diff --git a/idm.yaml b/idm.yaml
new file mode 100644
index 0000000..3f3010c
--- /dev/null
+++ b/idm.yaml
@@ -0,0 +1,105 @@
+---
+document: modulemd
+version: 2
+data:
+  name: idm
+  stream: DL1
+  summary: The Red Hat Enterprise Linux Identity Management system module
+  description: >-
+    RHEL IdM is an integrated solution to provide centrally managed Identity (users,
+    hosts, services), Authentication (SSO, 2FA), and Authorization (host access control,
+    SELinux user roles, services). The solution provides features for further integration
+    with Linux based clients (SUDO, automount) and integration with Active Directory
+    based infrastructures (Trusts).
+  license:
+    module:
+    - MIT
+  dependencies:
+  - buildrequires:
+      389-ds: [1.4]
+      httpd: [2.4]
+      pki-core: [10.6]
+      platform: [el8.3.0]
+    requires:
+      389-ds: [1.4]
+      httpd: [2.4]
+      pki-core: [10.6]
+      platform: [el8]
+  references:
+    community: https://www.freeipa.org/
+    documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index
+    tracker: https://pagure.io/freeipa/issues
+  profiles:
+    adtrust:
+      description: RHEL IdM Server Integration with Active Directory
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server-trust-ad
+    client:
+      description: RHEL IdM Client
+      rpms:
+      - ipa-client
+    common:
+      description: A default profile for RHEL IdM client
+      rpms:
+      - ipa-client
+    dns:
+      description: RHEL IdM with integrated DNS server and integrated CA
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server
+      - ipa-server-dns
+    server:
+      description: Base RHEL IdM Server with integrated CA and no integrated DNS
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server
+  components:
+    rpms:
+      bind-dyndb-ldap:
+        rationale: Driver for BIND to store DNS information in LDAP
+        ref: 30a4b96c815c2e127d43fff31457541e78a8b34c
+      custodia:
+        rationale: Remote access to secrets and credentials in IdM topology
+        ref: 3e36f334a88b7492234af55861dcc6a6b8c26ffc
+        buildorder: 2
+      ipa:
+        rationale: Module API
+        ref: 91acb236551304e5c69678f434943095c46071f4
+      ipa-healthcheck:
+        rationale: A tool to detect issues in IdM clusters
+        ref: ef63c653251cc4eddbc5781f0b3f101b1b2514fc
+        buildorder: 3
+      opendnssec:
+        rationale: An implementation of DNSSEC support for IdM integrated DNS server
+        ref: edec7de1b5f7fc7727da85f844ba75cbbb0c834b
+      python-jwcrypto:
+        rationale: JSON Web Cryptographic Tokens used by Custodia
+        ref: 9d27e51a5724e549f2d33602bb75539e70b05b95
+        buildorder: 1
+      python-kdcproxy:
+        rationale: MS-KKDCP (kerberos proxy) WSGI module
+        ref: 3fdeea45c8fe51cf990894953e16e5668add2669
+      python-qrcode:
+        rationale: QR code generator for IdM two-factor authentication
+        ref: ee64e46fa4051fda939a71abaf15b540e3fcb520
+      python-yubico:
+        rationale: Support for Yubikey-based tokens for IdM two-factor authentication
+        ref: ceb8768db937e08794817ad905ea748ff8ca0e48
+        buildorder: 2
+      pyusb:
+        rationale: Python USB support to access USB tokens for IdM two-factor authentication
+        ref: ad586f2d793e73d20bed53df94ec24ccef550adb
+        buildorder: 1
+      slapi-nis:
+        rationale: Compatibility plugin to serve legacy clients
+        ref: c17375ef4c0867e2f2fea5c4cff3fe557c65153b
+        arches: [aarch64, ppc64le, s390x, x86_64]
+      softhsm:
+        rationale: Software version of a PKCS#11 Hardware Security Module
+        ref: 3041c77316124b3ad35cd2c06f77ef4d38dce3cb
+...
+