{"id":28139062,"url":"https://github.com/broadcom/terraform-provider-luminate","last_synced_at":"2026-01-16T16:33:49.683Z","repository":{"id":44796297,"uuid":"234880701","full_name":"Broadcom/terraform-provider-luminate","owner":"Broadcom","description":"Secure access cloud terraform provider","archived":false,"fork":false,"pushed_at":"2025-06-10T10:08:09.000Z","size":9643,"stargazers_count":10,"open_issues_count":8,"forks_count":5,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-06-10T10:44:06.605Z","etag":null,"topics":["terraform-provider"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Broadcom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-01-19T10:23:48.000Z","updated_at":"2025-05-28T12:33:31.000Z","dependencies_parsed_at":"2023-12-20T12:32:31.798Z","dependency_job_id":"a1f7453f-92a4-4f6d-a60c-0c57a65b05e9","html_url":"https://github.com/Broadcom/terraform-provider-luminate","commit_stats":null,"previous_names":[],"tags_count":31,"template":false,"template_full_name":null,"purl":"pkg:github/Broadcom/terraform-provider-luminate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Broadcom%2Fterraform-provider-luminate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Broadcom%2Fterraform-provider-luminate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Broadcom%2Fterraform-provider-luminate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Broadcom%2Fterraform-provider-luminate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Broadcom","download_url":"https://codeload.github.com/Broadcom/terraform-provider-luminate/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Broadcom%2Fterraform-provider-luminate/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261380138,"owners_count":23149930,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["terraform-provider"],"created_at":"2025-05-14T17:16:10.440Z","updated_at":"2026-01-16T16:33:49.660Z","avatar_url":"https://github.com/Broadcom.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# **Terraform provider luminate**\n\n\n#### Latest Binaries  \n\n| Platform    |                                                                                                                                                                               |\n|-------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| Linux       | [terraform-provider-luminate-linux.zip](https://github.com/Broadcom/terraform-provider-luminate/releases/latest/download/terraform-provider-luminate-linux.zip)               |\n| MacOS Intel | [terraform-provider-luminate-darwin.zip](https://github.com/Broadcom/terraform-provider-luminate/releases/latest/download/terraform-provider-luminate-darwin.zip)             |\n| MacOS M1    | [terraform-provider-luminate-darwin_arm64.zip](https://github.com/Broadcom/terraform-provider-luminate/releases/latest/download/terraform-provider-luminate-darwin_arm64.zip) |\n| Windows     | [terraform-provider-luminate-windows.zip](https://github.com/Broadcom/terraform-provider-luminate/releases/latest/download/terraform-provider-luminate-windows.zip) \u003cbr/\u003e     |\n\n[![CircleCI](https://circleci.com/gh/Broadcom/terraform-provider-luminate/tree/master.svg?style=shield)](https://circleci.com/gh/Broadcom/terraform-provider-luminate)  \n---\n\n#### Documentation\n\n[Basic configuration and usage](#basic-configuration-and-usage)\n- [Terraform Requirements](#terraform-requirements)\n- [Provider configuration](#provider-configuration)\n- [API Endpoint](#api-endpoint)\n- [Authentication](#authentication)\n- [Usage Example](#provider-usage-example)\n\n[Core resources](#core-resources)\n- [Resource: luminate_site](#resource-luminate_site)\n- [Resource: luminate_connector](#resource-luminate_connector)\n\n[Application Resources](#application-resources)\n- [Resource: luminate_web_application](#resource-luminate_web_application)\n- [Resource: luminate_ssh_application](#resource-luminate_ssh_application)\n- [Resource: luminate_rdp_application](#resource-luminate_rdp_application)\n- [Resource: luminate_tcp_application](#resource-luminate_tcp_application)\n- [Resource: luminate_ssh_gw_application](#resource-luminate_ssh_application)\n- [Resource: luminate_segment_application](#resource-luminate_segment_application)\n\n[Policy resources](#policy-resources)\n- [Resource: luminate_rdp_access_policy](#resource-luminate_rdp_access_policy)\n- [Resource: luminate_ssh_access_policy](#resource-luminate_ssh_access_policy)\n- [Resource: luminate_web_access_policy](#resource-luminate_web_access_policy)\n- [Resource: luminate_tcp_access_policy](#resource-luminate_tcp_access_policy)\n- [Resource: luminate_web_activity_policy](#resource-luminate_web_activity_policy)\n\n[Collection resources](#collection-resources)\n- [Resource: luminate_collection](#resource-luminate_collection)\n- [Resource: luminate_collection_site_link](#resource-luminate_collection_site_link)\n- [Resource: luminate_tenant_role](#resource-luminate_tenant_role)\n- [Resource: luminate_collection_role](#resource-luminate_collection_role)\n- [Resource: luminate_site_role](#resource-luminate_site_role)\n\n[Identities resources](#identities-resources)\n- [Resource: luminate_group_user](#resource-luminate_group_user)\n\n[Integration resources](#integration-resources)\n- [Resource: luminate_aws_integration](#resource-luminate_aws_integration)\n- [Resource: luminate_aws_integration_bind](#resource-luminate_aws_integration_bind)\n\n[Dns Resiliency resources](#DNS-Resiliency-resources)\n- [Resource: luminate_dns_group_resiliency](#resource-luminate_dns_group_resiliency)\n- [Resource: luminate_dns_server_resiliency](#resource-luminate_dns_server_resiliency)\n\n[Data sources](#data-sources)\n- [Data source: luminate_identity_provider](#data-source-luminate_identity_provider)\n- [Data source: luminate_user](#data-source-luminate_user)\n- [Data source: luminate_group](#data-source-luminate_group)\n- [Data source: luminate_collection](#data-source-luminate_collection)\n- [Data source: luminate_shared_object](#data-source-luminate_shared_object)\n- [Data source: luminate_aws_integration](#data-source-luminate_aws_integration)\n- [Data source: luminate_ssh_client](#data-source-luminate_ssh_client)\n\n[Emphemeral Resources](#emphemeral-resources)\n- [Emphemeral Resource: luminate_site_registration_key](#emphemeral-resource-luminate_site_registration_key)\n\nBasic configuration and usage\n==========\n\nBroadcom secure access cloud terraform provider is used to create and\nmanage resources supported by Secure access cloud platform.\n\n\nTerraform Requirements\n-----------\n\nThe provider uses [Terraform Protocol Version 6](https://developer.hashicorp.com/terraform/plugin/terraform-plugin-protocol#protocol-version-6)\n\nand uses the tf5to6server package to translate from Protocol Version 5 to 6\n([Package Compatibility](https://developer.hashicorp.com/terraform/plugin/mux/translating-protocol-version-5-to-6#compatibility))\n\nTherefore, in order to work with the provider starting from release 1.2.0,\n\nit requires Terraform CLI version 1.1.5 or later.