From df552dff4c1269e85b5c1dafa99661f7c10df1cb Mon Sep 17 00:00:00 2001 From: Mikhail Shilkov Date: Thu, 20 Apr 2023 11:23:12 +0300 Subject: [PATCH] Upgrade terraform-provider-azuread to upstream v2.37.2 --- .../cmd/pulumi-resource-azuread/schema.json | 1321 +++++++++++- provider/go.mod | 8 +- provider/go.sum | 21 +- provider/resources.go | 17 +- provider/shim/go.mod | 8 +- provider/shim/go.sum | 269 +-- sdk/dotnet/AccessPackage.cs | 190 ++ sdk/dotnet/AccessPackageAssignmentPolicy.cs | 365 ++++ sdk/dotnet/AccessPackageCatalog.cs | 183 ++ ...AccessPackageResourceCatalogAssociation.cs | 180 ++ ...AccessPackageResourcePackageAssociation.cs | 193 ++ sdk/dotnet/AdministrativeUnitRoleMember.cs | 183 ++ sdk/dotnet/Application.cs | 18 + sdk/dotnet/GetAccessPackage.cs | 220 ++ sdk/dotnet/GetAccessPackageCatalog.cs | 211 ++ sdk/dotnet/GetApplication.cs | 7 + sdk/dotnet/GetGroup.cs | 16 +- sdk/dotnet/GetUser.cs | 12 + sdk/dotnet/Group.cs | 40 +- sdk/dotnet/GroupMember.cs | 4 +- ...ngsApprovalStageAlternativeApproverArgs.cs | 38 + ...ApprovalStageAlternativeApproverGetArgs.cs | 38 + ...PolicyApprovalSettingsApprovalStageArgs.cs | 68 + ...icyApprovalSettingsApprovalStageGetArgs.cs | 68 + ...ettingsApprovalStagePrimaryApproverArgs.cs | 38 + ...ingsApprovalStagePrimaryApproverGetArgs.cs | 38 + ...ageAssignmentPolicyApprovalSettingsArgs.cs | 50 + ...AssignmentPolicyApprovalSettingsGetArgs.cs | 50 + ...nmentPolicyAssignmentReviewSettingsArgs.cs | 80 + ...ntPolicyAssignmentReviewSettingsGetArgs.cs | 80 + ...icyAssignmentReviewSettingsReviewerArgs.cs | 38 + ...AssignmentReviewSettingsReviewerGetArgs.cs | 38 + ...cessPackageAssignmentPolicyQuestionArgs.cs | 50 + ...ckageAssignmentPolicyQuestionChoiceArgs.cs | 32 + ...entPolicyQuestionChoiceDisplayValueArgs.cs | 38 + ...PolicyQuestionChoiceDisplayValueGetArgs.cs | 38 + ...tionChoiceDisplayValueLocalizedTextArgs.cs | 32 + ...nChoiceDisplayValueLocalizedTextGetArgs.cs | 32 + ...geAssignmentPolicyQuestionChoiceGetArgs.cs | 32 + ...sPackageAssignmentPolicyQuestionGetArgs.cs | 50 + ...PackageAssignmentPolicyQuestionTextArgs.cs | 38 + ...kageAssignmentPolicyQuestionTextGetArgs.cs | 38 + ...mentPolicyQuestionTextLocalizedTextArgs.cs | 32 + ...tPolicyQuestionTextLocalizedTextGetArgs.cs | 32 + ...geAssignmentPolicyRequestorSettingsArgs.cs | 44 + ...ssignmentPolicyRequestorSettingsGetArgs.cs | 44 + ...entPolicyRequestorSettingsRequestorArgs.cs | 38 + ...PolicyRequestorSettingsRequestorGetArgs.cs | 38 + ...PackageAssignmentPolicyApprovalSettings.cs | 49 + ...mentPolicyApprovalSettingsApprovalStage.cs | 63 + ...ettingsApprovalStageAlternativeApprover.cs | 42 + ...valSettingsApprovalStagePrimaryApprover.cs | 42 + ...ssignmentPolicyAssignmentReviewSettings.cs | 84 + ...tPolicyAssignmentReviewSettingsReviewer.cs | 42 + .../AccessPackageAssignmentPolicyQuestion.cs | 49 + ...ssPackageAssignmentPolicyQuestionChoice.cs | 35 + ...ignmentPolicyQuestionChoiceDisplayValue.cs | 35 + ...QuestionChoiceDisplayValueLocalizedText.cs | 35 + ...cessPackageAssignmentPolicyQuestionText.cs | 35 + ...signmentPolicyQuestionTextLocalizedText.cs | 35 + ...ackageAssignmentPolicyRequestorSettings.cs | 42 + ...ignmentPolicyRequestorSettingsRequestor.cs | 42 + sdk/dotnet/UserFlowAttribute.cs | 180 ++ sdk/go/azuread/accessPackage.go | 321 +++ .../azuread/accessPackageAssignmentPolicy.go | 466 ++++ sdk/go/azuread/accessPackageCatalog.go | 310 +++ ...accessPackageResourceCatalogAssociation.go | 315 +++ ...accessPackageResourcePackageAssociation.go | 329 +++ .../azuread/administrativeUnitRoleMember.go | 319 +++ sdk/go/azuread/application.go | 15 + sdk/go/azuread/getAccessPackage.go | 180 ++ sdk/go/azuread/getAccessPackageCatalog.go | 178 ++ sdk/go/azuread/getApplication.go | 7 + sdk/go/azuread/getGroup.go | 14 + sdk/go/azuread/getUser.go | 4 + sdk/go/azuread/group.go | 34 +- sdk/go/azuread/groupMember.go | 4 +- sdk/go/azuread/init.go | 49 + sdk/go/azuread/pulumiTypes.go | 1920 +++++++++++++++++ sdk/go/azuread/userFlowAttribute.go | 312 +++ .../com/pulumi/azuread/AccessPackage.java | 184 ++ .../com/pulumi/azuread/AccessPackageArgs.java | 198 ++ .../AccessPackageAssignmentPolicy.java | 320 +++ .../AccessPackageAssignmentPolicyArgs.java | 436 ++++ .../pulumi/azuread/AccessPackageCatalog.java | 176 ++ .../azuread/AccessPackageCatalogArgs.java | 197 ++ ...cessPackageResourceCatalogAssociation.java | 177 ++ ...PackageResourceCatalogAssociationArgs.java | 158 ++ ...cessPackageResourcePackageAssociation.java | 193 ++ ...PackageResourcePackageAssociationArgs.java | 159 ++ .../azuread/AdministrativeUnitRoleMember.java | 181 ++ .../AdministrativeUnitRoleMemberArgs.java | 158 ++ .../java/com/pulumi/azuread/Application.java | 14 + .../com/pulumi/azuread/ApplicationArgs.java | 37 + .../com/pulumi/azuread/AzureadFunctions.java | 942 ++++++++ .../main/java/com/pulumi/azuread/Group.java | 32 +- .../java/com/pulumi/azuread/GroupArgs.java | 74 + .../java/com/pulumi/azuread/GroupMember.java | 4 +- .../com/pulumi/azuread/UserFlowAttribute.java | 177 ++ .../pulumi/azuread/UserFlowAttributeArgs.java | 158 ++ ...sApprovalStageAlternativeApproverArgs.java | 159 ++ ...licyApprovalSettingsApprovalStageArgs.java | 293 +++ ...tingsApprovalStagePrimaryApproverArgs.java | 159 ++ ...eAssignmentPolicyApprovalSettingsArgs.java | 206 ++ ...entPolicyAssignmentReviewSettingsArgs.java | 393 ++++ ...yAssignmentReviewSettingsReviewerArgs.java | 159 ++ ...ssPackageAssignmentPolicyQuestionArgs.java | 209 ++ ...ageAssignmentPolicyQuestionChoiceArgs.java | 121 ++ ...tPolicyQuestionChoiceDisplayValueArgs.java | 133 ++ ...onChoiceDisplayValueLocalizedTextArgs.java | 120 ++ ...ckageAssignmentPolicyQuestionTextArgs.java | 133 ++ ...ntPolicyQuestionTextLocalizedTextArgs.java | 120 ++ ...AssignmentPolicyRequestorSettingsArgs.java | 170 ++ ...tPolicyRequestorSettingsRequestorArgs.java | 159 ++ .../AccessPackageAssignmentPolicyState.java | 433 ++++ .../inputs/AccessPackageCatalogState.java | 195 ++ ...ackageResourceCatalogAssociationState.java | 157 ++ ...ackageResourcePackageAssociationState.java | 157 ++ .../azuread/inputs/AccessPackageState.java | 195 ++ .../AdministrativeUnitRoleMemberState.java | 157 ++ .../azuread/inputs/ApplicationState.java | 37 + .../azuread/inputs/GetAccessPackageArgs.java | 157 ++ .../inputs/GetAccessPackageCatalogArgs.java | 120 ++ .../GetAccessPackageCatalogPlainArgs.java | 99 + .../inputs/GetAccessPackagePlainArgs.java | 126 ++ .../pulumi/azuread/inputs/GetUserArgs.java | 37 + .../azuread/inputs/GetUserPlainArgs.java | 27 + .../com/pulumi/azuread/inputs/GroupState.java | 74 + .../inputs/UserFlowAttributeState.java | 194 ++ ...ckageAssignmentPolicyApprovalSettings.java | 121 ++ ...ntPolicyApprovalSettingsApprovalStage.java | 166 ++ ...tingsApprovalStageAlternativeApprover.java | 97 + ...lSettingsApprovalStagePrimaryApprover.java | 97 + ...ignmentPolicyAssignmentReviewSettings.java | 223 ++ ...olicyAssignmentReviewSettingsReviewer.java | 97 + ...AccessPackageAssignmentPolicyQuestion.java | 123 ++ ...PackageAssignmentPolicyQuestionChoice.java | 75 + ...nmentPolicyQuestionChoiceDisplayValue.java | 80 + ...estionChoiceDisplayValueLocalizedText.java | 74 + ...ssPackageAssignmentPolicyQuestionText.java | 80 + ...gnmentPolicyQuestionTextLocalizedText.java | 74 + ...kageAssignmentPolicyRequestorSettings.java | 102 + ...nmentPolicyRequestorSettingsRequestor.java | 97 + .../GetAccessPackageCatalogResult.java | 139 ++ .../outputs/GetAccessPackageResult.java | 133 ++ .../azuread/outputs/GetApplicationResult.java | 20 + .../azuread/outputs/GetGroupResult.java | 40 + sdk/nodejs/accessPackage.ts | 168 ++ sdk/nodejs/accessPackageAssignmentPolicy.ts | 289 +++ sdk/nodejs/accessPackageCatalog.ts | 160 ++ ...accessPackageResourceCatalogAssociation.ts | 160 ++ ...accessPackageResourcePackageAssociation.ts | 166 ++ sdk/nodejs/administrativeUnitRoleMember.ts | 157 ++ sdk/nodejs/application.ts | 14 + sdk/nodejs/getAccessPackage.ts | 148 ++ sdk/nodejs/getAccessPackageCatalog.ts | 142 ++ sdk/nodejs/getApplication.ts | 4 + sdk/nodejs/getGroup.ts | 8 + sdk/nodejs/getUser.ts | 9 + sdk/nodejs/group.ts | 32 +- sdk/nodejs/groupMember.ts | 4 +- sdk/nodejs/index.ts | 66 + sdk/nodejs/tsconfig.json | 9 + sdk/nodejs/types/input.ts | 234 ++ sdk/nodejs/types/output.ts | 234 ++ sdk/nodejs/userFlowAttribute.ts | 162 ++ sdk/python/pulumi_azuread/__init__.py | 65 + sdk/python/pulumi_azuread/_inputs.py | 866 ++++++++ sdk/python/pulumi_azuread/access_package.py | 351 +++ .../access_package_assignment_policy.py | 701 ++++++ .../pulumi_azuread/access_package_catalog.py | 342 +++ ...ss_package_resource_catalog_association.py | 314 +++ ...ss_package_resource_package_association.py | 327 +++ .../administrative_unit_role_member.py | 308 +++ sdk/python/pulumi_azuread/application.py | 47 + .../pulumi_azuread/get_access_package.py | 197 ++ .../get_access_package_catalog.py | 195 ++ sdk/python/pulumi_azuread/get_application.py | 15 +- sdk/python/pulumi_azuread/get_group.py | 32 +- sdk/python/pulumi_azuread/get_user.py | 9 +- sdk/python/pulumi_azuread/group.py | 108 +- sdk/python/pulumi_azuread/group_member.py | 8 +- sdk/python/pulumi_azuread/outputs.py | 939 ++++++++ .../pulumi_azuread/user_flow_attribute.py | 330 +++ 184 files changed, 27793 insertions(+), 324 deletions(-) create mode 100644 sdk/dotnet/AccessPackage.cs create mode 100644 sdk/dotnet/AccessPackageAssignmentPolicy.cs create mode 100644 sdk/dotnet/AccessPackageCatalog.cs create mode 100644 sdk/dotnet/AccessPackageResourceCatalogAssociation.cs create mode 100644 sdk/dotnet/AccessPackageResourcePackageAssociation.cs create mode 100644 sdk/dotnet/AdministrativeUnitRoleMember.cs create mode 100644 sdk/dotnet/GetAccessPackage.cs create mode 100644 sdk/dotnet/GetAccessPackageCatalog.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsGetArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.cs create mode 100644 sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettings.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestion.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoice.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionText.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettings.cs create mode 100644 sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.cs create mode 100644 sdk/dotnet/UserFlowAttribute.cs create mode 100644 sdk/go/azuread/accessPackage.go create mode 100644 sdk/go/azuread/accessPackageAssignmentPolicy.go create mode 100644 sdk/go/azuread/accessPackageCatalog.go create mode 100644 sdk/go/azuread/accessPackageResourceCatalogAssociation.go create mode 100644 sdk/go/azuread/accessPackageResourcePackageAssociation.go create mode 100644 sdk/go/azuread/administrativeUnitRoleMember.go create mode 100644 sdk/go/azuread/getAccessPackage.go create mode 100644 sdk/go/azuread/getAccessPackageCatalog.go create mode 100644 sdk/go/azuread/userFlowAttribute.go create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociationArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociationArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMemberArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttributeArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyState.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageCatalogState.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourceCatalogAssociationState.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourcePackageAssociationState.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageState.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitRoleMemberState.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackagePlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/inputs/UserFlowAttributeState.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettings.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestion.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoice.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionText.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettings.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageCatalogResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageResult.java create mode 100644 sdk/nodejs/accessPackage.ts create mode 100644 sdk/nodejs/accessPackageAssignmentPolicy.ts create mode 100644 sdk/nodejs/accessPackageCatalog.ts create mode 100644 sdk/nodejs/accessPackageResourceCatalogAssociation.ts create mode 100644 sdk/nodejs/accessPackageResourcePackageAssociation.ts create mode 100644 sdk/nodejs/administrativeUnitRoleMember.ts create mode 100644 sdk/nodejs/getAccessPackage.ts create mode 100644 sdk/nodejs/getAccessPackageCatalog.ts create mode 100644 sdk/nodejs/userFlowAttribute.ts create mode 100644 sdk/python/pulumi_azuread/access_package.py create mode 100644 sdk/python/pulumi_azuread/access_package_assignment_policy.py create mode 100644 sdk/python/pulumi_azuread/access_package_catalog.py create mode 100644 sdk/python/pulumi_azuread/access_package_resource_catalog_association.py create mode 100644 sdk/python/pulumi_azuread/access_package_resource_package_association.py create mode 100644 sdk/python/pulumi_azuread/administrative_unit_role_member.py create mode 100644 sdk/python/pulumi_azuread/get_access_package.py create mode 100644 sdk/python/pulumi_azuread/get_access_package_catalog.py create mode 100644 sdk/python/pulumi_azuread/user_flow_attribute.py diff --git a/provider/cmd/pulumi-resource-azuread/schema.json b/provider/cmd/pulumi-resource-azuread/schema.json index 038325021..2087ce0d2 100644 --- a/provider/cmd/pulumi-resource-azuread/schema.json +++ b/provider/cmd/pulumi-resource-azuread/schema.json @@ -149,6 +149,568 @@ ] }, "types": { + "azuread:index/AccessPackageAssignmentPolicyApprovalSettings:AccessPackageAssignmentPolicyApprovalSettings": { + "properties": { + "approvalRequired": { + "type": "boolean", + "description": "Whether an approval is required.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "approvalRequiredForExtension": { + "type": "boolean", + "description": "Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage:AccessPackageAssignmentPolicyApprovalSettingsApprovalStage" + }, + "description": "An `approval_stage` block specifying the process to obtain an approval, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "requestorJustificationRequired": { + "type": "boolean", + "description": "Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object" + }, + "azuread:index/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage:AccessPackageAssignmentPolicyApprovalSettingsApprovalStage": { + "properties": { + "alternativeApprovalEnabled": { + "type": "boolean", + "description": "Whether alternative approvers are enabled.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "alternativeApprovers": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover:AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover" + }, + "description": "A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "approvalTimeoutInDays": { + "type": "integer", + "description": "Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "approverJustificationRequired": { + "type": "boolean", + "description": "Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "enableAlternativeApprovalInDays": { + "type": "integer", + "description": "Number of days before the request is forwarded to alternative approvers.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "primaryApprovers": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover:AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover" + }, + "description": "A block specifying the users who will be asked to approve requests, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "approvalTimeoutInDays" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover:AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover": { + "properties": { + "backup": { + "type": "boolean", + "description": "For a user in an approval stage, this property indicates whether the user is a backup fallback approver.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "objectId": { + "type": "string", + "description": "The ID of the subject.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "subjectType": { + "type": "string", + "description": "Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "subjectType" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover:AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover": { + "properties": { + "backup": { + "type": "boolean", + "description": "For a user in an approval stage, this property indicates whether the user is a backup fallback approver.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "objectId": { + "type": "string", + "description": "The ID of the subject.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "subjectType": { + "type": "string", + "description": "Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "subjectType" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyAssignmentReviewSettings:AccessPackageAssignmentPolicyAssignmentReviewSettings": { + "properties": { + "accessRecommendationEnabled": { + "type": "boolean", + "description": "Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "accessReviewTimeoutBehavior": { + "type": "string", + "description": "Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "approverJustificationRequired": { + "type": "boolean", + "description": "Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "durationInDays": { + "type": "integer", + "description": "How many days each occurrence of the access review series will run.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "enabled": { + "type": "boolean", + "description": "Whether to enable assignment review.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "reviewFrequency": { + "type": "string", + "description": "This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "reviewType": { + "type": "string", + "description": "Self review or specific reviewers. Valid values are `Self`, or `Reviewers`.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "reviewers": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer:AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer" + }, + "description": "One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "startingOn": { + "type": "string", + "description": "This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object" + }, + "azuread:index/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer:AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer": { + "properties": { + "backup": { + "type": "boolean", + "description": "For a user in an approval stage, this property indicates whether the user is a backup fallback approver.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "objectId": { + "type": "string", + "description": "The ID of the subject.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "subjectType": { + "type": "string", + "description": "Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "subjectType" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyQuestion:AccessPackageAssignmentPolicyQuestion": { + "properties": { + "choices": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestionChoice:AccessPackageAssignmentPolicyQuestionChoice" + }, + "description": "One or more blocks configuring a choice to the question, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "required": { + "type": "boolean", + "description": "Whether this question is required.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "sequence": { + "type": "integer", + "description": "The sequence number of this question.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "text": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestionText:AccessPackageAssignmentPolicyQuestionText", + "description": "A block describing the content of this question, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "text" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyQuestionChoice:AccessPackageAssignmentPolicyQuestionChoice": { + "properties": { + "actualValue": { + "type": "string", + "description": "The actual value of this choice.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "displayValue": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue:AccessPackageAssignmentPolicyQuestionChoiceDisplayValue", + "description": "A block describing the display text of this choice, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "actualValue", + "displayValue" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue:AccessPackageAssignmentPolicyQuestionChoiceDisplayValue": { + "properties": { + "defaultText": { + "type": "string", + "description": "The default text of this question.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "localizedTexts": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText:AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText" + }, + "description": "One or more blocks describing localized text of this question, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "defaultText" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText:AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText": { + "properties": { + "content": { + "type": "string", + "description": "The localized content of this question.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "languageCode": { + "type": "string", + "description": "The ISO 639 language code for this question content.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "content", + "languageCode" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyQuestionText:AccessPackageAssignmentPolicyQuestionText": { + "properties": { + "defaultText": { + "type": "string", + "description": "The default text of this question.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "localizedTexts": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestionTextLocalizedText:AccessPackageAssignmentPolicyQuestionTextLocalizedText" + }, + "description": "One or more blocks describing localized text of this question, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "defaultText" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyQuestionTextLocalizedText:AccessPackageAssignmentPolicyQuestionTextLocalizedText": { + "properties": { + "content": { + "type": "string", + "description": "The localized content of this question.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "languageCode": { + "type": "string", + "description": "The ISO 639 language code for this question content.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "content", + "languageCode" + ] + }, + "azuread:index/AccessPackageAssignmentPolicyRequestorSettings:AccessPackageAssignmentPolicyRequestorSettings": { + "properties": { + "requestors": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyRequestorSettingsRequestor:AccessPackageAssignmentPolicyRequestorSettingsRequestor" + }, + "description": "A block specifying the users who are allowed to request on this policy, as documented below.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "requestsAccepted": { + "type": "boolean", + "description": "Whether to accept requests using this policy. When `false`, no new requests can be made using this policy.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "scopeType": { + "type": "string", + "description": "Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object" + }, + "azuread:index/AccessPackageAssignmentPolicyRequestorSettingsRequestor:AccessPackageAssignmentPolicyRequestorSettingsRequestor": { + "properties": { + "backup": { + "type": "boolean", + "description": "For a user in an approval stage, this property indicates whether the user is a backup fallback approver.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "objectId": { + "type": "string", + "description": "The ID of the subject.\n", + "language": { + "python": { + "mapCase": false + } + } + }, + "subjectType": { + "type": "string", + "description": "Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`.\n", + "language": { + "python": { + "mapCase": false + } + } + } + }, + "type": "object", + "required": [ + "subjectType" + ] + }, "azuread:index/ApplicationApi:ApplicationApi": { "properties": { "knownClientApplications": { @@ -3150,26 +3712,448 @@ "type": "boolean", "description": "Allow Azure CLI to be used for Authentication\n" }, - "useMsi": { - "type": "boolean", - "description": "Allow Managed Identity to be used for Authentication\n", - "default": false, - "defaultInfo": { - "environment": [ - "ARM_USE_MSI" - ] + "useMsi": { + "type": "boolean", + "description": "Allow Managed Identity to be used for Authentication\n", + "default": false, + "defaultInfo": { + "environment": [ + "ARM_USE_MSI" + ] + } + }, + "useOidc": { + "type": "boolean", + "description": "Allow OpenID Connect to be used for authentication\n" + } + }, + "requiredInputs": [ + "metadataHost" + ] + }, + "resources": { + "azuread:index/accessPackage:AccessPackage": { + "description": "Manages an Access Package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAccess Packages can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000\n```\n\n ", + "properties": { + "catalogId": { + "type": "string", + "description": "The ID of the Catalog this access package will be created in.\n" + }, + "description": { + "type": "string", + "description": "The description of the access package.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the access package.\n" + }, + "hidden": { + "type": "boolean", + "description": "Whether the access package is hidden from the requestor.\n" + } + }, + "required": [ + "catalogId", + "description", + "displayName" + ], + "inputProperties": { + "catalogId": { + "type": "string", + "description": "The ID of the Catalog this access package will be created in.\n", + "willReplaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the access package.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the access package.\n" + }, + "hidden": { + "type": "boolean", + "description": "Whether the access package is hidden from the requestor.\n" + } + }, + "requiredInputs": [ + "catalogId", + "description", + "displayName" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AccessPackage resources.\n", + "properties": { + "catalogId": { + "type": "string", + "description": "The ID of the Catalog this access package will be created in.\n", + "willReplaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the access package.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the access package.\n" + }, + "hidden": { + "type": "boolean", + "description": "Whether the access package is hidden from the requestor.\n" + } + }, + "type": "object" + } + }, + "azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy": { + "description": "Manages an assignment policy for an access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"group-name\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\nconst test = new azuread.AccessPackageAssignmentPolicy(\"test\", {\n accessPackageId: azuread_access_package.test.id,\n displayName: \"assignment-policy\",\n description: \"My assignment policy\",\n durationInDays: 90,\n requestorSettings: {\n scopeType: \"AllExistingDirectoryMemberUsers\",\n },\n approvalSettings: {\n approvalRequired: true,\n approvalStages: [{\n approvalTimeoutInDays: 14,\n primaryApprovers: [{\n objectId: azuread_group.test.object_id,\n subjectType: \"groupMembers\",\n }],\n }],\n },\n assignmentReviewSettings: {\n enabled: true,\n reviewFrequency: \"weekly\",\n durationInDays: 3,\n reviewType: \"Self\",\n accessReviewTimeoutBehavior: \"keepAccess\",\n },\n questions: [{\n text: {\n defaultText: \"hello, how are you?\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"group-name\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\ntest = azuread.AccessPackageAssignmentPolicy(\"test\",\n access_package_id=azuread_access_package[\"test\"][\"id\"],\n display_name=\"assignment-policy\",\n description=\"My assignment policy\",\n duration_in_days=90,\n requestor_settings=azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs(\n scope_type=\"AllExistingDirectoryMemberUsers\",\n ),\n approval_settings=azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs(\n approval_required=True,\n approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(\n approval_timeout_in_days=14,\n primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(\n object_id=azuread_group[\"test\"][\"object_id\"],\n subject_type=\"groupMembers\",\n )],\n )],\n ),\n assignment_review_settings=azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(\n enabled=True,\n review_frequency=\"weekly\",\n duration_in_days=3,\n review_type=\"Self\",\n access_review_timeout_behavior=\"keepAccess\",\n ),\n questions=[azuread.AccessPackageAssignmentPolicyQuestionArgs(\n text=azuread.AccessPackageAssignmentPolicyQuestionTextArgs(\n default_text=\"hello, how are you?\",\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"group-name\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n var test = new AzureAD.AccessPackageAssignmentPolicy(\"test\", new()\n {\n AccessPackageId = azuread_access_package.Test.Id,\n DisplayName = \"assignment-policy\",\n Description = \"My assignment policy\",\n DurationInDays = 90,\n RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs\n {\n ScopeType = \"AllExistingDirectoryMemberUsers\",\n },\n ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs\n {\n ApprovalRequired = true,\n ApprovalStages = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs\n {\n ApprovalTimeoutInDays = 14,\n PrimaryApprovers = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs\n {\n ObjectId = azuread_group.Test.Object_id,\n SubjectType = \"groupMembers\",\n },\n },\n },\n },\n },\n AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs\n {\n Enabled = true,\n ReviewFrequency = \"weekly\",\n DurationInDays = 3,\n ReviewType = \"Self\",\n AccessReviewTimeoutBehavior = \"keepAccess\",\n },\n Questions = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs\n {\n Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs\n {\n DefaultText = \"hello, how are you?\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"group-name\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageAssignmentPolicy(ctx, \"test\", \u0026azuread.AccessPackageAssignmentPolicyArgs{\n\t\t\tAccessPackageId: pulumi.Any(azuread_access_package.Test.Id),\n\t\t\tDisplayName: pulumi.String(\"assignment-policy\"),\n\t\t\tDescription: pulumi.String(\"My assignment policy\"),\n\t\t\tDurationInDays: pulumi.Int(90),\n\t\t\tRequestorSettings: \u0026azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{\n\t\t\t\tScopeType: pulumi.String(\"AllExistingDirectoryMemberUsers\"),\n\t\t\t},\n\t\t\tApprovalSettings: \u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{\n\t\t\t\tApprovalRequired: pulumi.Bool(true),\n\t\t\t\tApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{\n\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{\n\t\t\t\t\t\tApprovalTimeoutInDays: pulumi.Int(14),\n\t\t\t\t\t\tPrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{\n\t\t\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{\n\t\t\t\t\t\t\t\tObjectId: pulumi.Any(azuread_group.Test.Object_id),\n\t\t\t\t\t\t\t\tSubjectType: pulumi.String(\"groupMembers\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAssignmentReviewSettings: \u0026azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tReviewFrequency: pulumi.String(\"weekly\"),\n\t\t\t\tDurationInDays: pulumi.Int(3),\n\t\t\t\tReviewType: pulumi.String(\"Self\"),\n\t\t\t\tAccessReviewTimeoutBehavior: pulumi.String(\"keepAccess\"),\n\t\t\t},\n\t\t\tQuestions: azuread.AccessPackageAssignmentPolicyQuestionArray{\n\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyQuestionArgs{\n\t\t\t\t\tText: \u0026azuread.AccessPackageAssignmentPolicyQuestionTextArgs{\n\t\t\t\t\t\tDefaultText: pulumi.String(\"hello, how are you?\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicy;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicyArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"group-name\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n var test = new AccessPackageAssignmentPolicy(\"test\", AccessPackageAssignmentPolicyArgs.builder() \n .accessPackageId(azuread_access_package.test().id())\n .displayName(\"assignment-policy\")\n .description(\"My assignment policy\")\n .durationInDays(90)\n .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder()\n .scopeType(\"AllExistingDirectoryMemberUsers\")\n .build())\n .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder()\n .approvalRequired(true)\n .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder()\n .approvalTimeoutInDays(14)\n .