ibm 1.85.0-beta0, Oct 29 25

ibm 1.85.0-beta0 published on Wednesday, Oct 29, 2025 by ibm-cloud

ibm.IamAccountSettings

Start a Neo task

Explain and create an ibm.IamAccountSettings resource

ibm 1.85.0-beta0 published on Wednesday, Oct 29, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const iamAccountSettingsInstance = new ibm.IamAccountSettings("iamAccountSettingsInstance", {
    mfa: "LEVEL3",
    sessionExpirationInSeconds: "40000",
});

import pulumi
import pulumi_ibm as ibm

iam_account_settings_instance = ibm.IamAccountSettings("iamAccountSettingsInstance",
    mfa="LEVEL3",
    session_expiration_in_seconds="40000")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewIamAccountSettings(ctx, "iamAccountSettingsInstance", &ibm.IamAccountSettingsArgs{
			Mfa:                        pulumi.String("LEVEL3"),
			SessionExpirationInSeconds: pulumi.String("40000"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var iamAccountSettingsInstance = new Ibm.IamAccountSettings("iamAccountSettingsInstance", new()
    {
        Mfa = "LEVEL3",
        SessionExpirationInSeconds = "40000",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IamAccountSettings;
import com.pulumi.ibm.IamAccountSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var iamAccountSettingsInstance = new IamAccountSettings("iamAccountSettingsInstance", IamAccountSettingsArgs.builder()
            .mfa("LEVEL3")
            .sessionExpirationInSeconds("40000")
            .build());

    }
}

resources:
  iamAccountSettingsInstance:
    type: ibm:IamAccountSettings
    properties:
      mfa: LEVEL3
      sessionExpirationInSeconds: '40000'

Create IamAccountSettings Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new IamAccountSettings(name: string, args?: IamAccountSettingsArgs, opts?: CustomResourceOptions);

@overload
def IamAccountSettings(resource_name: str,
                       args: Optional[IamAccountSettingsArgs] = None,
                       opts: Optional[ResourceOptions] = None)

@overload
def IamAccountSettings(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       allowed_ip_addresses: Optional[str] = None,
                       entity_tag: Optional[str] = None,
                       iam_account_settings_id: Optional[str] = None,
                       if_match: Optional[str] = None,
                       include_history: Optional[bool] = None,
                       max_sessions_per_identity: Optional[str] = None,
                       mfa: Optional[str] = None,
                       resolve_user_mfa: Optional[bool] = None,
                       restrict_create_platform_apikey: Optional[str] = None,
                       restrict_create_service_id: Optional[str] = None,
                       restrict_user_domains: Optional[Sequence[IamAccountSettingsRestrictUserDomainArgs]] = None,
                       restrict_user_list_visibility: Optional[str] = None,
                       session_expiration_in_seconds: Optional[str] = None,
                       session_invalidation_in_seconds: Optional[str] = None,
                       system_access_token_expiration_in_seconds: Optional[str] = None,
                       system_refresh_token_expiration_in_seconds: Optional[str] = None,
                       user_mfas: Optional[Sequence[IamAccountSettingsUserMfaArgs]] = None)

func NewIamAccountSettings(ctx *Context, name string, args *IamAccountSettingsArgs, opts ...ResourceOption) (*IamAccountSettings, error)

public IamAccountSettings(string name, IamAccountSettingsArgs? args = null, CustomResourceOptions? opts = null)

public IamAccountSettings(String name, IamAccountSettingsArgs args)
public IamAccountSettings(String name, IamAccountSettingsArgs args, CustomResourceOptions options)