\n\nIn order to use [Emphemeral Resources](#emphemeral-resources), Terraform CLI version 1.11 or later is required.\n\nProvider configuration\n-----------\n\nTo use the provider it must first be configured to access Secure access\ncloud management API.\n\n#### Example Usage\n\n```\nprovider \"luminate\" {         \n    api_endpoint = \"api.example.luminatesec.com\"\n}\n```                            \n\nAPI Endpoint\n------\n\nThe API endpoint address is based on the tenant name in Secure access\ncloud\n\nThe format is as follows:\n```\napi.\u003ctenant_name\u003e.luminatesec.com\n```\nFor example:  \nIf the tenant name is \"mycompany\" the API endpoint address would be\n\"api.mycompany.luminatesec.com\"\n\nAuthentication\n-------\n\nAuthentication is done using an API Client credentials\n\n#### Authenticate using environment variables \n\n**shell**\n```\n$ export LUMINATE_API_CLIENT_ID=123456789  \n$ export LUMINATE_API_CLIENT_SECRET=abcdefghijk\n```\n\n**main.\u003cspan\u003e\u003c/span\u003etf**\n```\nprovider \"luminate\" {|\n    api_endpoint = \"api.example.luminatesec.com\"\n}\n```\n#### Authenticate using the provider block\n\n```\nprovider \"luminate\" {\n  api_endpoint = \"api.example.luminatesec.com\"\n  api_client_id = \"123456789\"\n  api_client_secret = \"abcdefghijk\"\n}\n```\n  **Warning:** storing credentials in terraform files is not recommended and may lead to a secret leak in case the file is committed to a public repository\n\n------\n\nProvider usage example\n-----------\n\nThis will create a site with one connector, web application and access\npolicy\n\n```\n#Configure the provider\nprovider \"luminate\" {\n  api_endpoint = \"api.example.luminatesec.com\"\n}\n\n#Create site\nresource \"luminate_site\" \"site\" {\n  name = \"my-new-site\"\n}\n\n#Create connector and bind to site \"my-new-site\"\nresource \"luminate_connector\" \"connector\" {\n  name = \"connector-${luminate_site.site.name}\"\n  site_id = \"${luminate_site.site.id}\"\n  type = \"linux\"\n}\n\n#Create web application\nresource \"luminate_web_application\" \"nginx-app\" {\n  name = \"nginx\"\n  site_id = \"${luminate_site.site.id}\"\n  internal_address = \"http://127.0.0.1:8080\"\n}\n\n#Retrieve the id of local IDP\ndata \"luminate_identity_provider\" \"idp\" {\n  identity_provider_name = \"local\"\n}\n\n#Retrieve users from IDP\ndata \"luminate_user\" \"users\" {\n  identity_provider_id = \"${data.luminate_identity_provider.idp.identity_provider_id}\"\n  users = [\"local-user\"]\n}\n\n#Create access policy and attach to application\nresource \"luminate_web_access_policy\" \"nginx-access-policy\" {\n  name = \"nginx-access-policy\"\n  identity_provider_id = \"${data.luminate_identity_provider.idp.identity_provider_id}\"\n  user_ids = [${data.luminate_user.users.user_ids}]\n  applications = [${luminate_web_application.nginx-app.id}]\n}\n\n#One time command to start the created connector\noutput \"run-command\" {\n  value = \"${luminate_connector.connector.command}\"\n}\n```\n\n\nMigrating existing code to terraform 0.12\n---------------------\n\nDue to changes to HCL terraform code written for previous versions has\nto be converted to new language version.\n\nTerraform provides a built-in command to make the required changes.\n\nFor more information and detailed instructions refer to:\n\u003chttps://www.terraform.io/upgrade-guides/0-12.html\u003e\n\nUsage\n---\n```\ncd /terraform-repo\nterraform 0.12upgrade\n```\n\n**NOTE:** 0.12upgrade sub command will change code in-place overwriting existing files.\n\n# Core resources\n\nRe­­­source: luminate_site\n----------\n\nProvides secure access cloud site resource\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_site\" \"new-site\" {\n  name = \"my-new-site\"\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n- **name** (Required) The name of the site\n\n- **region** (Optional) Connectivity region. If not specified, the default region will be used\n\n- **mute_health_notification** (Optional) Don't send notification\n    if the site is down\n\n- **kubernetes_persistent_volume_name** (Optional) Kubernetes\n    persistent volume name - only relevant if running on top kubernetes\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the site\n\n#### Import\n```\n$ terraform import luminate_site.new-site site-id\n```\n\nRe­­­source: luminate_connector\n------------\n\nProvides secure access cloud connector resource\n\n­­­\n\n#### Example Usage\n```\nresource \"luminate_connector\" \"connector\" {\n  name = \"connector-name\"\n  site_id = \"site-id\"\n  type = \"linux\"\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the connector\n\n-   **site_id -** (Required) site id to attach the connector\n\n-   **type -** (Required) type of the connector. Valid types: **linux**\n    \\| **kubernetes** \\| **windows** \\| **docker-compose**\n\n**NOTE:** Connector resource is immutable. Changing any of the arguments will trigger recreation\n\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the connector\n\n-   **command** - command for deploying Luminate connector\n\n-   **otp -** one time password for running Luminate connector\n\n#### Import\n\n```\n$ terraform import luminate_connector.connector connector_id\n```\n\nApplication Resources\n==========\n\nResource: luminate_web_application\n----------\n\nProvides Secure access cloud web application\n\n#### Example Usage\n\n```\nresource \"luminate_web_application\" \"new-web-application\" {\n  name = \"web-application\"\n  site_id = \"site_id\"\n  internal_address = \"http://127.0.0.1:8080\"\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the applications\n\n-   **site_id** - (Required) Site ID to which the application will be\n    bound\n\n-   **icon** - (Optional) Base64 representation of 40x40 icon\n\n-   **visible** - (Optional) Indicates whether to show this application\n    in the applications portal.\n\n-   **notification_enabled** - (Optional) Indicates whether\n    notifications are enabled for this application.\n\n-   **subdomain** - (Optional) The application DNS subdomain.\n\n-   **custom_external_address** - (Optional) The application custom\n    DNS address that exposes the application.\n\n-   **internal_address** - (Required) Internal address of the\n    application, accessible by connector\n\n-   **custom_root_path** - (Optional) Requests coming into the\n    external address root path \\'/\\', will be redirected to this custom\n    path instead.\n\n-   **health_url** - (Optional) Health check path. The URI is relative\n    to the external address.