authentik 2025.2.0, Mar 24 25

authentik 2025.2.0 published on Monday, Mar 24, 2025 by goauthentik

goauthentik/terraform-provider-authentik

authentik.RbacPermissionRole

Explore with Pulumi AI

authentik 2025.2.0 published on Monday, Mar 24, 2025 by goauthentik

goauthentik/terraform-provider-authentik

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as authentik from "@pulumi/authentik";

// Assign a global permission to a role
const my_roleRbacRole = new authentik.RbacRole("my-roleRbacRole", {});
const global_permissionRbacPermissionRole = new authentik.RbacPermissionRole("global-permissionRbacPermissionRole", {
    role: my_roleRbacRole.rbacRoleId,
    permission: "authentik_flows.inspect_flow",
});
// Assign an object permission to a role
const flow = new authentik.Flow("flow", {
    title: "Test flow",
    slug: "test-flow",
    designation: "authorization",
});
const my_roleIndex_rbacRoleRbacRole = new authentik.RbacRole("my-roleIndex/rbacRoleRbacRole", {});
const global_permissionIndex_rbacPermissionRoleRbacPermissionRole = new authentik.RbacPermissionRole("global-permissionIndex/rbacPermissionRoleRbacPermissionRole", {
    role: my_roleRbacRole.rbacRoleId,
    model: "authentik_flows.flow",
    permission: "inspect_flow",
    objectId: flow.uuid,
});

import pulumi
import pulumi_authentik as authentik

# Assign a global permission to a role
my_role_rbac_role = authentik.RbacRole("my-roleRbacRole")
global_permission_rbac_permission_role = authentik.RbacPermissionRole("global-permissionRbacPermissionRole",
    role=my_role_rbac_role.rbac_role_id,
    permission="authentik_flows.inspect_flow")
# Assign an object permission to a role
flow = authentik.Flow("flow",
    title="Test flow",
    slug="test-flow",
    designation="authorization")
my_role_index_rbac_role_rbac_role = authentik.RbacRole("my-roleIndex/rbacRoleRbacRole")
global_permission_index_rbac_permission_role_rbac_permission_role = authentik.RbacPermissionRole("global-permissionIndex/rbacPermissionRoleRbacPermissionRole",
    role=my_role_rbac_role.rbac_role_id,
    model="authentik_flows.flow",
    permission="inspect_flow",
    object_id=flow.uuid)

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/authentik/v2025/authentik"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Assign a global permission to a role
		my_roleRbacRole, err := authentik.NewRbacRole(ctx, "my-roleRbacRole", nil)
		if err != nil {
			return err
		}
		_, err = authentik.NewRbacPermissionRole(ctx, "global-permissionRbacPermissionRole", &authentik.RbacPermissionRoleArgs{
			Role:       my_roleRbacRole.RbacRoleId,
			Permission: pulumi.String("authentik_flows.inspect_flow"),
		})
		if err != nil {
			return err
		}
		flow, err := authentik.NewFlow(ctx, "flow", &authentik.FlowArgs{
			Title:       pulumi.String("Test flow"),
			Slug:        pulumi.String("test-flow"),
			Designation: pulumi.String("authorization"),
		})
		if err != nil {
			return err
		}
		_, err = authentik.NewRbacRole(ctx, "my-roleIndex/rbacRoleRbacRole", nil)
		if err != nil {
			return err
		}
		_, err = authentik.NewRbacPermissionRole(ctx, "global-permissionIndex/rbacPermissionRoleRbacPermissionRole", &authentik.RbacPermissionRoleArgs{
			Role:       my_roleRbacRole.RbacRoleId,
			Model:      pulumi.String("authentik_flows.flow"),
			Permission: pulumi.String("inspect_flow"),
			ObjectId:   flow.Uuid,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Authentik = Pulumi.Authentik;

return await Deployment.RunAsync(() => 
{
    // Assign a global permission to a role
    var my_roleRbacRole = new Authentik.RbacRole("my-roleRbacRole");

    var global_permissionRbacPermissionRole = new Authentik.RbacPermissionRole("global-permissionRbacPermissionRole", new()
    {
        Role = my_roleRbacRole.RbacRoleId,
        Permission = "authentik_flows.inspect_flow",
    });