type: ibm:IamAccountSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args IamAccountSettingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args IamAccountSettingsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args IamAccountSettingsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args IamAccountSettingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args IamAccountSettingsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var iamAccountSettingsResource = new Ibm.IamAccountSettings("iamAccountSettingsResource", new()
{
    AllowedIpAddresses = "string",
    EntityTag = "string",
    IamAccountSettingsId = "string",
    IfMatch = "string",
    IncludeHistory = false,
    MaxSessionsPerIdentity = "string",
    Mfa = "string",
    ResolveUserMfa = false,
    RestrictCreatePlatformApikey = "string",
    RestrictCreateServiceId = "string",
    RestrictUserDomains = new[]
    {
        new Ibm.Inputs.IamAccountSettingsRestrictUserDomainArgs
        {
            InvitationEmailAllowPatterns = new[]
            {
                "string",
            },
            RealmId = "string",
            RestrictInvitation = false,
        },
    },
    RestrictUserListVisibility = "string",
    SessionExpirationInSeconds = "string",
    SessionInvalidationInSeconds = "string",
    SystemAccessTokenExpirationInSeconds = "string",
    SystemRefreshTokenExpirationInSeconds = "string",
    UserMfas = new[]
    {
        new Ibm.Inputs.IamAccountSettingsUserMfaArgs
        {
            Description = "string",
            Email = "string",
            IamId = "string",
            Mfa = "string",
            Name = "string",
            UserName = "string",
        },
    },
});

example, err := ibm.NewIamAccountSettings(ctx, "iamAccountSettingsResource", &ibm.IamAccountSettingsArgs{
	AllowedIpAddresses:           pulumi.String("string"),
	EntityTag:                    pulumi.String("string"),
	IamAccountSettingsId:         pulumi.String("string"),
	IfMatch:                      pulumi.String("string"),
	IncludeHistory:               pulumi.Bool(false),
	MaxSessionsPerIdentity:       pulumi.String("string"),
	Mfa:                          pulumi.String("string"),
	ResolveUserMfa:               pulumi.Bool(false),
	RestrictCreatePlatformApikey: pulumi.String("string"),
	RestrictCreateServiceId:      pulumi.String("string"),
	RestrictUserDomains: ibm.IamAccountSettingsRestrictUserDomainArray{
		&ibm.IamAccountSettingsRestrictUserDomainArgs{
			InvitationEmailAllowPatterns: pulumi.StringArray{
				pulumi.String("string"),
			},
			RealmId:            pulumi.String("string"),
			RestrictInvitation: pulumi.Bool(false),
		},
	},
	RestrictUserListVisibility:            pulumi.String("string"),
	SessionExpirationInSeconds:            pulumi.String("string"),
	SessionInvalidationInSeconds:          pulumi.String("string"),
	SystemAccessTokenExpirationInSeconds:  pulumi.String("string"),
	SystemRefreshTokenExpirationInSeconds: pulumi.String("string"),
	UserMfas: ibm.IamAccountSettingsUserMfaArray{
		&ibm.IamAccountSettingsUserMfaArgs{
			Description: pulumi.String("string"),
			Email:       pulumi.String("string"),
			IamId:       pulumi.String("string"),
			Mfa:         pulumi.String("string"),
			Name:        pulumi.String("string"),
			UserName:    pulumi.String("string"),
		},
	},
})

var iamAccountSettingsResource = new IamAccountSettings("iamAccountSettingsResource", IamAccountSettingsArgs.builder()
    .allowedIpAddresses("string")
    .entityTag("string")
    .iamAccountSettingsId("string")
    .ifMatch("string")
    .includeHistory(false)
    .maxSessionsPerIdentity("string")
    .mfa("string")
    .resolveUserMfa(false)
    .restrictCreatePlatformApikey("string")
    .restrictCreateServiceId("string")
    .restrictUserDomains(IamAccountSettingsRestrictUserDomainArgs.builder()
        .invitationEmailAllowPatterns("string")
        .realmId("string")
        .restrictInvitation(false)
        .build())
    .restrictUserListVisibility("string")
    .sessionExpirationInSeconds("string")
    .sessionInvalidationInSeconds("string")
    .systemAccessTokenExpirationInSeconds("string")
    .systemRefreshTokenExpirationInSeconds("string")
    .userMfas(IamAccountSettingsUserMfaArgs.builder()
        .description("string")
        .email("string")
        .iamId("string")
        .mfa("string")
        .name("string")
        .userName("string")
        .build())
    .build());