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder()\n .objectId(azuread_group.test().object_id())\n .subjectType(\"groupMembers\")\n .build())\n .build())\n .build())\n .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder()\n .enabled(true)\n .reviewFrequency(\"weekly\")\n .durationInDays(3)\n .reviewType(\"Self\")\n .accessReviewTimeoutBehavior(\"keepAccess\")\n .build())\n .questions(AccessPackageAssignmentPolicyQuestionArgs.builder()\n .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder()\n .defaultText(\"hello, how are you?\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: group-name\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n test:\n type: azuread:AccessPackageAssignmentPolicy\n properties:\n accessPackageId: ${azuread_access_package.test.id}\n displayName: assignment-policy\n description: My assignment policy\n durationInDays: 90\n requestorSettings:\n scopeType: AllExistingDirectoryMemberUsers\n approvalSettings:\n approvalRequired: true\n approvalStages:\n - approvalTimeoutInDays: 14\n primaryApprovers:\n - objectId: ${azuread_group.test.object_id}\n subjectType: groupMembers\n assignmentReviewSettings:\n enabled: true\n reviewFrequency: weekly\n durationInDays: 3\n reviewType: Self\n accessReviewTimeoutBehavior: keepAccess\n questions:\n - text:\n defaultText: hello, how are you?\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn access package assignment policy can be imported using the ID, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "properties": { + "accessPackageId": { + "type": "string", + "description": "The ID of the access package that will contain the policy.\n" + }, + "approvalSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyApprovalSettings:AccessPackageAssignmentPolicyApprovalSettings", + "description": "An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below.\n" + }, + "assignmentReviewSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyAssignmentReviewSettings:AccessPackageAssignmentPolicyAssignmentReviewSettings", + "description": "An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below.\n" + }, + "description": { + "type": "string", + "description": "The description of the policy.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the policy.\n" + }, + "durationInDays": { + "type": "integer", + "description": "How many days this assignment is valid for.\n" + }, + "expirationDate": { + "type": "string", + "description": "The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).\n" + }, + "extensionEnabled": { + "type": "boolean", + "description": "Whether users will be able to request extension of their access to this package before their access expires.\n" + }, + "questions": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestion:AccessPackageAssignmentPolicyQuestion" + }, + "description": "One or more `question` blocks for the requestor, as documented below.\n" + }, + "requestorSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyRequestorSettings:AccessPackageAssignmentPolicyRequestorSettings", + "description": "A `requestor_settings` block to configure the users who can request access, as documented below.\n" + } + }, + "required": [ + "accessPackageId", + "description", + "displayName" + ], + "inputProperties": { + "accessPackageId": { + "type": "string", + "description": "The ID of the access package that will contain the policy.\n" + }, + "approvalSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyApprovalSettings:AccessPackageAssignmentPolicyApprovalSettings", + "description": "An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below.\n" + }, + "assignmentReviewSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyAssignmentReviewSettings:AccessPackageAssignmentPolicyAssignmentReviewSettings", + "description": "An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below.\n" + }, + "description": { + "type": "string", + "description": "The description of the policy.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the policy.\n" + }, + "durationInDays": { + "type": "integer", + "description": "How many days this assignment is valid for.\n" + }, + "expirationDate": { + "type": "string", + "description": "The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).\n" + }, + "extensionEnabled": { + "type": "boolean", + "description": "Whether users will be able to request extension of their access to this package before their access expires.\n" + }, + "questions": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestion:AccessPackageAssignmentPolicyQuestion" + }, + "description": "One or more `question` blocks for the requestor, as documented below.\n" + }, + "requestorSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyRequestorSettings:AccessPackageAssignmentPolicyRequestorSettings", + "description": "A `requestor_settings` block to configure the users who can request access, as documented below.\n" + } + }, + "requiredInputs": [ + "accessPackageId", + "description", + "displayName" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AccessPackageAssignmentPolicy resources.\n", + "properties": { + "accessPackageId": { + "type": "string", + "description": "The ID of the access package that will contain the policy.\n" + }, + "approvalSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyApprovalSettings:AccessPackageAssignmentPolicyApprovalSettings", + "description": "An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below.\n" + }, + "assignmentReviewSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyAssignmentReviewSettings:AccessPackageAssignmentPolicyAssignmentReviewSettings", + "description": "An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below.\n" + }, + "description": { + "type": "string", + "description": "The description of the policy.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the policy.\n" + }, + "durationInDays": { + "type": "integer", + "description": "How many days this assignment is valid for.\n" + }, + "expirationDate": { + "type": "string", + "description": "The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).\n" + }, + "extensionEnabled": { + "type": "boolean", + "description": "Whether users will be able to request extension of their access to this package before their access expires.\n" + }, + "questions": { + "type": "array", + "items": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyQuestion:AccessPackageAssignmentPolicyQuestion" + }, + "description": "One or more `question` blocks for the requestor, as documented below.\n" + }, + "requestorSettings": { + "$ref": "#/types/azuread:index/AccessPackageAssignmentPolicyRequestorSettings:AccessPackageAssignmentPolicyRequestorSettings", + "description": "A `requestor_settings` block to configure the users who can request access, as documented below.\n" + } + }, + "type": "object" + } + }, + "azuread:index/accessPackageCatalog:AccessPackageCatalog": { + "description": "Manages an access package catalog within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AccessPackageCatalog(\"example\", {\n description: \"Example access package catalog\",\n displayName: \"example-access-package-catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AccessPackageCatalog(\"example\",\n description=\"Example access package catalog\",\n display_name=\"example-access-package-catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AccessPackageCatalog(\"example\", new()\n {\n Description = \"Example access package catalog\",\n DisplayName = \"example-access-package-catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAccessPackageCatalog(ctx, \"example\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDescription: pulumi.String(\"Example access package catalog\"),\n\t\t\tDisplayName: pulumi.String(\"example-access-package-catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessPackageCatalog(\"example\", AccessPackageCatalogArgs.builder() \n .description(\"Example access package catalog\")\n .displayName(\"example-access-package-catalog\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AccessPackageCatalog\n properties:\n description: Example access package catalog\n displayName: example-access-package-catalog\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn Access Package Catalog can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "properties": { + "description": { + "type": "string", + "description": "The description of the access package catalog.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the access package catalog.\n" + }, + "externallyVisible": { + "type": "boolean", + "description": "Whether the access packages in this catalog can be requested by users outside the tenant.\n" + }, + "published": { + "type": "boolean", + "description": "Whether the access packages in this catalog are available for management.\n" + } + }, + "required": [ + "description", + "displayName" + ], + "inputProperties": { + "description": { + "type": "string", + "description": "The description of the access package catalog.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the access package catalog.\n" + }, + "externallyVisible": { + "type": "boolean", + "description": "Whether the access packages in this catalog can be requested by users outside the tenant.\n" + }, + "published": { + "type": "boolean", + "description": "Whether the access packages in this catalog are available for management.\n" + } + }, + "requiredInputs": [ + "description", + "displayName" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AccessPackageCatalog resources.\n", + "properties": { + "description": { + "type": "string", + "description": "The description of the access package catalog.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the access package catalog.\n" + }, + "externallyVisible": { + "type": "boolean", + "description": "Whether the access packages in this catalog can be requested by users outside the tenant.\n" + }, + "published": { + "type": "boolean", + "description": "Whether the access packages in this catalog are available for management.\n" + } + }, + "type": "object" + } + }, + "azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation": { + "description": "Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example-group\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", {\n catalogId: azuread_access_package_catalog.example_catalog.id,\n resourceOriginId: azuread_group.example_group.object_id,\n resourceOriginSystem: \"AadGroup\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example-group\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"],\n resource_origin_id=azuread_group[\"example_group\"][\"object_id\"],\n resource_origin_system=\"AadGroup\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example-group\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", new()\n {\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n ResourceOriginId = azuread_group.Example_group.Object_id,\n ResourceOriginSystem = \"AadGroup\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example-group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageResourceCatalogAssociation(ctx, \"exampleAccessPackageResourceCatalogAssociation\", \u0026azuread.AccessPackageResourceCatalogAssociationArgs{\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t\tResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id),\n\t\t\tResourceOriginSystem: pulumi.String(\"AadGroup\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociation;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example-group\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", AccessPackageResourceCatalogAssociationArgs.builder() \n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .resourceOriginId(azuread_group.example_group().object_id())\n .resourceOriginSystem(\"AadGroup\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example-group\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackageResourceCatalogAssociation:\n type: azuread:AccessPackageResourceCatalogAssociation\n properties:\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n resourceOriginId: ${azuread_group.example_group.object_id}\n resourceOriginSystem: AadGroup\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. ", + "properties": { + "catalogId": { + "type": "string", + "description": "The unique ID of the access package catalog. Changing this forces a new resource to be created.\n" + }, + "resourceOriginId": { + "type": "string", + "description": "The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created.\n" + }, + "resourceOriginSystem": { + "type": "string", + "description": "The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created.\n" + } + }, + "required": [ + "catalogId", + "resourceOriginId", + "resourceOriginSystem" + ], + "inputProperties": { + "catalogId": { + "type": "string", + "description": "The unique ID of the access package catalog. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "resourceOriginId": { + "type": "string", + "description": "The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "resourceOriginSystem": { + "type": "string", + "description": "The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "catalogId", + "resourceOriginId", + "resourceOriginSystem" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AccessPackageResourceCatalogAssociation resources.\n", + "properties": { + "catalogId": { + "type": "string", + "description": "The unique ID of the access package catalog. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "resourceOriginId": { + "type": "string", + "description": "The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "resourceOriginSystem": { + "type": "string", + "description": "The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation": { + "description": "Manages the resources added to access packages within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example-group\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", {\n catalogId: azuread_access_package_catalog.example_catalog.id,\n resourceOriginId: azuread_group.example_group.object_id,\n resourceOriginSystem: \"AadGroup\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n displayName: \"example-package\",\n description: \"Example Package\",\n catalogId: azuread_access_package_catalog.example_catalog.id,\n});\nconst exampleAccessPackageResourcePackageAssociation = new azuread.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", {\n accessPackageId: exampleAccessPackage.id,\n catalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example-group\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"],\n resource_origin_id=azuread_group[\"example_group\"][\"object_id\"],\n resource_origin_system=\"AadGroup\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n display_name=\"example-package\",\n description=\"Example Package\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"])\nexample_access_package_resource_package_association = azuread.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\",\n access_package_id=example_access_package.id,\n catalog_resource_association_id=example_access_package_resource_catalog_association.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example-group\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", new()\n {\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n ResourceOriginId = azuread_group.Example_group.Object_id,\n ResourceOriginSystem = \"AadGroup\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n DisplayName = \"example-package\",\n Description = \"Example Package\",\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n });\n\n var exampleAccessPackageResourcePackageAssociation = new AzureAD.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", new()\n {\n AccessPackageId = exampleAccessPackage.Id,\n CatalogResourceAssociationId = exampleAccessPackageResourceCatalogAssociation.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example-group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageResourceCatalogAssociation, err := azuread.NewAccessPackageResourceCatalogAssociation(ctx, \"exampleAccessPackageResourceCatalogAssociation\", \u0026azuread.AccessPackageResourceCatalogAssociationArgs{\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t\tResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id),\n\t\t\tResourceOriginSystem: pulumi.String(\"AadGroup\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackage, err := azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tDisplayName: pulumi.String(\"example-package\"),\n\t\t\tDescription: pulumi.String(\"Example Package\"),\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageResourcePackageAssociation(ctx, \"exampleAccessPackageResourcePackageAssociation\", \u0026azuread.AccessPackageResourcePackageAssociationArgs{\n\t\t\tAccessPackageId: exampleAccessPackage.ID(),\n\t\t\tCatalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociation;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageResourcePackageAssociation;\nimport com.pulumi.azuread.AccessPackageResourcePackageAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example-group\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", AccessPackageResourceCatalogAssociationArgs.builder() \n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .resourceOriginId(azuread_group.example_group().object_id())\n .resourceOriginSystem(\"AadGroup\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .displayName(\"example-package\")\n .description(\"Example Package\")\n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .build());\n\n var exampleAccessPackageResourcePackageAssociation = new AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", AccessPackageResourcePackageAssociationArgs.builder() \n .accessPackageId(exampleAccessPackage.id())\n .catalogResourceAssociationId(exampleAccessPackageResourceCatalogAssociation.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example-group\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackageResourceCatalogAssociation:\n type: azuread:AccessPackageResourceCatalogAssociation\n properties:\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n resourceOriginId: ${azuread_group.example_group.object_id}\n resourceOriginSystem: AadGroup\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n displayName: example-package\n description: Example Package\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n exampleAccessPackageResourcePackageAssociation:\n type: azuread:AccessPackageResourcePackageAssociation\n properties:\n accessPackageId: ${exampleAccessPackage.id}\n catalogResourceAssociationId: ${exampleAccessPackageResourceCatalogAssociation.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe resource and catalog association can be imported using the access package ID, the resource association ID, the resource origin ID, and the access type, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Access Package ID, the Resource Association ID, the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceAssociationID}/{ResourceOriginID}/{AccessType}`. ", + "properties": { + "accessPackageId": { + "type": "string", + "description": "The ID of access package this resource association is configured to. Changing this forces a new resource to be created.\n" + }, + "accessType": { + "type": "string", + "description": "The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created.\n" + }, + "catalogResourceAssociationId": { + "type": "string", + "description": "The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created.\n" + } + }, + "required": [ + "accessPackageId", + "catalogResourceAssociationId" + ], + "inputProperties": { + "accessPackageId": { + "type": "string", + "description": "The ID of access package this resource association is configured to. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "accessType": { + "type": "string", + "description": "The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "catalogResourceAssociationId": { + "type": "string", + "description": "The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true } }, - "useOidc": { - "type": "boolean", - "description": "Allow OpenID Connect to be used for authentication\n" + "requiredInputs": [ + "accessPackageId", + "catalogResourceAssociationId" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AccessPackageResourcePackageAssociation resources.\n", + "properties": { + "accessPackageId": { + "type": "string", + "description": "The ID of access package this resource association is configured to. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "accessType": { + "type": "string", + "description": "The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "catalogResourceAssociationId": { + "type": "string", + "description": "The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" } }, - "requiredInputs": [ - "metadataHost" - ] - }, - "resources": { "azuread:index/administrativeUnit:AdministrativeUnit": { "description": "Manages an Administrative Unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AdministrativeUnit(\"example\", AdministrativeUnitArgs.builder() \n .description(\"Just an example\")\n .displayName(\"Example-AU\")\n .visibility(\"Public\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AdministrativeUnit\n properties:\n description: Just an example\n displayName: Example-AU\n visibility: Public\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative units can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { @@ -3309,6 +4293,71 @@ "type": "object" } }, + "azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember": { + "description": "Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@hashicorp.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", {displayName: \"Example-AU\"});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"exampleDirectoryRole\", {displayName: \"Security administrator\"});\nconst exampleAdministrativeUnitRoleMember = new azuread.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", {\n roleObjectId: exampleDirectoryRole.objectId,\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@hashicorp.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", display_name=\"Example-AU\")\nexample_directory_role = azuread.DirectoryRole(\"exampleDirectoryRole\", display_name=\"Security administrator\")\nexample_administrative_unit_role_member = azuread.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\",\n role_object_id=example_directory_role.object_id,\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@hashicorp.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"exampleAdministrativeUnit\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"exampleDirectoryRole\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleAdministrativeUnitRoleMember = new AzureAD.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@hashicorp.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"exampleAdministrativeUnit\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"exampleDirectoryRole\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitRoleMember(ctx, \"exampleAdministrativeUnitRoleMember\", \u0026azuread.AdministrativeUnitRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.AdministrativeUnitRoleMember;\nimport com.pulumi.azuread.AdministrativeUnitRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@hashicorp.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder() \n .displayName(\"Example-AU\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder() \n .displayName(\"Security administrator\")\n .build());\n\n var exampleAdministrativeUnitRoleMember = new AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", AdministrativeUnitRoleMemberArgs.builder() \n .roleObjectId(exampleDirectoryRole.objectId())\n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n properties:\n displayName: Example-AU\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n properties:\n displayName: Security administrator\n exampleAdministrativeUnitRoleMember:\n type: azuread:AdministrativeUnitRoleMember\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@hashicorp.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g.\n\n```sh\n $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember test 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. ", + "properties": { + "administrativeUnitObjectId": { + "type": "string", + "description": "The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created.\n" + }, + "memberObjectId": { + "type": "string", + "description": "The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created.\n" + }, + "roleObjectId": { + "type": "string", + "description": "The object ID of the directory role you want to assign. Changing this forces a new resource to be created.\n" + } + }, + "required": [ + "administrativeUnitObjectId", + "memberObjectId", + "roleObjectId" + ], + "inputProperties": { + "administrativeUnitObjectId": { + "type": "string", + "description": "The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "memberObjectId": { + "type": "string", + "description": "The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "roleObjectId": { + "type": "string", + "description": "The object ID of the directory role you want to assign. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "administrativeUnitObjectId", + "memberObjectId", + "roleObjectId" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AdministrativeUnitRoleMember resources.\n", + "properties": { + "administrativeUnitObjectId": { + "type": "string", + "description": "The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "memberObjectId": { + "type": "string", + "description": "The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "roleObjectId": { + "type": "string", + "description": "The object ID of the directory role you want to assign. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, "azuread:index/appRoleAssignment:AppRoleAssignment": { "description": "Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AppRoleAssignment.ReadWrite.All` and `Application.Read.All`, or `AppRoleAssignment.ReadWrite.All` and `Directory.Read.All`, or `Application.ReadWrite.All`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*App role assignment for accessing Microsoft Graph*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: msgraph.appRoleIds[\"User.Read.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: msgraph.objectId,\n});\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = msgraph.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: msgraph.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(msgraph.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${msgraph.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*App role assignment for internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\"Application\"],\n description: \"Apps can query the database\",\n displayName: \"Query\",\n enabled: true,\n id: \"00000000-0000-0000-0000-111111111111\",\n value: \"Query.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: internalApplication.applicationId,\n resourceAccesses: [{\n id: internalServicePrincipal.appRoleIds[\"Query.All\"],\n type: \"Role\",\n }],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Query.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n },\n Description = \"Apps can query the database\",\n DisplayName = \"Query\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-111111111111\",\n Value = \"Query.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = internalApplication.ApplicationId,\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n Type = \"Role\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Apps can query the database\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Query\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-111111111111\"),\n\t\t\t\t\tValue: pulumi.String(\"Query.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: internalApplication.ApplicationId,\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"Application\")\n .description(\"Apps can query the database\")\n .displayName(\"Query\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-111111111111\")\n .value(\"Query.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(internalApplication.applicationId())\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .type(\"Role\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n description: Apps can query the database\n displayName: Query\n enabled: true\n id: 00000000-0000-0000-0000-111111111111\n value: Query.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${internalApplication.applicationId}\n resourceAccesses:\n - id: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n type: Role\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n\n*Assign a user and group to an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleDomains = azuread.getDomains({\n onlyInitial: true,\n});\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\n \"Application\",\n \"User\",\n ],\n description: \"Admins can perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"00000000-0000-0000-0000-222222222222\",\n value: \"Admin.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"D. Duck\",\n password: \"SecretP@sswd99!\",\n userPrincipalName: exampleDomains.then(exampleDomains =\u003e `d.duck@${exampleDomains.domains?.[0]?.domainName}`),\n});\nconst exampleIndex_appRoleAssignmentAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleUser.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomains = AzureAD.GetDomains.Invoke(new()\n {\n OnlyInitial = true,\n });\n\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n \"User\",\n },\n Description = \"Admins can perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-222222222222\",\n Value = \"Admin.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"D. Duck\",\n Password = \"SecretP@sswd99!\",\n UserPrincipalName = $\"d.duck@{exampleDomains.Apply(getDomainsResult =\u003e getDomainsResult.Domains[0]?.DomainName)}\",\n });\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleUser.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomains, err := azuread.GetDomains(ctx, \u0026azuread.GetDomainsArgs{\n\t\t\tOnlyInitial: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-222222222222\"),\n\t\t\t\t\tValue: pulumi.String(\"Admin.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"D. Duck\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t\tUserPrincipalName: pulumi.String(fmt.Sprintf(\"d.duck@%v\", exampleDomains.Domains[0].DomainName)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleIndex/appRoleAssignmentAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleUser.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetDomainsArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleDomains = AzureadFunctions.getDomains(GetDomainsArgs.builder()\n .onlyInitial(true)\n .build());\n\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"Application\",\n \"User\")\n .description(\"Admins can perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-222222222222\")\n .value(\"Admin.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"D. Duck\")\n .password(\"SecretP@sswd99!\")\n .userPrincipalName(String.format(\"d.duck@%s\", exampleDomains.applyValue(getDomainsResult -\u003e getDomainsResult.domains()[0].domainName())))\n .build());\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleUser.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n - User\n description: Admins can perform all task actions\n displayName: Admin\n enabled: true\n id: 00000000-0000-0000-0000-222222222222\n value: Admin.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: D. Duck\n password: SecretP@sswd99!\n userPrincipalName: d.duck@${exampleDomains.domains[0].domainName}\n exampleIndex/appRoleAssignmentAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleUser.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\nvariables:\n exampleDomains:\n fn::invoke:\n Function: azuread:getDomains\n Arguments:\n onlyInitial: true\n```\n\n*Assign a group to the default app role for an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {displayName: \"internal\"});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: \"00000000-0000-0000-0000-000000000000\",\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\", display_name=\"internal\")\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=\"00000000-0000-0000-0000-000000000000\",\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = \"00000000-0000-0000-0000-000000000000\",\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(\"00000000-0000-0000-0000-000000000000\")\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: 00000000-0000-0000-0000-000000000000\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApp role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g.