    // Assign an object permission to a role
    var flow = new Authentik.Flow("flow", new()
    {
        Title = "Test flow",
        Slug = "test-flow",
        Designation = "authorization",
    });

    var my_roleIndex_rbacRoleRbacRole = new Authentik.RbacRole("my-roleIndex/rbacRoleRbacRole");

    var global_permissionIndex_rbacPermissionRoleRbacPermissionRole = new Authentik.RbacPermissionRole("global-permissionIndex/rbacPermissionRoleRbacPermissionRole", new()
    {
        Role = my_roleRbacRole.RbacRoleId,
        Model = "authentik_flows.flow",
        Permission = "inspect_flow",
        ObjectId = flow.Uuid,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.authentik.RbacRole;
import com.pulumi.authentik.RbacPermissionRole;
import com.pulumi.authentik.RbacPermissionRoleArgs;
import com.pulumi.authentik.Flow;
import com.pulumi.authentik.FlowArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        // Assign a global permission to a role
        var my_roleRbacRole = new RbacRole("my-roleRbacRole");

        var global_permissionRbacPermissionRole = new RbacPermissionRole("global-permissionRbacPermissionRole", RbacPermissionRoleArgs.builder()
            .role(my_roleRbacRole.rbacRoleId())
            .permission("authentik_flows.inspect_flow")
            .build());

        // Assign an object permission to a role
        var flow = new Flow("flow", FlowArgs.builder()
            .title("Test flow")
            .slug("test-flow")
            .designation("authorization")
            .build());

        var my_roleIndex_rbacRoleRbacRole = new RbacRole("my-roleIndex/rbacRoleRbacRole");

        var global_permissionIndex_rbacPermissionRoleRbacPermissionRole = new RbacPermissionRole("global-permissionIndex/rbacPermissionRoleRbacPermissionRole", RbacPermissionRoleArgs.builder()
            .role(my_roleRbacRole.rbacRoleId())
            .model("authentik_flows.flow")
            .permission("inspect_flow")
            .objectId(flow.uuid())
            .build());

    }
}

resources:
  # Assign a global permission to a role
  my-roleRbacRole:
    type: authentik:RbacRole
  global-permissionRbacPermissionRole: # Assign an object permission to a role
    type: authentik:RbacPermissionRole
    properties:
      role: ${["my-roleRbacRole"].rbacRoleId}
      permission: authentik_flows.inspect_flow
  flow:
    type: authentik:Flow
    properties:
      title: Test flow
      slug: test-flow
      designation: authorization
  my-roleIndex/rbacRoleRbacRole:
    type: authentik:RbacRole
  global-permissionIndex/rbacPermissionRoleRbacPermissionRole:
    type: authentik:RbacPermissionRole
    properties:
      role: ${["my-roleRbacRole"].rbacRoleId}
      model: authentik_flows.flow
      permission: inspect_flow
      objectId: ${flow.uuid}

Create RbacPermissionRole Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new RbacPermissionRole(name: string, args: RbacPermissionRoleArgs, opts?: CustomResourceOptions);

@overload
def RbacPermissionRole(resource_name: str,
                       args: RbacPermissionRoleArgs,
                       opts: Optional[ResourceOptions] = None)

