fix: policies and add some documentation examples

docs/index.md

@@ -0,0 +1,47 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "Provider: ZITADEL"
+description: |-
+    Provider to manage resources on ZITADEL
+
+---
+
+# ZITADEL Provider
+
+This provider allows the management of different resources on a ZITADEL instance.
+
+Through this provider it is possible to interact with the [ZITADEL API](https://docs.zitadel.com/docs/apis/introduction) to configure different aspects of the instance.
+
+## Configuring the provider
+
+```terraform
+terraform {
+  required_providers {
+    zitadel = {
+      source  = "zitadel/zitadel"
+      version = "1.0.0-alpha.1"
+    }
+  }
+}
+
+provider zitadel {
+  domain = "localhost:8080"
+  insecure = "true"
+  project = "170832731415117995"
+  token   = "local-token"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `domain` (String)
+- `insecure` (Boolean)
+- `project` (String)
+- `token` (String)
+
+## Limitations
+
+The token which is used to connect to ZITADEL is currently limited to JWT-token for serviceaccounts, so you have to create a service account first, to download the key from this.

docs/resources/action.md

@@ -0,0 +1,31 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_action Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_action (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `allowed_to_fail` (Boolean) when true, the next action will be called even if this action fails
+- `name` (String)
+- `org_id` (String) ID of the organization
+- `script` (String)
+- `timeout` (String) after which time the action will be terminated if not finished
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `state` (Number) the state of the action
+
+

docs/resources/application_api.md

@@ -0,0 +1,29 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_application_api Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_application_api (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `auth_method_type` (String) Auth method type
+- `name` (String) Name of the application
+- `org_id` (String) orgID of the application
+- `project_id` (String) ID of the project
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+
+

docs/resources/application_oidc.md

@@ -0,0 +1,45 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_application_oidc Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_application_oidc (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `app_type` (String) App type
+- `auth_method_type` (String) Auth method type
+- `clock_skew` (String) Clockskew
+- `grant_types` (List of String) Grant types
+- `name` (String) Name of the application
+- `org_id` (String) orgID of the application
+- `project_id` (String) ID of the project
+- `redirect_uris` (List of String) RedirectURIs
+- `response_types` (List of String) Response type
+
+### Optional
+
+- `access_token_role_assertion` (Boolean) Access token role assertion
+- `access_token_type` (String) Access token type
+- `additional_origins` (List of String) Additional origins
+- `dev_mode` (Boolean) Dev mode
+- `id_token_role_assertion` (Boolean) ID token role assertion
+- `id_token_userinfo_assertion` (Boolean) Token userinfo assertion
+- `post_logout_redirect_uris` (List of String) Post logout redirect URIs
+- `version` (String) Version
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+
+

docs/resources/domain.md

@@ -0,0 +1,30 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_domain Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_domain (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) Name of the domain
+- `org_id` (String) ID of the organization
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `is_primary` (Boolean) Is domain primary
+- `is_verified` (Boolean) Is domain verified
+- `validation_type` (Number) Validation type
+
+

docs/resources/domain_policy.md

@@ -0,0 +1,30 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_domain_policy Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_domain_policy (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `org_id` (String) Id for the organization
+- `smtp_sender_address_matches_instance_domain` (Boolean)
+- `user_login_must_be_domain` (Boolean) User login must be domain
+- `validate_org_domains` (Boolean) Validate organization domains
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `is_default` (Boolean) Is this policy the default
+
+

docs/resources/human_user.md

@@ -0,0 +1,44 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_human_user Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_human_user (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `org_id` (String) ID of the organization
+- `user_name` (String) Username
+
+### Optional
+
+- `display_name` (String) DIsplay name of the user
+- `email` (String) Email of the user
+- `first_name` (String) First name of the user
+- `gender` (String) Gender of the user
+- `initial_password` (String) Initially set password for the user
+- `is_email_verified` (Boolean) Is the email verified of the user
+- `is_phone_verified` (Boolean) Is the phone verified of the user
+- `last_name` (String) Last name of the user
+- `nick_name` (String) Nick name of the user
+- `phone` (String) Phone of the user
+- `preferred_language` (String) Preferred language of the user
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `login_names` (List of String) Loginnames
+- `preferred_login_name` (String) Preferred login name
+- `state` (String) State of the user
+
+

docs/resources/label_policy.md

@@ -0,0 +1,42 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_label_policy Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_label_policy (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `background_color` (String) hex value for background color
+- `background_color_dark` (String) hex value for background color dark theme
+- `disable_watermark` (Boolean) disable watermark
+- `font_color` (String) hex value for font color
+- `font_color_dark` (String) hex value for font color dark theme
+- `hide_login_name_suffix` (Boolean) hides the org suffix on the login form if the scope "urn:zitadel:iam:org:domain:primary:{domainname}" is set. Details about this scope in https://docs.zitadel.ch/concepts#Reserved_Scopes
+- `org_id` (String) Id for the organization
+- `primary_color` (String) hex value for primary color
+- `primary_color_dark` (String) hex value for primary color dark theme
+- `warn_color` (String) hex value for warn color
+- `warn_color_dark` (String) hex value for warn color dark theme
+
+### Read-Only
+
+- `font_url` (String)
+- `icon_url` (String)
+- `icon_url_dark` (String)
+- `id` (String) The ID of this resource.
+- `is_default` (Boolean) defines if the organisation's admin changed the policy
+- `logo_url` (String)
+- `logo_url_dark` (String)
+
+

docs/resources/lockout_policy.md

@@ -0,0 +1,31 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_lockout_policy Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_lockout_policy (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `max_password_attempts` (Number) Maximum password check attempts before the account gets locked. Attempts are reset as soon as the password is entered correct or the password is reset.
+
+### Optional
+
+- `org_id` (String) Id for the organization
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `is_default` (Boolean) defines if the organisation's admin changed the policy
+
+

docs/resources/login_policy.md

@@ -0,0 +1,40 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "zitadel_login_policy Resource - terraform-provider-zitadel"
+subcategory: ""
+description: |-
+  
+---
+
+# zitadel_login_policy (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `allow_external_idp` (Boolean) defines if a user is allowed to add a defined identity provider. E.g. Google auth
+- `allow_register` (Boolean) defines if a person is allowed to register a user on this organisation
+- `default_redirect_uri` (String) defines where the user will be redirected to if the login is started without app context (e.g. from mail)
+- `external_login_check_lifetime` (String)
+- `force_mfa` (Boolean) defines if a user MUST use a multi factor to log in
+- `hide_password_reset` (Boolean) defines if password reset link should be shown in the login screen
+- `ignore_unknown_usernames` (Boolean) defines if unknown username on login screen directly return an error or always display the password screen
+- `mfa_init_skip_lifetime` (String)
+- `multi_factor_check_lifetime` (String)
+- `org_id` (String) Id for the organization
+- `password_check_lifetime` (String)
+- `passwordless_type` (String) defines if passwordless is allowed for users
+- `second_factor_check_lifetime` (String)
+- `user_login` (Boolean) defines if a user is allowed to login with his username and password
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `is_default` (Boolean) defines if the organisation's admin changed the policy
+
+