\n\n-   **health_method** - (Optional) HTTP method to validate application\n    health. Valid methods: GET \\| HEAD\n\n-   **default_content_rewrite_rules_enabled** - (Optional)\n    Indicates whether to enable automatic translation of all occurrences\n    of the application internal address to its external address on most\n    prominent content types and relevant headers.\n\n-   **default_header_rewrite_rules_enabled** - (Optional) Indicates\n    whether to enable automatic translation of all occurrences of the\n    application internal address to its external address on relevant\n    headers.\n\n-   **use_external_address_for_host_and_sni** - (Optional)\n    Indicates whether to use external address for host header and SNI.\n\n-   **linked_applications** - (Optional) This property should be set\n    in a scenario where the defined application contains resources that\n    reference additional web applications by their internal domain name.\n\n-   **header_customization** - (Optional) Custom headers key:value\n    pairs to be added to all requests.\n- \n-   **collection_id -** (Optional) Collection id to be linked to app, if empty will be assigned to default collection\n\n\n#### Attribute Reference\n\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the application\n\n-   **external_address**\n\n-   **luminate_address**\n\n#### Import\n\n```\n$ terraform import luminate_web_application.new-web-application application_id\n```\n\nRe­­­source: luminate_ssh_application\n-------\n\nProvides Secure access cloud SSH application\n\n­­­\n\n#### Example Usage\n\n\n```\nresource \"luminate_ssh_application\" \"new-ssh-application\" {  \n    site_id = \"site_id\"\n    name = \"ssh-applications\"\n    internal_address = \"tcp://127.0.0.1:22\"\n}                                                   \n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the applications\n\n-   **site_id** - (Required) Site ID to which the application will be\n    bound\n\n-   **icon** - (Optional) Base64 representation of 40x40 icon\n\n-   **visible** - (Optional) Indicates whether to show this application\n    in the applications portal.\n\n-   **notification_enabled** - (Optional) Indicates whether\n    notifications are enabled for this application.\n\n-   **subdomain** - (Optional) The application DNS subdomain.\n\n-   **custom_external_address** - (Optional) The application custom\n    DNS address that exposes the application.\n\n-   **internal_address** - (Required) Internal address of the\n    application, accessible by connector\n\n-   **collection_id -** (Optional) Collection id to be linked to app, if empty will be assigned to default collection\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the application\n\n-   **external_address**\n\n-   **luminate_address**\n\n#### Import\n\n```\n$ terraform import luminate_ssh_application.new-ssh-application  application_id\n```\n\n\nRe­­­source: luminate_rdp_application\n------\n\nProvides Secure access cloud RDP application\n\n­­\n#### Usage Examples\n\n```\nresource \"luminate_rdp_application\" \"new-rdp-application\" {\n  site_id = \"site_id\"\n  name = \"rdp-application\"\n  internal_address = \"tcp://127.0.0.1\"\n}\n```\n\n```\nresource \"luminate_rdp_application\" \"new-rdp-application\" {\n  site_id = \"site_id\"\n  name = \"rdp-application\"\n  internal_address = \"tcp://127.0.0.1\"\n  sub_type = \"RDP_BROWSER_SINGLE_MACHINE\"\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the applications\n\n-   **site_id** - (Required) Site ID to which the application will be\n    bound\n\n-   **icon** - (Optional) Base64 representation of 40x40 icon\n\n-   **visible** - (Optional) Indicates whether to show this application\n    in the applications portal.\n\n-   **notification_enabled** - (Optional) Indicates whether\n    notifications are enabled for this application.\n\n-   **subdomain** - (Optional) The application DNS subdomain.\n\n-   **custom_external_address** - (Optional) The application custom\n    DNS address that exposes the application.\n\n-   **internal_address** - (Required) Internal address of the\n    application, accessible by connector\n\n- **collection_id -** (Optional) Collection id to be linked to app, if empty will be assigned to default collection\n\n- **sub_type -** (Optional) The protocol subtype.\n    - SINGLE_MACHINE (Default)\n    - MULTIPLE_MACHINES\n    - RDP_BROWSER_SINGLE_MACHINE\n    - RDP_BROWSER_MULTIPLE_MACHINES\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the application\n\n-   **external_address**\n\n-   **luminate_address**\n\n#### Import\n\n```\n$ terraform import luminate_rdp_application.new-rdp-application application_id\n```\n\nRe­­­source: luminate_tcp_application\n-----------\n\nProvides Secure access cloud TCP application\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_tcp_application\" \"new-tcp-application\" {\n  name = \"tcp-application\"\n  site_id = \"site-id\"\n  target {\n    address = \"127.0.0.1\"\n    ports = [\"8080\"]\n  }\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the applications\n\n-   **site_id** - (Required) Site ID to which the application will be\n    bound\n\n-   **icon** - (Optional) Base64 representation of 40x40 icon\n\n-   **visible** - (Optional) Indicates whether to show this application\n    in the applications portal.\n\n-   **notification_enabled** - (Optional) Indicates whether\n    notifications are enabled for this application.\n\n-   **subdomain** - (Optional) The application DNS subdomain.\n\n-   **custom_external_address** - (Optional) The application custom\n    DNS address that exposes the application.\n\n-   **target** - (Required) - list of TCP application targets\n\n    -   **address** - (Required) application target address.\n\n    -   **ports** - (Required) list of forwarded ports.\n    \n    -   **collection_id -** (Optional) Collection id to be linked to app, if empty will be assigned to default collection\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the application\n\n-   external_address\n\n-   luminate_address\n\n\n#### Import\n\n```\n$ terraform import luminate_tcp_application.new-tcp-application  application_id\n```\n\nRe­­­source: luminate_ssh_gw_application\n------------\n\nProvides Secure access cloud SSH GW application\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_ssh_gw_application\" \"new-sshgw-access\" {  \n  site_id = \"site_id\"\n  name = \"sshgw-application\"\n\n  integration_id = \"integration_id\",\n\n  tags {\n    Type = \"ssh-gw-demo\"\n  }\n\n  vpc {\n    region = \"eu-west-1\"\n    cidr_block = \"172.31.0.0/16\"\n    vpc_id = \"vpc-123456789\"\n  }\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the applications\n\n-   **site_id** - (Required) Site ID to which the application will be\n    bound\n\n-   **icon** - (Optional) Base64 representation of 40x40 icon\n\n-   **visible** - (Optional) Indicates whether to show this application\n    in the applications portal.