@overload
def RbacPermissionRole(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       permission: Optional[str] = None,
                       role: Optional[str] = None,
                       model: Optional[str] = None,
                       object_id: Optional[str] = None,
                       rbac_permission_role_id: Optional[str] = None)

func NewRbacPermissionRole(ctx *Context, name string, args RbacPermissionRoleArgs, opts ...ResourceOption) (*RbacPermissionRole, error)

public RbacPermissionRole(string name, RbacPermissionRoleArgs args, CustomResourceOptions? opts = null)

public RbacPermissionRole(String name, RbacPermissionRoleArgs args)
public RbacPermissionRole(String name, RbacPermissionRoleArgs args, CustomResourceOptions options)

type: authentik:RbacPermissionRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args RbacPermissionRoleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args RbacPermissionRoleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RbacPermissionRoleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RbacPermissionRoleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args RbacPermissionRoleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var rbacPermissionRoleResource = new Authentik.RbacPermissionRole("rbacPermissionRoleResource", new()
{
    Permission = "string",
    Role = "string",
    Model = "string",
    ObjectId = "string",
    RbacPermissionRoleId = "string",
});

example, err := authentik.NewRbacPermissionRole(ctx, "rbacPermissionRoleResource", &authentik.RbacPermissionRoleArgs{
	Permission:           pulumi.String("string"),
	Role:                 pulumi.String("string"),
	Model:                pulumi.String("string"),
	ObjectId:             pulumi.String("string"),
	RbacPermissionRoleId: pulumi.String("string"),
})

var rbacPermissionRoleResource = new RbacPermissionRole("rbacPermissionRoleResource", RbacPermissionRoleArgs.builder()
    .permission("string")
    .role("string")
    .model("string")
    .objectId("string")
    .rbacPermissionRoleId("string")
    .build());

rbac_permission_role_resource = authentik.RbacPermissionRole("rbacPermissionRoleResource",
    permission="string",
    role="string",
    model="string",
    object_id="string",
    rbac_permission_role_id="string")

const rbacPermissionRoleResource = new authentik.RbacPermissionRole("rbacPermissionRoleResource", {
    permission: "string",
    role: "string",
    model: "string",
    objectId: "string",
    rbacPermissionRoleId: "string",
});

type: authentik:RbacPermissionRole
properties:
    model: string
    objectId: string
    permission: string
    rbacPermissionRoleId: string
    role: string

RbacPermissionRole Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The RbacPermissionRole resource accepts the following input properties:

Permission string

Role string

Model string

Allowed values: - authentik_tenants.domain - authentik_crypto.certificatekeypair - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

ObjectId string

RbacPermissionRoleId string

Permission string

Role string

Model string

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

ObjectId string

RbacPermissionRoleId string

permission String

role String

model String

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

objectId String

rbacPermissionRoleId String

permission string

role string

model string

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

objectId string

rbacPermissionRoleId string

permission str

role str

model str

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

object_id str

rbac_permission_role_id str

permission String

role String

model String

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

objectId String

rbacPermissionRoleId String

Outputs

All input properties are implicitly available as output properties. Additionally, the RbacPermissionRole resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing RbacPermissionRole Resource

Get an existing RbacPermissionRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RbacPermissionRoleState, opts?: CustomResourceOptions): RbacPermissionRole

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        model: Optional[str] = None,
        object_id: Optional[str] = None,
        permission: Optional[str] = None,
        rbac_permission_role_id: Optional[str] = None,
        role: Optional[str] = None) -> RbacPermissionRole

func GetRbacPermissionRole(ctx *Context, name string, id IDInput, state *RbacPermissionRoleState, opts ...ResourceOption) (*RbacPermissionRole, error)

public static RbacPermissionRole Get(string name, Input<string> id, RbacPermissionRoleState? state, CustomResourceOptions? opts = null)

public static RbacPermissionRole get(String name, Output<String> id, RbacPermissionRoleState state, CustomResourceOptions options)

resources:  _:    type: authentik:RbacPermissionRole    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Model string

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

ObjectId string

Permission string

RbacPermissionRoleId string

Role string

Model string

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

ObjectId string

Permission string

RbacPermissionRoleId string

Role string

model String

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

objectId String

permission String

rbacPermissionRoleId String

role String

model string

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

objectId string

permission string

rbacPermissionRoleId string

role string

model str

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

object_id str

permission str

rbac_permission_role_id str

role str

model String

authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping
authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand
authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping

objectId String

permission String

rbacPermissionRoleId String

role String