diff --git a/idm.yaml b/idm.yaml
new file mode 100644
index 0000000..0c5bb37
--- /dev/null
+++ b/idm.yaml
@@ -0,0 +1,104 @@
+---
+document: modulemd
+version: 2
+data:
+  name: idm
+  stream: DL1
+  summary: The Red Hat Enterprise Linux Identity Management system module
+  description: >-
+    RHEL IdM is an integrated solution to provide centrally managed Identity (users,
+    hosts, services), Authentication (SSO, 2FA), and Authorization (host access control,
+    SELinux user roles, services). The solution provides features for further integration
+    with Linux based clients (SUDO, automount) and integration with Active Directory
+    based infrastructures (Trusts).
+  license:
+    module:
+    - MIT
+  dependencies:
+  - buildrequires:
+      389-ds: [1.4]
+      httpd: [2.4]
+      pki-core: [10.6]
+      platform: [el8.4.0]
+    requires:
+      389-ds: [1.4]
+      httpd: [2.4]
+      pki-core: [10.6]
+      platform: [el8]
+  references:
+    community: https://www.freeipa.org/
+    documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index
+    tracker: https://pagure.io/freeipa/issues
+  profiles:
+    adtrust:
+      description: RHEL IdM Server Integration with Active Directory
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server-trust-ad
+    client:
+      description: RHEL IdM Client
+      rpms:
+      - ipa-client
+    common:
+      description: A default profile for RHEL IdM client
+      rpms:
+      - ipa-client
+    dns:
+      description: RHEL IdM with integrated DNS server and integrated CA
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server
+      - ipa-server-dns
+    server:
+      description: Base RHEL IdM Server with integrated CA and no integrated DNS
+      rpms:
+      - ipa-healthcheck
+      - ipa-healthcheck-core
+      - ipa-server
+  components:
+    rpms:
+      bind-dyndb-ldap:
+        rationale: Driver for BIND to store DNS information in LDAP
+        ref: 662f883a6080903f89280c3fc1a24d55c292e62c
+      custodia:
+        rationale: Remote access to secrets and credentials in IdM topology
+        ref: 3e36f334a88b7492234af55861dcc6a6b8c26ffc
+        buildorder: 2
+      ipa:
+        rationale: Module API
+        ref: fc482ccc1c55b85ad1293ae7d603d4ddb9eb0d7a
+      ipa-healthcheck:
+        rationale: A tool to detect issues in IdM clusters
+        ref: b9b3bb0d9fa5cda0260c4e8e9468bf458bc1c4a7
+        buildorder: 3
+      opendnssec:
+        rationale: An implementation of DNSSEC support for IdM integrated DNS server
+        ref: d0dd4952a8c2e7fe867eef12fb525e55e6eeb5fc
+      python-jwcrypto:
+        rationale: JSON Web Cryptographic Tokens used by Custodia
+        ref: 9d27e51a5724e549f2d33602bb75539e70b05b95
+        buildorder: 1
+      python-kdcproxy:
+        rationale: MS-KKDCP (kerberos proxy) WSGI module
+        ref: 3fdeea45c8fe51cf990894953e16e5668add2669
+      python-qrcode:
+        rationale: QR code generator for IdM two-factor authentication
+        ref: ee64e46fa4051fda939a71abaf15b540e3fcb520
+      python-yubico:
+        rationale: Support for Yubikey-based tokens for IdM two-factor authentication
+        ref: 5f944eba9d9ac4db71edc33d64af6f08e1aea7ad
+        buildorder: 2
+      pyusb:
+        rationale: Python USB support to access USB tokens for IdM two-factor authentication
+        ref: 40dfaea526d72ef3be32628eb2bc1e64b894ae2e
+        buildorder: 1
+      slapi-nis:
+        rationale: Compatibility plugin to serve legacy clients
+        ref: d3c17a3357b283171f6f94c425d35968cf0e674f
+        arches: [aarch64, ppc64le, s390x, x86_64]
+      softhsm:
+        rationale: Software version of a PKCS#11 Hardware Security Module
+        ref: 3041c77316124b3ad35cd2c06f77ef4d38dce3cb
+...