iam_account_settings_resource = ibm.IamAccountSettings("iamAccountSettingsResource",
    allowed_ip_addresses="string",
    entity_tag="string",
    iam_account_settings_id="string",
    if_match="string",
    include_history=False,
    max_sessions_per_identity="string",
    mfa="string",
    resolve_user_mfa=False,
    restrict_create_platform_apikey="string",
    restrict_create_service_id="string",
    restrict_user_domains=[{
        "invitation_email_allow_patterns": ["string"],
        "realm_id": "string",
        "restrict_invitation": False,
    }],
    restrict_user_list_visibility="string",
    session_expiration_in_seconds="string",
    session_invalidation_in_seconds="string",
    system_access_token_expiration_in_seconds="string",
    system_refresh_token_expiration_in_seconds="string",
    user_mfas=[{
        "description": "string",
        "email": "string",
        "iam_id": "string",
        "mfa": "string",
        "name": "string",
        "user_name": "string",
    }])

const iamAccountSettingsResource = new ibm.IamAccountSettings("iamAccountSettingsResource", {
    allowedIpAddresses: "string",
    entityTag: "string",
    iamAccountSettingsId: "string",
    ifMatch: "string",
    includeHistory: false,
    maxSessionsPerIdentity: "string",
    mfa: "string",
    resolveUserMfa: false,
    restrictCreatePlatformApikey: "string",
    restrictCreateServiceId: "string",
    restrictUserDomains: [{
        invitationEmailAllowPatterns: ["string"],
        realmId: "string",
        restrictInvitation: false,
    }],
    restrictUserListVisibility: "string",
    sessionExpirationInSeconds: "string",
    sessionInvalidationInSeconds: "string",
    systemAccessTokenExpirationInSeconds: "string",
    systemRefreshTokenExpirationInSeconds: "string",
    userMfas: [{
        description: "string",
        email: "string",
        iamId: "string",
        mfa: "string",
        name: "string",
        userName: "string",
    }],
});

type: ibm:IamAccountSettings
properties:
    allowedIpAddresses: string
    entityTag: string
    iamAccountSettingsId: string
    ifMatch: string
    includeHistory: false
    maxSessionsPerIdentity: string
    mfa: string
    resolveUserMfa: false
    restrictCreatePlatformApikey: string
    restrictCreateServiceId: string
    restrictUserDomains:
        - invitationEmailAllowPatterns:
            - string
          realmId: string
          restrictInvitation: false
    restrictUserListVisibility: string
    sessionExpirationInSeconds: string
    sessionInvalidationInSeconds: string
    systemAccessTokenExpirationInSeconds: string
    systemRefreshTokenExpirationInSeconds: string
    userMfas:
        - description: string
          email: string
          iamId: string
          mfa: string
          name: string
          userName: string

IamAccountSettings Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The IamAccountSettings resource accepts the following input properties:

AllowedIpAddresses string

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

EntityTag string

(String) Version of the account settings.

IamAccountSettingsId string

The unique identifier of the iam_account_settings.

IfMatch string

Version of the account settings to be updated. Specify the version that you retrieved as entity_tag (ETag header) when reading the account. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.

IncludeHistory bool

Defines if the entity history is included in the response.

Constraints: The default value is false.

MaxSessionsPerIdentity string

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

Mfa string

(String) MFA trait definitions as follows: * NONE - No MFA trait set * NONE_NO_ROPC- No MFA, disable CLI logins with only a password * TOTP - For all non-federated IBMId users * TOTP4ALL - For all users * LEVEL1 - Email-based MFA for all users * LEVEL2 - TOTP-based MFA for all users * LEVEL3 - U2F MFA for all users.

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

ResolveUserMfa bool

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

RestrictCreatePlatformApikey string

(String) Defines whether or not creating the resource is access controlled. Valid values: * RESTRICTED - only users assigned the 'Service ID creator' role on the IAM Identity Service can create service IDs, including the account owner * NOT_RESTRICTED - all members of an account can create service IDs * NOT_SET - to 'unset' a previous set value.

