pingidentity · patrickcping · Jul 24, 2024 · Jul 31, 2024 · Jul 31, 2024 · Jul 31, 2024
@@ -0,0 +1,27 @@
+```release-note:new-resource
+pingone_authorize_policy_management_policy
+```
+
+```release-note:new-resource
+pingone_authorize_policy_management_rule
+```
+
+```release-note:new-resource
+pingone_authorize_policy_management_statement
+```
+
+```release-note:new-resource
+pingone_authorize_trust_framework_attribute
+```
+
+```release-note:new-resource
+pingone_authorize_trust_framework_condition
+```
+
+```release-note:new-resource
+pingone_authorize_trust_framework_processor
+```
+
+```release-note:new-resource
+pingone_authorize_trust_framework_service
+```
@@ -0,0 +1,62 @@
+---
+page_title: "pingone_authorize_policy_management_statement Resource - terraform-provider-pingone"
+subcategory: "Authorize"
+description: |-
+  Resource to create and manage an authorization statement for the PingOne Authorize Policy Manager in a PingOne environment.
+---
+
+# pingone_authorize_policy_management_statement (Resource)
+
+Resource to create and manage an authorization statement for the PingOne Authorize Policy Manager in a PingOne environment.
+
+## Example Usage
+
+```terraform
+resource "pingone_environment" "my_environment" {
+  # ...
+}
+
+resource "pingone_authorize_policy_management_statement" "my_awesome_policy_statement" {
+  environment_id = pingone_environment.my_environment.id
+
+  # ...
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `applies_if` (String) A string that specifies when to attach a final decision.  Options are `ANYTHING`, `FINAL_DECISION_MATCHES`, `PATH_MATCHES`.
+- `applies_to` (String) A string that specifies what result the statement applies to.  Options are `ANYTHING`, `DENY`, `INDETERMINATE`, `PERMIT`, `PERMIT_OR_DENY`.
+- `attributes` (Attributes Set) An set of objects that specify configuration settings for the authorization attributes to attach to the statement. (see [below for nested schema](#nestedatt--attributes))
+- `code` (String) A string that specifies the statement code.
+- `description` (String) A string that specifies a description to apply to the resource statement.
+- `environment_id` (String) The ID of the environment to configure the Authorize editor statement in.  Must be a valid PingOne resource ID.  This field is immutable and will trigger a replace plan if changed.
+- `name` (String) A string that specifies a unique name for the authorization statement.
+- `payload` (String) A string that specifies the statement payload.
+
+### Optional
+
+- `obligatory` (Boolean) A boolean that specifies whether the statement must be fulfilled as a condition of authorizing the decision request.  Defaults to `false`.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `version` (String) A string that describes a random ID generated by the system for concurrency control purposes.
+
+<a id="nestedatt--attributes"></a>
+### Nested Schema for `attributes`
+
+Required:
+
+- `id` (String) A string that specifies the ID of the authorization attribute in the trust framework.  Must be a valid PingOne resource ID.
+
+## Import
+
+Import is supported using the following syntax, where attributes in `<>` brackets are replaced with the relevant ID.  For example, `<environment_id>` should be replaced with the ID of the environment to import from.
+
+```shell
+terraform import pingone_authorize_policy_management_statement.example <environment_id>/<authorization_statement_id>
+```
@@ -0,0 +1,197 @@
+---
+page_title: "pingone_authorize_trust_framework_processor Resource - terraform-provider-pingone"
+subcategory: "Authorize"
+description: |-
+  Resource to create and manage an authorization processor for the PingOne Authorize Trust Framework in a PingOne environment.
+---
+
+# pingone_authorize_trust_framework_processor (Resource)
+
+Resource to create and manage an authorization processor for the PingOne Authorize Trust Framework in a PingOne environment.
+
+## Example Usage
+
+```terraform
+resource "pingone_environment" "my_environment" {
+  # ...
+}
+
+resource "pingone_authorize_trust_framework_processor" "my_awesome_processor" {
+  environment_id = pingone_environment.my_environment.id
+  name           = "Account Number"
+  description    = "My awesome Account Number processor"
+
+  processor = {
+    name = "Extract Account Number"
+    type = "JSON_PATH"
+
+    expression = "$.accountNo"
+    value_type = {
+      type = "STRING"
+    }
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `description` (String) A string that specifies a description to apply to the authorization processor.
+- `environment_id` (String) The ID of the environment to configure the Authorize editor processor in.  Must be a valid PingOne resource ID.  This field is immutable and will trigger a replace plan if changed.
+- `name` (String) A string that specifies a user-friendly name to apply to the authorization processor.  The value must be unique.