\n\n-   **notification_enabled** - (Optional) Indicates whether\n    notifications are enabled for this application.\n\n-   **subdomain** - (Optional) The application DNS subdomain.\n\n-   **custom_external_address** - (Optional) The application custom\n    DNS address that exposes the application.\n\n-   **internal_address** - (Required) Internal address of the\n    application, accessible by connector\n\n-   **integration_id** - (Required) integration id used to set up the\n    ssh gw application\n\n-   **tags** - (Required) a map of tags used to determine which\n    machines is included as part of this ssh gw\n\n-   **vpc** - (Required) A list of vpc definitions used to determine\n    the target group to include as part of the ssh gw application\n\n    -   **vpc_id** - (Required) - the vpc id of the vpc containing\n        target machines\n\n    -   **region** - (Required) - the region containing the target\n        machines\n\n    -   **cidr_block** - (Required) - the cidr block of the machines\n        to include\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the application\n\n-   **segment_id**\n\n-   **external_address**\n\n-   **luminate_address**\n\n#### Import\n\n```\n$ terraform import luminate_ssh_gw_application.new-sshgw-access  application_id\n```\n\nResource: luminate_segment_application\n------------\n\nProvides Secure access cloud Segment application\n\n\n#### Example Usage\n\n```\nresource \"luminate_segment_application\" \"nginx-app\" {\n  name = \"nginx\"\n  site_id = \"${luminate_site.site.id}\"\n  segment_settings {\n\toriginal_ip = \"10.60.30.0/24\"\n\t}\n}\n```\nOr using multiple_segment_settings\n```\nresource \"luminate_segment_application\" \"new-segment-application\" {\n\tname = \"ngnix\"\n\tsub_type = \"SEGMENT_SPECIFIC_IPS\"\n\tsite_id = \"${luminate_site.new-site.id}\"\n  \tmultiple_segment_settings {\n            original_ip = [\"192.168.1.1\", \"192.168.1.2\"]\n  \t}\n}\n\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n- **name -** (Required) name of the applications\n\n- **site_id** - (Required) Site ID to which the application will be\n    bound\n\n- **segment settings** - The segment application settings. This field will be deprecated, please use multiple segment settings instead.\n\n    - **original_ip** - (Required) The internal resource IP address which is used by the connector for access to the application.\n  \n- **multiple segment settings** - (Required) The segment application settings\n\n    - **original_ip** - (Required) The internal resource IPs addresses which is used by the connector for access to the application.\n\nPolicy resources\n============\n\nRe­­­source: luminate_rdp_access_policy\n---------------\n\nProvides Secure access cloud RDP access policy\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_rdp_access_policy\" \"new-rdp-access-policy\" {\n  name =  \"my-rdp-access-policy\"\n\n  identity_provider_id = \"identity_provider_id\"\n  user_ids = [\"user1_id\", \"user2_id\"]\n  group_ids = [\"group1_id\", \"group2_id\"]\n\n  applications = [\"application1_id\",\"application2_id\"]\n\n  validators = {\n    web_verification = true\n  }\n\n  conditions = {\n    source_ip = [\"127.0.0.1/24\", \"1.1.1.1/16\"]\n    location = [\"Wallis and Futuna\"]\n  }\n}\n```\n\n```\nresource \"luminate_rdp_access_policy\" \"new-rdp-access-policy\" {\n  name =  \"my-rdp-access-policy\"\n\n  identity_provider_id = \"identity_provider_id\"\n  user_ids = [\"user1_id\", \"user2_id\"]\n  group_ids = [\"group1_id\", \"group2_id\"]\n\n  applications = [\"application1_id\",\"application2_id\"]\n  \n  target_protocol_subtype = \"RDP_BROWSER\"\n  \n  web_rdp_settings {\n    disable_copy  = false\n    disable_paste = true\n  }\n\n  validators = {\n    web_verification = true\n  }\n\n  conditions = {\n    source_ip = [\"127.0.0.1/24\", \"1.1.1.1/16\"]\n    location = [\"Wallis and Futuna\"]\n  }\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the policy\n\n-   **enabled -** (Optional) Indicates whether this policy is enabled.\n\n-   **identity_provider_id -** (Optional) The identity provider id\n\n-   **user_ids -** (Optional) The user entities to which this policy\n    applies.\n\n-   **group_ids -** (Optional) The group entities to which this policy\n    applies.\n\n-   **applications** - (Required) The applications to which this policy\n    applies.\n\n-   **validators** - (Optional)\n\n    -   **web_verification** - (Optional) Indicate whatever to perform\n        web verification validation. not compatible for HTTP\n        applications\n\n-   **conditions** - (Optional)\n\n    -   **location** - (Optional) - location based condition, specify\n        the list of accepted locations.\n\n    -   **source_ip** - (Optional) - source ip based condition, specify\n        the allowed CIDR for this policy.\n\n-   **allow_long_term_password** - (Optional) Indicates whether to\n    allow long term password.\n\n- **target_protocol_subtype -** (Optional) The protocol subtype.\n    - RDP_NATIVE (Default)\n    - RDP_BROWSER\n\n- **web_rdp_settings -** (Optional) Web RDP settings when using RDP_BROWSER as the target_protocol_subtype.\n    - disable_copy  = false (Default) | true\n    - disable_paste = false (Default) | true\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the policy\n\n#### Import\n\n```\n$ terraform import luminate_rdp_access_policy.new-rdp-access-policy  policy_id\n```\n\nRe­­­source: luminate_ssh_access_policy\n------------\n\nProvides Secure access cloud SSH access policy\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_ssh_access_policy\" \"new-ssh-access-policy\" {\n  name =  \"my-ssh-access-policy\"\n\n  identity_provider_id = \"identity_provider_id\"\n  user_ids = [\"user1_id\", \"user2_id\"]\n  group_ids = [\"group1_id\", \"group2_id\"]\n\n  applications = [\"application1_id\",\"application2_id\"]\n  accounts = [\"ubuntu\", \"ec2-user\"]\n  allow_temporary_token = true\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the policy\n\n-   **enabled -** (Optional) Indicates whether this policy is enabled.\n\n-   **identity_provider_id -** (Optional) The identity provider id\n\n-   **user_ids -** (Optional) The user entities to which this policy\n    applies.\n\n-   **group_ids -** (Optional) The group entities to which this policy\n    applies.\n\n-   **applications** - (Required) The applications to which this policy\n    applies.