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictCreateServiceId string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictUserDomains List<IamAccountSettingsRestrictUserDomain>

(List) Defines if account invitations are restricted to specified domains. To remove an entry for a realm_id, perform an update (PUT) request with only the realm_id set. Nested schema for restrict_user_domains:

RestrictUserListVisibility string

(String) Defines whether or not user visibility is access controlled. Valid values: * RESTRICTED - users can view only specific types of users in the account, such as those the user has invited to the account, or descendants of those users based on the classic infrastructure hierarchy * NOT_RESTRICTED - any user in the account can view other users from the Users page in IBM Cloud console.

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

SessionExpirationInSeconds string

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

SessionInvalidationInSeconds string

(String) Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 7200.

SystemAccessTokenExpirationInSeconds string

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

SystemRefreshTokenExpirationInSeconds string

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

UserMfas List<IamAccountSettingsUserMfa>

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

AllowedIpAddresses string

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

EntityTag string

(String) Version of the account settings.

IamAccountSettingsId string

The unique identifier of the iam_account_settings.

IfMatch string

IncludeHistory bool

Defines if the entity history is included in the response.

Constraints: The default value is false.

MaxSessionsPerIdentity string

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

Mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

ResolveUserMfa bool

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

RestrictCreatePlatformApikey string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictCreateServiceId string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictUserDomains []IamAccountSettingsRestrictUserDomainArgs

RestrictUserListVisibility string

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

SessionExpirationInSeconds string

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

SessionInvalidationInSeconds string

Constraints: The default value is 7200.

SystemAccessTokenExpirationInSeconds string

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

SystemRefreshTokenExpirationInSeconds string

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

UserMfas []IamAccountSettingsUserMfaArgs

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowedIpAddresses String

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entityTag String

(String) Version of the account settings.

iamAccountSettingsId String

The unique identifier of the iam_account_settings.

ifMatch String

includeHistory Boolean

Defines if the entity history is included in the response.

Constraints: The default value is false.

maxSessionsPerIdentity String

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa String

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolveUserMfa Boolean

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrictCreatePlatformApikey String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictCreateServiceId String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictUserDomains List<IamAccountSettingsRestrictUserDomain>

restrictUserListVisibility String

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

sessionExpirationInSeconds String

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

sessionInvalidationInSeconds String

Constraints: The default value is 7200.

systemAccessTokenExpirationInSeconds String

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

systemRefreshTokenExpirationInSeconds String

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

userMfas List<IamAccountSettingsUserMfa>

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowedIpAddresses string

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entityTag string

(String) Version of the account settings.

iamAccountSettingsId string

The unique identifier of the iam_account_settings.

ifMatch string

includeHistory boolean

Defines if the entity history is included in the response.

Constraints: The default value is false.

maxSessionsPerIdentity string

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolveUserMfa boolean

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrictCreatePlatformApikey string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictCreateServiceId string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictUserDomains IamAccountSettingsRestrictUserDomain[]

restrictUserListVisibility string

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

sessionExpirationInSeconds string

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

sessionInvalidationInSeconds string

Constraints: The default value is 7200.

systemAccessTokenExpirationInSeconds string

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

systemRefreshTokenExpirationInSeconds string

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

userMfas IamAccountSettingsUserMfa[]

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowed_ip_addresses str

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entity_tag str

(String) Version of the account settings.

iam_account_settings_id str

The unique identifier of the iam_account_settings.

if_match str

include_history bool

Defines if the entity history is included in the response.

Constraints: The default value is false.

max_sessions_per_identity str

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa str

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolve_user_mfa bool

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrict_create_platform_apikey str

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrict_create_service_id str

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrict_user_domains Sequence[IamAccountSettingsRestrictUserDomainArgs]

restrict_user_list_visibility str

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

session_expiration_in_seconds str

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

session_invalidation_in_seconds str

Constraints: The default value is 7200.

system_access_token_expiration_in_seconds str

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

system_refresh_token_expiration_in_seconds str

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

user_mfas Sequence[IamAccountSettingsUserMfaArgs]

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowedIpAddresses String

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entityTag String

(String) Version of the account settings.

iamAccountSettingsId String

The unique identifier of the iam_account_settings.

ifMatch String

includeHistory Boolean

Defines if the entity history is included in the response.

