Okta v6.1.0 published on Wednesday, Oct 29, 2025 by Pulumi
okta.getPrincipalEntitlements
Get the entitlements for a user and resource after evaluating all grants.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const test = okta.getPrincipalEntitlements({
parent: {
externalId: "<resource_id>",
type: "<resource_type>",
},
targetPrincipal: {
externalId: "<principal_id>",
type: "<principal_type>",
},
});
import pulumi
import pulumi_okta as okta
test = okta.get_principal_entitlements(parent={
"external_id": "<resource_id>",
"type": "<resource_type>",
},
target_principal={
"external_id": "<principal_id>",
"type": "<principal_type>",
})
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v6/go/okta"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := okta.GetPrincipalEntitlements(ctx, &okta.GetPrincipalEntitlementsArgs{
Parent: okta.GetPrincipalEntitlementsParent{
ExternalId: "<resource_id>",
Type: "<resource_type>",
},
TargetPrincipal: okta.GetPrincipalEntitlementsTargetPrincipal{
ExternalId: "<principal_id>",
Type: "<principal_type>",
},
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var test = Okta.GetPrincipalEntitlements.Invoke(new()
{
Parent = new Okta.Inputs.GetPrincipalEntitlementsParentInputArgs
{
ExternalId = "<resource_id>",
Type = "<resource_type>",
},
TargetPrincipal = new Okta.Inputs.GetPrincipalEntitlementsTargetPrincipalInputArgs
{
ExternalId = "<principal_id>",
Type = "<principal_type>",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.OktaFunctions;
import com.pulumi.okta.inputs.GetPrincipalEntitlementsArgs;
import com.pulumi.okta.inputs.GetPrincipalEntitlementsParentArgs;
import com.pulumi.okta.inputs.GetPrincipalEntitlementsTargetPrincipalArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var test = OktaFunctions.getPrincipalEntitlements(GetPrincipalEntitlementsArgs.builder()
.parent(GetPrincipalEntitlementsParentArgs.builder()
.externalId("<resource_id>")
.type("<resource_type>")
.build())
.targetPrincipal(GetPrincipalEntitlementsTargetPrincipalArgs.builder()
.externalId("<principal_id>")
.type("<principal_type>")
.build())
.build());
}
}
variables:
test:
fn::invoke:
function: okta:getPrincipalEntitlements
arguments:
parent:
externalId: <resource_id>
type: <resource_type>
targetPrincipal:
externalId: <principal_id>
type: <principal_type>
Required:
external_id(String) The Okta user’s email address.type(String) The Okta user id.
Nested Schema for target_principal
Required:
external_id(String) The Okta user id.type(String) The type of principal. Enum:OKTA_USER.
Nested Schema for data
Required:
parent(Object) Representation of a resource. (see below for nested schema)target_principal(Object) Representation of a principal. (see below for nested schema)
Optional:
data_type(String) The data type of the entitlement property. Enum:array,string.description(String) The Okta user id.external_value(String) The type of principal. Enum:OKTA_USER.id(String) The unique identifier of the entitlement.multi_value(Boolean) Indicates if the entitlement is multi-valued.name(String) The name of the entitlement.parent_resource_orn(String) The Okta app instance, in ORN format.required(Boolean) Indicates if the entitlement is required.target_principal_orn(String) The Okta user id, in ORN format.values(List of Objects) The values of the entitlement. (see below for nested schema)
Nested Schema for values
description(String) The description of the value.external_id(String) The external ID of the value.external_value(String) The value of an entitlement property value.id(String) The unique identifier of the value.name(String) The name of the value.
Using getPrincipalEntitlements
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPrincipalEntitlements(args: GetPrincipalEntitlementsArgs, opts?: InvokeOptions): Promise<GetPrincipalEntitlementsResult>
function getPrincipalEntitlementsOutput(args: GetPrincipalEntitlementsOutputArgs, opts?: InvokeOptions): Output<GetPrincipalEntitlementsResult>def get_principal_entitlements(datas: Optional[Sequence[GetPrincipalEntitlementsData]] = None,
parent: Optional[GetPrincipalEntitlementsParent] = None,
target_principal: Optional[GetPrincipalEntitlementsTargetPrincipal] = None,
opts: Optional[InvokeOptions] = None) -> GetPrincipalEntitlementsResult
def get_principal_entitlements_output(datas: Optional[pulumi.Input[Sequence[pulumi.Input[GetPrincipalEntitlementsDataArgs]]]] = None,
parent: Optional[pulumi.Input[GetPrincipalEntitlementsParentArgs]] = None,
target_principal: Optional[pulumi.Input[GetPrincipalEntitlementsTargetPrincipalArgs]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPrincipalEntitlementsResult]func GetPrincipalEntitlements(ctx *Context, args *GetPrincipalEntitlementsArgs, opts ...InvokeOption) (*GetPrincipalEntitlementsResult, error)
func GetPrincipalEntitlementsOutput(ctx *Context, args *GetPrincipalEntitlementsOutputArgs, opts ...InvokeOption) GetPrincipalEntitlementsResultOutput> Note: This function is named GetPrincipalEntitlements in the Go SDK.