\n\n-   **accounts** - (Required) SSH/Unix accounts with which IDP entities\n    and/or Luminate local users can access the SSH Server\n\n-   **use_auto_mapping** - (Optional) Determine the strategy for\n    mapping IDP entities to SSH/Unix accounts, and specifically indicate\n    whether automatic mapping based on the logged-in IDP entity username\n    is allowed. In case this property is set to TRUE, manually entered\n    SSH accounts are ignored. This property is relevant for SSH\n    applications only\n\n-   **allow_agent_forwarding** - (Optional) Indicates whether SSH\n    agent forwarding is allowed for transparent secure access to all\n    corporate SSH Servers via this SSH application that acts a Bastion.\n    This property is relevant for SSH applications only.\n\n-   **allow_temporary_token** - (Optional) Indication whether\n    authentication using a temporary token is allowed.\n\n-   **allow_public_key** - (Optional) Indication whether\n    authentication using long term secret is allowed.\n\n-   **validators** - (Optional)\n\n    -   **web_verification** - (Optional) Indicate whatever to perform\n        web verification validation. not compatible for HTTP\n        applications\n\n-   **conditions** - (Optional)\n\n    -   **location** - (Optional) - location based condition, specify\n        the list of accepted locations.\n\n    -   **source_ip** - (Optional) - source ip based condition, specify\n        the allowed CIDR for this policy.\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the policy\n\n#### Import\n\n```\n$ terraform import luminate_ssh_access_policy.new-ssh-access-policy  policy_id\n```\n\nRe­­­source: luminate_web_access_policy\n---------\n\nProvides Secure access cloud HTTP access policy\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_web_access_policy\" \"new-web-access-policy\" {\n  name =  \"my-web-access-policy\"\n\n  identity_provider_id = \"identity_provider_id\"\n  user_ids = [\"user1_id\", \"user2_id\"]\n  group_ids = [\"group1_id\", \"group2_id\"]\n\n  applications = [\"application1_id\",\"application2_id\"]\n  \n  conditions = {\n    source_ip = [\"127.0.0.1/24\", \"1.1.1.1/16\", \"8.8.8.8/24\"]\n    location = [\"Wallis and Futuna\"]\n\n    managed_device = {\n      symantec_cloudsoc = true\n      symantec_web_security_service = false\n    }\n    validators {\n        mfa = true\n    }\n  }\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the policy\n\n-   **enabled -** (Optional) Indicates whether this policy is enabled.\n\n-   **identity_provider_id -** (Optional) The identity provider id\n\n-   **user_ids -** (Optional) The user entities to which this policy\n    applies.\n\n-   **group_ids -** (Optional) The group entities to which this policy\n    applies.\n\n-   **applications** - (Required) The applications to which this policy\n    applies.\n- \n-   **validators** - (Optional)\n\n    -   **mfa** - (Optional) Specifies whether to carry out mfa (multi-factor authentication) validation.\n\n-   **conditions** - (Optional)\n\n    -   **location** - (Optional) - location based condition, specify\n        the list of accepted locations.\n\n    -   **source_ip** - (Optional) - source ip based condition, specify\n        the allowed CIDR for this policy.\n\n    -   **managed_device** - (Optional) Indicate whatever to restrict\n        access to managed devices only\n\n        -   **opswat** - (Optional) Indicate whatever to restrict\n            access to Opswat MetaAccess\n\n        -   **symantec_cloudsoc** - (Optional) Indicate whatever to\n            restrict access to symantec cloudsoc\n\n        -   **symantec_web_security_service** - (Optional) Indicate\n            whatever to restrict access to symantec web security service\n\n    -   **unmanaged_device** - (Optional) Indicate whatever to\n        restrict access to unmanaged devices only\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the policy\n\n#### Import\n\n```\n$ terraform import luminate_web_access_policy.new-web-access-policy  policy_id\n```\n\nRe­­­source: luminate_tcp_access_policy\n---------\n\nProvides Secure access cloud TCP access policy\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_tcp_access_policy\" \"new-tcp-access-policy\" {\n  name =  \"my-tcp-access-policy\"\n\n  identity_provider_id = \"identity_provider_id\"\n  user_ids = [\"user1_id\", \"user2_id\"]\n  group_ids = [\"group1_id\", \"group2_id\"]\n\n  applications = [\"application1_id\",\"application2_id\"]\n  accounts = [\"ubuntu\", \"ec2-user\"]\n  allow_temporary_token = true\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the policy\n\n-   **enabled -** (Optional) Indicates whether this policy is enabled.\n\n-   **identity_provider_id -** (Optional) The identity provider id\n\n-   **user_ids -** (Optional) The user entities to which this policy\n    applies.\n\n-   **group_ids -** (Optional) The group entities to which this policy\n    applies.\n\n-   **applications** - (Required) The applications to which this policy\n    applies.\n\n-   **allow_temporary_token** - (Optional) Indication whether\n    authentication using a temporary token is allowed.\n\n-   **allow_public_key** - (Optional) Indication whether\n    authentication using long term secret is allowed.\n\n-   **validators** - (Optional)\n\n    -   **web_verification** - (Optional) Indicate whatever to perform\n        web verification validation. not compatible for HTTP\n        applications\n\n-   **conditions** - (Optional)\n\n    -   **location** - (Optional) - location based condition, specify\n        the list of accepted locations.\n\n    -   **source_ip** - (Optional) - source ip based condition, specify\n        the allowed CIDR for this policy.\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the policy\n\n#### Import\n\n```\n$ terraform import luminate_tcp_access_policy.new-tcp-access-policy  policy_id\n```\n\nRe­­­source: luminate_web_activity_policy\n---------\n\nProvides Secure access cloud HTTP activity policy\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_web_activity_policy\" \"new-web-activity-policy\" {\n  name =  \"my-web-activity-policy\"\n\n  identity_provider_id = \"identity_provider_id\"\n  user_ids = [\"user1_id\", \"user2_id\"]\n  group_ids = [\"group1_id\", \"group2_id\"]\n\n  applications = [\"application1_id\",\"application2_id\"]\n  \n  conditions = {\n    source_ip = [\"127.0.0.1/24\", \"1.1.1.1/16\", \"8.8.8.8/24\"]\n    location = [\"Wallis and Futuna\"]\n\n    managed_device = {\n      symantec_web_security_service = false\n    }\n  }\n  \n  rules = [\n            {\n              action = \"BLOCK_USER\"\n              conditions = {\n                uri_accessed = true\n                http_command = true\n                arguments = {\n                  uri_list = [\"/admin\", \"/users\"]\n                  commands = [\"GET\", \"POST\"]\n                }\n              }\n            },\n            {\n              action = \"DISCONNECT_USER\"\n              conditions = {\n                file_uploaded = true\n                file_downloaded = true\n              }\n            }\n         ]\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the policy\n\n-   **enabled -** (Optional) Indicates whether this policy is enabled.