\n\n```sh\n $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. ", "properties": { @@ -3532,6 +4581,10 @@ }, "description": "A collection of `required_resource_access` blocks as documented below.\n" }, + "serviceManagementReference": { + "type": "string", + "description": "References application context information from a Service or Asset Management database.\n" + }, "signInAudience": { "type": "string", "description": "The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`.\n" @@ -3672,6 +4725,10 @@ }, "description": "A collection of `required_resource_access` blocks as documented below.\n" }, + "serviceManagementReference": { + "type": "string", + "description": "References application context information from a Service or Asset Management database.\n" + }, "signInAudience": { "type": "string", "description": "The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`.\n" @@ -3839,6 +4896,10 @@ }, "description": "A collection of `required_resource_access` blocks as documented below.\n" }, + "serviceManagementReference": { + "type": "string", + "description": "References application context information from a Service or Asset Management database.\n" + }, "signInAudience": { "type": "string", "description": "The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`.\n" @@ -4816,7 +5877,7 @@ } }, "azuread:index/group:Group": { - "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`\n\nIf using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\nWhen creating this resource in administrative units exclusively, the role `Groups Administrator` is required to be scoped on any administrative unit used.\n\nThe `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Microsoft 365 group*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"groupOwner\", {\n userPrincipalName: \"example-group-owner@hashicorp.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"groupOwner\",\n user_principal_name=\"example-group-owner@hashicorp.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var groupOwner = new AzureAD.User(\"groupOwner\", new()\n {\n UserPrincipalName = \"example-group-owner@hashicorp.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = new[]\n {\n \"Unified\",\n },\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n groupOwner.ObjectId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"groupOwner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@hashicorp.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var groupOwner = new User(\"groupOwner\", UserArgs.builder() \n .userPrincipalName(\"example-group-owner@hashicorp.com\")\n .displayName(\"Group Owner\")\n .mailNickname(\"example-group-owner\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .mailEnabled(true)\n .mailNickname(\"ExampleGroup\")\n .securityEnabled(true)\n .types(\"Unified\")\n .owners( \n current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()),\n groupOwner.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groupOwner:\n type: azuread:User\n properties:\n userPrincipalName: example-group-owner@hashicorp.com\n displayName: Group Owner\n mailNickname: example-group-owner\n password: SecretP@sswd99!\n example:\n type: azuread:Group\n properties:\n displayName: example\n mailEnabled: true\n mailNickname: ExampleGroup\n securityEnabled: true\n types:\n - Unified\n owners:\n - ${current.objectId}\n - ${groupOwner.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with members*\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J Doe\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .password(\"notSecure123\")\n .userPrincipalName(\"jdoe@hashicorp.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .members(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleUser:\n type: azuread:User\n properties:\n displayName: J Doe\n owners:\n - ${current.objectId}\n password: notSecure123\n userPrincipalName: jdoe@hashicorp.com\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n members:\n - ${exampleUser.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with dynamic membership*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership=azuread.GroupDynamicMembershipArgs(\n enabled=True,\n rule=\"user.department -eq \\\"Sales\\\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"MyGroup\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n Types = new[]\n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026azuread.GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GroupDynamicMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .types(\"DynamicMembership\")\n .dynamicMembership(GroupDynamicMembershipArgs.builder()\n .enabled(true)\n .rule(\"user.department -eq \\\"Sales\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n types:\n - DynamicMembership\n dynamicMembership:\n enabled: true\n rule: user.department -eq \"Sales\"\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nAlternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`.\n\nIf using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\nWhen creating this resource in administrative units exclusively, the role `Groups Administrator` is required to be scoped on any administrative unit used.\n\nThe `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Microsoft 365 group*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"groupOwner\", {\n userPrincipalName: \"example-group-owner@hashicorp.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"groupOwner\",\n user_principal_name=\"example-group-owner@hashicorp.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var groupOwner = new AzureAD.User(\"groupOwner\", new()\n {\n UserPrincipalName = \"example-group-owner@hashicorp.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = new[]\n {\n \"Unified\",\n },\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n groupOwner.ObjectId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"groupOwner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@hashicorp.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var groupOwner = new User(\"groupOwner\", UserArgs.builder() \n .userPrincipalName(\"example-group-owner@hashicorp.com\")\n .displayName(\"Group Owner\")\n .mailNickname(\"example-group-owner\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .mailEnabled(true)\n .mailNickname(\"ExampleGroup\")\n .securityEnabled(true)\n .types(\"Unified\")\n .owners( \n current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()),\n groupOwner.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groupOwner:\n type: azuread:User\n properties:\n userPrincipalName: example-group-owner@hashicorp.com\n displayName: Group Owner\n mailNickname: example-group-owner\n password: SecretP@sswd99!\n example:\n type: azuread:Group\n properties:\n displayName: example\n mailEnabled: true\n mailNickname: ExampleGroup\n securityEnabled: true\n types:\n - Unified\n owners:\n - ${current.objectId}\n - ${groupOwner.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with members*\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J Doe\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .password(\"notSecure123\")\n .userPrincipalName(\"jdoe@hashicorp.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .members(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleUser:\n type: azuread:User\n properties:\n displayName: J Doe\n owners:\n - ${current.objectId}\n password: notSecure123\n userPrincipalName: jdoe@hashicorp.com\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n members:\n - ${exampleUser.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with dynamic membership*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership=azuread.GroupDynamicMembershipArgs(\n enabled=True,\n rule=\"user.department -eq \\\"Sales\\\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"MyGroup\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n Types = new[]\n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026azuread.GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GroupDynamicMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .types(\"DynamicMembership\")\n .dynamicMembership(GroupDynamicMembershipArgs.builder()\n .enabled(true)\n .rule(\"user.department -eq \\\"Sales\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n types:\n - DynamicMembership\n dynamicMembership:\n enabled: true\n rule: user.department -eq \"Sales\"\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "administrativeUnitIds": { "type": "array", @@ -4891,6 +5952,10 @@ "type": "string", "description": "The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.\n" }, + "onpremisesGroupType": { + "type": "string", + "description": "The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`.\n" + }, "onpremisesNetbiosName": { "type": "string", "description": "The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.\n" @@ -4954,6 +6019,10 @@ "visibility": { "type": "string", "description": "The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility.\n" + }, + "writebackEnabled": { + "type": "boolean", + "description": "Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used.\n" } }, "required": [ @@ -4967,6 +6036,7 @@ "members", "objectId", "onpremisesDomainName", + "onpremisesGroupType", "onpremisesNetbiosName", "onpremisesSamAccountName", "onpremisesSecurityIdentifier", @@ -5041,6 +6111,10 @@ }, "description": "A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamic_membership` block.\n" }, + "onpremisesGroupType": { + "type": "string", + "description": "The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`.\n" + }, "owners": { "type": "array", "items": { @@ -5079,6 +6153,10 @@ "visibility": { "type": "string", "description": "The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility.\n" + }, + "writebackEnabled": { + "type": "boolean", + "description": "Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used.\n" } }, "requiredInputs": [ @@ -5163,6 +6241,10 @@ "type": "string", "description": "The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.\n" }, + "onpremisesGroupType": { + "type": "string", + "description": "The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`.\n" + }, "onpremisesNetbiosName": { "type": "string", "description": "The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.\n" @@ -5228,13 +6310,17 @@ "visibility": { "type": "string", "description": "The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility.\n" + }, + "writebackEnabled": { + "type": "boolean", + "description": "Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used.\n" } }, "type": "object" } }, "azuread:index/groupMember:GroupMember": { - "description": "Manages a single group membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.Group` resource for the same group. Doing so will cause a conflict and group members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@hashicorp.com\",\n});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"my_group\",\n securityEnabled: true,\n});\nconst exampleGroupMember = new azuread.GroupMember(\"exampleGroupMember\", {\n groupObjectId: exampleGroup.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@hashicorp.com\")\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"my_group\",\n security_enabled=True)\nexample_group_member = azuread.GroupMember(\"exampleGroupMember\",\n group_object_id=example_group.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@hashicorp.com\",\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"my_group\",\n SecurityEnabled = true,\n });\n\n var exampleGroupMember = new AzureAD.GroupMember(\"exampleGroupMember\", new()\n {\n GroupObjectId = exampleGroup.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@hashicorp.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"my_group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroupMember(ctx, \"exampleGroupMember\", \u0026azuread.GroupMemberArgs{\n\t\t\tGroupObjectId: exampleGroup.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.GroupMember;\nimport com.pulumi.azuread.GroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@hashicorp.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"my_group\")\n .securityEnabled(true)\n .build());\n\n var exampleGroupMember = new GroupMember(\"exampleGroupMember\", GroupMemberArgs.builder() \n .groupObjectId(exampleGroup.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: my_group\n securityEnabled: true\n exampleGroupMember:\n type: azuread:GroupMember\n properties:\n groupObjectId: ${exampleGroup.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@hashicorp.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroup members can be imported using the object ID of the group and the object ID of the member, e.g.\n\n```sh\n $ pulumi import azuread:index/groupMember:GroupMember test 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. ", + "description": "Manages a single group membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.Group` resource for the same group. Doing so will cause a conflict and group members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nHowever, if the authenticated service principal is an owner of the group being managed, an application role is not required.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@hashicorp.com\",\n});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"my_group\",\n securityEnabled: true,\n});\nconst exampleGroupMember = new azuread.GroupMember(\"exampleGroupMember\", {\n groupObjectId: exampleGroup.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@hashicorp.com\")\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"my_group\",\n security_enabled=True)\nexample_group_member = azuread.GroupMember(\"exampleGroupMember\",\n group_object_id=example_group.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@hashicorp.com\",\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"my_group\",\n SecurityEnabled = true,\n });\n\n var exampleGroupMember = new AzureAD.GroupMember(\"exampleGroupMember\", new()\n {\n GroupObjectId = exampleGroup.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@hashicorp.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"my_group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroupMember(ctx, \"exampleGroupMember\", \u0026azuread.GroupMemberArgs{\n\t\t\tGroupObjectId: exampleGroup.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.GroupMember;\nimport com.pulumi.azuread.GroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@hashicorp.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"my_group\")\n .securityEnabled(true)\n .build());\n\n var exampleGroupMember = new GroupMember(\"exampleGroupMember\", GroupMemberArgs.builder() \n .groupObjectId(exampleGroup.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: my_group\n securityEnabled: true\n exampleGroupMember:\n type: azuread:GroupMember\n properties:\n groupObjectId: ${exampleGroup.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@hashicorp.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroup members can be imported using the object ID of the group and the object ID of the member, e.g.\n\n```sh\n $ pulumi import azuread:index/groupMember:GroupMember test 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. ", "properties": { "groupObjectId": { "type": "string", @@ -7108,9 +8194,189 @@ }, "type": "object" } + }, + "azuread:index/userFlowAttribute:UserFlowAttribute": { + "description": "Manages user flow attributes in an Azure Active Directory (Azure AD) tenant.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.UserFlowAttribute(\"example\", {\n dataType: \"string\",\n description: \"Your hobby\",\n displayName: \"Hobby\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.UserFlowAttribute(\"example\",\n data_type=\"string\",\n description=\"Your hobby\",\n display_name=\"Hobby\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.UserFlowAttribute(\"example\", new()\n {\n DataType = \"string\",\n Description = \"Your hobby\",\n DisplayName = \"Hobby\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewUserFlowAttribute(ctx, \"example\", \u0026azuread.UserFlowAttributeArgs{\n\t\t\tDataType: pulumi.String(\"string\"),\n\t\t\tDescription: pulumi.String(\"Your hobby\"),\n\t\t\tDisplayName: pulumi.String(\"Hobby\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.UserFlowAttribute;\nimport com.pulumi.azuread.UserFlowAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserFlowAttribute(\"example\", UserFlowAttributeArgs.builder() \n .dataType(\"string\")\n .description(\"Your hobby\")\n .displayName(\"Hobby\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:UserFlowAttribute\n properties:\n dataType: string\n description: Your hobby\n displayName: Hobby\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nUser flow attributes can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv\n```\n\n -\u003e This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0\u0026tabs=http). ", + "properties": { + "attributeType": { + "type": "string", + "description": "The type of the user flow attribute. Values include `builtIn`, `custom` or `required`.\n" + }, + "dataType": { + "type": "string", + "description": "The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created.\n" + }, + "description": { + "type": "string", + "description": "The description of the user flow attribute that is shown to the user at the time of sign-up.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the user flow attribute. Changing this forces a new resource to be created.\n" + } + }, + "required": [ + "attributeType", + "dataType", + "description", + "displayName" + ], + "inputProperties": { + "dataType": { + "type": "string", + "description": "The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the user flow attribute that is shown to the user at the time of sign-up.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the user flow attribute. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "dataType", + "description", + "displayName" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering UserFlowAttribute resources.\n", + "properties": { + "attributeType": { + "type": "string", + "description": "The type of the user flow attribute. Values include `builtIn`, `custom` or `required`.\n" + }, + "dataType": { + "type": "string", + "description": "The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the user flow attribute that is shown to the user at the time of sign-up.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the user flow attribute. Changing this forces a new resource to be created.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } } }, "functions": { + "azuread:index/getAccessPackage:getAccessPackage": { + "description": "Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Look up by ID*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackage({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackage.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackage(ctx, \u0026azuread.LookupAccessPackageArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackage\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\n*Look up by DisplayName*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackage({\n catalogId: \"00000000-0000-0000-0000-000000000000\",\n displayName: \"My access package Catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package(catalog_id=\"00000000-0000-0000-0000-000000000000\",\n display_name=\"My access package Catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackage.Invoke(new()\n {\n CatalogId = \"00000000-0000-0000-0000-000000000000\",\n DisplayName = \"My access package Catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackage(ctx, \u0026azuread.LookupAccessPackageArgs{\n\t\t\tCatalogId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tDisplayName: pulumi.StringRef(\"My access package Catalog\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder()\n .catalogId(\"00000000-0000-0000-0000-000000000000\")\n .displayName(\"My access package Catalog\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackage\n Arguments:\n catalogId: 00000000-0000-0000-0000-000000000000\n displayName: My access package Catalog\n```\n{{% /example %}}\n{{% /examples %}}", + "inputs": { + "description": "A collection of arguments for invoking getAccessPackage.\n", + "properties": { + "catalogId": { + "type": "string", + "description": "The ID of the Catalog this access package is in.\n" + }, + "displayName": { + "type": "string", + "description": "The display name of the access package.\n" + }, + "objectId": { + "type": "string", + "description": "The ID of this access package.\n" + } + }, + "type": "object" + }, + "outputs": { + "description": "A collection of values returned by getAccessPackage.\n", + "properties": { + "catalogId": { + "type": "string" + }, + "description": { + "type": "string", + "description": "The description of the access package.\n" + }, + "displayName": { + "type": "string" + }, + "hidden": { + "type": "boolean", + "description": "Whether the access package is hidden from the requestor.\n" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "objectId": { + "type": "string" + } + }, + "type": "object", + "required": [ + "description", + "displayName", + "hidden", + "objectId", + "id" + ] + } + }, + "azuread:index/getAccessPackageCatalog:getAccessPackageCatalog": { + "description": "i\nUse this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Look up by ID*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalog({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalog.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackageCatalog(ctx, \u0026azuread.LookupAccessPackageCatalogArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackageCatalog\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\n*Look up by DisplayName*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalog({\n displayName: \"My access package Catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog(display_name=\"My access package Catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalog.Invoke(new()\n {\n DisplayName = \"My access package Catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackageCatalog(ctx, \u0026azuread.LookupAccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"My access package Catalog\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder()\n .displayName(\"My access package Catalog\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackageCatalog\n Arguments:\n displayName: My access package Catalog\n```\n{{% /example %}}\n{{% /examples %}}", + "inputs": { + "description": "A collection of arguments for invoking getAccessPackageCatalog.\n", + "properties": { + "displayName": { + "type": "string", + "description": "The display name of the access package catalog.\n" + }, + "objectId": { + "type": "string", + "description": "The ID of this access package catalog.\n" + } + }, + "type": "object" + }, + "outputs": { + "description": "A collection of values returned by getAccessPackageCatalog.\n", + "properties": { + "description": { + "type": "string", + "description": "The description of the access package catalog.\n" + }, + "displayName": { + "type": "string" + }, + "externallyVisible": { + "type": "boolean", + "description": "Whether the access packages in this catalog can be requested by users outside the tenant.\n" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "objectId": { + "type": "string" + }, + "published": { + "type": "boolean", + "description": "Whether the access packages in this catalog are available for management.\n" + } + }, + "type": "object", + "required": [ + "description", + "displayName", + "externallyVisible", + "objectId", + "published", + "id" + ] + } + }, "azuread:index/getAdministrativeUnit:getAdministrativeUnit": { "description": "Gets information about an adminisrative unit in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `AdministrativeUnit.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### By Group Display Name)\n\n*Look up by display name*\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAdministrativeUnit({\n displayName: \"Example-AU\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_administrative_unit(display_name=\"Example-AU\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAdministrativeUnit.Invoke(new()\n {\n DisplayName = \"Example-AU\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAdministrativeUnit(ctx, \u0026azuread.LookupAdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Example-AU\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAdministrativeUnit(GetAdministrativeUnitArgs.builder()\n .displayName(\"Example-AU\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAdministrativeUnit\n Arguments:\n displayName: Example-AU\n```\n\n*Look up by object ID*\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAdministrativeUnit({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_administrative_unit(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAdministrativeUnit.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAdministrativeUnit(ctx, \u0026azuread.LookupAdministrativeUnitArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAdministrativeUnit(GetAdministrativeUnitArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAdministrativeUnit\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { @@ -7325,6 +8591,10 @@ }, "description": "A collection of `required_resource_access` blocks as documented below.\n" }, + "serviceManagementReference": { + "type": "string", + "description": "References application context information from a Service or Asset Management database.\n" + }, "signInAudience": { "type": "string", "description": "The Microsoft account types that are supported for the current application. One of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`.\n" @@ -7385,6 +8655,7 @@ "publicClients", "publisherDomain", "requiredResourceAccesses", + "serviceManagementReference", "signInAudience", "singlePageApplications", "supportUrl", @@ -7785,6 +9056,10 @@ "type": "string", "description": "The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.\n" }, + "onpremisesGroupType": { + "type": "string", + "description": "The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`.\n" + }, "onpremisesNetbiosName": { "type": "string", "description": "The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.\n" @@ -7844,6 +9119,10 @@ "visibility": { "type": "string", "description": "The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility.\n" + }, + "writebackEnabled": { + "type": "boolean", + "description": "Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used.\n" } }, "type": "object", @@ -7863,6 +9142,7 @@ "members", "objectId", "onpremisesDomainName", + "onpremisesGroupType", "onpremisesNetbiosName", "onpremisesSamAccountName", "onpremisesSecurityIdentifier", @@ -7875,6 +9155,7 @@ "theme", "types", "visibility", + "writebackEnabled", "id" ] } @@ -8268,6 +9549,10 @@ "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { + "mail": { + "type": "string", + "description": "The SMTP address for the user.\n" + }, "mailNickname": { "type": "string", "description": "The email alias of the user.\n" diff --git a/provider/go.mod b/provider/go.mod index 07c4c906b..809c7ab00 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -3,7 +3,7 @@ module github.com/pulumi/pulumi-azuread/provider/v5 go 1.19 require ( - github.com/hashicorp/go-azure-sdk v0.20230223.1132808 + github.com/hashicorp/go-azure-sdk v0.20230331.1143618 github.com/hashicorp/terraform-provider-azuread/shim v0.0.0 github.com/pulumi/pulumi-terraform-bridge/v3 v3.41.0 github.com/pulumi/pulumi/sdk/v3 v3.56.0 @@ -109,7 +109,7 @@ require ( github.com/gorilla/mux v1.8.0 // indirect github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-azure-helpers v0.52.0 // indirect + github.com/hashicorp/go-azure-helpers v0.55.0 // indirect github.com/hashicorp/go-checkpoint v0.5.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect @@ -138,7 +138,7 @@ require ( github.com/hashicorp/terraform-plugin-go v0.14.1 // indirect github.com/hashicorp/terraform-plugin-log v0.7.0 // indirect github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1 // indirect - github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230302235257-7ddd481b4352 // indirect + github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230419234510-a8170bb91957 // indirect github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c // indirect github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 // indirect github.com/hashicorp/vault/api v1.8.2 // indirect @@ -156,7 +156,7 @@ require ( github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.15.11 // indirect github.com/kylelemons/godebug v1.1.0 // indirect - github.com/manicminer/hamilton v0.59.0 // indirect + github.com/manicminer/hamilton v0.61.0 // indirect github.com/mattn/go-colorable v0.1.12 // indirect github.com/mattn/go-isatty v0.0.14 // indirect github.com/mattn/go-runewidth v0.0.13 // indirect diff --git a/provider/go.sum b/provider/go.sum index 8d403b0e3..87714e186 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -1070,10 +1070,10 @@ github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FK github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-azure-helpers v0.52.0 h1:2xIjsPpDbZf5dFLEdqOy5akfdnh8M/6mQtVWhkpM3hM= -github.com/hashicorp/go-azure-helpers v0.52.0/go.mod h1:lsykLR4KjTUO7MiRmNWiTiX8QQtw3ILjyOvT0f5h3rw= -github.com/hashicorp/go-azure-sdk v0.20230223.1132808 h1:3RTwCTiY42qQjN8rzi4QABWzYyMEp8ZqdWf7K7XzAXo= -github.com/hashicorp/go-azure-sdk v0.20230223.1132808/go.mod h1:lU3F9c+qXc7iqMayTNmUP/VDc0H6f95mkhv4u35zV8I= +github.com/hashicorp/go-azure-helpers v0.55.0 h1:2A2KWPiaDC5kQWr6tYHTD/P1k9bO0HvflEb/Nc1yLeU= +github.com/hashicorp/go-azure-helpers v0.55.0/go.mod h1:RQugkG8wEcNIjYmcBLHpuEI/u2mTJwO4r37rR/OKRpo= +github.com/hashicorp/go-azure-sdk v0.20230331.1143618 h1:SUBW7DehNG5zZhY9xvcvtNWg6xtwDas4rWz1r1mlM0U= +github.com/hashicorp/go-azure-sdk v0.20230331.1143618/go.mod h1:L9JXVUcnL0GjMizCnngYUlMp1lLhDBNgSTvn6Of/5O4= github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= @@ -1112,7 +1112,6 @@ github.com/hashicorp/go-plugin v1.4.6 h1:MDV3UrKQBM3du3G7MApDGvOsMYy3JQJ4exhSoKB github.com/hashicorp/go-plugin v1.4.6/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= -github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.1/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0= github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= @@ -1144,7 +1143,6 @@ github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/C github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.5.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= @@ -1187,8 +1185,8 @@ github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfD github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230302235257-7ddd481b4352 h1:6ov/5e6ea8HRYRwA3JwZKGpMhnUWZFDPTvKfgCGAfQA= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230302235257-7ddd481b4352/go.mod h1:3gvi+tMJX9cwL5DVfJ6MPcKkAfJF7CyaGGfq9lW6CyU= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230419234510-a8170bb91957 h1:UG1X4lUVwPG8q43e+qL7oFAmvrcxwlIwHHeWgzsKukI= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230419234510-a8170bb91957/go.mod h1:Znc0cBgGpfw46cTPuOeQPlMUVhlwjkfrjLyf2Pnn+pI= github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c h1:D8aRO6+mTqHfLsK/BC3j5OAoogv1WLRWzY1AaTo3rBg= github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c/go.mod h1:Wn3Na71knbXc1G8Lh+yu/dQWWJeFQEpDeJMtWMtlmNI= github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= @@ -1370,11 +1368,8 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/manicminer/hamilton v0.43.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton v0.55.