Constraints: The default value is false.

maxSessionsPerIdentity String

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa String

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolveUserMfa Boolean

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrictCreatePlatformApikey String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictCreateServiceId String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictUserDomains List<Property Map>

restrictUserListVisibility String

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

sessionExpirationInSeconds String

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

sessionInvalidationInSeconds String

Constraints: The default value is 7200.

systemAccessTokenExpirationInSeconds String

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

systemRefreshTokenExpirationInSeconds String

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

userMfas List<Property Map>

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

Outputs

All input properties are implicitly available as output properties. Additionally, the IamAccountSettings resource produces the following output properties:

Histories List<IamAccountSettingsHistory>: (List) History of the Account Settings. Nested schema for history:
Id string: The provider-assigned unique ID for this managed resource.

Histories []IamAccountSettingsHistory: (List) History of the Account Settings. Nested schema for history:
Id string: The provider-assigned unique ID for this managed resource.

histories List<IamAccountSettingsHistory>: (List) History of the Account Settings. Nested schema for history:
id String: The provider-assigned unique ID for this managed resource.

histories IamAccountSettingsHistory[]: (List) History of the Account Settings. Nested schema for history:
id string: The provider-assigned unique ID for this managed resource.

histories Sequence[IamAccountSettingsHistory]: (List) History of the Account Settings. Nested schema for history:
id str: The provider-assigned unique ID for this managed resource.

histories List<Property Map>: (List) History of the Account Settings. Nested schema for history:
id String: The provider-assigned unique ID for this managed resource.

Look up Existing IamAccountSettings Resource

Get an existing IamAccountSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IamAccountSettingsState, opts?: CustomResourceOptions): IamAccountSettings

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allowed_ip_addresses: Optional[str] = None,
        entity_tag: Optional[str] = None,
        histories: Optional[Sequence[IamAccountSettingsHistoryArgs]] = None,
        iam_account_settings_id: Optional[str] = None,
        if_match: Optional[str] = None,
        include_history: Optional[bool] = None,
        max_sessions_per_identity: Optional[str] = None,
        mfa: Optional[str] = None,
        resolve_user_mfa: Optional[bool] = None,
        restrict_create_platform_apikey: Optional[str] = None,
        restrict_create_service_id: Optional[str] = None,
        restrict_user_domains: Optional[Sequence[IamAccountSettingsRestrictUserDomainArgs]] = None,
        restrict_user_list_visibility: Optional[str] = None,
        session_expiration_in_seconds: Optional[str] = None,
        session_invalidation_in_seconds: Optional[str] = None,
        system_access_token_expiration_in_seconds: Optional[str] = None,
        system_refresh_token_expiration_in_seconds: Optional[str] = None,
        user_mfas: Optional[Sequence[IamAccountSettingsUserMfaArgs]] = None) -> IamAccountSettings

func GetIamAccountSettings(ctx *Context, name string, id IDInput, state *IamAccountSettingsState, opts ...ResourceOption) (*IamAccountSettings, error)

public static IamAccountSettings Get(string name, Input<string> id, IamAccountSettingsState? state, CustomResourceOptions? opts = null)

public static IamAccountSettings get(String name, Output<String> id, IamAccountSettingsState state, CustomResourceOptions options)

resources:  _:    type: ibm:IamAccountSettings    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowedIpAddresses string

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

EntityTag string

(String) Version of the account settings.

Histories List<IamAccountSettingsHistory>

(List) History of the Account Settings. Nested schema for history:

IamAccountSettingsId string

The unique identifier of the iam_account_settings.

IfMatch string

IncludeHistory bool

Defines if the entity history is included in the response.

Constraints: The default value is false.

MaxSessionsPerIdentity string

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

Mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

ResolveUserMfa bool

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

RestrictCreatePlatformApikey string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictCreateServiceId string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictUserDomains List<IamAccountSettingsRestrictUserDomain>

RestrictUserListVisibility string

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

SessionExpirationInSeconds string

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

SessionInvalidationInSeconds string

Constraints: The default value is 7200.

