diff --git a/idm.yaml b/idm.yaml
new file mode 100644
index 0000000..df53369
--- /dev/null
+++ b/idm.yaml
@@ -0,0 +1,104 @@
+---
+document: modulemd
+version: 2
+data:
+  name: idm
+  stream: DL1
+  summary: The Red Hat Enterprise Linux Identity Management system module
+  description: >-
+    RHEL IdM is an integrated solution to provide centrally managed Identity (users,
+    hosts, services), Authentication (SSO, 2FA), and Authorization (host access control,
+    SELinux user roles, services). The solution provides features for further integration
+    with Linux based clients (SUDO, automount) and integration with Active Directory
+    based infrastructures (Trusts).
+  license:
+    module:
+    - MIT
+  dependencies:
+  - buildrequires:
+      389-ds: [1.4]
+      httpd: [2.4]
+      pki-core: [10.6]
+      platform: [el8.5.0]
+    requires:
+      389-ds: [1.4]
+      httpd: [2.4]
+      pki-core: [10.6]
+      platform: [el8]
+  references:
+    community: https://www.freeipa.org/
+    documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index
+    tracker: https://pagure.io/freeipa/issues
+  profiles:
+    adtrust:
+      description: RHEL IdM Server Integration with Active Directory
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server-trust-ad
+    client:
+      description: RHEL IdM Client
+      rpms:
+      - ipa-client
+    common:
+      description: A default profile for RHEL IdM client
+      rpms:
+      - ipa-client
+    dns:
+      description: RHEL IdM with integrated DNS server and integrated CA
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server
+      - ipa-server-dns
+    server:
+      description: Base RHEL IdM Server with integrated CA and no integrated DNS
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server
+  components:
+    rpms:
+      bind-dyndb-ldap:
+        rationale: Driver for BIND to store DNS information in LDAP
+        ref: 662f883a6080903f89280c3fc1a24d55c292e62c
+      custodia:
+        rationale: Remote access to secrets and credentials in IdM topology
+        ref: 3e36f334a88b7492234af55861dcc6a6b8c26ffc
+        buildorder: 2
+      ipa:
+        rationale: Module API
+        ref: 4b8dd530c8dc8ae76d6866f43fe76d796eb51bc2
+      ipa-healthcheck:
+        rationale: A tool to detect issues in IdM clusters
+        ref: cf08666edaee634769ec7a802e02651e0dc3925b
+        buildorder: 3
+      opendnssec:
+        rationale: An implementation of DNSSEC support for IdM integrated DNS server
+        ref: d0dd4952a8c2e7fe867eef12fb525e55e6eeb5fc
+      python-jwcrypto:
+        rationale: JSON Web Cryptographic Tokens used by Custodia
+        ref: a7acdb518b6c868712223761a6913f8f8d1079b9
+        buildorder: 1
+      python-kdcproxy:
+        rationale: MS-KKDCP (kerberos proxy) WSGI module
+        ref: 68b28b48ee00ddef71c995f0fa5fd78f9f3e33be
+      python-qrcode:
+        rationale: QR code generator for IdM two-factor authentication
+        ref: 04dbcfa1acef36bad9bfe6e8bf24c3a8495ea91f
+      python-yubico:
+        rationale: Support for Yubikey-based tokens for IdM two-factor authentication
+        ref: 5f944eba9d9ac4db71edc33d64af6f08e1aea7ad
+        buildorder: 2
+      pyusb:
+        rationale: Python USB support to access USB tokens for IdM two-factor authentication
+        ref: 40dfaea526d72ef3be32628eb2bc1e64b894ae2e
+        buildorder: 1
+      slapi-nis:
+        rationale: Compatibility plugin to serve legacy clients
+        ref: fd13ff4095cfe3194f182f1b62a03a0ba21e021c
+        arches: [aarch64, ppc64le, s390x, x86_64]
+      softhsm:
+        rationale: Software version of a PKCS#11 Hardware Security Module
+        ref: 4454b913b6f65a2a6a4eca6e2392d0bfb4a04dae
+...