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton v0.59.0 h1:RLGwWamCtTUa53sdAbv04XzRu3e9RwJoPcAN/VReydY= -github.com/manicminer/hamilton v0.59.0/go.mod h1:kvNZuh/KneyjgSvx/DU/117zjgPDWV7b18LLJivHMa8= -github.com/manicminer/hamilton-autorest v0.3.0/go.mod h1:NselDpNTImEmOc/fa41kPg6YhDt/6S95ejWbTGZ6tlg= +github.com/manicminer/hamilton v0.61.0 h1:Hp25wOIkArXUJ9++U9J+jpVL+nXCzUtsvzVa/vE3Or4= +github.com/manicminer/hamilton v0.61.0/go.mod h1:va/X2sztcgQ5+BSxc2eU3FTHYIyxLnHvB4LudlPUZdE= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= diff --git a/provider/resources.go b/provider/resources.go index fb2261153..9f0e47d71 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -224,8 +224,19 @@ func Provider() tfbridge.ProviderInfo { "azuread_service_principal_claims_mapping_policy_assignment": { Tok: makeResource(mainMod, "ServicePrincipalClaimsMappingPolicyAssignment"), }, - "azuread_synchronization_job": {Tok: makeResource(mainMod, "SynchronizationJob")}, - "azuread_synchronization_secret": {Tok: makeResource(mainMod, "SynchronizationSecret")}, + "azuread_synchronization_job": {Tok: makeResource(mainMod, "SynchronizationJob")}, + "azuread_synchronization_secret": {Tok: makeResource(mainMod, "SynchronizationSecret")}, + "azuread_access_package": {Tok: makeResource(mainMod, "AccessPackage")}, + "azuread_access_package_assignment_policy": {Tok: makeResource(mainMod, "AccessPackageAssignmentPolicy")}, + "azuread_access_package_catalog": {Tok: makeResource(mainMod, "AccessPackageCatalog")}, + "azuread_access_package_resource_catalog_association": { + Tok: makeResource(mainMod, "AccessPackageResourceCatalogAssociation"), + }, + "azuread_access_package_resource_package_association": { + Tok: makeResource(mainMod, "AccessPackageResourcePackageAssociation"), + }, + "azuread_administrative_unit_role_member": {Tok: makeResource(mainMod, "AdministrativeUnitRoleMember")}, + "azuread_user_flow_attribute": {Tok: makeResource(mainMod, "UserFlowAttribute")}, }, DataSources: map[string]*tfbridge.DataSourceInfo{ "azuread_application": {Tok: makeDataSource(mainMod, "getApplication")}, @@ -242,6 +253,8 @@ func Provider() tfbridge.ProviderInfo { "azuread_administrative_unit": {Tok: makeDataSource(mainMod, "getAdministrativeUnit")}, "azuread_directory_object": {Tok: makeDataSource(mainMod, "getDirectoryObject")}, "azuread_directory_roles": {Tok: makeDataSource(mainMod, "getDirectoryRoles")}, + "azuread_access_package": {Tok: makeDataSource(mainMod, "getAccessPackage")}, + "azuread_access_package_catalog": {Tok: makeDataSource(mainMod, "getAccessPackageCatalog")}, }, JavaScript: &tfbridge.JavaScriptInfo{ // List any npm dependencies and their versions diff --git a/provider/shim/go.mod b/provider/shim/go.mod index 74b14dc41..93c119a41 100644 --- a/provider/shim/go.mod +++ b/provider/shim/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1 - github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230302235257-7ddd481b4352 + github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230419234510-a8170bb91957 ) require ( @@ -16,8 +16,8 @@ require ( github.com/golang/protobuf v1.5.2 // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-azure-helpers v0.52.0 // indirect - github.com/hashicorp/go-azure-sdk v0.20230223.1132808 // indirect + github.com/hashicorp/go-azure-helpers v0.55.0 // indirect + github.com/hashicorp/go-azure-sdk v0.20230331.1143618 // indirect github.com/hashicorp/go-checkpoint v0.5.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect @@ -37,7 +37,7 @@ require ( github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c // indirect github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 // indirect github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87 // indirect - github.com/manicminer/hamilton v0.59.0 // indirect + github.com/manicminer/hamilton v0.61.0 // indirect github.com/mattn/go-colorable v0.1.12 // indirect github.com/mattn/go-isatty v0.0.14 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect diff --git a/provider/shim/go.sum b/provider/shim/go.sum index 98b54ae0b..88d1d29dd 100644 --- a/provider/shim/go.sum +++ b/provider/shim/go.sum @@ -1,44 +1,11 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= -cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= -cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= -cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= -cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/Azure/azure-sdk-for-go v66.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= github.com/Azure/go-autorest/autorest v0.11.28/go.mod h1:MrkzG3Y3AH668QyF9KRk5neJnGgmhQ6krbhR8Q5eMvA= github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.6/go.mod h1:piCfgPho7BiIDdEQ1+g4VmKyD5y+p/XtSNqE6Hc4QD0= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= @@ -47,7 +14,6 @@ github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYX github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk= github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= @@ -73,9 +39,6 @@ github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkE github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -88,7 +51,6 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -112,32 +74,19 @@ github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= @@ -149,41 +98,25 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-azure-helpers v0.52.0 h1:2xIjsPpDbZf5dFLEdqOy5akfdnh8M/6mQtVWhkpM3hM= -github.com/hashicorp/go-azure-helpers v0.52.0/go.mod h1:lsykLR4KjTUO7MiRmNWiTiX8QQtw3ILjyOvT0f5h3rw= -github.com/hashicorp/go-azure-sdk v0.20230223.1132808 h1:3RTwCTiY42qQjN8rzi4QABWzYyMEp8ZqdWf7K7XzAXo= -github.com/hashicorp/go-azure-sdk v0.20230223.1132808/go.mod h1:lU3F9c+qXc7iqMayTNmUP/VDc0H6f95mkhv4u35zV8I= +github.com/hashicorp/go-azure-helpers v0.55.0 h1:2A2KWPiaDC5kQWr6tYHTD/P1k9bO0HvflEb/Nc1yLeU= +github.com/hashicorp/go-azure-helpers v0.55.0/go.mod h1:RQugkG8wEcNIjYmcBLHpuEI/u2mTJwO4r37rR/OKRpo= +github.com/hashicorp/go-azure-sdk v0.20230331.1143618 h1:SUBW7DehNG5zZhY9xvcvtNWg6xtwDas4rWz1r1mlM0U= +github.com/hashicorp/go-azure-sdk v0.20230331.1143618/go.mod h1:L9JXVUcnL0GjMizCnngYUlMp1lLhDBNgSTvn6Of/5O4= github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= @@ -200,20 +133,15 @@ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+l github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-plugin v1.4.6 h1:MDV3UrKQBM3du3G7MApDGvOsMYy3JQJ4exhSoKBAeVA= github.com/hashicorp/go-plugin v1.4.6/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= -github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0= github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.5.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hc-install v0.4.0 h1:cZkRFr1WVa0Ty6x5fTvL1TuO1flul231rWkGH92oYYk= github.com/hashicorp/hc-install v0.4.0/go.mod h1:5d155H8EC5ewegao9A4PUTMNPZaq+TbOzkJJZ4vrXeI= github.com/hashicorp/hcl/v2 v2.15.0 h1:CPDXO6+uORPjKflkWCCwoWc9uRp+zSIPcCQ+BrxV7m8= @@ -228,8 +156,8 @@ github.com/hashicorp/terraform-plugin-go v0.14.1 h1:cwZzPYla82XwAqpLhSzdVsOMU+6H github.com/hashicorp/terraform-plugin-go v0.14.1/go.mod h1:Bc/K6K26BQ2FHqIELPbpKtt2CzzbQou+0UQF3/0NsCQ= github.com/hashicorp/terraform-plugin-log v0.7.0 h1:SDxJUyT8TwN4l5b5/VkiTIaQgY6R+Y2BQ0sRZftGKQs= github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230302235257-7ddd481b4352 h1:6ov/5e6ea8HRYRwA3JwZKGpMhnUWZFDPTvKfgCGAfQA= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230302235257-7ddd481b4352/go.mod h1:3gvi+tMJX9cwL5DVfJ6MPcKkAfJF7CyaGGfq9lW6CyU= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230419234510-a8170bb91957 h1:UG1X4lUVwPG8q43e+qL7oFAmvrcxwlIwHHeWgzsKukI= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230419234510-a8170bb91957/go.mod h1:Znc0cBgGpfw46cTPuOeQPlMUVhlwjkfrjLyf2Pnn+pI= github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c h1:D8aRO6+mTqHfLsK/BC3j5OAoogv1WLRWzY1AaTo3rBg= github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c/go.mod h1:Wn3Na71knbXc1G8Lh+yu/dQWWJeFQEpDeJMtWMtlmNI= github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 h1:HKLsbzeOsfXmKNpr3GiT18XAblV0BjCbzL8KQAMZGa0= @@ -238,7 +166,6 @@ github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKe github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87 h1:xixZ2bWeofWV68J+x6AzmKuVM/JWCQwkWm6GW/MUR6I= github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= @@ -246,11 +173,8 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= @@ -262,11 +186,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/manicminer/hamilton v0.43.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton v0.55.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton v0.59.0 h1:RLGwWamCtTUa53sdAbv04XzRu3e9RwJoPcAN/VReydY= -github.com/manicminer/hamilton v0.59.0/go.mod h1:kvNZuh/KneyjgSvx/DU/117zjgPDWV7b18LLJivHMa8= -github.com/manicminer/hamilton-autorest v0.3.0/go.mod h1:NselDpNTImEmOc/fa41kPg6YhDt/6S95ejWbTGZ6tlg= +github.com/manicminer/hamilton v0.61.0 h1:Hp25wOIkArXUJ9++U9J+jpVL+nXCzUtsvzVa/vE3Or4= +github.com/manicminer/hamilton v0.61.0/go.mod h1:va/X2sztcgQ5+BSxc2eU3FTHYIyxLnHvB4LudlPUZdE= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -306,7 +227,6 @@ github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1: github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20221122203342-430f685de305 h1:BkHVmLAinUEU2v9GmlUQ2utF25c9qXhAV/VZ6IrVYJk= github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20221122203342-430f685de305/go.mod h1:+tNlb0wkfdsDJ7JEiERLz4HzM19HyiuIoGzTsM7rPpw= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= @@ -333,8 +253,6 @@ github.com/vmihailenco/tagparser v0.1.2 h1:gnjoVuB/kljJ5wICEEOpx98oXMWPLj22G67Vb github.com/vmihailenco/tagparser v0.1.2/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= -github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= @@ -344,57 +262,24 @@ github.com/zclconf/go-cty v1.11.0/go.mod h1:s9IfD1LK5ccNMSWCVFCE2rJfHiZgi7JijgeW github.com/zclconf/go-cty v1.12.1 h1:PcupnljUm9EIvbgSHQnHhUr3fO6oFmkOrvs2BAFNXXY= github.com/zclconf/go-cty v1.12.1/go.mod h1:s9IfD1LK5ccNMSWCVFCE2rJfHiZgi7JijgeWIMfhLvA= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220331220935-ae2d96664a29/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220517005047-85d78b3ac167/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -405,26 +290,11 @@ golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191009170851-d66e71096ffb/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= @@ -437,52 +307,28 @@ golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M= golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -506,9 +352,7 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -517,126 +361,38 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200713011307-fd294ab11aed/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= -google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200711021454-869866162049/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac h1:qSNTkEN+L2mvWcLgJOR+8bdHX9rN/IdU3A1Ghpfb1Rg= google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= @@ -665,7 +421,6 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -676,14 +431,6 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= software.sslmate.com/src/go-pkcs12 v0.2.0 h1:nlFkj7bTysH6VkC4fGphtjXRbezREPgrHuJG20hBGPE= software.sslmate.com/src/go-pkcs12 v0.2.0/go.mod h1:23rNcYsMabIc1otwLpTkCCPwUq6kQsTyowttG/as0kQ= diff --git a/sdk/dotnet/AccessPackage.cs b/sdk/dotnet/AccessPackage.cs new file mode 100644 index 000000000..03a87f317 --- /dev/null +++ b/sdk/dotnet/AccessPackage.cs @@ -0,0 +1,190 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + /// + /// Manages an Access Package within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this resource. + /// + /// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator` + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog("exampleAccessPackageCatalog", new() + /// { + /// DisplayName = "example-catalog", + /// Description = "Example catalog", + /// }); + /// + /// var exampleAccessPackage = new AzureAD.AccessPackage("exampleAccessPackage", new() + /// { + /// CatalogId = exampleAccessPackageCatalog.Id, + /// DisplayName = "access-package", + /// Description = "Access Package", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// Access Packages can be imported using the `id`, e.g. + /// + /// ```sh + /// $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + /// ``` + /// + [AzureADResourceType("azuread:index/accessPackage:AccessPackage")] + public partial class AccessPackage : global::Pulumi.CustomResource + { + /// + /// The ID of the Catalog this access package will be created in. + /// + [Output("catalogId")] + public Output CatalogId { get; private set; } = null!; + + /// + /// The description of the access package. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// The display name of the access package. + /// + [Output("displayName")] + public Output DisplayName { get; private set; } = null!; + + /// + /// Whether the access package is hidden from the requestor. + /// + [Output("hidden")] + public Output Hidden { get; private set; } = null!; + + + /// + /// Create a AccessPackage resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AccessPackage(string name, AccessPackageArgs args, CustomResourceOptions? options = null) + : base("azuread:index/accessPackage:AccessPackage", name, args ?? new AccessPackageArgs(), MakeResourceOptions(options, "")) + { + } + + private AccessPackage(string name, Input id, AccessPackageState? state = null, CustomResourceOptions? options = null) + : base("azuread:index/accessPackage:AccessPackage", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AccessPackage resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AccessPackage Get(string name, Input id, AccessPackageState? state = null, CustomResourceOptions? options = null) + { + return new AccessPackage(name, id, state, options); + } + } + + public sealed class AccessPackageArgs : global::Pulumi.ResourceArgs + { + /// + /// The ID of the Catalog this access package will be created in. + /// + [Input("catalogId", required: true)] + public Input CatalogId { get; set; } = null!; + + /// + /// The description of the access package. + /// + [Input("description", required: true)] + public Input Description { get; set; } = null!; + + /// + /// The display name of the access package. + /// + [Input("displayName", required: true)] + public Input DisplayName { get; set; } = null!; + + /// + /// Whether the access package is hidden from the requestor. + /// + [Input("hidden")] + public Input? Hidden { get; set; } + + public AccessPackageArgs() + { + } + public static new AccessPackageArgs Empty => new AccessPackageArgs(); + } + + public sealed class AccessPackageState : global::Pulumi.ResourceArgs + { + /// + /// The ID of the Catalog this access package will be created in. + /// + [Input("catalogId")] + public Input? CatalogId { get; set; } + + /// + /// The description of the access package. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// The display name of the access package. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + /// + /// Whether the access package is hidden from the requestor. + /// + [Input("hidden")] + public Input? Hidden { get; set; } + + public AccessPackageState() + { + } + public static new AccessPackageState Empty => new AccessPackageState(); + } +} diff --git a/sdk/dotnet/AccessPackageAssignmentPolicy.cs b/sdk/dotnet/AccessPackageAssignmentPolicy.cs new file mode 100644 index 000000000..4ceaa9a5f --- /dev/null +++ b/sdk/dotnet/AccessPackageAssignmentPolicy.cs @@ -0,0 +1,365 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + /// + /// Manages an assignment policy for an access package within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this resource. + /// + /// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleGroup = new AzureAD.Group("exampleGroup", new() + /// { + /// DisplayName = "group-name", + /// SecurityEnabled = true, + /// }); + /// + /// var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog("exampleAccessPackageCatalog", new() + /// { + /// DisplayName = "example-catalog", + /// Description = "Example catalog", + /// }); + /// + /// var exampleAccessPackage = new AzureAD.AccessPackage("exampleAccessPackage", new() + /// { + /// CatalogId = exampleAccessPackageCatalog.Id, + /// DisplayName = "access-package", + /// Description = "Access Package", + /// }); + /// + /// var test = new AzureAD.AccessPackageAssignmentPolicy("test", new() + /// { + /// AccessPackageId = azuread_access_package.Test.Id, + /// DisplayName = "assignment-policy", + /// Description = "My assignment policy", + /// DurationInDays = 90, + /// RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs + /// { + /// ScopeType = "AllExistingDirectoryMemberUsers", + /// }, + /// ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs + /// { + /// ApprovalRequired = true, + /// ApprovalStages = new[] + /// { + /// new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs + /// { + /// ApprovalTimeoutInDays = 14, + /// PrimaryApprovers = new[] + /// { + /// new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs + /// { + /// ObjectId = azuread_group.Test.Object_id, + /// SubjectType = "groupMembers", + /// }, + /// }, + /// }, + /// }, + /// }, + /// AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs + /// { + /// Enabled = true, + /// ReviewFrequency = "weekly", + /// DurationInDays = 3, + /// ReviewType = "Self", + /// AccessReviewTimeoutBehavior = "keepAccess", + /// }, + /// Questions = new[] + /// { + /// new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs + /// { + /// Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs + /// { + /// DefaultText = "hello, how are you?", + /// }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// An access package assignment policy can be imported using the ID, e.g. + /// + /// ```sh + /// $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + /// ``` + /// + [AzureADResourceType("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy")] + public partial class AccessPackageAssignmentPolicy : global::Pulumi.CustomResource + { + /// + /// The ID of the access package that will contain the policy. + /// + [Output("accessPackageId")] + public Output AccessPackageId { get; private set; } = null!; + + /// + /// An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + /// + [Output("approvalSettings")] + public Output ApprovalSettings { get; private set; } = null!; + + /// + /// An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + /// + [Output("assignmentReviewSettings")] + public Output AssignmentReviewSettings { get; private set; } = null!; + + /// + /// The description of the policy. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// The display name of the policy. + /// + [Output("displayName")] + public Output DisplayName { get; private set; } = null!; + + /// + /// How many days this assignment is valid for. + /// + [Output("durationInDays")] + public Output DurationInDays { get; private set; } = null!; + + /// + /// The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + /// + [Output("expirationDate")] + public Output ExpirationDate { get; private set; } = null!; + + /// + /// Whether users will be able to request extension of their access to this package before their access expires. + /// + [Output("extensionEnabled")] + public Output ExtensionEnabled { get; private set; } = null!; + + /// + /// One or more `question` blocks for the requestor, as documented below. + /// + [Output("questions")] + public Output> Questions { get; private set; } = null!; + + /// + /// A `requestor_settings` block to configure the users who can request access, as documented below. + /// + [Output("requestorSettings")] + public Output RequestorSettings { get; private set; } = null!; + + + /// + /// Create a AccessPackageAssignmentPolicy resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AccessPackageAssignmentPolicy(string name, AccessPackageAssignmentPolicyArgs args, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy", name, args ?? new AccessPackageAssignmentPolicyArgs(), MakeResourceOptions(options, "")) + { + } + + private AccessPackageAssignmentPolicy(string name, Input id, AccessPackageAssignmentPolicyState? state = null, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AccessPackageAssignmentPolicy resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AccessPackageAssignmentPolicy Get(string name, Input id, AccessPackageAssignmentPolicyState? state = null, CustomResourceOptions? options = null) + { + return new AccessPackageAssignmentPolicy(name, id, state, options); + } + } + + public sealed class AccessPackageAssignmentPolicyArgs : global::Pulumi.ResourceArgs + { + /// + /// The ID of the access package that will contain the policy. + /// + [Input("accessPackageId", required: true)] + public Input AccessPackageId { get; set; } = null!; + + /// + /// An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + /// + [Input("approvalSettings")] + public Input? ApprovalSettings { get; set; } + + /// + /// An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + /// + [Input("assignmentReviewSettings")] + public Input? AssignmentReviewSettings { get; set; } + + /// + /// The description of the policy. + /// + [Input("description", required: true)] + public Input Description { get; set; } = null!; + + /// + /// The display name of the policy. + /// + [Input("displayName", required: true)] + public Input DisplayName { get; set; } = null!; + + /// + /// How many days this assignment is valid for. + /// + [Input("durationInDays")] + public Input? DurationInDays { get; set; } + + /// + /// The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + /// + [Input("expirationDate")] + public Input? ExpirationDate { get; set; } + + /// + /// Whether users will be able to request extension of their access to this package before their access expires. + /// + [Input("extensionEnabled")] + public Input? ExtensionEnabled { get; set; } + + [Input("questions")] + private InputList? _questions; + + /// + /// One or more `question` blocks for the requestor, as documented below. + /// + public InputList Questions + { + get => _questions ?? (_questions = new InputList()); + set => _questions = value; + } + + /// + /// A `requestor_settings` block to configure the users who can request access, as documented below. + /// + [Input("requestorSettings")] + public Input? RequestorSettings { get; set; } + + public AccessPackageAssignmentPolicyArgs() + { + } + public static new AccessPackageAssignmentPolicyArgs Empty => new AccessPackageAssignmentPolicyArgs(); + } + + public sealed class AccessPackageAssignmentPolicyState : global::Pulumi.ResourceArgs + { + /// + /// The ID of the access package that will contain the policy. + /// + [Input("accessPackageId")] + public Input? AccessPackageId { get; set; } + + /// + /// An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + /// + [Input("approvalSettings")] + public Input? ApprovalSettings { get; set; } + + /// + /// An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + /// + [Input("assignmentReviewSettings")] + public Input? AssignmentReviewSettings { get; set; } + + /// + /// The description of the policy. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// The display name of the policy. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + /// + /// How many days this assignment is valid for. + /// + [Input("durationInDays")] + public Input? DurationInDays { get; set; } + + /// + /// The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + /// + [Input("expirationDate")] + public Input? ExpirationDate { get; set; } + + /// + /// Whether users will be able to request extension of their access to this package before their access expires. + /// + [Input("extensionEnabled")] + public Input? ExtensionEnabled { get; set; } + + [Input("questions")] + private InputList? _questions; + + /// + /// One or more `question` blocks for the requestor, as documented below. + /// + public InputList Questions + { + get => _questions ?? (_questions = new InputList()); + set => _questions = value; + } + + /// + /// A `requestor_settings` block to configure the users who can request access, as documented below. + /// + [Input("requestorSettings")] + public Input? RequestorSettings { get; set; } + + public AccessPackageAssignmentPolicyState() + { + } + public static new AccessPackageAssignmentPolicyState Empty => new AccessPackageAssignmentPolicyState(); + } +} diff --git a/sdk/dotnet/AccessPackageCatalog.cs b/sdk/dotnet/AccessPackageCatalog.cs new file mode 100644 index 000000000..f9b26ebe5 --- /dev/null +++ b/sdk/dotnet/AccessPackageCatalog.cs @@ -0,0 +1,183 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + /// + /// Manages an access package catalog within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this resource. + /// + /// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator` + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new AzureAD.AccessPackageCatalog("example", new() + /// { + /// Description = "Example access package catalog", + /// DisplayName = "example-access-package-catalog", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// An Access Package Catalog can be imported using the `id`, e.g. + /// + /// ```sh + /// $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + /// ``` + /// + [AzureADResourceType("azuread:index/accessPackageCatalog:AccessPackageCatalog")] + public partial class AccessPackageCatalog : global::Pulumi.CustomResource + { + /// + /// The description of the access package catalog. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// The display name of the access package catalog. + /// + [Output("displayName")] + public Output DisplayName { get; private set; } = null!; + + /// + /// Whether the access packages in this catalog can be requested by users outside the tenant. + /// + [Output("externallyVisible")] + public Output ExternallyVisible { get; private set; } = null!; + + /// + /// Whether the access packages in this catalog are available for management. + /// + [Output("published")] + public Output Published { get; private set; } = null!; + + + /// + /// Create a AccessPackageCatalog resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AccessPackageCatalog(string name, AccessPackageCatalogArgs args, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageCatalog:AccessPackageCatalog", name, args ?? new AccessPackageCatalogArgs(), MakeResourceOptions(options, "")) + { + } + + private AccessPackageCatalog(string name, Input id, AccessPackageCatalogState? state = null, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageCatalog:AccessPackageCatalog", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AccessPackageCatalog resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AccessPackageCatalog Get(string name, Input id, AccessPackageCatalogState? state = null, CustomResourceOptions? options = null) + { + return new AccessPackageCatalog(name, id, state, options); + } + } + + public sealed class AccessPackageCatalogArgs : global::Pulumi.ResourceArgs + { + /// + /// The description of the access package catalog. + /// + [Input("description", required: true)] + public Input Description { get; set; } = null!; + + /// + /// The display name of the access package catalog. + /// + [Input("displayName", required: true)] + public Input DisplayName { get; set; } = null!; + + /// + /// Whether the access packages in this catalog can be requested by users outside the tenant. + /// + [Input("externallyVisible")] + public Input? ExternallyVisible { get; set; } + + /// + /// Whether the access packages in this catalog are available for management. + /// + [Input("published")] + public Input? Published { get; set; } + + public AccessPackageCatalogArgs() + { + } + public static new AccessPackageCatalogArgs Empty => new AccessPackageCatalogArgs(); + } + + public sealed class AccessPackageCatalogState : global::Pulumi.ResourceArgs + { + /// + /// The description of the access package catalog. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// The display name of the access package catalog. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + /// + /// Whether the access packages in this catalog can be requested by users outside the tenant. + /// + [Input("externallyVisible")] + public Input? ExternallyVisible { get; set; } + + /// + /// Whether the access packages in this catalog are available for management. + /// + [Input("published")] + public Input? Published { get; set; } + + public AccessPackageCatalogState() + { + } + public static new AccessPackageCatalogState Empty => new AccessPackageCatalogState(); + } +} diff --git a/sdk/dotnet/AccessPackageResourceCatalogAssociation.cs b/sdk/dotnet/AccessPackageResourceCatalogAssociation.cs new file mode 100644 index 000000000..de37693dc --- /dev/null +++ b/sdk/dotnet/AccessPackageResourceCatalogAssociation.cs @@ -0,0 +1,180 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + /// + /// Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this resource. + /// + /// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator` + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleGroup = new AzureAD.Group("exampleGroup", new() + /// { + /// DisplayName = "example-group", + /// SecurityEnabled = true, + /// }); + /// + /// var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog("exampleAccessPackageCatalog", new() + /// { + /// DisplayName = "example-catalog", + /// Description = "Example catalog", + /// }); + /// + /// var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", new() + /// { + /// CatalogId = azuread_access_package_catalog.Example_catalog.Id, + /// ResourceOriginId = azuread_group.Example_group.Object_id, + /// ResourceOriginSystem = "AadGroup", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. + /// + /// ```sh + /// $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + /// ``` + /// + /// -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. + /// + [AzureADResourceType("azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation")] + public partial class AccessPackageResourceCatalogAssociation : global::Pulumi.CustomResource + { + /// + /// The unique ID of the access package catalog. Changing this forces a new resource to be created. + /// + [Output("catalogId")] + public Output CatalogId { get; private set; } = null!; + + /// + /// The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + /// + [Output("resourceOriginId")] + public Output ResourceOriginId { get; private set; } = null!; + + /// + /// The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + /// + [Output("resourceOriginSystem")] + public Output ResourceOriginSystem { get; private set; } = null!; + + + /// + /// Create a AccessPackageResourceCatalogAssociation resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AccessPackageResourceCatalogAssociation(string name, AccessPackageResourceCatalogAssociationArgs args, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation", name, args ?? new AccessPackageResourceCatalogAssociationArgs(), MakeResourceOptions(options, "")) + { + } + + private AccessPackageResourceCatalogAssociation(string name, Input id, AccessPackageResourceCatalogAssociationState? state = null, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AccessPackageResourceCatalogAssociation resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AccessPackageResourceCatalogAssociation Get(string name, Input id, AccessPackageResourceCatalogAssociationState? state = null, CustomResourceOptions? options = null) + { + return new AccessPackageResourceCatalogAssociation(name, id, state, options); + } + } + + public sealed class AccessPackageResourceCatalogAssociationArgs : global::Pulumi.ResourceArgs + { + /// + /// The unique ID of the access package catalog. Changing this forces a new resource to be created. + /// + [Input("catalogId", required: true)] + public Input CatalogId { get; set; } = null!; + + /// + /// The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + /// + [Input("resourceOriginId", required: true)] + public Input ResourceOriginId { get; set; } = null!; + + /// + /// The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + /// + [Input("resourceOriginSystem", required: true)] + public Input ResourceOriginSystem { get; set; } = null!; + + public AccessPackageResourceCatalogAssociationArgs() + { + } + public static new AccessPackageResourceCatalogAssociationArgs Empty => new AccessPackageResourceCatalogAssociationArgs(); + } + + public sealed class AccessPackageResourceCatalogAssociationState : global::Pulumi.ResourceArgs + { + /// + /// The unique ID of the access package catalog. Changing this forces a new resource to be created. + /// + [Input("catalogId")] + public Input? CatalogId { get; set; } + + /// + /// The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + /// + [Input("resourceOriginId")] + public Input? ResourceOriginId { get; set; } + + /// + /// The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + /// + [Input("resourceOriginSystem")] + public Input? ResourceOriginSystem { get; set; } + + public AccessPackageResourceCatalogAssociationState() + { + } + public static new AccessPackageResourceCatalogAssociationState Empty => new AccessPackageResourceCatalogAssociationState(); + } +} diff --git a/sdk/dotnet/AccessPackageResourcePackageAssociation.cs b/sdk/dotnet/AccessPackageResourcePackageAssociation.cs new file mode 