SystemAccessTokenExpirationInSeconds string

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

SystemRefreshTokenExpirationInSeconds string

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

UserMfas List<IamAccountSettingsUserMfa>

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

AllowedIpAddresses string

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

EntityTag string

(String) Version of the account settings.

Histories []IamAccountSettingsHistoryArgs

(List) History of the Account Settings. Nested schema for history:

IamAccountSettingsId string

The unique identifier of the iam_account_settings.

IfMatch string

IncludeHistory bool

Defines if the entity history is included in the response.

Constraints: The default value is false.

MaxSessionsPerIdentity string

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

Mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

ResolveUserMfa bool

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

RestrictCreatePlatformApikey string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictCreateServiceId string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

RestrictUserDomains []IamAccountSettingsRestrictUserDomainArgs

RestrictUserListVisibility string

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

SessionExpirationInSeconds string

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

SessionInvalidationInSeconds string

Constraints: The default value is 7200.

SystemAccessTokenExpirationInSeconds string

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

SystemRefreshTokenExpirationInSeconds string

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

UserMfas []IamAccountSettingsUserMfaArgs

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowedIpAddresses String

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entityTag String

(String) Version of the account settings.

histories List<IamAccountSettingsHistory>

(List) History of the Account Settings. Nested schema for history:

iamAccountSettingsId String

The unique identifier of the iam_account_settings.

ifMatch String

includeHistory Boolean

Defines if the entity history is included in the response.

Constraints: The default value is false.

maxSessionsPerIdentity String

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa String

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolveUserMfa Boolean

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrictCreatePlatformApikey String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictCreateServiceId String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictUserDomains List<IamAccountSettingsRestrictUserDomain>

restrictUserListVisibility String

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

sessionExpirationInSeconds String

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

sessionInvalidationInSeconds String

Constraints: The default value is 7200.

systemAccessTokenExpirationInSeconds String

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

systemRefreshTokenExpirationInSeconds String

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

userMfas List<IamAccountSettingsUserMfa>

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowedIpAddresses string

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entityTag string

(String) Version of the account settings.

histories IamAccountSettingsHistory[]

(List) History of the Account Settings. Nested schema for history:

iamAccountSettingsId string

The unique identifier of the iam_account_settings.

ifMatch string

includeHistory boolean

Defines if the entity history is included in the response.

Constraints: The default value is false.

maxSessionsPerIdentity string

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolveUserMfa boolean

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrictCreatePlatformApikey string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictCreateServiceId string

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictUserDomains IamAccountSettingsRestrictUserDomain[]

restrictUserListVisibility string

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

sessionExpirationInSeconds string

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

sessionInvalidationInSeconds string

Constraints: The default value is 7200.

systemAccessTokenExpirationInSeconds string

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

systemRefreshTokenExpirationInSeconds string

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

userMfas IamAccountSettingsUserMfa[]

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowed_ip_addresses str

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entity_tag str

(String) Version of the account settings.

histories Sequence[IamAccountSettingsHistoryArgs]

(List) History of the Account Settings. Nested schema for history:

iam_account_settings_id str

The unique identifier of the iam_account_settings.

if_match str

include_history bool

Defines if the entity history is included in the response.

Constraints: The default value is false.

max_sessions_per_identity str

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa str

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolve_user_mfa bool

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrict_create_platform_apikey str

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrict_create_service_id str

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrict_user_domains Sequence[IamAccountSettingsRestrictUserDomainArgs]

restrict_user_list_visibility str

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

session_expiration_in_seconds str

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

session_invalidation_in_seconds str

Constraints: The default value is 7200.

system_access_token_expiration_in_seconds str

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

system_refresh_token_expiration_in_seconds str

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

user_mfas Sequence[IamAccountSettingsUserMfaArgs]

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

allowedIpAddresses String

(String) Defines the IP addresses and subnets from which IAM tokens can be created for the account.

entityTag String

(String) Version of the account settings.

histories List<Property Map>

(List) History of the Account Settings. Nested schema for history:

iamAccountSettingsId String

The unique identifier of the iam_account_settings.

ifMatch String

includeHistory Boolean

Defines if the entity history is included in the response.