+- `processor` (Attributes) An object that specifies configuration settings for the authorization processor. (see [below for nested schema](#nestedatt--processor))
+
+### Optional
+
+- `parent` (Attributes) An object that specifies configuration settings for the processor resource's parent. (see [below for nested schema](#nestedatt--parent))
+
+### Read-Only
+
+- `full_name` (String) A string that describes a unique name generated by the system for each authorization processor resource. It is the concatenation of names in the processor resource hierarchy.
+- `id` (String) The ID of this resource.
+- `type` (String) A string that describes the resource type.  Options are `PROCESSOR`.
+- `version` (String) A string that describes a random ID generated by the system for concurrency control purposes.
+
+<a id="nestedatt--processor"></a>
+### Nested Schema for `processor`
+
+Required:
+
+- `name` (String) A user-friendly authorization processor name. The value must be unique.
+- `type` (String) A string that specifies the processor type.  Options are `CHAIN`, `COLLECTION_FILTER`, `COLLECTION_TRANSFORM`, `JSON_PATH`, `REFERENCE`, `SPEL`, `XPATH`.
+
+Optional:
+
+- `expression` (String) A string that specifies the expression to use. If the `type` is `JSON_PATH`, the expression should be a valid JSON path expression, if the `type` is `SPEL`, the expression should be a valid SpEL expression and if the `type` is `XPATH`, the expression should be a valid XPath expression.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`.
+- `predicate` (Attributes) This field is required when `type` is `COLLECTION_FILTER`. (see [below for nested schema](#nestedatt--processor--predicate))
+- `processor` (Attributes) This field is required when `type` is `COLLECTION_TRANSFORM`. (see [below for nested schema](#nestedatt--processor--processor))
+- `processor_ref` (Attributes) An object that specifies configuration settings for the authorization processor to reference.  This field is required when `type` is `REFERENCE`. (see [below for nested schema](#nestedatt--processor--processor_ref))
+- `processors` (Attributes List) The list of processors to apply in the given order.  This field is required when `type` is `CHAIN`. (see [below for nested schema](#nestedatt--processor--processors))
+- `value_type` (Attributes) An object that specifies the output type of the value.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`. (see [below for nested schema](#nestedatt--processor--value_type))
+
+<a id="nestedatt--processor--predicate"></a>
+### Nested Schema for `processor.predicate`
+
+Required:
+
+- `name` (String) A user-friendly authorization processor name. The value must be unique.
+- `type` (String) A string that specifies the processor type.  Options are `JSON_PATH`, `REFERENCE`, `SPEL`, `XPATH`.
+
+Optional:
+
+- `expression` (String) A string that specifies the expression to use. If the `type` is `JSON_PATH`, the expression should be a valid JSON path expression, if the `type` is `SPEL`, the expression should be a valid SpEL expression and if the `type` is `XPATH`, the expression should be a valid XPath expression.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`.
+- `processor_ref` (Attributes) An object that specifies configuration settings for the authorization processor to reference.  This field is required when `type` is `REFERENCE`. (see [below for nested schema](#nestedatt--processor--predicate--processor_ref))
+- `value_type` (Attributes) An object that specifies the output type of the value.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`. (see [below for nested schema](#nestedatt--processor--predicate--value_type))
+
+<a id="nestedatt--processor--predicate--processor_ref"></a>
+### Nested Schema for `processor.predicate.processor_ref`
+
+Required:
+
+- `id` (String) A string that specifies the ID of the authorization processor in the trust framework.  Must be a valid PingOne resource ID.
+
+
+<a id="nestedatt--processor--predicate--value_type"></a>
+### Nested Schema for `processor.predicate.value_type`
+
+Required:
+
+- `type` (String) A string that specifies the type of the value.  Options are `BOOLEAN`, `COLLECTION`, `DATE_TIME`, `DURATION`, `JSON`, `LOCAL_DATE`, `LOCAL_DATE_TIME`, `LOCAL_TIME`, `NUMBER`, `PERIOD`, `STRING`, `TIME_PERIOD`, `XML`, `ZONED_DATE_TIME`.  Must be `BOOLEAN` when the processor type (`processor.type`) is `COLLECTION_FILTER`
+
+
+
+<a id="nestedatt--processor--processor"></a>
+### Nested Schema for `processor.processor`
+
+Required:
+
+- `name` (String) A user-friendly authorization processor name. The value must be unique.
+- `type` (String) A string that specifies the processor type.  Options are `JSON_PATH`, `REFERENCE`, `SPEL`, `XPATH`.
+
+Optional:
+
+- `expression` (String) A string that specifies the expression to use. If the `type` is `JSON_PATH`, the expression should be a valid JSON path expression, if the `type` is `SPEL`, the expression should be a valid SpEL expression and if the `type` is `XPATH`, the expression should be a valid XPath expression.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`.