100644 index 000000000..1052724f2 --- /dev/null +++ b/sdk/dotnet/AccessPackageResourcePackageAssociation.cs @@ -0,0 +1,193 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + /// + /// Manages the resources added to access packages within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this resource. + /// + /// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleGroup = new AzureAD.Group("exampleGroup", new() + /// { + /// DisplayName = "example-group", + /// SecurityEnabled = true, + /// }); + /// + /// var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog("exampleAccessPackageCatalog", new() + /// { + /// DisplayName = "example-catalog", + /// Description = "Example catalog", + /// }); + /// + /// var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", new() + /// { + /// CatalogId = azuread_access_package_catalog.Example_catalog.Id, + /// ResourceOriginId = azuread_group.Example_group.Object_id, + /// ResourceOriginSystem = "AadGroup", + /// }); + /// + /// var exampleAccessPackage = new AzureAD.AccessPackage("exampleAccessPackage", new() + /// { + /// DisplayName = "example-package", + /// Description = "Example Package", + /// CatalogId = azuread_access_package_catalog.Example_catalog.Id, + /// }); + /// + /// var exampleAccessPackageResourcePackageAssociation = new AzureAD.AccessPackageResourcePackageAssociation("exampleAccessPackageResourcePackageAssociation", new() + /// { + /// AccessPackageId = exampleAccessPackage.Id, + /// CatalogResourceAssociationId = exampleAccessPackageResourceCatalogAssociation.Id, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// The resource and catalog association can be imported using the access package ID, the resource association ID, the resource origin ID, and the access type, e.g. + /// + /// ```sh + /// $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + /// ``` + /// + /// -> This ID format is unique to Terraform and is composed of the Access Package ID, the Resource Association ID, the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceAssociationID}/{ResourceOriginID}/{AccessType}`. + /// + [AzureADResourceType("azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation")] + public partial class AccessPackageResourcePackageAssociation : global::Pulumi.CustomResource + { + /// + /// The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + /// + [Output("accessPackageId")] + public Output AccessPackageId { get; private set; } = null!; + + /// + /// The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + /// + [Output("accessType")] + public Output AccessType { get; private set; } = null!; + + /// + /// The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + /// + [Output("catalogResourceAssociationId")] + public Output CatalogResourceAssociationId { get; private set; } = null!; + + + /// + /// Create a AccessPackageResourcePackageAssociation resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AccessPackageResourcePackageAssociation(string name, AccessPackageResourcePackageAssociationArgs args, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation", name, args ?? new AccessPackageResourcePackageAssociationArgs(), MakeResourceOptions(options, "")) + { + } + + private AccessPackageResourcePackageAssociation(string name, Input id, AccessPackageResourcePackageAssociationState? state = null, CustomResourceOptions? options = null) + : base("azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AccessPackageResourcePackageAssociation resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AccessPackageResourcePackageAssociation Get(string name, Input id, AccessPackageResourcePackageAssociationState? state = null, CustomResourceOptions? options = null) + { + return new AccessPackageResourcePackageAssociation(name, id, state, options); + } + } + + public sealed class AccessPackageResourcePackageAssociationArgs : global::Pulumi.ResourceArgs + { + /// + /// The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + /// + [Input("accessPackageId", required: true)] + public Input AccessPackageId { get; set; } = null!; + + /// + /// The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + /// + [Input("accessType")] + public Input? AccessType { get; set; } + + /// + /// The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + /// + [Input("catalogResourceAssociationId", required: true)] + public Input CatalogResourceAssociationId { get; set; } = null!; + + public AccessPackageResourcePackageAssociationArgs() + { + } + public static new AccessPackageResourcePackageAssociationArgs Empty => new AccessPackageResourcePackageAssociationArgs(); + } + + public sealed class AccessPackageResourcePackageAssociationState : global::Pulumi.ResourceArgs + { + /// + /// The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + /// + [Input("accessPackageId")] + public Input? AccessPackageId { get; set; } + + /// + /// The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + /// + [Input("accessType")] + public Input? AccessType { get; set; } + + /// + /// The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + /// + [Input("catalogResourceAssociationId")] + public Input? CatalogResourceAssociationId { get; set; } + + public AccessPackageResourcePackageAssociationState() + { + } + public static new AccessPackageResourcePackageAssociationState Empty => new AccessPackageResourcePackageAssociationState(); + } +} diff --git a/sdk/dotnet/AdministrativeUnitRoleMember.cs b/sdk/dotnet/AdministrativeUnitRoleMember.cs new file mode 100644 index 000000000..145e77582 --- /dev/null +++ b/sdk/dotnet/AdministrativeUnitRoleMember.cs @@ -0,0 +1,183 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + /// + /// Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this resource. + /// + /// When authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All` + /// + /// When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleUser = AzureAD.GetUser.Invoke(new() + /// { + /// UserPrincipalName = "jdoe@hashicorp.com", + /// }); + /// + /// var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit("exampleAdministrativeUnit", new() + /// { + /// DisplayName = "Example-AU", + /// }); + /// + /// var exampleDirectoryRole = new AzureAD.DirectoryRole("exampleDirectoryRole", new() + /// { + /// DisplayName = "Security administrator", + /// }); + /// + /// var exampleAdministrativeUnitRoleMember = new AzureAD.AdministrativeUnitRoleMember("exampleAdministrativeUnitRoleMember", new() + /// { + /// RoleObjectId = exampleDirectoryRole.ObjectId, + /// AdministrativeUnitObjectId = exampleAdministrativeUnit.Id, + /// MemberObjectId = exampleUser.Apply(getUserResult => getUserResult.Id), + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. + /// + /// ```sh + /// $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember test 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + /// ``` + /// + /// -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. + /// + [AzureADResourceType("azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember")] + public partial class AdministrativeUnitRoleMember : global::Pulumi.CustomResource + { + /// + /// The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + /// + [Output("administrativeUnitObjectId")] + public Output AdministrativeUnitObjectId { get; private set; } = null!; + + /// + /// The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + /// + [Output("memberObjectId")] + public Output MemberObjectId { get; private set; } = null!; + + /// + /// The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + /// + [Output("roleObjectId")] + public Output RoleObjectId { get; private set; } = null!; + + + /// + /// Create a AdministrativeUnitRoleMember resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AdministrativeUnitRoleMember(string name, AdministrativeUnitRoleMemberArgs args, CustomResourceOptions? options = null) + : base("azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember", name, args ?? new AdministrativeUnitRoleMemberArgs(), MakeResourceOptions(options, "")) + { + } + + private AdministrativeUnitRoleMember(string name, Input id, AdministrativeUnitRoleMemberState? state = null, CustomResourceOptions? options = null) + : base("azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AdministrativeUnitRoleMember resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AdministrativeUnitRoleMember Get(string name, Input id, AdministrativeUnitRoleMemberState? state = null, CustomResourceOptions? options = null) + { + return new AdministrativeUnitRoleMember(name, id, state, options); + } + } + + public sealed class AdministrativeUnitRoleMemberArgs : global::Pulumi.ResourceArgs + { + /// + /// The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + /// + [Input("administrativeUnitObjectId", required: true)] + public Input AdministrativeUnitObjectId { get; set; } = null!; + + /// + /// The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + /// + [Input("memberObjectId", required: true)] + public Input MemberObjectId { get; set; } = null!; + + /// + /// The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + /// + [Input("roleObjectId", required: true)] + public Input RoleObjectId { get; set; } = null!; + + public AdministrativeUnitRoleMemberArgs() + { + } + public static new AdministrativeUnitRoleMemberArgs Empty => new AdministrativeUnitRoleMemberArgs(); + } + + public sealed class AdministrativeUnitRoleMemberState : global::Pulumi.ResourceArgs + { + /// + /// The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + /// + [Input("administrativeUnitObjectId")] + public Input? AdministrativeUnitObjectId { get; set; } + + /// + /// The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + /// + [Input("memberObjectId")] + public Input? MemberObjectId { get; set; } + + /// + /// The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + /// + [Input("roleObjectId")] + public Input? RoleObjectId { get; set; } + + public AdministrativeUnitRoleMemberState() + { + } + public static new AdministrativeUnitRoleMemberState Empty => new AdministrativeUnitRoleMemberState(); + } +} diff --git a/sdk/dotnet/Application.cs b/sdk/dotnet/Application.cs index 78acad0a1..38cdff9c9 100644 --- a/sdk/dotnet/Application.cs +++ b/sdk/dotnet/Application.cs @@ -392,6 +392,12 @@ public partial class Application : global::Pulumi.CustomResource [Output("requiredResourceAccesses")] public Output> RequiredResourceAccesses { get; private set; } = null!; + /// + /// References application context information from a Service or Asset Management database. + /// + [Output("serviceManagementReference")] + public Output ServiceManagementReference { get; private set; } = null!; + /// /// The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. /// @@ -630,6 +636,12 @@ public InputList RequiredResourceA set => _requiredResourceAccesses = value; } + /// + /// References application context information from a Service or Asset Management database. + /// + [Input("serviceManagementReference")] + public Input? ServiceManagementReference { get; set; } + /// /// The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. /// @@ -890,6 +902,12 @@ public InputList RequiredResour set => _requiredResourceAccesses = value; } + /// + /// References application context information from a Service or Asset Management database. + /// + [Input("serviceManagementReference")] + public Input? ServiceManagementReference { get; set; } + /// /// The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. /// diff --git a/sdk/dotnet/GetAccessPackage.cs b/sdk/dotnet/GetAccessPackage.cs new file mode 100644 index 000000000..d82ffc317 --- /dev/null +++ b/sdk/dotnet/GetAccessPackage.cs @@ -0,0 +1,220 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + public static class GetAccessPackage + { + /// + /// Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this data source. + /// + /// When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// *Look up by ID* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackage.Invoke(new() + /// { + /// ObjectId = "00000000-0000-0000-0000-000000000000", + /// }); + /// + /// }); + /// ``` + /// + /// *Look up by DisplayName* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackage.Invoke(new() + /// { + /// CatalogId = "00000000-0000-0000-0000-000000000000", + /// DisplayName = "My access package Catalog", + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Task InvokeAsync(GetAccessPackageArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("azuread:index/getAccessPackage:getAccessPackage", args ?? new GetAccessPackageArgs(), options.WithDefaults()); + + /// + /// Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this data source. + /// + /// When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// *Look up by ID* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackage.Invoke(new() + /// { + /// ObjectId = "00000000-0000-0000-0000-000000000000", + /// }); + /// + /// }); + /// ``` + /// + /// *Look up by DisplayName* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackage.Invoke(new() + /// { + /// CatalogId = "00000000-0000-0000-0000-000000000000", + /// DisplayName = "My access package Catalog", + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Output Invoke(GetAccessPackageInvokeArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("azuread:index/getAccessPackage:getAccessPackage", args ?? new GetAccessPackageInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetAccessPackageArgs : global::Pulumi.InvokeArgs + { + /// + /// The ID of the Catalog this access package is in. + /// + [Input("catalogId")] + public string? CatalogId { get; set; } + + /// + /// The display name of the access package. + /// + [Input("displayName")] + public string? DisplayName { get; set; } + + /// + /// The ID of this access package. + /// + [Input("objectId")] + public string? ObjectId { get; set; } + + public GetAccessPackageArgs() + { + } + public static new GetAccessPackageArgs Empty => new GetAccessPackageArgs(); + } + + public sealed class GetAccessPackageInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The ID of the Catalog this access package is in. + /// + [Input("catalogId")] + public Input? CatalogId { get; set; } + + /// + /// The display name of the access package. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + /// + /// The ID of this access package. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + public GetAccessPackageInvokeArgs() + { + } + public static new GetAccessPackageInvokeArgs Empty => new GetAccessPackageInvokeArgs(); + } + + + [OutputType] + public sealed class GetAccessPackageResult + { + public readonly string? CatalogId; + /// + /// The description of the access package. + /// + public readonly string Description; + public readonly string DisplayName; + /// + /// Whether the access package is hidden from the requestor. + /// + public readonly bool Hidden; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string ObjectId; + + [OutputConstructor] + private GetAccessPackageResult( + string? catalogId, + + string description, + + string displayName, + + bool hidden, + + string id, + + string objectId) + { + CatalogId = catalogId; + Description = description; + DisplayName = displayName; + Hidden = hidden; + Id = id; + ObjectId = objectId; + } + } +} diff --git a/sdk/dotnet/GetAccessPackageCatalog.cs b/sdk/dotnet/GetAccessPackageCatalog.cs new file mode 100644 index 000000000..34142dbae --- /dev/null +++ b/sdk/dotnet/GetAccessPackageCatalog.cs @@ -0,0 +1,211 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + public static class GetAccessPackageCatalog + { + /// + /// i + /// Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this data source. + /// + /// When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// *Look up by ID* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackageCatalog.Invoke(new() + /// { + /// ObjectId = "00000000-0000-0000-0000-000000000000", + /// }); + /// + /// }); + /// ``` + /// + /// *Look up by DisplayName* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackageCatalog.Invoke(new() + /// { + /// DisplayName = "My access package Catalog", + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Task InvokeAsync(GetAccessPackageCatalogArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("azuread:index/getAccessPackageCatalog:getAccessPackageCatalog", args ?? new GetAccessPackageCatalogArgs(), options.WithDefaults()); + + /// + /// i + /// Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this data source. + /// + /// When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + /// + /// When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// *Look up by ID* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackageCatalog.Invoke(new() + /// { + /// ObjectId = "00000000-0000-0000-0000-000000000000", + /// }); + /// + /// }); + /// ``` + /// + /// *Look up by DisplayName* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = AzureAD.GetAccessPackageCatalog.Invoke(new() + /// { + /// DisplayName = "My access package Catalog", + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Output Invoke(GetAccessPackageCatalogInvokeArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("azuread:index/getAccessPackageCatalog:getAccessPackageCatalog", args ?? new GetAccessPackageCatalogInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetAccessPackageCatalogArgs : global::Pulumi.InvokeArgs + { + /// + /// The display name of the access package catalog. + /// + [Input("displayName")] + public string? DisplayName { get; set; } + + /// + /// The ID of this access package catalog. + /// + [Input("objectId")] + public string? ObjectId { get; set; } + + public GetAccessPackageCatalogArgs() + { + } + public static new GetAccessPackageCatalogArgs Empty => new GetAccessPackageCatalogArgs(); + } + + public sealed class GetAccessPackageCatalogInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The display name of the access package catalog. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + /// + /// The ID of this access package catalog. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + public GetAccessPackageCatalogInvokeArgs() + { + } + public static new GetAccessPackageCatalogInvokeArgs Empty => new GetAccessPackageCatalogInvokeArgs(); + } + + + [OutputType] + public sealed class GetAccessPackageCatalogResult + { + /// + /// The description of the access package catalog. + /// + public readonly string Description; + public readonly string DisplayName; + /// + /// Whether the access packages in this catalog can be requested by users outside the tenant. + /// + public readonly bool ExternallyVisible; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string ObjectId; + /// + /// Whether the access packages in this catalog are available for management. + /// + public readonly bool Published; + + [OutputConstructor] + private GetAccessPackageCatalogResult( + string description, + + string displayName, + + bool externallyVisible, + + string id, + + string objectId, + + bool published) + { + Description = description; + DisplayName = displayName; + ExternallyVisible = externallyVisible; + Id = id; + ObjectId = objectId; + Published = published; + } + } +} diff --git a/sdk/dotnet/GetApplication.cs b/sdk/dotnet/GetApplication.cs index 0f5a0dc63..65aa4c501 100644 --- a/sdk/dotnet/GetApplication.cs +++ b/sdk/dotnet/GetApplication.cs @@ -248,6 +248,10 @@ public sealed class GetApplicationResult /// public readonly ImmutableArray RequiredResourceAccesses; /// + /// References application context information from a Service or Asset Management database. + /// + public readonly string ServiceManagementReference; + /// /// The Microsoft account types that are supported for the current application. One of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. /// public readonly string SignInAudience; @@ -324,6 +328,8 @@ private GetApplicationResult( ImmutableArray requiredResourceAccesses, + string serviceManagementReference, + string signInAudience, ImmutableArray singlePageApplications, @@ -361,6 +367,7 @@ private GetApplicationResult( PublicClients = publicClients; PublisherDomain = publisherDomain; RequiredResourceAccesses = requiredResourceAccesses; + ServiceManagementReference = serviceManagementReference; SignInAudience = signInAudience; SinglePageApplications = singlePageApplications; SupportUrl = supportUrl; diff --git a/sdk/dotnet/GetGroup.cs b/sdk/dotnet/GetGroup.cs index 091bcac14..c8bb7f083 100644 --- a/sdk/dotnet/GetGroup.cs +++ b/sdk/dotnet/GetGroup.cs @@ -220,6 +220,10 @@ public sealed class GetGroupResult /// public readonly string OnpremisesDomainName; /// + /// The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + /// + public readonly string OnpremisesGroupType; + /// /// The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. /// public readonly string OnpremisesNetbiosName; @@ -267,6 +271,10 @@ public sealed class GetGroupResult /// The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility. /// public readonly string Visibility; + /// + /// Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + /// + public readonly bool WritebackEnabled; [OutputConstructor] private GetGroupResult( @@ -302,6 +310,8 @@ private GetGroupResult( string onpremisesDomainName, + string onpremisesGroupType, + string onpremisesNetbiosName, string onpremisesSamAccountName, @@ -324,7 +334,9 @@ private GetGroupResult( ImmutableArray types, - string visibility) + string visibility, + + bool writebackEnabled) { AssignableToRole = assignableToRole; AutoSubscribeNewMembers = autoSubscribeNewMembers; @@ -342,6 +354,7 @@ private GetGroupResult( Members = members; ObjectId = objectId; OnpremisesDomainName = onpremisesDomainName; + OnpremisesGroupType = onpremisesGroupType; OnpremisesNetbiosName = onpremisesNetbiosName; OnpremisesSamAccountName = onpremisesSamAccountName; OnpremisesSecurityIdentifier = onpremisesSecurityIdentifier; @@ -354,6 +367,7 @@ private GetGroupResult( Theme = theme; Types = types; Visibility = visibility; + WritebackEnabled = writebackEnabled; } } } diff --git a/sdk/dotnet/GetUser.cs b/sdk/dotnet/GetUser.cs index 00228d0b4..3cf3d57a5 100644 --- a/sdk/dotnet/GetUser.cs +++ b/sdk/dotnet/GetUser.cs @@ -85,6 +85,12 @@ public static Output Invoke(GetUserInvokeArgs? args = null, Invok public sealed class GetUserArgs : global::Pulumi.InvokeArgs { + /// + /// The SMTP address for the user. + /// + [Input("mail")] + public string? Mail { get; set; } + /// /// The email alias of the user. /// @@ -111,6 +117,12 @@ public GetUserArgs() public sealed class GetUserInvokeArgs : global::Pulumi.InvokeArgs { + /// + /// The SMTP address for the user. + /// + [Input("mail")] + public Input? Mail { get; set; } + /// /// The email alias of the user. /// diff --git a/sdk/dotnet/Group.cs b/sdk/dotnet/Group.cs index 092c734b8..de1a5ce0b 100644 --- a/sdk/dotnet/Group.cs +++ b/sdk/dotnet/Group.cs @@ -16,7 +16,9 @@ namespace Pulumi.AzureAD /// /// The following API permissions are required in order to use this resource. /// - /// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + /// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + /// + /// Alternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`. /// /// If using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All` /// @@ -135,6 +137,12 @@ public partial class Group : global::Pulumi.CustomResource [Output("onpremisesDomainName")] public Output OnpremisesDomainName { get; private set; } = null!; + /// + /// The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + /// + [Output("onpremisesGroupType")] + public Output OnpremisesGroupType { get; private set; } = null!; + /// /// The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. /// @@ -213,6 +221,12 @@ public partial class Group : global::Pulumi.CustomResource [Output("visibility")] public Output Visibility { get; private set; } = null!; + /// + /// Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + /// + [Output("writebackEnabled")] + public Output WritebackEnabled { get; private set; } = null!; + /// /// Create a Group resource with the given unique name, arguments, and options. @@ -355,6 +369,12 @@ public InputList Members set => _members = value; } + /// + /// The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + /// + [Input("onpremisesGroupType")] + public Input? OnpremisesGroupType { get; set; } + [Input("owners")] private InputList? _owners; @@ -415,6 +435,12 @@ public InputList Types [Input("visibility")] public Input? Visibility { get; set; } + /// + /// Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + /// + [Input("writebackEnabled")] + public Input? WritebackEnabled { get; set; } + public GroupArgs() { } @@ -537,6 +563,12 @@ public InputList Members [Input("onpremisesDomainName")] public Input? OnpremisesDomainName { get; set; } + /// + /// The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + /// + [Input("onpremisesGroupType")] + public Input? OnpremisesGroupType { get; set; } + /// /// The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. /// @@ -639,6 +671,12 @@ public InputList Types [Input("visibility")] public Input? Visibility { get; set; } + /// + /// Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + /// + [Input("writebackEnabled")] + public Input? WritebackEnabled { get; set; } + public GroupState() { } diff --git a/sdk/dotnet/GroupMember.cs b/sdk/dotnet/GroupMember.cs index 9f8399bff..9a9cdb6e7 100644 --- a/sdk/dotnet/GroupMember.cs +++ b/sdk/dotnet/GroupMember.cs @@ -18,7 +18,9 @@ namespace Pulumi.AzureAD /// /// The following API permissions are required in order to use this resource. /// - /// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + /// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + /// + /// However, if the authenticated service principal is an owner of the group being managed, an application role is not required. /// /// When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator` /// diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.cs new file mode 100644 index 000000000..050c64a26 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs.cs new file mode 100644 index 000000000..c5b93d8ce --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.cs new file mode 100644 index 000000000..67806b8b4 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.cs @@ -0,0 +1,68 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether alternative approvers are enabled. + /// + [Input("alternativeApprovalEnabled")] + public Input? AlternativeApprovalEnabled { get; set; } + + [Input("alternativeApprovers")] + private InputList? _alternativeApprovers; + + /// + /// A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + /// + public InputList AlternativeApprovers + { + get => _alternativeApprovers ?? (_alternativeApprovers = new InputList()); + set => _alternativeApprovers = value; + } + + /// + /// Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + /// + [Input("approvalTimeoutInDays", required: true)] + public Input ApprovalTimeoutInDays { get; set; } = null!; + + /// + /// Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + /// + [Input("approverJustificationRequired")] + public Input? ApproverJustificationRequired { get; set; } + + /// + /// Number of days before the request is forwarded to alternative approvers. + /// + [Input("enableAlternativeApprovalInDays")] + public Input? EnableAlternativeApprovalInDays { get; set; } + + [Input("primaryApprovers")] + private InputList? _primaryApprovers; + + /// + /// A block specifying the users who will be asked to approve requests, as documented below. + /// + public InputList PrimaryApprovers + { + get => _primaryApprovers ?? (_primaryApprovers = new InputList()); + set => _primaryApprovers = value; + } + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs.cs new file mode 100644 index 000000000..714f9e61d --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs.cs @@ -0,0 +1,68 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether alternative approvers are enabled. + /// + [Input("alternativeApprovalEnabled")] + public Input? AlternativeApprovalEnabled { get; set; } + + [Input("alternativeApprovers")] + private InputList? _alternativeApprovers; + + /// + /// A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + /// + public InputList AlternativeApprovers + { + get => _alternativeApprovers ?? (_alternativeApprovers = new InputList()); + set => _alternativeApprovers = value; + } + + /// + /// Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + /// + [Input("approvalTimeoutInDays", required: true)] + public Input ApprovalTimeoutInDays { get; set; } = null!; + + /// + /// Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + /// + [Input("approverJustificationRequired")] + public Input? ApproverJustificationRequired { get; set; } + + /// + /// Number of days before the request is forwarded to alternative approvers. + /// + [Input("enableAlternativeApprovalInDays")] + public Input? EnableAlternativeApprovalInDays { get; set; } + + [Input("primaryApprovers")] + private InputList? _primaryApprovers; + + /// + /// A block specifying the users who will be asked to approve requests, as documented below. + /// + public InputList PrimaryApprovers + { + get => _primaryApprovers ?? (_primaryApprovers = new InputList()); + set => _primaryApprovers = value; + } + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.cs new file mode 100644 index 000000000..2b647b6ff --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs.cs new file mode 100644 index 000000000..ba252c8c6 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.cs new file mode 100644 index 000000000..9e3b0d4b1 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.cs @@ -0,0 +1,50 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether an approval is required. + /// + [Input("approvalRequired")] + public Input? ApprovalRequired { get; set; } + + /// + /// Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + /// + [Input("approvalRequiredForExtension")] + public Input? ApprovalRequiredForExtension { get; set; } + + [Input("approvalStages")] + private InputList? _approvalStages; + + /// + /// An `approval_stage` block specifying the process to obtain an approval, as documented below. + /// + public InputList ApprovalStages + { + get => _approvalStages ?? (_approvalStages = new InputList()); + set => _approvalStages = value; + } + + /// + /// Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + /// + [Input("requestorJustificationRequired")] + public Input? RequestorJustificationRequired { get; set; } + + public AccessPackageAssignmentPolicyApprovalSettingsArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsGetArgs.cs new file mode 100644 index 000000000..806c3900b --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyApprovalSettingsGetArgs.cs @@ -0,0 +1,50 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyApprovalSettingsGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether an approval is required. + /// + [Input("approvalRequired")] + public Input? ApprovalRequired { get; set; } + + /// + /// Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + /// + [Input("approvalRequiredForExtension")] + public Input? ApprovalRequiredForExtension { get; set; } + + [Input("approvalStages")] + private InputList? _approvalStages; + + /// + /// An `approval_stage` block specifying the process to obtain an approval, as documented below. + /// + public InputList ApprovalStages + { + get => _approvalStages ?? (_approvalStages = new InputList()); + set => _approvalStages = value; + } + + /// + /// Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + /// + [Input("requestorJustificationRequired")] + public Input? RequestorJustificationRequired { get; set; } + + public AccessPackageAssignmentPolicyApprovalSettingsGetArgs() + { + } + public static new AccessPackageAssignmentPolicyApprovalSettingsGetArgs Empty => new AccessPackageAssignmentPolicyApprovalSettingsGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.cs new file mode 100644 index 000000000..368f61b50 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.cs @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + /// + [Input("accessRecommendationEnabled")] + public Input? AccessRecommendationEnabled { get; set; } + + /// + /// Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + /// + [Input("accessReviewTimeoutBehavior")] + public Input? AccessReviewTimeoutBehavior { get; set; } + + /// + /// Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + /// + [Input("approverJustificationRequired")] + public Input? ApproverJustificationRequired { get; set; } + + /// + /// How many days each occurrence of the access review series will run. + /// + [Input("durationInDays")] + public