\n\n-   **identity_provider_id -** (Optional) The identity provider id\n\n-   **user_ids -** (Optional) The user entities to which this policy\n    applies.\n\n-   **group_ids -** (Optional) The group entities to which this policy\n    applies.\n\n-   **applications** - (Required) The applications to which this policy\n    applies.\n\n-   **enable_isolation -** (Optional) Indicates whether web isolation \n    is enabled in this policy. \n    Required for using the \"WEB_ISOLATION\" rule action.\n\n-   **enable_whitelist -** (Optional) Indicates whether Allow rules\n    whitelist is enabled in this policy. \n    Required for using the \"ALLOW\" rule action.\n\n-   **rules** - (Required) The constraints on the actions to perform\n    upon user web activity (non-empty list of nested rule objects)\n\n    -   **rule** - Activity rule object\n\n        -   **action** (Required) - The action to apply, allowed values: \n            \"ALLOW\", \"BLOCK\", \"BLOCK_USER\", \"DISCONNECT_USER\", \n            \"WEB_ISOLATION\", \"CDS\"\n\n        -   **isolation_profile_id** (Optional) - The web isolation profile \n            ID to apply, required with \"WEB_ISOLATION\" action if selected.\n            The isolation profile shared object could be retrieved using \n            luminate_shared_object data source with type \"ISOLATION_PROFILE\"\n\n        -   **dlp_filter_id** (Optional) - The DLP application detection ID.\n            Required for using \"CDS\" action ID (DLP Cloud Detector)\n\n        -   **conditions** (Required) - The conditions to apply the action\n\n            -   **file_downloaded** (Optional) Indicate whether File \n                Downloaded condition is enabled\n            \n            -   **file_uploaded** (Optional) Indicate whether File\n                Uploaded condition is enabled\n\n            -   **uri_accessed** (Optional) Indicate whether URI Access\n                condition is enabled, requires the URI List argument\n\n            -   **http_command** (Optional) Indicate whether HTTP Command\n                condition is enabled, requires the Commands argument\n\n            -   **arguments** (Optional) - The arguments for the enabled\n                conditions, required only if related conditions are enabled\n\n                -   **uri_list** (Optional) - The URI List argument, \n                    required for the URI Accessed condition if enabled\n                \n                -   **commands** (Optional) - The Commands argument, \n                    required for the HTTP Command condition if enabled\n                \n\n-   **conditions** - (Optional)\n\n    -   **location** - (Optional) - location based condition, specify\n        the list of accepted locations.\n\n    -   **source_ip** - (Optional) - source ip based condition, specify\n        the allowed CIDR for this policy.\n\n    -   **managed_device** - (Optional) Indicate whatever to restrict\n        policy to managed devices only\n\n        -   **opswat** - (Optional) Indicate whatever to restrict\n            policy to Opswat MetaAccess\n\n        -   **symantec_cloudsoc** - (Optional) Indicate whatever to\n            restrict policy to symantec cloudsoc\n\n        -   **symantec_web_security_service** - (Optional) Indicate\n            whatever to restrict policy to symantec web security service\n\n    -   **unmanaged_device** - (Optional) Indicate whatever to\n        restrict policy to unmanaged devices only\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - id of the policy\n\n#### Import\n\n```\n$ terraform import luminate_web_activity_policy.new-web-activity-policy  policy_id\n```\n\nCollection resources\n============\n\nResource: luminate_collection\n----------\n\nProvides Secure access cloud collection resource\n\n#### Example Usage\n\n```\nresource \"luminate_collection\" \"new-collection\" {\n  name = \"my-collection\"\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) name of the collection\n\nResource: luminate_collection_site_link\n---------------\n\nProvides Secure access cloud link between site and collection\n\n#### Example Usage\n\n```\nresource \"luminate_collection_site_link\" \"new-collection-site-link\" {\n      site_id = \"c11e4576-53c8-4617-a408-5d31a9c9e954\"\n\t  collection_ids = sort([\"8d945145-0d0a-4b76-b6a7-8f7af4fc8dc3\"])\n\t}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n-   **site_id -** (Required) Site id\n-   **collection_ids -** (Required) Collection ids to be linked to site must be sorted\n\n\n\nResource: luminate_tenant_role\n---------------\n\nProvides Secure access cloud assign entity to tenant role\n\n#### Example Usage\n\n```\n\tresource \"luminate_tenant_role\" \"tenant-admin\" {\n\t\trole_type = \"TenantAdmin\"\n\t\tidentity_provider_id =  \"local\"\n\t\tentity_id = \"a8a48219-835f-4183-a2a9-bbba8cad8eb8\"\n\t\tentity_type = \"User\"\n\t}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n-   **role_type  -** (Required) the role to assign TenantAdmin | TenantViewer\n-   **identity_provider_id -** (Required) The identity provider id\n-   **entity_id -** (Required) The entity id in idp\n-   **entity_type -** (Required) the entity type User | Group | ApiClient\n\nResource: luminate_collection_role\n---------------\n\nProvides Secure access cloud assign entity to collection role\n\n#### Example Usage\n\n```\n    resource \"luminate_collection_role\" \"policy-owner\" {\n\t\trole_type = \"PolicyOwner\"\n\t\tidentity_provider_id =  \"local\"\n\t\tentity_id = \"a8a48219-835f-4183-a2a9-bbba8cad8eb8\"\n\t\tentity_type = \"User\"\n\t\tcollection_id = \"${luminate_collection.collection.id}\"\n\t}   \n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n-   **role_type  -** (Required) the role to assign PolicyOwner | ApplicationOwner\n-   **identity_provider_id -** (Required) The identity provider id\n-   **entity_id -** (Required) The entity id in idp\n-   **entity_type -** (Required) the entity type User | Group | ApiClient\n-   **collection_id -** (Required) Collection id to be assigned\n\nResource: luminate_site_role\n---------------\n\nProvides Secure access cloud assign entity to site role\n\n#### Example Usage\n\n```\n\tresource \"luminate_site_role\" \"site-editor\" {\n\t\trole_type = \"SiteEditor\"\n\t\tidentity_provider_id =  \"local\"\n\t\tentity_id = \"a8a48219-835f-4183-a2a9-bbba8cad8eb8\"\n\t\tentity_type = \"User\"\n\t\tsite_id = \"${luminate_site.site.id}\"\n\t}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n-   **role_type  -** (Required) the role to assign SiteEditor | SiteConnectorDeployer\n-   **identity_provider_id -** (Required) The identity provider id\n-   **entity_id -** (Required) The entity