yandex_organizationmanager_idp_user (Resource)
Статья создана
Обновлена 17 ноября 2025 г.
A user in the Identity Provider system.
Users are created within a userpool and can authenticate to access cloud resources.
Each user has a unique identifier, credentials, and profile information.
Example usage
//
// Create a new OrganizationManager Idp User.
//
resource "yandex_organizationmanager_idp_user" "example_user" {
userpool_id = yandex_organizationmanager_idp_userpool.your_userpool.userpool_id
username = "example@your-domain.com"
full_name = "Test User"
given_name = "Test"
family_name = "User"
email = "test-userov@example.com"
is_active = true
password_spec = {
password = "secret-password"
}
}
Schema
Required
full_name(String) User's full name (display name).
This is typically shown in the UI and used for identification purposes.username(String) Username used for authentication.
Usually in the format of an email address.userpool_id(String) ID of the userpool this user belongs to.
To get the userpool ID, make a [UserpoolService.List] request.
Optional
email(String) User's email address.external_id(String) External identifier for federation with external identity systems.
This ID can be used to link this user with an account in an external system.family_name(String) User's last name.
Part of the user's profile information.given_name(String) User's first name.
Part of the user's profile information.id(String) ID of the user to return.is_active(Boolean) Whether the user is active. Default is true.password_hash(Attributes) Password hash. Credentials type. Exactly one of credentials type must be specified. (see below for nested schema)password_spec(Attributes) Password specification. Credentials type. Exactly one of credentials type must be specified. (see below for nested schema)phone_number(String) User's phone number.timeouts(Attributes) (see below for nested schema)user_id(String) ID of the user to return.
Read-Only
created_at(String) Timestamp when the user was created.status(String) Current status of the user.
Determines whether the user can authenticate and access the system.updated_at(String) Timestamp when the user was last updated.
Nested Schema for password_hash
Required:
password_hash(String, Sensitive) The password hash string.password_hash_type(String) Type of the password hash.
Nested Schema for password_spec
Required:
password(String, Sensitive) The password string.
Optional:
generation_proof(String, Sensitive) Proof that the password was generated by the system.
Nested Schema for timeouts
Optional:
create(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).delete(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.read(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled.update(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).