public static class GetPrincipalEntitlements
{
public static Task<GetPrincipalEntitlementsResult> InvokeAsync(GetPrincipalEntitlementsArgs args, InvokeOptions? opts = null)
public static Output<GetPrincipalEntitlementsResult> Invoke(GetPrincipalEntitlementsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetPrincipalEntitlementsResult> getPrincipalEntitlements(GetPrincipalEntitlementsArgs args, InvokeOptions options)
public static Output<GetPrincipalEntitlementsResult> getPrincipalEntitlements(GetPrincipalEntitlementsArgs args, InvokeOptions options)
fn::invoke:
function: okta:index/getPrincipalEntitlements:getPrincipalEntitlements
arguments:
# arguments dictionaryThe following arguments are supported:
- Datas
List<Get
Principal Entitlements Data> - Principal entitlements list.
- Parent
Get
Principal Entitlements Parent - Representation of a resource.
- Target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- Datas
[]Get
Principal Entitlements Data - Principal entitlements list.
- Parent
Get
Principal Entitlements Parent - Representation of a resource.
- Target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- datas
List<Get
Principal Entitlements Data> - Principal entitlements list.
- parent
Get
Principal Entitlements Parent - Representation of a resource.
- target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- datas
Get
Principal Entitlements Data[] - Principal entitlements list.
- parent
Get
Principal Entitlements Parent - Representation of a resource.
- target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- datas
Sequence[Get
Principal Entitlements Data] - Principal entitlements list.
- parent
Get
Principal Entitlements Parent - Representation of a resource.
- target_
principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- datas List<Property Map>
- Principal entitlements list.
- parent Property Map
- Representation of a resource.
- target
Principal Property Map - Representation of a principal.
getPrincipalEntitlements Result
The following output properties are available:
- Id string
- Datas
List<Get
Principal Entitlements Data> - Principal entitlements list.
- Parent
Get
Principal Entitlements Parent - Representation of a resource.
- Target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- Id string
- Datas
[]Get
Principal Entitlements Data - Principal entitlements list.
- Parent
Get
Principal Entitlements Parent - Representation of a resource.
- Target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- id String
- datas
List<Get
Principal Entitlements Data> - Principal entitlements list.
- parent
Get
Principal Entitlements Parent - Representation of a resource.
- target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- id string
- datas
Get
Principal Entitlements Data[] - Principal entitlements list.
- parent
Get
Principal Entitlements Parent - Representation of a resource.
- target
Principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- id str
- datas
Sequence[Get
Principal Entitlements Data] - Principal entitlements list.
- parent
Get
Principal Entitlements Parent - Representation of a resource.
- target_
principal GetPrincipal Entitlements Target Principal - Representation of a principal.
- id String
- datas List<Property Map>
- Principal entitlements list.
- parent Property Map
- Representation of a resource.
- target
Principal Property Map - Representation of a principal.
Supporting Types
GetPrincipalEntitlementsData
- Data
Type string - The data type of the entitlement property.
- Description string
- The description of an entitlement property.
- External
Value string - The value of an entitlement property.
- Id string
- The id property of an entitlement.
- Multi
Value bool - The property that determines if the entitlement property can hold multiple values.
- Name string
- The display name for an entitlement property.
- Parent
Resource stringOrn - The Okta app instance, in ORN format.
- Required bool
- The property that determines if the entitlement property is a required attribute
- Target
Principal stringOrn - The Okta user id in ORN format.
- Parent
Get
Principal Entitlements Data Parent - Representation of a resource.
- Target
Principal GetPrincipal Entitlements Data Target Principal - Representation of a principal.
- Values
List<Get
Principal Entitlements Data Value> - Collection of entitlement values.
- Data
Type string - The data type of the entitlement property.
- Description string
- The description of an entitlement property.
- External
Value string - The value of an entitlement property.
- Id string
- The id property of an entitlement.
- Multi
Value bool - The property that determines if the entitlement property can hold multiple values.
- Name string
- The display name for an entitlement property.
- Parent
Resource stringOrn - The Okta app instance, in ORN format.
- Required bool
- The property that determines if the entitlement property is a required attribute
- Target
Principal stringOrn - The Okta user id in ORN format.
- Parent
Get
Principal Entitlements Data Parent - Representation of a resource.
- Target
Principal GetPrincipal Entitlements Data Target Principal - Representation of a principal.
- Values
[]Get
Principal Entitlements Data Value - Collection of entitlement values.
- data
Type String - The data type of the entitlement property.
- description String
- The description of an entitlement property.
- external
Value String - The value of an entitlement property.
- id String
- The id property of an entitlement.
- multi
Value Boolean - The property that determines if the entitlement property can hold multiple values.
- name String
- The display name for an entitlement property.
- parent
Resource StringOrn - The Okta app instance, in ORN format.