Input? DurationInDays { get; set; } + + /// + /// Whether to enable assignment review. + /// + [Input("enabled")] + public Input? Enabled { get; set; } + + /// + /// This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + /// + [Input("reviewFrequency")] + public Input? ReviewFrequency { get; set; } + + /// + /// Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + /// + [Input("reviewType")] + public Input? ReviewType { get; set; } + + [Input("reviewers")] + private InputList? _reviewers; + + /// + /// One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + /// + public InputList Reviewers + { + get => _reviewers ?? (_reviewers = new InputList()); + set => _reviewers = value; + } + + /// + /// This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + /// + [Input("startingOn")] + public Input? StartingOn { get; set; } + + public AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs() + { + } + public static new AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs Empty => new AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs.cs new file mode 100644 index 000000000..393e5bf93 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs.cs @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + /// + [Input("accessRecommendationEnabled")] + public Input? AccessRecommendationEnabled { get; set; } + + /// + /// Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + /// + [Input("accessReviewTimeoutBehavior")] + public Input? AccessReviewTimeoutBehavior { get; set; } + + /// + /// Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + /// + [Input("approverJustificationRequired")] + public Input? ApproverJustificationRequired { get; set; } + + /// + /// How many days each occurrence of the access review series will run. + /// + [Input("durationInDays")] + public Input? DurationInDays { get; set; } + + /// + /// Whether to enable assignment review. + /// + [Input("enabled")] + public Input? Enabled { get; set; } + + /// + /// This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + /// + [Input("reviewFrequency")] + public Input? ReviewFrequency { get; set; } + + /// + /// Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + /// + [Input("reviewType")] + public Input? ReviewType { get; set; } + + [Input("reviewers")] + private InputList? _reviewers; + + /// + /// One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + /// + public InputList Reviewers + { + get => _reviewers ?? (_reviewers = new InputList()); + set => _reviewers = value; + } + + /// + /// This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + /// + [Input("startingOn")] + public Input? StartingOn { get; set; } + + public AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs() + { + } + public static new AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs Empty => new AccessPackageAssignmentPolicyAssignmentReviewSettingsGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.cs new file mode 100644 index 000000000..302b6cc91 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs() + { + } + public static new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs Empty => new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs.cs new file mode 100644 index 000000000..a92d41e28 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs() + { + } + public static new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs Empty => new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionArgs.cs new file mode 100644 index 000000000..79dd2d6ad --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionArgs.cs @@ -0,0 +1,50 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionArgs : global::Pulumi.ResourceArgs + { + [Input("choices")] + private InputList? _choices; + + /// + /// One or more blocks configuring a choice to the question, as documented below. + /// + public InputList Choices + { + get => _choices ?? (_choices = new InputList()); + set => _choices = value; + } + + /// + /// Whether this question is required. + /// + [Input("required")] + public Input? Required { get; set; } + + /// + /// The sequence number of this question. + /// + [Input("sequence")] + public Input? Sequence { get; set; } + + /// + /// A block describing the content of this question, as documented below. + /// + [Input("text", required: true)] + public Input Text { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionArgs Empty => new AccessPackageAssignmentPolicyQuestionArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.cs new file mode 100644 index 000000000..6ca19c271 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionChoiceArgs : global::Pulumi.ResourceArgs + { + /// + /// The actual value of this choice. + /// + [Input("actualValue", required: true)] + public Input ActualValue { get; set; } = null!; + + /// + /// A block describing the display text of this choice, as documented below. + /// + [Input("displayValue", required: true)] + public Input DisplayValue { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionChoiceArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionChoiceArgs Empty => new AccessPackageAssignmentPolicyQuestionChoiceArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.cs new file mode 100644 index 000000000..3f06172c5 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs : global::Pulumi.ResourceArgs + { + /// + /// The default text of this question. + /// + [Input("defaultText", required: true)] + public Input DefaultText { get; set; } = null!; + + [Input("localizedTexts")] + private InputList? _localizedTexts; + + /// + /// One or more blocks describing localized text of this question, as documented below. + /// + public InputList LocalizedTexts + { + get => _localizedTexts ?? (_localizedTexts = new InputList()); + set => _localizedTexts = value; + } + + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs Empty => new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs.cs new file mode 100644 index 000000000..c717ffb71 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The default text of this question. + /// + [Input("defaultText", required: true)] + public Input DefaultText { get; set; } = null!; + + [Input("localizedTexts")] + private InputList? _localizedTexts; + + /// + /// One or more blocks describing localized text of this question, as documented below. + /// + public InputList LocalizedTexts + { + get => _localizedTexts ?? (_localizedTexts = new InputList()); + set => _localizedTexts = value; + } + + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs Empty => new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.cs new file mode 100644 index 000000000..f30cdb423 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs : global::Pulumi.ResourceArgs + { + /// + /// The localized content of this question. + /// + [Input("content", required: true)] + public Input Content { get; set; } = null!; + + /// + /// The ISO 639 language code for this question content. + /// + [Input("languageCode", required: true)] + public Input LanguageCode { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs Empty => new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs.cs new file mode 100644 index 000000000..e3e16d052 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The localized content of this question. + /// + [Input("content", required: true)] + public Input Content { get; set; } = null!; + + /// + /// The ISO 639 language code for this question content. + /// + [Input("languageCode", required: true)] + public Input LanguageCode { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs Empty => new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceGetArgs.cs new file mode 100644 index 000000000..56d249b55 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionChoiceGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionChoiceGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The actual value of this choice. + /// + [Input("actualValue", required: true)] + public Input ActualValue { get; set; } = null!; + + /// + /// A block describing the display text of this choice, as documented below. + /// + [Input("displayValue", required: true)] + public Input DisplayValue { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionChoiceGetArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionChoiceGetArgs Empty => new AccessPackageAssignmentPolicyQuestionChoiceGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionGetArgs.cs new file mode 100644 index 000000000..a3f01660a --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionGetArgs.cs @@ -0,0 +1,50 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionGetArgs : global::Pulumi.ResourceArgs + { + [Input("choices")] + private InputList? _choices; + + /// + /// One or more blocks configuring a choice to the question, as documented below. + /// + public InputList Choices + { + get => _choices ?? (_choices = new InputList()); + set => _choices = value; + } + + /// + /// Whether this question is required. + /// + [Input("required")] + public Input? Required { get; set; } + + /// + /// The sequence number of this question. + /// + [Input("sequence")] + public Input? Sequence { get; set; } + + /// + /// A block describing the content of this question, as documented below. + /// + [Input("text", required: true)] + public Input Text { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionGetArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionGetArgs Empty => new AccessPackageAssignmentPolicyQuestionGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextArgs.cs new file mode 100644 index 000000000..45180445e --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionTextArgs : global::Pulumi.ResourceArgs + { + /// + /// The default text of this question. + /// + [Input("defaultText", required: true)] + public Input DefaultText { get; set; } = null!; + + [Input("localizedTexts")] + private InputList? _localizedTexts; + + /// + /// One or more blocks describing localized text of this question, as documented below. + /// + public InputList LocalizedTexts + { + get => _localizedTexts ?? (_localizedTexts = new InputList()); + set => _localizedTexts = value; + } + + public AccessPackageAssignmentPolicyQuestionTextArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionTextArgs Empty => new AccessPackageAssignmentPolicyQuestionTextArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextGetArgs.cs new file mode 100644 index 000000000..f51763307 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionTextGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The default text of this question. + /// + [Input("defaultText", required: true)] + public Input DefaultText { get; set; } = null!; + + [Input("localizedTexts")] + private InputList? _localizedTexts; + + /// + /// One or more blocks describing localized text of this question, as documented below. + /// + public InputList LocalizedTexts + { + get => _localizedTexts ?? (_localizedTexts = new InputList()); + set => _localizedTexts = value; + } + + public AccessPackageAssignmentPolicyQuestionTextGetArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionTextGetArgs Empty => new AccessPackageAssignmentPolicyQuestionTextGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.cs new file mode 100644 index 000000000..5b5e1116a --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs : global::Pulumi.ResourceArgs + { + /// + /// The localized content of this question. + /// + [Input("content", required: true)] + public Input Content { get; set; } = null!; + + /// + /// The ISO 639 language code for this question content. + /// + [Input("languageCode", required: true)] + public Input LanguageCode { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs Empty => new AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs.cs new file mode 100644 index 000000000..3c2a03c7c --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The localized content of this question. + /// + [Input("content", required: true)] + public Input Content { get; set; } = null!; + + /// + /// The ISO 639 language code for this question content. + /// + [Input("languageCode", required: true)] + public Input LanguageCode { get; set; } = null!; + + public AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs() + { + } + public static new AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs Empty => new AccessPackageAssignmentPolicyQuestionTextLocalizedTextGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.cs new file mode 100644 index 000000000..37f5a83be --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyRequestorSettingsArgs : global::Pulumi.ResourceArgs + { + [Input("requestors")] + private InputList? _requestors; + + /// + /// A block specifying the users who are allowed to request on this policy, as documented below. + /// + public InputList Requestors + { + get => _requestors ?? (_requestors = new InputList()); + set => _requestors = value; + } + + /// + /// Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + /// + [Input("requestsAccepted")] + public Input? RequestsAccepted { get; set; } + + /// + /// Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + /// + [Input("scopeType")] + public Input? ScopeType { get; set; } + + public AccessPackageAssignmentPolicyRequestorSettingsArgs() + { + } + public static new AccessPackageAssignmentPolicyRequestorSettingsArgs Empty => new AccessPackageAssignmentPolicyRequestorSettingsArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsGetArgs.cs new file mode 100644 index 000000000..d29eef371 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyRequestorSettingsGetArgs : global::Pulumi.ResourceArgs + { + [Input("requestors")] + private InputList? _requestors; + + /// + /// A block specifying the users who are allowed to request on this policy, as documented below. + /// + public InputList Requestors + { + get => _requestors ?? (_requestors = new InputList()); + set => _requestors = value; + } + + /// + /// Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + /// + [Input("requestsAccepted")] + public Input? RequestsAccepted { get; set; } + + /// + /// Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + /// + [Input("scopeType")] + public Input? ScopeType { get; set; } + + public AccessPackageAssignmentPolicyRequestorSettingsGetArgs() + { + } + public static new AccessPackageAssignmentPolicyRequestorSettingsGetArgs Empty => new AccessPackageAssignmentPolicyRequestorSettingsGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.cs new file mode 100644 index 000000000..767cb8572 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs() + { + } + public static new AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs Empty => new AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs(); + } +} diff --git a/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs.cs b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs.cs new file mode 100644 index 000000000..04e6dfbe7 --- /dev/null +++ b/sdk/dotnet/Inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs : global::Pulumi.ResourceArgs + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + [Input("backup")] + public Input? Backup { get; set; } + + /// + /// The ID of the subject. + /// + [Input("objectId")] + public Input? ObjectId { get; set; } + + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + [Input("subjectType", required: true)] + public Input SubjectType { get; set; } = null!; + + public AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs() + { + } + public static new AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs Empty => new AccessPackageAssignmentPolicyRequestorSettingsRequestorGetArgs(); + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettings.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettings.cs new file mode 100644 index 000000000..ac89d8791 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettings.cs @@ -0,0 +1,49 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyApprovalSettings + { + /// + /// Whether an approval is required. + /// + public readonly bool? ApprovalRequired; + /// + /// Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + /// + public readonly bool? ApprovalRequiredForExtension; + /// + /// An `approval_stage` block specifying the process to obtain an approval, as documented below. + /// + public readonly ImmutableArray ApprovalStages; + /// + /// Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + /// + public readonly bool? RequestorJustificationRequired; + + [OutputConstructor] + private AccessPackageAssignmentPolicyApprovalSettings( + bool? approvalRequired, + + bool? approvalRequiredForExtension, + + ImmutableArray approvalStages, + + bool? requestorJustificationRequired) + { + ApprovalRequired = approvalRequired; + ApprovalRequiredForExtension = approvalRequiredForExtension; + ApprovalStages = approvalStages; + RequestorJustificationRequired = requestorJustificationRequired; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.cs new file mode 100644 index 000000000..d2aca1b1a --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.cs @@ -0,0 +1,63 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStage + { + /// + /// Whether alternative approvers are enabled. + /// + public readonly bool? AlternativeApprovalEnabled; + /// + /// A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + /// + public readonly ImmutableArray AlternativeApprovers; + /// + /// Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + /// + public readonly int ApprovalTimeoutInDays; + /// + /// Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + /// + public readonly bool? ApproverJustificationRequired; + /// + /// Number of days before the request is forwarded to alternative approvers. + /// + public readonly int? EnableAlternativeApprovalInDays; + /// + /// A block specifying the users who will be asked to approve requests, as documented below. + /// + public readonly ImmutableArray PrimaryApprovers; + + [OutputConstructor] + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStage( + bool? alternativeApprovalEnabled, + + ImmutableArray alternativeApprovers, + + int approvalTimeoutInDays, + + bool? approverJustificationRequired, + + int? enableAlternativeApprovalInDays, + + ImmutableArray primaryApprovers) + { + AlternativeApprovalEnabled = alternativeApprovalEnabled; + AlternativeApprovers = alternativeApprovers; + ApprovalTimeoutInDays = approvalTimeoutInDays; + ApproverJustificationRequired = approverJustificationRequired; + EnableAlternativeApprovalInDays = enableAlternativeApprovalInDays; + PrimaryApprovers = primaryApprovers; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.cs new file mode 100644 index 000000000..0cfaf5d2a --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + public readonly bool? Backup; + /// + /// The ID of the subject. + /// + public readonly string? ObjectId; + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + public readonly string SubjectType; + + [OutputConstructor] + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover( + bool? backup, + + string? objectId, + + string subjectType) + { + Backup = backup; + ObjectId = objectId; + SubjectType = subjectType; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.cs new file mode 100644 index 000000000..0f7148489 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + public readonly bool? Backup; + /// + /// The ID of the subject. + /// + public readonly string? ObjectId; + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + public readonly string SubjectType; + + [OutputConstructor] + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover( + bool? backup, + + string? objectId, + + string subjectType) + { + Backup = backup; + ObjectId = objectId; + SubjectType = subjectType; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.cs new file mode 100644 index 000000000..9195f801a --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.cs @@ -0,0 +1,84 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyAssignmentReviewSettings + { + /// + /// Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + /// + public readonly bool? AccessRecommendationEnabled; + /// + /// Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + /// + public readonly string? AccessReviewTimeoutBehavior; + /// + /// Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + /// + public readonly bool? ApproverJustificationRequired; + /// + /// How many days each occurrence of the access review series will run. + /// + public readonly int? DurationInDays; + /// + /// Whether to enable assignment review. + /// + public readonly bool? Enabled; + /// + /// This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + /// + public readonly string? ReviewFrequency; + /// + /// Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + /// + public readonly string? ReviewType; + /// + /// One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + /// + public readonly ImmutableArray Reviewers; + /// + /// This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + /// + public readonly string? StartingOn; + + [OutputConstructor] + private AccessPackageAssignmentPolicyAssignmentReviewSettings( + bool? accessRecommendationEnabled, + + string? accessReviewTimeoutBehavior, + + bool? approverJustificationRequired, + + int? durationInDays, + + bool? enabled, + + string? reviewFrequency, + + string? reviewType, + + ImmutableArray reviewers, + + string? startingOn) + { + AccessRecommendationEnabled = accessRecommendationEnabled; + AccessReviewTimeoutBehavior = accessReviewTimeoutBehavior; + ApproverJustificationRequired = approverJustificationRequired; + DurationInDays = durationInDays; + Enabled = enabled; + ReviewFrequency = reviewFrequency; + ReviewType = reviewType; + Reviewers = reviewers; + StartingOn = startingOn; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.cs new file mode 100644 index 000000000..93f6200d0 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + public readonly bool? Backup; + /// + /// The ID of the subject. + /// + public readonly string? ObjectId; + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + public readonly string SubjectType; + + [OutputConstructor] + private AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer( + bool? backup, + + string? objectId, + + string subjectType) + { + Backup = backup; + ObjectId = objectId; + SubjectType = subjectType; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestion.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestion.cs new file mode 100644 index 000000000..ff9a15b5f --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestion.cs @@ -0,0 +1,49 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyQuestion + { + /// + /// One or more blocks configuring a choice to the question, as documented below. + /// + public readonly ImmutableArray Choices; + /// + /// Whether this question is required. + /// + public readonly bool? Required; + /// + /// The sequence number of this question. + /// + public readonly int? Sequence; + /// + /// A block describing the content of this question, as documented below. + /// + public readonly Outputs.AccessPackageAssignmentPolicyQuestionText Text; + + [OutputConstructor] + private AccessPackageAssignmentPolicyQuestion( + ImmutableArray choices, + + bool? required, + + int? sequence, + + Outputs.AccessPackageAssignmentPolicyQuestionText text) + { + Choices = choices; + Required = required; + Sequence = sequence; + Text = text; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoice.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoice.cs new file mode 100644 index 000000000..0ca535c06 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoice.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyQuestionChoice + { + /// + /// The actual value of this choice. + /// + public readonly string ActualValue; + /// + /// A block describing the display text of this choice, as documented below. + /// + public readonly Outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValue DisplayValue; + + [OutputConstructor] + private AccessPackageAssignmentPolicyQuestionChoice( + string actualValue, + + Outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValue displayValue) + { + ActualValue = actualValue; + DisplayValue = displayValue; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.cs new file mode 100644 index 000000000..3d89f7d11 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyQuestionChoiceDisplayValue + { + /// + /// The default text of this question. + /// + public readonly string DefaultText; + /// + /// One or more blocks describing localized text of this question, as documented below. + /// + public readonly ImmutableArray LocalizedTexts; + + [OutputConstructor] + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValue( + string defaultText, + + ImmutableArray localizedTexts) + { + DefaultText = defaultText; + LocalizedTexts = localizedTexts; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.cs new file mode 100644 index 000000000..53173b5fd --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText + { + /// + /// The localized content of this question. + /// + public readonly string Content; + /// + /// The ISO 639 language code for this question content. + /// + public readonly string LanguageCode; + + [OutputConstructor] + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText( + string content, + + string languageCode) + { + Content = content; + LanguageCode = languageCode; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionText.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionText.cs new file mode 100644 index 000000000..cd6d8074b --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionText.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyQuestionText + { + /// + /// The default text of this question. + /// + public readonly string DefaultText; + /// + /// One or more blocks describing localized text of this question, as documented below. + /// + public readonly ImmutableArray LocalizedTexts; + + [OutputConstructor] + private AccessPackageAssignmentPolicyQuestionText( + string defaultText, + + ImmutableArray localizedTexts) + { + DefaultText = defaultText; + LocalizedTexts = localizedTexts; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.cs new file mode 100644 index 000000000..80fe876d6 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyQuestionTextLocalizedText + { + /// + /// The localized content of this question. + /// + public readonly string Content; + /// + /// The ISO 639 language code for this question content. + /// + public readonly string LanguageCode; + + [OutputConstructor] + private AccessPackageAssignmentPolicyQuestionTextLocalizedText( + string content, + + string languageCode) + { + Content = content; + LanguageCode = languageCode; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettings.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettings.cs new file mode 100644 index 000000000..dab0ae3e8 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettings.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyRequestorSettings + { + /// + /// A block specifying the users who are allowed to request on this policy, as documented below. + /// + public readonly ImmutableArray Requestors; + /// + /// Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + /// + public readonly bool? RequestsAccepted; + /// + /// Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + /// + public readonly string? ScopeType; + + [OutputConstructor] + private AccessPackageAssignmentPolicyRequestorSettings( + ImmutableArray requestors, + + bool? requestsAccepted, + + string? scopeType) + { + Requestors = requestors; + RequestsAccepted = requestsAccepted; + ScopeType = scopeType; + } + } +} diff --git a/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.cs b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.cs new file mode 100644 index 000000000..85fe8d7d0 --- /dev/null +++ b/sdk/dotnet/Outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class AccessPackageAssignmentPolicyRequestorSettingsRequestor + { + /// + /// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + /// + public readonly bool? Backup; + /// + /// The ID of the subject. + /// + public readonly string? ObjectId; + /// + /// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + /// + public readonly string SubjectType; + + [OutputConstructor] + private AccessPackageAssignmentPolicyRequestorSettingsRequestor( + bool? backup, + + string? objectId, + + string subjectType) + { + Backup = backup; + ObjectId = objectId; + SubjectType = subjectType; + } + } +} diff --git a/sdk/dotnet/UserFlowAttribute.cs b/sdk/dotnet/UserFlowAttribute.cs new file mode 100644 index 000000000..a9053fbdd --- /dev/null +++ b/sdk/dotnet/UserFlowAttribute.cs @@ -0,0 +1,180 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD +{ + /// + /// Manages user flow attributes in an Azure Active Directory (Azure AD) tenant. + /// + /// ## API Permissions + /// + /// The following API permissions are required in order to use this resource. + /// + /// When authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All` + /// + /// ## Example Usage + /// + /// *Basic example* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new AzureAD.UserFlowAttribute("example", new() + /// { + /// DataType = "string", + /// Description = "Your hobby", + /// DisplayName = "Hobby", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// User flow attributes can be imported using the `id`, e.g. + /// + /// ```sh + /// $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + /// ``` + /// + /// -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). + /// + [AzureADResourceType("azuread:index/userFlowAttribute:UserFlowAttribute")] + public partial class UserFlowAttribute : global::Pulumi.CustomResource + { + /// + /// The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + /// + [Output("attributeType")] + public Output AttributeType { get; private set; } = null!; + + /// + /// The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + /// + [Output("dataType")] + public Output DataType { get; private set; } = null!; + + /// + /// The description of the user flow attribute that is shown to the user at the time of sign-up. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// The display name of the user flow attribute. Changing this forces a new resource to be created. + /// + [Output("displayName")] + public Output DisplayName { get; private set; } = null!; + + + /// + /// Create a UserFlowAttribute resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public UserFlowAttribute(string name, UserFlowAttributeArgs args, CustomResourceOptions? options = null) + : base("azuread:index/userFlowAttribute:UserFlowAttribute", name, args ?? new UserFlowAttributeArgs(), MakeResourceOptions(options, "")) + { + } + + private UserFlowAttribute(string name, Input id, UserFlowAttributeState? state = null, CustomResourceOptions? options = null) + : base("azuread:index/userFlowAttribute:UserFlowAttribute", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing UserFlowAttribute resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static UserFlowAttribute Get(string name, Input id, UserFlowAttributeState? state = null, CustomResourceOptions? options = null) + { + return new UserFlowAttribute(name, id, state, options); + } + } + + public sealed class UserFlowAttributeArgs : global::Pulumi.ResourceArgs + { + /// + /// The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + /// + [Input("dataType", required: true)] + public Input DataType { get; set; } = null!; + + /// + /// The description of the user flow attribute that is shown to the user at the time of sign-up. + /// + [Input("description", required: true)] + public Input Description { get; set; } = null!; + + /// + /// The display name of the user flow attribute. Changing this forces a new resource to be created. + /// + [Input("displayName", required: true)] + public Input DisplayName { get; set; } = null!; + + public UserFlowAttributeArgs() + { + } + public static new UserFlowAttributeArgs Empty => new UserFlowAttributeArgs(); + } + + public sealed class UserFlowAttributeState : global::Pulumi.ResourceArgs + { + /// + /// The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + /// + [Input("attributeType")] + public Input? AttributeType { get; set; } + + /// + /// The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + /// + [Input("dataType")] + public Input? DataType { get; set; } + + /// + /// The description of the user flow attribute that is shown to the user at the time of sign-up. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// The display name of the user flow attribute. Changing this forces a new resource to be created. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + public UserFlowAttributeState() + { + } + public static new UserFlowAttributeState Empty => new UserFlowAttributeState(); + } +} diff --git a/sdk/go/azuread/accessPackage.go b/sdk/go/azuread/accessPackage.go new file mode 100644 index 000000000..412e1a818 --- /dev/null +++ b/sdk/go/azuread/accessPackage.go @@ -0,0 +1,321 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages an Access Package within Identity Governance in Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this resource. +// +// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. +// +// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator` +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, "exampleAccessPackageCatalog", &azuread.AccessPackageCatalogArgs{ +// DisplayName: pulumi.String("example-catalog"), +// Description: pulumi.String("Example catalog"), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAccessPackage(ctx, "exampleAccessPackage", &azuread.AccessPackageArgs{ +// CatalogId: exampleAccessPackageCatalog.ID(), +// DisplayName: pulumi.String("access-package"), +// Description: pulumi.String("Access Package"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// Access Packages can be imported using the `id`, e.g. +// +// ```sh +// +// $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 +// +// ``` +type AccessPackage struct { + pulumi.CustomResourceState + + // The ID of the Catalog this access package will be created in. + CatalogId pulumi.StringOutput `pulumi:"catalogId"` + // The description of the access package. + Description pulumi.StringOutput `pulumi:"description"` + // The display name of the access package. + DisplayName pulumi.StringOutput `pulumi:"displayName"` + // Whether the access package is hidden from the requestor. + Hidden pulumi.BoolPtrOutput `pulumi:"hidden"` +} + +// NewAccessPackage registers a new resource with the given unique name, arguments, and options. +func NewAccessPackage(ctx *pulumi.Context, + name string, args *AccessPackageArgs, opts ...pulumi.ResourceOption) (*AccessPackage, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.CatalogId == nil { + return nil, errors.New("invalid value for required argument 'CatalogId'") + } + if args.Description == nil { + return nil, errors.New("invalid value for required argument 'Description'") + } + if args.DisplayName == nil { + return nil, errors.New("invalid value for required argument 'DisplayName'") + } + var resource AccessPackage + err := ctx.RegisterResource("azuread:index/accessPackage:AccessPackage", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAccessPackage gets an existing AccessPackage resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAccessPackage(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AccessPackageState, opts ...pulumi.ResourceOption) (*AccessPackage, error) { + var resource AccessPackage + err := ctx.ReadResource("azuread:index/accessPackage:AccessPackage", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AccessPackage resources. +type accessPackageState struct { + // The ID of the Catalog this access package will be created in. + CatalogId *string `pulumi:"catalogId"` + // The description of the access package. + Description *string `pulumi:"description"` + // The display name of the access package. + DisplayName *string `pulumi:"displayName"` + // Whether the access package is hidden from the requestor. + Hidden *bool `pulumi:"hidden"` +} + +type AccessPackageState struct { + // The ID of the Catalog this access package will be created in. + CatalogId pulumi.StringPtrInput + // The description of the access package. + Description pulumi.StringPtrInput + // The display name of the access package. + DisplayName pulumi.StringPtrInput + // Whether the access package is hidden from the requestor. + Hidden pulumi.BoolPtrInput +} + +func (AccessPackageState) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageState)(nil)).Elem() +} + +type accessPackageArgs struct { + // The ID of the Catalog this access package will be created in. + CatalogId string `pulumi:"catalogId"` + // The description of the access package. + Description string `pulumi:"description"` + // The display name of the access package. + DisplayName string `pulumi:"displayName"` + // Whether the access package is hidden from the requestor. + Hidden *bool `pulumi:"hidden"` +} + +// The set of arguments for constructing a AccessPackage resource. +type AccessPackageArgs struct { + // The ID of the Catalog this access package will be created in. + CatalogId pulumi.StringInput + // The description of the access package. + Description pulumi.StringInput + // The display name of the access package. + DisplayName pulumi.StringInput + // Whether the access package is hidden from the requestor. + Hidden pulumi.BoolPtrInput +} + +func (AccessPackageArgs) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageArgs)(nil)).Elem() +} + +type AccessPackageInput interface { + pulumi.Input + + ToAccessPackageOutput() AccessPackageOutput + ToAccessPackageOutputWithContext(ctx context.Context) AccessPackageOutput +} + +func (*AccessPackage) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackage)(nil)).Elem() +} + +func (i *AccessPackage) ToAccessPackageOutput() AccessPackageOutput { + return i.ToAccessPackageOutputWithContext(context.Background()) +} + +func (i *AccessPackage) ToAccessPackageOutputWithContext(ctx context.Context) AccessPackageOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageOutput) +} + +// AccessPackageArrayInput is an input type that accepts AccessPackageArray and AccessPackageArrayOutput values. +// You can construct a concrete instance of `AccessPackageArrayInput` via: +// +// AccessPackageArray{ AccessPackageArgs{...} } +type AccessPackageArrayInput interface { + pulumi.Input + + ToAccessPackageArrayOutput() AccessPackageArrayOutput + ToAccessPackageArrayOutputWithContext(context.Context) AccessPackageArrayOutput +} + +type AccessPackageArray []AccessPackageInput + +func (AccessPackageArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackage)(nil)).Elem() +} + +func (i AccessPackageArray) ToAccessPackageArrayOutput() AccessPackageArrayOutput { + return i.ToAccessPackageArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageArray) ToAccessPackageArrayOutputWithContext(ctx context.Context) AccessPackageArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageArrayOutput) +} + +// AccessPackageMapInput is an input type that accepts AccessPackageMap and AccessPackageMapOutput values. +// You can construct a concrete instance of `AccessPackageMapInput` via: +// +// AccessPackageMap{ "key": AccessPackageArgs{...} } +type AccessPackageMapInput interface { + pulumi.Input + + ToAccessPackageMapOutput() AccessPackageMapOutput + ToAccessPackageMapOutputWithContext(context.Context) AccessPackageMapOutput +} + +type AccessPackageMap map[string]AccessPackageInput + +func (AccessPackageMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackage)(nil)).Elem() +} + +func (i AccessPackageMap) ToAccessPackageMapOutput() AccessPackageMapOutput { + return i.ToAccessPackageMapOutputWithContext(context.Background()) +} + +func (i AccessPackageMap) ToAccessPackageMapOutputWithContext(ctx context.Context) AccessPackageMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageMapOutput) +} + +type AccessPackageOutput struct{ *pulumi.OutputState } + +func (AccessPackageOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackage)(nil)).Elem() +} + +func (o AccessPackageOutput) ToAccessPackageOutput() AccessPackageOutput { + return o +} + +func (o AccessPackageOutput) ToAccessPackageOutputWithContext(ctx context.Context) AccessPackageOutput { + return o +} + +// The ID of the Catalog this access package will be created in. +func (o AccessPackageOutput) CatalogId() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackage) pulumi.StringOutput { return v.CatalogId }).(pulumi.StringOutput) +} + +// The description of the access package. +func (o AccessPackageOutput) Description() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackage) pulumi.StringOutput { return v.Description }).(pulumi.StringOutput) +} + +// The display name of the access package. +func (o AccessPackageOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackage) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) +} + +// Whether the access package is hidden from the requestor. +func (o AccessPackageOutput) Hidden() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackage) pulumi.BoolPtrOutput { return v.Hidden }).(pulumi.BoolPtrOutput) +} + +type AccessPackageArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackage)(nil)).Elem() +} + +func (o AccessPackageArrayOutput) ToAccessPackageArrayOutput() AccessPackageArrayOutput { + return o +} + +func (o AccessPackageArrayOutput) ToAccessPackageArrayOutputWithContext(ctx context.Context) AccessPackageArrayOutput { + return o +} + +func (o AccessPackageArrayOutput) Index(i pulumi.IntInput) AccessPackageOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AccessPackage { + return vs[0].([]*AccessPackage)[vs[1].(int)] + }).(AccessPackageOutput) +} + +type AccessPackageMapOutput struct{ *pulumi.OutputState } + +func (AccessPackageMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackage)(nil)).Elem() +} + +func (o AccessPackageMapOutput) ToAccessPackageMapOutput() AccessPackageMapOutput { + return o +} + +func (o AccessPackageMapOutput) ToAccessPackageMapOutputWithContext(ctx context.Context) AccessPackageMapOutput { + return o +} + +func (o AccessPackageMapOutput) MapIndex(k pulumi.StringInput) AccessPackageOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AccessPackage { + return vs[0].(map[string]*AccessPackage)[vs[1].(string)] + }).(AccessPackageOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageInput)(nil)).Elem(), &AccessPackage{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageArrayInput)(nil)).Elem(), AccessPackageArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageMapInput)(nil)).Elem(), AccessPackageMap{}) + pulumi.RegisterOutputType(AccessPackageOutput{}) + pulumi.RegisterOutputType(AccessPackageArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageMapOutput{}) +} diff --git a/sdk/go/azuread/accessPackageAssignmentPolicy.go b/sdk/go/azuread/accessPackageAssignmentPolicy.go new file mode 100644 index 000000000..4858c8e85 --- /dev/null +++ b/sdk/go/azuread/accessPackageAssignmentPolicy.go @@ -0,0 +1,466 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages an assignment policy for an access package within Identity Governance in Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this resource. +// +// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. +// +// When authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.NewGroup(ctx, "exampleGroup", &azuread.GroupArgs{ +// DisplayName: pulumi.String("group-name"), +// SecurityEnabled: pulumi.Bool(true), +// }) +// if err != nil { +// return err +// } +// exampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, "exampleAccessPackageCatalog", &azuread.AccessPackageCatalogArgs{ +// DisplayName: pulumi.String("example-catalog"), +// Description: pulumi.String("Example catalog"), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAccessPackage(ctx, "exampleAccessPackage", &azuread.AccessPackageArgs{ +// CatalogId: exampleAccessPackageCatalog.ID(), +// DisplayName: pulumi.String("access-package"), +// Description: pulumi.String("Access Package"), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAccessPackageAssignmentPolicy(ctx, "test", &azuread.AccessPackageAssignmentPolicyArgs{ +// AccessPackageId: pulumi.Any(azuread_access_package.Test.Id), +// DisplayName: pulumi.String("assignment-policy"), +// Description: pulumi.String("My assignment policy"), +// DurationInDays: pulumi.Int(90), +// RequestorSettings: &azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{ +// ScopeType: pulumi.String("AllExistingDirectoryMemberUsers"), +// }, +// ApprovalSettings: &azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{ +// ApprovalRequired: pulumi.Bool(true), +// ApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{ +// &azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{ +// ApprovalTimeoutInDays: pulumi.Int(14), +// PrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{ +// &azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{ +// ObjectId: pulumi.Any(azuread_group.Test.Object_id), +// SubjectType: pulumi.String("groupMembers"), +// }, +// }, +// }, +// }, +// }, +// AssignmentReviewSettings: &azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{ +// Enabled: pulumi.Bool(true), +// ReviewFrequency: pulumi.String("weekly"), +// DurationInDays: pulumi.Int(3), +// ReviewType: pulumi.String("Self"), +// AccessReviewTimeoutBehavior: pulumi.String("keepAccess"), +// }, +// Questions: azuread.AccessPackageAssignmentPolicyQuestionArray{ +// &azuread.AccessPackageAssignmentPolicyQuestionArgs{ +// Text: &azuread.AccessPackageAssignmentPolicyQuestionTextArgs{ +// DefaultText: pulumi.String("hello, how are you?"), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// An access package assignment policy can be imported using the ID, e.g. +// +// ```sh +// +// $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 +// +// ``` +type AccessPackageAssignmentPolicy struct { + pulumi.CustomResourceState + + // The ID of the access package that will contain the policy. + AccessPackageId pulumi.StringOutput `pulumi:"accessPackageId"` + // An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + ApprovalSettings AccessPackageAssignmentPolicyApprovalSettingsPtrOutput `pulumi:"approvalSettings"` + // An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + AssignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput `pulumi:"assignmentReviewSettings"` + // The description of the policy. + Description pulumi.StringOutput `pulumi:"description"` + // The display name of the policy. + DisplayName pulumi.StringOutput `pulumi:"displayName"` + // How many days this assignment is valid for. + DurationInDays pulumi.IntPtrOutput `pulumi:"durationInDays"` + // The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + ExpirationDate pulumi.StringPtrOutput `pulumi:"expirationDate"` + // Whether users will be able to request extension of their access to this package before their access expires. + ExtensionEnabled pulumi.BoolPtrOutput `pulumi:"extensionEnabled"` + // One or more `question` blocks for the requestor, as documented below. + Questions AccessPackageAssignmentPolicyQuestionArrayOutput `pulumi:"questions"` + // A `requestorSettings` block to configure the users who can request access, as documented below. + RequestorSettings AccessPackageAssignmentPolicyRequestorSettingsPtrOutput `pulumi:"requestorSettings"` +} + +// NewAccessPackageAssignmentPolicy registers a new resource with the given unique name, arguments, and options. +func NewAccessPackageAssignmentPolicy(ctx *pulumi.Context, + name string, args *AccessPackageAssignmentPolicyArgs, opts ...pulumi.ResourceOption) (*AccessPackageAssignmentPolicy, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AccessPackageId == nil { + return nil, errors.New("invalid value for required argument 'AccessPackageId'") + } + if args.Description == nil { + return nil, errors.New("invalid value for required argument 'Description'") + } + if args.DisplayName == nil { + return nil, errors.New("invalid value for required argument 'DisplayName'") + } + var resource AccessPackageAssignmentPolicy + err := ctx.RegisterResource("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAccessPackageAssignmentPolicy gets an existing AccessPackageAssignmentPolicy resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAccessPackageAssignmentPolicy(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AccessPackageAssignmentPolicyState, opts ...pulumi.ResourceOption) (*AccessPackageAssignmentPolicy, error) { + var resource AccessPackageAssignmentPolicy + err := ctx.ReadResource("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AccessPackageAssignmentPolicy resources. +type accessPackageAssignmentPolicyState struct { + // The ID of the access package that will contain the policy. + AccessPackageId *string `pulumi:"accessPackageId"` + // An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + ApprovalSettings *AccessPackageAssignmentPolicyApprovalSettings `pulumi:"approvalSettings"` + // An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + AssignmentReviewSettings *AccessPackageAssignmentPolicyAssignmentReviewSettings `pulumi:"assignmentReviewSettings"` + // The description of the policy. + Description *string `pulumi:"description"` + // The display name of the policy. + DisplayName *string `pulumi:"displayName"` + // How many days this assignment is valid for. + DurationInDays *int `pulumi:"durationInDays"` + // The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + ExpirationDate *string `pulumi:"expirationDate"` + // Whether users will be able to request extension of their access to this package before their access expires. + ExtensionEnabled *bool `pulumi:"extensionEnabled"` + // One or more `question` blocks for the requestor, as documented below. + Questions []AccessPackageAssignmentPolicyQuestion `pulumi:"questions"` + // A `requestorSettings` block to configure the users who can request access, as documented below. + RequestorSettings *AccessPackageAssignmentPolicyRequestorSettings `pulumi:"requestorSettings"` +} + +type AccessPackageAssignmentPolicyState struct { + // The ID of the access package that will contain the policy. + AccessPackageId pulumi.StringPtrInput + // An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + ApprovalSettings AccessPackageAssignmentPolicyApprovalSettingsPtrInput + // An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + AssignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrInput + // The description of the policy. + Description pulumi.StringPtrInput + // The display name of the policy. + DisplayName pulumi.StringPtrInput + // How many days this assignment is valid for. + DurationInDays pulumi.IntPtrInput + // The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + ExpirationDate pulumi.StringPtrInput + // Whether users will be able to request extension of their access to this package before their access expires. + ExtensionEnabled pulumi.BoolPtrInput + // One or more `question` blocks for the requestor, as documented below. + Questions AccessPackageAssignmentPolicyQuestionArrayInput + // A `requestorSettings` block to configure the users who can request access, as documented below. + RequestorSettings AccessPackageAssignmentPolicyRequestorSettingsPtrInput +} + +func (AccessPackageAssignmentPolicyState) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageAssignmentPolicyState)(nil)).Elem() +} + +type accessPackageAssignmentPolicyArgs struct { + // The ID of the access package that will contain the policy. + AccessPackageId string `pulumi:"accessPackageId"` + // An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + ApprovalSettings *AccessPackageAssignmentPolicyApprovalSettings `pulumi:"approvalSettings"` + // An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + AssignmentReviewSettings *AccessPackageAssignmentPolicyAssignmentReviewSettings `pulumi:"assignmentReviewSettings"` + // The description of the policy. + Description string `pulumi:"description"` + // The display name of the policy. + DisplayName string `pulumi:"displayName"` + // How many days this assignment is valid for. + DurationInDays *int `pulumi:"durationInDays"` + // The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + ExpirationDate *string `pulumi:"expirationDate"` + // Whether users will be able to request extension of their access to this package before their access expires. + ExtensionEnabled *bool `pulumi:"extensionEnabled"` + // One or more `question` blocks for the requestor, as documented below. + Questions []AccessPackageAssignmentPolicyQuestion `pulumi:"questions"` + // A `requestorSettings` block to configure the users who can request access, as documented below. + RequestorSettings *AccessPackageAssignmentPolicyRequestorSettings `pulumi:"requestorSettings"` +} + +// The set of arguments for constructing a AccessPackageAssignmentPolicy resource. +type AccessPackageAssignmentPolicyArgs struct { + // The ID of the access package that will contain the policy. + AccessPackageId pulumi.StringInput + // An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + ApprovalSettings AccessPackageAssignmentPolicyApprovalSettingsPtrInput + // An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + AssignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrInput + // The description of the policy. + Description pulumi.StringInput + // The display name of the policy. + DisplayName pulumi.StringInput + // How many days this assignment is valid for. + DurationInDays pulumi.IntPtrInput + // The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + ExpirationDate pulumi.StringPtrInput + // Whether users will be able to request extension of their access to this package before their access expires. + ExtensionEnabled pulumi.BoolPtrInput + // One or more `question` blocks for the requestor, as documented below. + Questions AccessPackageAssignmentPolicyQuestionArrayInput + // A `requestorSettings` block to configure the users who can request access, as documented below. + RequestorSettings AccessPackageAssignmentPolicyRequestorSettingsPtrInput +} + +func (AccessPackageAssignmentPolicyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageAssignmentPolicyArgs)(nil)).Elem() +} + +type AccessPackageAssignmentPolicyInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyOutput() AccessPackageAssignmentPolicyOutput + ToAccessPackageAssignmentPolicyOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyOutput +} + +func (*AccessPackageAssignmentPolicy) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicy)(nil)).Elem() +} + +func (i *AccessPackageAssignmentPolicy) ToAccessPackageAssignmentPolicyOutput() AccessPackageAssignmentPolicyOutput { + return i.ToAccessPackageAssignmentPolicyOutputWithContext(context.Background()) +} + +func (i *AccessPackageAssignmentPolicy) ToAccessPackageAssignmentPolicyOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyOutput) +} + +// AccessPackageAssignmentPolicyArrayInput is an input type that accepts AccessPackageAssignmentPolicyArray and AccessPackageAssignmentPolicyArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyArrayInput` via: +// +// AccessPackageAssignmentPolicyArray{ AccessPackageAssignmentPolicyArgs{...} } +type AccessPackageAssignmentPolicyArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyArrayOutput() AccessPackageAssignmentPolicyArrayOutput + ToAccessPackageAssignmentPolicyArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyArrayOutput +} + +type AccessPackageAssignmentPolicyArray []AccessPackageAssignmentPolicyInput + +func (AccessPackageAssignmentPolicyArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageAssignmentPolicy)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyArray) ToAccessPackageAssignmentPolicyArrayOutput() AccessPackageAssignmentPolicyArrayOutput { + return i.ToAccessPackageAssignmentPolicyArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyArray) ToAccessPackageAssignmentPolicyArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyArrayOutput) +} + +// AccessPackageAssignmentPolicyMapInput is an input type that accepts AccessPackageAssignmentPolicyMap and AccessPackageAssignmentPolicyMapOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyMapInput` via: +// +// AccessPackageAssignmentPolicyMap{ "key": AccessPackageAssignmentPolicyArgs{...} } +type AccessPackageAssignmentPolicyMapInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyMapOutput() AccessPackageAssignmentPolicyMapOutput + ToAccessPackageAssignmentPolicyMapOutputWithContext(context.Context) AccessPackageAssignmentPolicyMapOutput +} + +type AccessPackageAssignmentPolicyMap map[string]AccessPackageAssignmentPolicyInput + +func (AccessPackageAssignmentPolicyMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageAssignmentPolicy)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyMap) ToAccessPackageAssignmentPolicyMapOutput() AccessPackageAssignmentPolicyMapOutput { + return i.ToAccessPackageAssignmentPolicyMapOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyMap) ToAccessPackageAssignmentPolicyMapOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyMapOutput) +} + +type AccessPackageAssignmentPolicyOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicy)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyOutput) ToAccessPackageAssignmentPolicyOutput() AccessPackageAssignmentPolicyOutput { + return o +} + +func (o AccessPackageAssignmentPolicyOutput) ToAccessPackageAssignmentPolicyOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyOutput { + return o +} + +// The ID of the access package that will contain the policy. +func (o AccessPackageAssignmentPolicyOutput) AccessPackageId() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) pulumi.StringOutput { return v.AccessPackageId }).(pulumi.StringOutput) +} + +// An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. +func (o AccessPackageAssignmentPolicyOutput) ApprovalSettings() AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return v.ApprovalSettings + }).(AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) +} + +// An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. +func (o AccessPackageAssignmentPolicyOutput) AssignmentReviewSettings() AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return v.AssignmentReviewSettings + }).(AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) +} + +// The description of the policy. +func (o AccessPackageAssignmentPolicyOutput) Description() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) pulumi.StringOutput { return v.Description }).(pulumi.StringOutput) +} + +// The display name of the policy. +func (o AccessPackageAssignmentPolicyOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) +} + +// How many days this assignment is valid for. +func (o AccessPackageAssignmentPolicyOutput) DurationInDays() pulumi.IntPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) pulumi.IntPtrOutput { return v.DurationInDays }).(pulumi.IntPtrOutput) +} + +// The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). +func (o AccessPackageAssignmentPolicyOutput) ExpirationDate() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) pulumi.StringPtrOutput { return v.ExpirationDate }).(pulumi.StringPtrOutput) +} + +// Whether users will be able to request extension of their access to this package before their access expires. +func (o AccessPackageAssignmentPolicyOutput) ExtensionEnabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) pulumi.BoolPtrOutput { return v.ExtensionEnabled }).(pulumi.BoolPtrOutput) +} + +// One or more `question` blocks for the requestor, as documented below. +func (o AccessPackageAssignmentPolicyOutput) Questions() AccessPackageAssignmentPolicyQuestionArrayOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) AccessPackageAssignmentPolicyQuestionArrayOutput { + return v.Questions + }).(AccessPackageAssignmentPolicyQuestionArrayOutput) +} + +// A `requestorSettings` block to configure the users who can request access, as documented below. +func (o AccessPackageAssignmentPolicyOutput) RequestorSettings() AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicy) AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return v.RequestorSettings + }).(AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) +} + +type AccessPackageAssignmentPolicyArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageAssignmentPolicy)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyArrayOutput) ToAccessPackageAssignmentPolicyArrayOutput() AccessPackageAssignmentPolicyArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyArrayOutput) ToAccessPackageAssignmentPolicyArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AccessPackageAssignmentPolicy { + return vs[0].([]*AccessPackageAssignmentPolicy)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyOutput) +} + +type AccessPackageAssignmentPolicyMapOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageAssignmentPolicy)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyMapOutput) ToAccessPackageAssignmentPolicyMapOutput() AccessPackageAssignmentPolicyMapOutput { + return o +} + +func (o AccessPackageAssignmentPolicyMapOutput) ToAccessPackageAssignmentPolicyMapOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyMapOutput { + return o +} + +func (o AccessPackageAssignmentPolicyMapOutput) MapIndex(k pulumi.StringInput) AccessPackageAssignmentPolicyOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AccessPackageAssignmentPolicy { + return vs[0].(map[string]*AccessPackageAssignmentPolicy)[vs[1].(string)] + }).(AccessPackageAssignmentPolicyOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyInput)(nil)).Elem(), &AccessPackageAssignmentPolicy{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyMapInput)(nil)).Elem(), AccessPackageAssignmentPolicyMap{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyMapOutput{}) +} diff --git a/sdk/go/azuread/accessPackageCatalog.go b/sdk/go/azuread/accessPackageCatalog.go new file mode 100644 index 000000000..a57e12bed --- /dev/null +++ b/sdk/go/azuread/accessPackageCatalog.go @@ -0,0 +1,310 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages an access package catalog within Identity Governance in Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this resource. +// +// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. +// +// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator` +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.NewAccessPackageCatalog(ctx, "example", &azuread.AccessPackageCatalogArgs{ +// Description: pulumi.String("Example access package catalog"), +// DisplayName: pulumi.String("example-access-package-catalog"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// An Access Package Catalog can be imported using the `id`, e.g. +// +// ```sh +// +// $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 +// +// ``` +type AccessPackageCatalog struct { + pulumi.CustomResourceState + + // The description of the access package catalog. + Description pulumi.StringOutput `pulumi:"description"` + // The display name of the access package catalog. + DisplayName pulumi.StringOutput `pulumi:"displayName"` + // Whether the access packages in this catalog can be requested by users outside the tenant. + ExternallyVisible pulumi.BoolPtrOutput `pulumi:"externallyVisible"` + // Whether the access packages in this catalog are available for management. + Published pulumi.BoolPtrOutput `pulumi:"published"` +} + +// NewAccessPackageCatalog registers a new resource with the given unique name, arguments, and options. +func NewAccessPackageCatalog(ctx *pulumi.Context, + name string, args *AccessPackageCatalogArgs, opts ...pulumi.ResourceOption) (*AccessPackageCatalog, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Description == nil { + return nil, errors.New("invalid value for required argument 'Description'") + } + if args.DisplayName == nil { + return nil, errors.New("invalid value for required argument 'DisplayName'") + } + var resource AccessPackageCatalog + err := ctx.RegisterResource("azuread:index/accessPackageCatalog:AccessPackageCatalog", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAccessPackageCatalog gets an existing AccessPackageCatalog resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAccessPackageCatalog(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AccessPackageCatalogState, opts ...pulumi.ResourceOption) (*AccessPackageCatalog, error) { + var resource AccessPackageCatalog + err := ctx.ReadResource("azuread:index/accessPackageCatalog:AccessPackageCatalog", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AccessPackageCatalog resources. +type accessPackageCatalogState struct { + // The description of the access package catalog. + Description *string `pulumi:"description"` + // The display name of the access package catalog. + DisplayName *string `pulumi:"displayName"` + // Whether the access packages in this catalog can be requested by users outside the tenant. + ExternallyVisible *bool `pulumi:"externallyVisible"` + // Whether the access packages in this catalog are available for management. + Published *bool `pulumi:"published"` +} + +type AccessPackageCatalogState struct { + // The description of the access package catalog. + Description pulumi.StringPtrInput + // The display name of the access package catalog. + DisplayName pulumi.StringPtrInput + // Whether the access packages in this catalog can be requested by users outside the tenant. + ExternallyVisible pulumi.BoolPtrInput + // Whether the access packages in this catalog are available for management. + Published pulumi.BoolPtrInput +} + +func (AccessPackageCatalogState) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageCatalogState)(nil)).Elem() +} + +type accessPackageCatalogArgs struct { + // The description of the access package catalog. + Description string `pulumi:"description"` + // The display name of the access package catalog. + DisplayName string `pulumi:"displayName"` + // Whether the access packages in this catalog can be requested by users outside the tenant. + ExternallyVisible *bool `pulumi:"externallyVisible"` + // Whether the access packages in this catalog are available for management. + Published *bool `pulumi:"published"` +} + +// The set of arguments for constructing a AccessPackageCatalog resource. +type AccessPackageCatalogArgs struct { + // The description of the access package catalog. + Description pulumi.StringInput + // The display name of the access package catalog. + DisplayName pulumi.StringInput + // Whether the access packages in this catalog can be requested by users outside the tenant. + ExternallyVisible pulumi.BoolPtrInput + // Whether the access packages in this catalog are available for management. + Published pulumi.BoolPtrInput +} + +func (AccessPackageCatalogArgs) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageCatalogArgs)(nil)).Elem() +} + +type AccessPackageCatalogInput interface { + pulumi.Input + + ToAccessPackageCatalogOutput() AccessPackageCatalogOutput + ToAccessPackageCatalogOutputWithContext(ctx context.Context) AccessPackageCatalogOutput +} + +func (*AccessPackageCatalog) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageCatalog)(nil)).Elem() +} + +func (i *AccessPackageCatalog) ToAccessPackageCatalogOutput() AccessPackageCatalogOutput { + return i.ToAccessPackageCatalogOutputWithContext(context.Background()) +} + +func (i *AccessPackageCatalog) ToAccessPackageCatalogOutputWithContext(ctx context.Context) AccessPackageCatalogOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageCatalogOutput) +} + +// AccessPackageCatalogArrayInput is an input type that accepts AccessPackageCatalogArray and AccessPackageCatalogArrayOutput values. +// You can construct a concrete instance of `AccessPackageCatalogArrayInput` via: +// +// AccessPackageCatalogArray{ AccessPackageCatalogArgs{...