+- `processor_ref` (Attributes) An object that specifies configuration settings for the authorization processor to reference.  This field is required when `type` is `REFERENCE`. (see [below for nested schema](#nestedatt--processor--processor--processor_ref))
+- `value_type` (Attributes) An object that specifies the output type of the value.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`. (see [below for nested schema](#nestedatt--processor--processor--value_type))
+
+<a id="nestedatt--processor--processor--processor_ref"></a>
+### Nested Schema for `processor.processor.processor_ref`
+
+Required:
+
+- `id` (String) A string that specifies the ID of the authorization processor in the trust framework.  Must be a valid PingOne resource ID.
+
+
+<a id="nestedatt--processor--processor--value_type"></a>
+### Nested Schema for `processor.processor.value_type`
+
+Required:
+
+- `type` (String) A string that specifies the type of the value.  Options are `BOOLEAN`, `COLLECTION`, `DATE_TIME`, `DURATION`, `JSON`, `LOCAL_DATE`, `LOCAL_DATE_TIME`, `LOCAL_TIME`, `NUMBER`, `PERIOD`, `STRING`, `TIME_PERIOD`, `XML`, `ZONED_DATE_TIME`.  Must be `BOOLEAN` when the processor type (`processor.type`) is `COLLECTION_FILTER`
+
+
+
+<a id="nestedatt--processor--processor_ref"></a>
+### Nested Schema for `processor.processor_ref`
+
+Required:
+
+- `id` (String) A string that specifies the ID of the authorization processor in the trust framework.  Must be a valid PingOne resource ID.
+
+
+<a id="nestedatt--processor--processors"></a>
+### Nested Schema for `processor.processors`
+
+Required:
+
+- `name` (String) A user-friendly authorization processor name. The value must be unique.
+- `type` (String) A string that specifies the processor type.  Options are `JSON_PATH`, `REFERENCE`, `SPEL`, `XPATH`.
+
+Optional:
+
+- `expression` (String) A string that specifies the expression to use. If the `type` is `JSON_PATH`, the expression should be a valid JSON path expression, if the `type` is `SPEL`, the expression should be a valid SpEL expression and if the `type` is `XPATH`, the expression should be a valid XPath expression.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`.
+- `processor_ref` (Attributes) An object that specifies configuration settings for the authorization processor to reference.  This field is required when `type` is `REFERENCE`. (see [below for nested schema](#nestedatt--processor--processors--processor_ref))
+- `value_type` (Attributes) An object that specifies the output type of the value.  This field is required when `type` is `JSON_PATH`, `SPEL` or `XPATH`. (see [below for nested schema](#nestedatt--processor--processors--value_type))
+
+<a id="nestedatt--processor--processors--processor_ref"></a>
+### Nested Schema for `processor.processors.processor_ref`
+
+Required:
+
+- `id` (String) A string that specifies the ID of the authorization processor in the trust framework.  Must be a valid PingOne resource ID.
+
+
+<a id="nestedatt--processor--processors--value_type"></a>
+### Nested Schema for `processor.processors.value_type`
+
+Required:
+
+- `type` (String) A string that specifies the type of the value.  Options are `BOOLEAN`, `COLLECTION`, `DATE_TIME`, `DURATION`, `JSON`, `LOCAL_DATE`, `LOCAL_DATE_TIME`, `LOCAL_TIME`, `NUMBER`, `PERIOD`, `STRING`, `TIME_PERIOD`, `XML`, `ZONED_DATE_TIME`.  Must be `BOOLEAN` when the processor type (`processor.type`) is `COLLECTION_FILTER`
+
+
+
+<a id="nestedatt--processor--value_type"></a>
+### Nested Schema for `processor.value_type`
+
+Required:
+
+- `type` (String) A string that specifies the type of the value.  Options are `BOOLEAN`, `COLLECTION`, `DATE_TIME`, `DURATION`, `JSON`, `LOCAL_DATE`, `LOCAL_DATE_TIME`, `LOCAL_TIME`, `NUMBER`, `PERIOD`, `STRING`, `TIME_PERIOD`, `XML`, `ZONED_DATE_TIME`.  Must be `BOOLEAN` when the processor type (`processor.type`) is `COLLECTION_FILTER`
+
+
+
+<a id="nestedatt--parent"></a>
+### Nested Schema for `parent`
+
+Required:
+
+- `id` (String) A string that specifies the ID of the parent resource.  Must be a valid PingOne resource ID.
+
+## Import
+
+Import is supported using the following syntax, where attributes in `<>` brackets are replaced with the relevant ID.  For example, `<environment_id>` should be replaced with the ID of the environment to import from.
+
+```shell
+terraform import pingone_authorize_trust_framework_processor.example <environment_id>/<authorization_processor_id>
+```