- required Boolean
- The property that determines if the entitlement property is a required attribute
- target
Principal StringOrn - The Okta user id in ORN format.
- parent
Get
Principal Entitlements Data Parent - Representation of a resource.
- target
Principal GetPrincipal Entitlements Data Target Principal - Representation of a principal.
- values
List<Get
Principal Entitlements Data Value> - Collection of entitlement values.
- data
Type string - The data type of the entitlement property.
- description string
- The description of an entitlement property.
- external
Value string - The value of an entitlement property.
- id string
- The id property of an entitlement.
- multi
Value boolean - The property that determines if the entitlement property can hold multiple values.
- name string
- The display name for an entitlement property.
- parent
Resource stringOrn - The Okta app instance, in ORN format.
- required boolean
- The property that determines if the entitlement property is a required attribute
- target
Principal stringOrn - The Okta user id in ORN format.
- parent
Get
Principal Entitlements Data Parent - Representation of a resource.
- target
Principal GetPrincipal Entitlements Data Target Principal - Representation of a principal.
- values
Get
Principal Entitlements Data Value[] - Collection of entitlement values.
- data_
type str - The data type of the entitlement property.
- description str
- The description of an entitlement property.
- external_
value str - The value of an entitlement property.
- id str
- The id property of an entitlement.
- multi_
value bool - The property that determines if the entitlement property can hold multiple values.
- name str
- The display name for an entitlement property.
- parent_
resource_ strorn - The Okta app instance, in ORN format.
- required bool
- The property that determines if the entitlement property is a required attribute
- target_
principal_ strorn - The Okta user id in ORN format.
- parent
Get
Principal Entitlements Data Parent - Representation of a resource.
- target_
principal GetPrincipal Entitlements Data Target Principal - Representation of a principal.
- values
Sequence[Get
Principal Entitlements Data Value] - Collection of entitlement values.
- data
Type String - The data type of the entitlement property.
- description String
- The description of an entitlement property.
- external
Value String - The value of an entitlement property.
- id String
- The id property of an entitlement.
- multi
Value Boolean - The property that determines if the entitlement property can hold multiple values.
- name String
- The display name for an entitlement property.
- parent
Resource StringOrn - The Okta app instance, in ORN format.
- required Boolean
- The property that determines if the entitlement property is a required attribute
- target
Principal StringOrn - The Okta user id in ORN format.
- parent Property Map
- Representation of a resource.
- target
Principal Property Map - Representation of a principal.
- values List<Property Map>
- Collection of entitlement values.
GetPrincipalEntitlementsDataParent
- External
Id string - The Okta id of the resource.
- Type string
- The type of the resource.
- External
Id string - The Okta id of the resource.
- Type string
- The type of the resource.
- external
Id String - The Okta id of the resource.
- type String
- The type of the resource.
- external
Id string - The Okta id of the resource.
- type string
- The type of the resource.
- external_
id str - The Okta id of the resource.
- type str
- The type of the resource.
- external
Id String - The Okta id of the resource.
- type String
- The type of the resource.
GetPrincipalEntitlementsDataTargetPrincipal
- External
Id string - The Okta user id.
- Type string
- The type of principal.
- External
Id string - The Okta user id.
- Type string
- The type of principal.
- external
Id String - The Okta user id.
- type String
- The type of principal.
- external
Id string - The Okta user id.
- type string
- The type of principal.
- external_
id str - The Okta user id.
- type str
- The type of principal.
- external
Id String - The Okta user id.
- type String
- The type of principal.
GetPrincipalEntitlementsDataValue
- Description string
- The description of an entitlement property.
- External
Value string - The value of an entitlement property value.
- Id string
- The id of an entitlement value.
- Name string
- The name of an entitlement value.
- Description string
- The description of an entitlement property.
- External
Value string - The value of an entitlement property value.
- Id string
- The id of an entitlement value.
- Name string
- The name of an entitlement value.
- description String
- The description of an entitlement property.
- external
Value String - The value of an entitlement property value.
- id String
- The id of an entitlement value.
- name String
- The name of an entitlement value.
- description string
- The description of an entitlement property.
- external
Value string - The value of an entitlement property value.
- id string
- The id of an entitlement value.
- name string
- The name of an entitlement value.
- description str
- The description of an entitlement property.
- external_
value str - The value of an entitlement property value.
- id str
- The id of an entitlement value.
- name str
- The name of an entitlement value.
- description String
- The description of an entitlement property.
- external
Value String - The value of an entitlement property value.
- id String
- The id of an entitlement value.
- name String
- The name of an entitlement value.
GetPrincipalEntitlementsParent
- External
Id string - Type string
- External
Id string - Type string
- external
Id String - type String
- external
Id string - type string
- external_
id str - type str
- external
Id String - type String
GetPrincipalEntitlementsTargetPrincipal
- External
Id string - Type string
- External
Id string - Type string
- external
Id String - type String
- external
Id string - type string
- external_
id str - type str
- external
Id String - type String
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oktaTerraform Provider.