Constraints: The default value is false.

maxSessionsPerIdentity String

(String) Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default.

mfa String

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

resolveUserMfa Boolean

Enrich MFA exemptions with user PI.

Constraints: The default value is false.

restrictCreatePlatformApikey String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictCreateServiceId String

Constraints: The default value is NOT_SET. Allowable values are: RESTRICTED, NOT_RESTRICTED, NOT_SET.

restrictUserDomains List<Property Map>

restrictUserListVisibility String

Constraints: The default value is NOT_RESTRICTED. Allowable values are: NOT_RESTRICTED, RESTRICTED.

sessionExpirationInSeconds String

(String) Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 86400.

sessionInvalidationInSeconds String

Constraints: The default value is 7200.

systemAccessTokenExpirationInSeconds String

(String) Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 3600.

systemRefreshTokenExpirationInSeconds String

(String) Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default.

Constraints: The default value is 259200.

userMfas List<Property Map>

(List) List of users that are exempted from the MFA requirement of the account. Nested schema for user_mfa:

Supporting Types

IamAccountSettingsHistory, IamAccountSettingsHistoryArgs

Action string: (String) Action of the history entry.
IamId string: (String) The iam_id of the user.
IamIdAccount string: (String) Account of the identity which triggered the action.
Message string: (String) Message which summarizes the executed action.
Params List<string>: (List) Params of the history entry.
Timestamp string: (String) Timestamp when the action was triggered.

Action string: (String) Action of the history entry.
IamId string: (String) The iam_id of the user.
IamIdAccount string: (String) Account of the identity which triggered the action.
Message string: (String) Message which summarizes the executed action.
Params []string: (List) Params of the history entry.
Timestamp string: (String) Timestamp when the action was triggered.

action String: (String) Action of the history entry.
iamId String: (String) The iam_id of the user.
iamIdAccount String: (String) Account of the identity which triggered the action.
message String: (String) Message which summarizes the executed action.
params List<String>: (List) Params of the history entry.
timestamp String: (String) Timestamp when the action was triggered.

action string: (String) Action of the history entry.
iamId string: (String) The iam_id of the user.
iamIdAccount string: (String) Account of the identity which triggered the action.
message string: (String) Message which summarizes the executed action.
params string[]: (List) Params of the history entry.
timestamp string: (String) Timestamp when the action was triggered.

action str: (String) Action of the history entry.
iam_id str: (String) The iam_id of the user.
iam_id_account str: (String) Account of the identity which triggered the action.
message str: (String) Message which summarizes the executed action.
params Sequence[str]: (List) Params of the history entry.
timestamp str: (String) Timestamp when the action was triggered.

action String: (String) Action of the history entry.
iamId String: (String) The iam_id of the user.
iamIdAccount String: (String) Account of the identity which triggered the action.
message String: (String) Message which summarizes the executed action.
params List<String>: (List) Params of the history entry.
timestamp String: (String) Timestamp when the action was triggered.

IamAccountSettingsRestrictUserDomain, IamAccountSettingsRestrictUserDomainArgs

InvitationEmailAllowPatterns List<string>: (List) The list of allowed email patterns. Wildcard syntax is supported, '*' represents any sequence of zero or more characters in the string, except for '.' and '@'. The sequence ends if a '.' or '@' was found. '**' represents any sequence of zero or more characters in the string - without limit.
RealmId string: (String) The realm that the restrictions apply to.
RestrictInvitation bool: (Boolean) When true invites will only be possible to the domain patterns provided, otherwise invites are unrestricted.

InvitationEmailAllowPatterns []string: (List) The list of allowed email patterns. Wildcard syntax is supported, '*' represents any sequence of zero or more characters in the string, except for '.' and '@'. The sequence ends if a '.' or '@' was found. '**' represents any sequence of zero or more characters in the string - without limit.
RealmId string: (String) The realm that the restrictions apply to.
RestrictInvitation bool: (Boolean) When true invites will only be possible to the domain patterns provided, otherwise invites are unrestricted.