id in idp\n-   **entity_type -** (Required) the entity type User | Group | ApiClient\n-   **site_id -** (Required) Site id to be assigned\n\n# Identities resources\n\nResource: luminate_group_user\n----------\n\nProvides secure access cloud group_user resource\n\n­­­\n\n#### Example Usage\n\n```\ndata \"luminate_group\" \"my-groups\" {\n\tidentity_provider_id = \"local\"\n\tgroups = [\"group1\"]\n}\n\ndata \"luminate_user\" \"my-users\" {\n\tidentity_provider_id = \"local\"\n\tusers = [\"user1\"]\n}\n\nresource \"luminate_group_user\" \"new_group_membership\" {\n\tgroup_id = \"${data.luminate_group.my-groups.group_ids.0}\"\n\tuser_id = \"${data.luminate_user.my-users.user_ids.0}\"\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **group_id -** (Required) Group id\n-   **user_id -** (Required) User id to be assigned to group\n\n\n# Integration resource\n\nResource: luminate_aws_integration\n----------\n\nProvides secure access cloud aws_integration resource\n\n­\n#### Example Usage\n\n```\nresource \"luminate_aws_integration\" \"new-integration\" {\n\tintegration_name = \"exampleIntegration\"\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **integration_name -** (Required) name for the AWS integration\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **integration_id -** new integration id\n-   **luminate_aws_account_id -** luminate AWS account ID\n-   **aws_external_id -** the integration AWS external ID\n\n\nResource: luminate_aws_integration_bind\n----------\n\nProvides secure access cloud aws_integration_bind resource\n\n­\n#### Example Usage\n\n```\nresource \"luminate_aws_integration\" \"new-integration\" {\n\tintegration_name = \"exampleIntegrationBind\"\n}\n\n//create and bind IAMrole and policy with new integration external ID and luminate account ID\nresource \"aws_iam_role\" \"test_role\" {\n  name = \"exampleIntegrationBind\"\n  assume_role_policy = jsonencode({\n\t Version= \"2012-10-17\"\n        Statement = [\n            {\n                Effect = \"Allow\"\n                Action = \"sts:AssumeRole\"\n                Condition = {\n                    StringEquals = {\n                        \"sts:ExternalId\": [\n                            \"${luminate_aws_integration.new-integration.aws_external_id}\"\n                        ]\n                    }\n                },\n                Principal = {\n                    \"AWS\" = [\n                        \"${luminate_aws_integration.new-integration.luminate_aws_account_id}\"\n                    ]\n                }\n            }\n        ]\n\t})\n}\n\nresource \"aws_iam_policy\" \"policy\" {\n  name        = \"test_policy\"\n  path        = \"/\"\n  description = \"My test policy\"\n\n  policy = jsonencode({\n    Version = \"2012-10-17\"\n    Statement = [\n      {\n\t  Sid = \"VisualEditor0\"\n        Effect   = \"Allow\"\n        Action = [\n           \"ec2:DescribeInstances\",\n           \"ec2:DescribeVpcs\",\n           \"ec2:DescribeRegions\",\n           \"ec2:DescribeTags\"\n        ]\n        Resource = \"*\"\n      },\n    ]\n  })\n}\n\nresource \"aws_iam_role_policy_attachment\" \"test-attach\" {\n  role       = aws_iam_role. test_role.name\n  policy_arn = aws_iam_policy.policy.arn\n}\n\nresource \"luminate_aws_integration_bind\" \"new-integration-bind\" {\n\tintegration_name = \"${luminate_aws_integration.new-integration.integration_name}\"\n\tintegration_id= \"${luminate_aws_integration.new-integration.integration_id}\"\n\taws_role_arn= \"aws_iam_role_policy_attachment.test-attach.arn\"\n\tluminate_aws_account_id= \"${luminate_aws_integration.new-integration.luminate_aws_account_id}\"\t\n\taws_external_id= \"${luminate_aws_integration.new-integration.aws_external_id}\"\n\tregions = [\"us-west-1\"]\n}\n```\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **integration_name -** (Required) name of the AWS integration\n-   **integration_id -** (Required) ID of the AWS integration\n-   **aws_role_arn -** (Required) AWS arn \n-   **luminate_aws_account_id -** (Required) luminate AWS account ID\n-   **aws_external_id -** (Required) integration AWS external ID \n-   **regions -** (Required) regions to add\n\n# DNS Resiliency resources\n\nResource: luminate_dns_server_resiliency\n----------\n\nProvides CRUD of dns resiliency servers\n\n­­­\n\n#### Example Usage\n\n```\nresource \"luminate_site\" \"new-site\" {\n\tname = \"tfAccSite\"\n}\n\nresource \"luminate_dns_group_resiliency\" \"new-dns-group\" {\n\tname = \"testDNSGroupResiliency\"\n\tsendNotifications = true\n\tdomainSuffixes = [\"somedomain.com\"]\n}\n\ndata \"luminate_dns_server_resiliency\" \"new-dns-server-resiliency\" {\n    name = \"testDNSServerResiliency\"\n\tsite_id = \"${luminate_site.new-site.id}\"\n\tgroup_id = \"${luminate_dns_group_resiliency.new-dns-group.id}\"\n\tinternal_address = \"udp://20.0.0.1:63\"\n}\n\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **group_id -** (Required) Group id\n-   **name -** (Required) Dns Server name\n-   **site_id -** (Required) Associated Site id\n-   **internal_address -** (Required) Dns server address\n\n\nResource: luminate_dns_group_resiliency\n----------\n\nProvides crud of dns resiliency groups\n\n­­­\n\n#### Example Usage\n\n```\n\nresource \"luminate_dns_group_resiliency\" \"new-dns-group\" {\n\tname = \"testDNSGroupResiliency\"\n\tsendNotifications = true\n\tdomainSuffixes = [\"somedomain.com\"]\n}\n\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) Dns Group name\n-   **sendNotifications -** (Required) Indicates if notification are enabled\n-   **domainSuffixes -** (Required) List of domain suffixes\n\n\nData sources\n==========\n\nData source: luminate_identity_provider\n-----------\n\nUse this resource to get an existing identity provider\n\n­­­\n\n#### Example Usage\n\n```\ndata \"luminate_identity_provider\" \"my-identity-provider\" {\n  identity_provider_name = \"local\"\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **identity_provider_name -** (Required) name of the identity\n    provider\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **identity_provider_id** - id of the identity provider\n\n\nData Source: luminate_user\n-------------\n\nUse this resource to get one or more existing users\n\n­­­\n\n#### Example Usage\n\n```\ndata \"luminate_user\" \"my-users\" {\n  identity_provider_id = \"identity_provider_id\"\n  users = [\"user1@example.com\", \"user2@example.com\"]\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **identity_provider_id -** (Required) id of the identity provider\n\n-   **users -** (Required) List of usernames to retrieve\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **user_ids** - list of retrieved users ids\n\n\nData source: luminate_group\n-----------\n\nUse this resource to get one or more existing groups\n\n­­­\n\n#### Example