr id of the MFA enforcement
  • enroll_window (String) the time window during which the user is allowed to create an MFA profile.
    this window is measured relative to the MFA enforcement application start time
    and the user's most recent successful authentication that falls under the rule
    (or the user's creation time, if there has been no authentication).
  • name (String) name of the MFA enforcement
  • organization_id (String) organization id of the MFA enforcement
  • ttl (String) the period during which the entered MFA factor is considered valid and the
    corresponding acr is regarded as satisfied

Optional

  • apply_at (String) the MFA enforcement application start time.
  • description (String) description of the MFA enforcement
  • id (String) id of the MFA enforcement
  • mfa_enforcement_id (String) id of the MFA enforcement
  • status (String) MFA enforcement status
  • timeouts (Attributes) (see below for nested schema)

Read-Only

  • created_at (String) creation timestamp

Nested Schema for timeouts

Optional:

  • create (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
  • delete (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
  • read (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled.
  • update (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
Предыдущая
organizationmanager_idp_userpool_domain
Следующая
organizationmanager_mfa_enforcement_audience