invitationEmailAllowPatterns List<String>: (List) The list of allowed email patterns. Wildcard syntax is supported, '*' represents any sequence of zero or more characters in the string, except for '.' and '@'. The sequence ends if a '.' or '@' was found. '**' represents any sequence of zero or more characters in the string - without limit.
realmId String: (String) The realm that the restrictions apply to.
restrictInvitation Boolean: (Boolean) When true invites will only be possible to the domain patterns provided, otherwise invites are unrestricted.

invitationEmailAllowPatterns string[]: (List) The list of allowed email patterns. Wildcard syntax is supported, '*' represents any sequence of zero or more characters in the string, except for '.' and '@'. The sequence ends if a '.' or '@' was found. '**' represents any sequence of zero or more characters in the string - without limit.
realmId string: (String) The realm that the restrictions apply to.
restrictInvitation boolean: (Boolean) When true invites will only be possible to the domain patterns provided, otherwise invites are unrestricted.

invitation_email_allow_patterns Sequence[str]: (List) The list of allowed email patterns. Wildcard syntax is supported, '*' represents any sequence of zero or more characters in the string, except for '.' and '@'. The sequence ends if a '.' or '@' was found. '**' represents any sequence of zero or more characters in the string - without limit.
realm_id str: (String) The realm that the restrictions apply to.
restrict_invitation bool: (Boolean) When true invites will only be possible to the domain patterns provided, otherwise invites are unrestricted.

invitationEmailAllowPatterns List<String>: (List) The list of allowed email patterns. Wildcard syntax is supported, '*' represents any sequence of zero or more characters in the string, except for '.' and '@'. The sequence ends if a '.' or '@' was found. '**' represents any sequence of zero or more characters in the string - without limit.
realmId String: (String) The realm that the restrictions apply to.
restrictInvitation Boolean: (Boolean) When true invites will only be possible to the domain patterns provided, otherwise invites are unrestricted.

IamAccountSettingsUserMfa, IamAccountSettingsUserMfaArgs

Description string

(String) optional description.

Email string

(String) email of the user.

IamId string

(String) The iam_id of the user.

Mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

Name string

(String) name of the user account.

UserName string

(String) userName of the user.

Description string

(String) optional description.

Email string

(String) email of the user.

IamId string

(String) The iam_id of the user.

Mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

Name string

(String) name of the user account.

UserName string

(String) userName of the user.

description String

(String) optional description.

email String

(String) email of the user.

iamId String

(String) The iam_id of the user.

mfa String

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

name String

(String) name of the user account.

userName String

(String) userName of the user.

description string

(String) optional description.

email string

(String) email of the user.

iamId string

(String) The iam_id of the user.

mfa string

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

name string

(String) name of the user account.

userName string

(String) userName of the user.

description str

(String) optional description.

email str

(String) email of the user.

iam_id str

(String) The iam_id of the user.

mfa str

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

name str

(String) name of the user account.

user_name str

(String) userName of the user.

description String

(String) optional description.

email String

(String) email of the user.

iamId String

(String) The iam_id of the user.

mfa String

Constraints: Allowable values are: NONE, NONE_NO_ROPC, TOTP, TOTP4ALL, LEVEL1, LEVEL2, LEVEL3.

name String

(String) name of the user account.

userName String

(String) userName of the user.

Import

You can import the ibm_iam_account_settings resource by using account_id.

The account_id property can be formed from and account_id in the following format:


<account_id>

account_id: A string. Unique ID of the account.

Syntax


```sh
$ pulumi import ibm:index/iamAccountSettings:IamAccountSettings iam_account_settings <account_id>
```

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.85.0-beta0 published on Wednesday, Oct 29, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

ibm.IamAccountSettings

On this page

On this page

Example Usage

Create IamAccountSettings Resource

Constructor syntax

Parameters

Constructor example

IamAccountSettings Resource Properties

Inputs

Outputs

Look up Existing IamAccountSettings Resource

Supporting Types

IamAccountSettingsHistory, IamAccountSettingsHistoryArgs

IamAccountSettingsRestrictUserDomain, IamAccountSettingsRestrictUserDomainArgs

IamAccountSettingsUserMfa, IamAccountSettingsUserMfaArgs

Import

Package Details

On this page

On this page