Usage\n\n```\ndata \"luminate_group\" \"my-groups\" {\n  identity_provider_id = \"identity_provider_id\"\n  groups = [\"group1\", \"group2\"]\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **identity_provider_id -** (Required) id of the identity provider\n\n-   **groups -** (Required) List of group names to retrieve\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **group_ids** - list of retrieved groups ids\n\n\nData Source: luminate_collection\n-------------\n\nUse this resource to get an existing collection\n\n­­­\n\n#### Example Usage\n\n```\ndata \"luminate_collection\" \"my-collection\" {\n  name = \"my-collection-name\"\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) The name of the collection\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - retrieved collection id\n\n\nData Source: luminate_shared_object\n-------------\n\nUse this resource to get an existing shared object\n\n­­­\n\n#### Example Usage\n\n```\ndata \"luminate_shared_object\" \"my-shared_object\" {\n  name = \"my-shared-object\"\n  type = \"IP_LIST\"\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **name -** (Required) The name of the shared object\n\n-   **type -** (Required) The type of the shared object \n    supported types: \"IP_LIST\", \"OPSWAT_GROUPS\", \"ISOLATION_PROFILE\"\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **id** - retrieved shared object id\n\n\nData source: luminate_aws_integration\n------------\n\nUse this resource to retrieve an existing AWS integration\n\n­­­\n\n#### Example Usage\n\n```\ndata \"luminate_aws_integration\" \"my-integration\" {\n  integration_name = \"integration_name\"\n}\n```\n#### Argument Reference\n\nThe following arguments are supported:\n\n-   **integration_name -** (Required) name of an existing AWS\n    integration\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n-   **integration_id** - id of retrieved AWS integration\n\n\nData source: luminate_ssh_client\n------------\n\nUse this resource to retrieve an existing ssh-client\n\n#### Example Usage\n\n```\ndata \"luminate_ssh_client\" \"my-ssh-client\" {\n  name = \"test\"\n}\n```\n\n#### Argument Reference\n\n- **name** (String) ssh-client to retrieve\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n- **id** (String)\n- **description** (String)\n- **key_size** (Number)\n- **expires** (String)\n- **last_accessed** (String)\n- **created_on** (String)\n- **modified_on** (String)\n\nEmphemeral resources\n==========\n\n**NOTE:**\n\n    Ephemeral resources require Terraform CLI versions \u003e 1.10\n\nEmphemeral Resource: luminate_site_registration_key\n-----------\nProvides secure access cloud site registration key ephemeral resource\n­­­\n\nRead more [here](https://api.luminate.io/#tag/Site-Registration-Keys)\n\n**NOTE:**\n\n    The `version` field should reference `version` field from a `luminate_site_registration_key_version` resource.\n    This is required in order to prevent token generation during \"Plan\" phase.\n\n\n#### Argument Reference\n\nThe following arguments are supported:\n\n- **site_id** (String) (Required) The ID of the site\n\n- **version** (Int64) (Required) This should always be a value unknown during \"Plan\" phase (We use `luminate_site_registration_key_version` to achieve this)\n\n- **revoke_existing_key_immediately** (boolean) (Required)\n\n  true: → \n\n  All existing keys are deleted.\n\n  false: → \n\n  The current primary key becomes temporarily active (72-hour expiration).\n\n  If there's an existing temporarily active key already, it will be deleted.\n\n#### Attribute Reference\n\nIn addition to arguments above, the following attributes are exported:\n\n- **token** - The token can be used during the terraform run only in other resources' fields that are not saved to state (such as \"write-only\" or fields in other ephemeral resources)\n\n**NOTE:** [write-only fields](https://developer.hashicorp.com/terraform/language/resources/ephemeral/write-only) can be used only in Terraform CLI versions \u003e 1.11\n\n#### Example Usage\n\n```\nresource \"luminate_site_registration_key_version\" \"new_site_registration_key_version\" {\n}\n\nephemeral \"luminate_site_registration_key\" \"new_site_registration_key\" {\n  site_id = luminate_site.new-site.id\n  version = luminate_site_registration_key_version.new_site_registration_key_version.version\n  revoke_existing_key_immediately = true\n}\n```\n\n#### Various Examples of token usage\n\n\u003cdetails\u003e\n\n\u003csummary\u003eK8s Secret\u003c/summary\u003e\n\n[Documentation](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret_v1#data_wo-2)\n\n```\nresource \"kubernetes_secret\" \"example\" {  \n  metadata {\n    name = \"my-secret\"\n  }\n\n  data_wo =  { token = ephemeral.luminate_site_registration_key.new_site_registration_key.token }\n\n  secret_string_wo_version = luminate_site_registration_key_version.new_site_registration_key_version.version # This should always be a new value for the token to be saved\n}\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\n\u003csummary\u003eAWS Secret Manager\u003c/summary\u003e\n\n[Documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version#secret_string_wo-1)\n\n```\nresource \"aws_secretsmanager_secret\" \"example_secret\" {\n  name = \"my-secret\"\n}\n\nresource \"aws_secretsmanager_secret_version\" \"example_version\" {\n  secret_id     = aws_secretsmanager_secret.example_secret.id\n  secret_string_wo = ephemeral.luminate_site_registration_key.new_site_registration_key.token\n  secret_string_wo_version = luminate_site_registration_key_version.new_site_registration_key_version.version # This should always be a new value for the token to be saved\n}\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\n\u003csummary\u003eGCP Secret Manager\u003c/summary\u003e\n\n[Documentation](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret_version#example-usage---secret-version-basic-write-only)\n\n```\nresource \"google_secret_manager_secret\" \"example_secret\" {\n  secret_id = \"my-secret\"\n}\n\n\nresource \"google_secret_manager_secret_version\" \"secret-version-basic-write-only\" {\n  secret = google_secret_manager_secret.example_secret.id\n  secret_data_wo = ephemeral.luminate_site_registration_key.new_site_registration_key.token\n  secret_data_wo_version = luminate_site_registration_key_version.new_site_registration_key_version.version # This should always be a new value for the token to be saved\n}\n```\n\n\u003c/details\u003e\n\n#### Confluence page\nhttps://fireglass.atlassian.net/wiki/x/dICL1","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbroadcom%2Fterraform-provider-luminate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbroadcom%2Fterraform-provider-luminate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbroadcom%2Fterraform-provider-luminate/lists"}