} } +type AccessPackageCatalogArrayInput interface { + pulumi.Input + + ToAccessPackageCatalogArrayOutput() AccessPackageCatalogArrayOutput + ToAccessPackageCatalogArrayOutputWithContext(context.Context) AccessPackageCatalogArrayOutput +} + +type AccessPackageCatalogArray []AccessPackageCatalogInput + +func (AccessPackageCatalogArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageCatalog)(nil)).Elem() +} + +func (i AccessPackageCatalogArray) ToAccessPackageCatalogArrayOutput() AccessPackageCatalogArrayOutput { + return i.ToAccessPackageCatalogArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageCatalogArray) ToAccessPackageCatalogArrayOutputWithContext(ctx context.Context) AccessPackageCatalogArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageCatalogArrayOutput) +} + +// AccessPackageCatalogMapInput is an input type that accepts AccessPackageCatalogMap and AccessPackageCatalogMapOutput values. +// You can construct a concrete instance of `AccessPackageCatalogMapInput` via: +// +// AccessPackageCatalogMap{ "key": AccessPackageCatalogArgs{...} } +type AccessPackageCatalogMapInput interface { + pulumi.Input + + ToAccessPackageCatalogMapOutput() AccessPackageCatalogMapOutput + ToAccessPackageCatalogMapOutputWithContext(context.Context) AccessPackageCatalogMapOutput +} + +type AccessPackageCatalogMap map[string]AccessPackageCatalogInput + +func (AccessPackageCatalogMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageCatalog)(nil)).Elem() +} + +func (i AccessPackageCatalogMap) ToAccessPackageCatalogMapOutput() AccessPackageCatalogMapOutput { + return i.ToAccessPackageCatalogMapOutputWithContext(context.Background()) +} + +func (i AccessPackageCatalogMap) ToAccessPackageCatalogMapOutputWithContext(ctx context.Context) AccessPackageCatalogMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageCatalogMapOutput) +} + +type AccessPackageCatalogOutput struct{ *pulumi.OutputState } + +func (AccessPackageCatalogOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageCatalog)(nil)).Elem() +} + +func (o AccessPackageCatalogOutput) ToAccessPackageCatalogOutput() AccessPackageCatalogOutput { + return o +} + +func (o AccessPackageCatalogOutput) ToAccessPackageCatalogOutputWithContext(ctx context.Context) AccessPackageCatalogOutput { + return o +} + +// The description of the access package catalog. +func (o AccessPackageCatalogOutput) Description() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageCatalog) pulumi.StringOutput { return v.Description }).(pulumi.StringOutput) +} + +// The display name of the access package catalog. +func (o AccessPackageCatalogOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageCatalog) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) +} + +// Whether the access packages in this catalog can be requested by users outside the tenant. +func (o AccessPackageCatalogOutput) ExternallyVisible() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageCatalog) pulumi.BoolPtrOutput { return v.ExternallyVisible }).(pulumi.BoolPtrOutput) +} + +// Whether the access packages in this catalog are available for management. +func (o AccessPackageCatalogOutput) Published() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageCatalog) pulumi.BoolPtrOutput { return v.Published }).(pulumi.BoolPtrOutput) +} + +type AccessPackageCatalogArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageCatalogArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageCatalog)(nil)).Elem() +} + +func (o AccessPackageCatalogArrayOutput) ToAccessPackageCatalogArrayOutput() AccessPackageCatalogArrayOutput { + return o +} + +func (o AccessPackageCatalogArrayOutput) ToAccessPackageCatalogArrayOutputWithContext(ctx context.Context) AccessPackageCatalogArrayOutput { + return o +} + +func (o AccessPackageCatalogArrayOutput) Index(i pulumi.IntInput) AccessPackageCatalogOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AccessPackageCatalog { + return vs[0].([]*AccessPackageCatalog)[vs[1].(int)] + }).(AccessPackageCatalogOutput) +} + +type AccessPackageCatalogMapOutput struct{ *pulumi.OutputState } + +func (AccessPackageCatalogMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageCatalog)(nil)).Elem() +} + +func (o AccessPackageCatalogMapOutput) ToAccessPackageCatalogMapOutput() AccessPackageCatalogMapOutput { + return o +} + +func (o AccessPackageCatalogMapOutput) ToAccessPackageCatalogMapOutputWithContext(ctx context.Context) AccessPackageCatalogMapOutput { + return o +} + +func (o AccessPackageCatalogMapOutput) MapIndex(k pulumi.StringInput) AccessPackageCatalogOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AccessPackageCatalog { + return vs[0].(map[string]*AccessPackageCatalog)[vs[1].(string)] + }).(AccessPackageCatalogOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageCatalogInput)(nil)).Elem(), &AccessPackageCatalog{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageCatalogArrayInput)(nil)).Elem(), AccessPackageCatalogArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageCatalogMapInput)(nil)).Elem(), AccessPackageCatalogMap{}) + pulumi.RegisterOutputType(AccessPackageCatalogOutput{}) + pulumi.RegisterOutputType(AccessPackageCatalogArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageCatalogMapOutput{}) +} diff --git a/sdk/go/azuread/accessPackageResourceCatalogAssociation.go b/sdk/go/azuread/accessPackageResourceCatalogAssociation.go new file mode 100644 index 000000000..132e4f2be --- /dev/null +++ b/sdk/go/azuread/accessPackageResourceCatalogAssociation.go @@ -0,0 +1,315 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this resource. +// +// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. +// +// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator` +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.NewGroup(ctx, "exampleGroup", &azuread.GroupArgs{ +// DisplayName: pulumi.String("example-group"), +// SecurityEnabled: pulumi.Bool(true), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAccessPackageCatalog(ctx, "exampleAccessPackageCatalog", &azuread.AccessPackageCatalogArgs{ +// DisplayName: pulumi.String("example-catalog"), +// Description: pulumi.String("Example catalog"), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAccessPackageResourceCatalogAssociation(ctx, "exampleAccessPackageResourceCatalogAssociation", &azuread.AccessPackageResourceCatalogAssociationArgs{ +// CatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id), +// ResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id), +// ResourceOriginSystem: pulumi.String("AadGroup"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. +// +// ```sh +// +// $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 +// +// ``` +// +// -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. +type AccessPackageResourceCatalogAssociation struct { + pulumi.CustomResourceState + + // The unique ID of the access package catalog. Changing this forces a new resource to be created. + CatalogId pulumi.StringOutput `pulumi:"catalogId"` + // The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + ResourceOriginId pulumi.StringOutput `pulumi:"resourceOriginId"` + // The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + ResourceOriginSystem pulumi.StringOutput `pulumi:"resourceOriginSystem"` +} + +// NewAccessPackageResourceCatalogAssociation registers a new resource with the given unique name, arguments, and options. +func NewAccessPackageResourceCatalogAssociation(ctx *pulumi.Context, + name string, args *AccessPackageResourceCatalogAssociationArgs, opts ...pulumi.ResourceOption) (*AccessPackageResourceCatalogAssociation, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.CatalogId == nil { + return nil, errors.New("invalid value for required argument 'CatalogId'") + } + if args.ResourceOriginId == nil { + return nil, errors.New("invalid value for required argument 'ResourceOriginId'") + } + if args.ResourceOriginSystem == nil { + return nil, errors.New("invalid value for required argument 'ResourceOriginSystem'") + } + var resource AccessPackageResourceCatalogAssociation + err := ctx.RegisterResource("azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAccessPackageResourceCatalogAssociation gets an existing AccessPackageResourceCatalogAssociation resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAccessPackageResourceCatalogAssociation(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AccessPackageResourceCatalogAssociationState, opts ...pulumi.ResourceOption) (*AccessPackageResourceCatalogAssociation, error) { + var resource AccessPackageResourceCatalogAssociation + err := ctx.ReadResource("azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AccessPackageResourceCatalogAssociation resources. +type accessPackageResourceCatalogAssociationState struct { + // The unique ID of the access package catalog. Changing this forces a new resource to be created. + CatalogId *string `pulumi:"catalogId"` + // The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + ResourceOriginId *string `pulumi:"resourceOriginId"` + // The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + ResourceOriginSystem *string `pulumi:"resourceOriginSystem"` +} + +type AccessPackageResourceCatalogAssociationState struct { + // The unique ID of the access package catalog. Changing this forces a new resource to be created. + CatalogId pulumi.StringPtrInput + // The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + ResourceOriginId pulumi.StringPtrInput + // The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + ResourceOriginSystem pulumi.StringPtrInput +} + +func (AccessPackageResourceCatalogAssociationState) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageResourceCatalogAssociationState)(nil)).Elem() +} + +type accessPackageResourceCatalogAssociationArgs struct { + // The unique ID of the access package catalog. Changing this forces a new resource to be created. + CatalogId string `pulumi:"catalogId"` + // The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + ResourceOriginId string `pulumi:"resourceOriginId"` + // The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + ResourceOriginSystem string `pulumi:"resourceOriginSystem"` +} + +// The set of arguments for constructing a AccessPackageResourceCatalogAssociation resource. +type AccessPackageResourceCatalogAssociationArgs struct { + // The unique ID of the access package catalog. Changing this forces a new resource to be created. + CatalogId pulumi.StringInput + // The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + ResourceOriginId pulumi.StringInput + // The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + ResourceOriginSystem pulumi.StringInput +} + +func (AccessPackageResourceCatalogAssociationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageResourceCatalogAssociationArgs)(nil)).Elem() +} + +type AccessPackageResourceCatalogAssociationInput interface { + pulumi.Input + + ToAccessPackageResourceCatalogAssociationOutput() AccessPackageResourceCatalogAssociationOutput + ToAccessPackageResourceCatalogAssociationOutputWithContext(ctx context.Context) AccessPackageResourceCatalogAssociationOutput +} + +func (*AccessPackageResourceCatalogAssociation) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageResourceCatalogAssociation)(nil)).Elem() +} + +func (i *AccessPackageResourceCatalogAssociation) ToAccessPackageResourceCatalogAssociationOutput() AccessPackageResourceCatalogAssociationOutput { + return i.ToAccessPackageResourceCatalogAssociationOutputWithContext(context.Background()) +} + +func (i *AccessPackageResourceCatalogAssociation) ToAccessPackageResourceCatalogAssociationOutputWithContext(ctx context.Context) AccessPackageResourceCatalogAssociationOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageResourceCatalogAssociationOutput) +} + +// AccessPackageResourceCatalogAssociationArrayInput is an input type that accepts AccessPackageResourceCatalogAssociationArray and AccessPackageResourceCatalogAssociationArrayOutput values. +// You can construct a concrete instance of `AccessPackageResourceCatalogAssociationArrayInput` via: +// +// AccessPackageResourceCatalogAssociationArray{ AccessPackageResourceCatalogAssociationArgs{...} } +type AccessPackageResourceCatalogAssociationArrayInput interface { + pulumi.Input + + ToAccessPackageResourceCatalogAssociationArrayOutput() AccessPackageResourceCatalogAssociationArrayOutput + ToAccessPackageResourceCatalogAssociationArrayOutputWithContext(context.Context) AccessPackageResourceCatalogAssociationArrayOutput +} + +type AccessPackageResourceCatalogAssociationArray []AccessPackageResourceCatalogAssociationInput + +func (AccessPackageResourceCatalogAssociationArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageResourceCatalogAssociation)(nil)).Elem() +} + +func (i AccessPackageResourceCatalogAssociationArray) ToAccessPackageResourceCatalogAssociationArrayOutput() AccessPackageResourceCatalogAssociationArrayOutput { + return i.ToAccessPackageResourceCatalogAssociationArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageResourceCatalogAssociationArray) ToAccessPackageResourceCatalogAssociationArrayOutputWithContext(ctx context.Context) AccessPackageResourceCatalogAssociationArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageResourceCatalogAssociationArrayOutput) +} + +// AccessPackageResourceCatalogAssociationMapInput is an input type that accepts AccessPackageResourceCatalogAssociationMap and AccessPackageResourceCatalogAssociationMapOutput values. +// You can construct a concrete instance of `AccessPackageResourceCatalogAssociationMapInput` via: +// +// AccessPackageResourceCatalogAssociationMap{ "key": AccessPackageResourceCatalogAssociationArgs{...} } +type AccessPackageResourceCatalogAssociationMapInput interface { + pulumi.Input + + ToAccessPackageResourceCatalogAssociationMapOutput() AccessPackageResourceCatalogAssociationMapOutput + ToAccessPackageResourceCatalogAssociationMapOutputWithContext(context.Context) AccessPackageResourceCatalogAssociationMapOutput +} + +type AccessPackageResourceCatalogAssociationMap map[string]AccessPackageResourceCatalogAssociationInput + +func (AccessPackageResourceCatalogAssociationMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageResourceCatalogAssociation)(nil)).Elem() +} + +func (i AccessPackageResourceCatalogAssociationMap) ToAccessPackageResourceCatalogAssociationMapOutput() AccessPackageResourceCatalogAssociationMapOutput { + return i.ToAccessPackageResourceCatalogAssociationMapOutputWithContext(context.Background()) +} + +func (i AccessPackageResourceCatalogAssociationMap) ToAccessPackageResourceCatalogAssociationMapOutputWithContext(ctx context.Context) AccessPackageResourceCatalogAssociationMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageResourceCatalogAssociationMapOutput) +} + +type AccessPackageResourceCatalogAssociationOutput struct{ *pulumi.OutputState } + +func (AccessPackageResourceCatalogAssociationOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageResourceCatalogAssociation)(nil)).Elem() +} + +func (o AccessPackageResourceCatalogAssociationOutput) ToAccessPackageResourceCatalogAssociationOutput() AccessPackageResourceCatalogAssociationOutput { + return o +} + +func (o AccessPackageResourceCatalogAssociationOutput) ToAccessPackageResourceCatalogAssociationOutputWithContext(ctx context.Context) AccessPackageResourceCatalogAssociationOutput { + return o +} + +// The unique ID of the access package catalog. Changing this forces a new resource to be created. +func (o AccessPackageResourceCatalogAssociationOutput) CatalogId() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageResourceCatalogAssociation) pulumi.StringOutput { return v.CatalogId }).(pulumi.StringOutput) +} + +// The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. +func (o AccessPackageResourceCatalogAssociationOutput) ResourceOriginId() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageResourceCatalogAssociation) pulumi.StringOutput { return v.ResourceOriginId }).(pulumi.StringOutput) +} + +// The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. +func (o AccessPackageResourceCatalogAssociationOutput) ResourceOriginSystem() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageResourceCatalogAssociation) pulumi.StringOutput { return v.ResourceOriginSystem }).(pulumi.StringOutput) +} + +type AccessPackageResourceCatalogAssociationArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageResourceCatalogAssociationArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageResourceCatalogAssociation)(nil)).Elem() +} + +func (o AccessPackageResourceCatalogAssociationArrayOutput) ToAccessPackageResourceCatalogAssociationArrayOutput() AccessPackageResourceCatalogAssociationArrayOutput { + return o +} + +func (o AccessPackageResourceCatalogAssociationArrayOutput) ToAccessPackageResourceCatalogAssociationArrayOutputWithContext(ctx context.Context) AccessPackageResourceCatalogAssociationArrayOutput { + return o +} + +func (o AccessPackageResourceCatalogAssociationArrayOutput) Index(i pulumi.IntInput) AccessPackageResourceCatalogAssociationOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AccessPackageResourceCatalogAssociation { + return vs[0].([]*AccessPackageResourceCatalogAssociation)[vs[1].(int)] + }).(AccessPackageResourceCatalogAssociationOutput) +} + +type AccessPackageResourceCatalogAssociationMapOutput struct{ *pulumi.OutputState } + +func (AccessPackageResourceCatalogAssociationMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageResourceCatalogAssociation)(nil)).Elem() +} + +func (o AccessPackageResourceCatalogAssociationMapOutput) ToAccessPackageResourceCatalogAssociationMapOutput() AccessPackageResourceCatalogAssociationMapOutput { + return o +} + +func (o AccessPackageResourceCatalogAssociationMapOutput) ToAccessPackageResourceCatalogAssociationMapOutputWithContext(ctx context.Context) AccessPackageResourceCatalogAssociationMapOutput { + return o +} + +func (o AccessPackageResourceCatalogAssociationMapOutput) MapIndex(k pulumi.StringInput) AccessPackageResourceCatalogAssociationOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AccessPackageResourceCatalogAssociation { + return vs[0].(map[string]*AccessPackageResourceCatalogAssociation)[vs[1].(string)] + }).(AccessPackageResourceCatalogAssociationOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageResourceCatalogAssociationInput)(nil)).Elem(), &AccessPackageResourceCatalogAssociation{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageResourceCatalogAssociationArrayInput)(nil)).Elem(), AccessPackageResourceCatalogAssociationArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageResourceCatalogAssociationMapInput)(nil)).Elem(), AccessPackageResourceCatalogAssociationMap{}) + pulumi.RegisterOutputType(AccessPackageResourceCatalogAssociationOutput{}) + pulumi.RegisterOutputType(AccessPackageResourceCatalogAssociationArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageResourceCatalogAssociationMapOutput{}) +} diff --git a/sdk/go/azuread/accessPackageResourcePackageAssociation.go b/sdk/go/azuread/accessPackageResourcePackageAssociation.go new file mode 100644 index 000000000..f01afcf2f --- /dev/null +++ b/sdk/go/azuread/accessPackageResourcePackageAssociation.go @@ -0,0 +1,329 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages the resources added to access packages within Identity Governance in Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this resource. +// +// When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. +// +// When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.NewGroup(ctx, "exampleGroup", &azuread.GroupArgs{ +// DisplayName: pulumi.String("example-group"), +// SecurityEnabled: pulumi.Bool(true), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAccessPackageCatalog(ctx, "exampleAccessPackageCatalog", &azuread.AccessPackageCatalogArgs{ +// DisplayName: pulumi.String("example-catalog"), +// Description: pulumi.String("Example catalog"), +// }) +// if err != nil { +// return err +// } +// exampleAccessPackageResourceCatalogAssociation, err := azuread.NewAccessPackageResourceCatalogAssociation(ctx, "exampleAccessPackageResourceCatalogAssociation", &azuread.AccessPackageResourceCatalogAssociationArgs{ +// CatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id), +// ResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id), +// ResourceOriginSystem: pulumi.String("AadGroup"), +// }) +// if err != nil { +// return err +// } +// exampleAccessPackage, err := azuread.NewAccessPackage(ctx, "exampleAccessPackage", &azuread.AccessPackageArgs{ +// DisplayName: pulumi.String("example-package"), +// Description: pulumi.String("Example Package"), +// CatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAccessPackageResourcePackageAssociation(ctx, "exampleAccessPackageResourcePackageAssociation", &azuread.AccessPackageResourcePackageAssociationArgs{ +// AccessPackageId: exampleAccessPackage.ID(), +// CatalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.ID(), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// The resource and catalog association can be imported using the access package ID, the resource association ID, the resource origin ID, and the access type, e.g. +// +// ```sh +// +// $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member +// +// ``` +// +// -> This ID format is unique to Terraform and is composed of the Access Package ID, the Resource Association ID, the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceAssociationID}/{ResourceOriginID}/{AccessType}`. +type AccessPackageResourcePackageAssociation struct { + pulumi.CustomResourceState + + // The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + AccessPackageId pulumi.StringOutput `pulumi:"accessPackageId"` + // The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + AccessType pulumi.StringPtrOutput `pulumi:"accessType"` + // The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + CatalogResourceAssociationId pulumi.StringOutput `pulumi:"catalogResourceAssociationId"` +} + +// NewAccessPackageResourcePackageAssociation registers a new resource with the given unique name, arguments, and options. +func NewAccessPackageResourcePackageAssociation(ctx *pulumi.Context, + name string, args *AccessPackageResourcePackageAssociationArgs, opts ...pulumi.ResourceOption) (*AccessPackageResourcePackageAssociation, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AccessPackageId == nil { + return nil, errors.New("invalid value for required argument 'AccessPackageId'") + } + if args.CatalogResourceAssociationId == nil { + return nil, errors.New("invalid value for required argument 'CatalogResourceAssociationId'") + } + var resource AccessPackageResourcePackageAssociation + err := ctx.RegisterResource("azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAccessPackageResourcePackageAssociation gets an existing AccessPackageResourcePackageAssociation resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAccessPackageResourcePackageAssociation(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AccessPackageResourcePackageAssociationState, opts ...pulumi.ResourceOption) (*AccessPackageResourcePackageAssociation, error) { + var resource AccessPackageResourcePackageAssociation + err := ctx.ReadResource("azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AccessPackageResourcePackageAssociation resources. +type accessPackageResourcePackageAssociationState struct { + // The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + AccessPackageId *string `pulumi:"accessPackageId"` + // The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + AccessType *string `pulumi:"accessType"` + // The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + CatalogResourceAssociationId *string `pulumi:"catalogResourceAssociationId"` +} + +type AccessPackageResourcePackageAssociationState struct { + // The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + AccessPackageId pulumi.StringPtrInput + // The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + AccessType pulumi.StringPtrInput + // The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + CatalogResourceAssociationId pulumi.StringPtrInput +} + +func (AccessPackageResourcePackageAssociationState) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageResourcePackageAssociationState)(nil)).Elem() +} + +type accessPackageResourcePackageAssociationArgs struct { + // The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + AccessPackageId string `pulumi:"accessPackageId"` + // The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + AccessType *string `pulumi:"accessType"` + // The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + CatalogResourceAssociationId string `pulumi:"catalogResourceAssociationId"` +} + +// The set of arguments for constructing a AccessPackageResourcePackageAssociation resource. +type AccessPackageResourcePackageAssociationArgs struct { + // The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + AccessPackageId pulumi.StringInput + // The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + AccessType pulumi.StringPtrInput + // The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + CatalogResourceAssociationId pulumi.StringInput +} + +func (AccessPackageResourcePackageAssociationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*accessPackageResourcePackageAssociationArgs)(nil)).Elem() +} + +type AccessPackageResourcePackageAssociationInput interface { + pulumi.Input + + ToAccessPackageResourcePackageAssociationOutput() AccessPackageResourcePackageAssociationOutput + ToAccessPackageResourcePackageAssociationOutputWithContext(ctx context.Context) AccessPackageResourcePackageAssociationOutput +} + +func (*AccessPackageResourcePackageAssociation) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageResourcePackageAssociation)(nil)).Elem() +} + +func (i *AccessPackageResourcePackageAssociation) ToAccessPackageResourcePackageAssociationOutput() AccessPackageResourcePackageAssociationOutput { + return i.ToAccessPackageResourcePackageAssociationOutputWithContext(context.Background()) +} + +func (i *AccessPackageResourcePackageAssociation) ToAccessPackageResourcePackageAssociationOutputWithContext(ctx context.Context) AccessPackageResourcePackageAssociationOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageResourcePackageAssociationOutput) +} + +// AccessPackageResourcePackageAssociationArrayInput is an input type that accepts AccessPackageResourcePackageAssociationArray and AccessPackageResourcePackageAssociationArrayOutput values. +// You can construct a concrete instance of `AccessPackageResourcePackageAssociationArrayInput` via: +// +// AccessPackageResourcePackageAssociationArray{ AccessPackageResourcePackageAssociationArgs{...} } +type AccessPackageResourcePackageAssociationArrayInput interface { + pulumi.Input + + ToAccessPackageResourcePackageAssociationArrayOutput() AccessPackageResourcePackageAssociationArrayOutput + ToAccessPackageResourcePackageAssociationArrayOutputWithContext(context.Context) AccessPackageResourcePackageAssociationArrayOutput +} + +type AccessPackageResourcePackageAssociationArray []AccessPackageResourcePackageAssociationInput + +func (AccessPackageResourcePackageAssociationArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageResourcePackageAssociation)(nil)).Elem() +} + +func (i AccessPackageResourcePackageAssociationArray) ToAccessPackageResourcePackageAssociationArrayOutput() AccessPackageResourcePackageAssociationArrayOutput { + return i.ToAccessPackageResourcePackageAssociationArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageResourcePackageAssociationArray) ToAccessPackageResourcePackageAssociationArrayOutputWithContext(ctx context.Context) AccessPackageResourcePackageAssociationArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageResourcePackageAssociationArrayOutput) +} + +// AccessPackageResourcePackageAssociationMapInput is an input type that accepts AccessPackageResourcePackageAssociationMap and AccessPackageResourcePackageAssociationMapOutput values. +// You can construct a concrete instance of `AccessPackageResourcePackageAssociationMapInput` via: +// +// AccessPackageResourcePackageAssociationMap{ "key": AccessPackageResourcePackageAssociationArgs{...} } +type AccessPackageResourcePackageAssociationMapInput interface { + pulumi.Input + + ToAccessPackageResourcePackageAssociationMapOutput() AccessPackageResourcePackageAssociationMapOutput + ToAccessPackageResourcePackageAssociationMapOutputWithContext(context.Context) AccessPackageResourcePackageAssociationMapOutput +} + +type AccessPackageResourcePackageAssociationMap map[string]AccessPackageResourcePackageAssociationInput + +func (AccessPackageResourcePackageAssociationMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageResourcePackageAssociation)(nil)).Elem() +} + +func (i AccessPackageResourcePackageAssociationMap) ToAccessPackageResourcePackageAssociationMapOutput() AccessPackageResourcePackageAssociationMapOutput { + return i.ToAccessPackageResourcePackageAssociationMapOutputWithContext(context.Background()) +} + +func (i AccessPackageResourcePackageAssociationMap) ToAccessPackageResourcePackageAssociationMapOutputWithContext(ctx context.Context) AccessPackageResourcePackageAssociationMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageResourcePackageAssociationMapOutput) +} + +type AccessPackageResourcePackageAssociationOutput struct{ *pulumi.OutputState } + +func (AccessPackageResourcePackageAssociationOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageResourcePackageAssociation)(nil)).Elem() +} + +func (o AccessPackageResourcePackageAssociationOutput) ToAccessPackageResourcePackageAssociationOutput() AccessPackageResourcePackageAssociationOutput { + return o +} + +func (o AccessPackageResourcePackageAssociationOutput) ToAccessPackageResourcePackageAssociationOutputWithContext(ctx context.Context) AccessPackageResourcePackageAssociationOutput { + return o +} + +// The ID of access package this resource association is configured to. Changing this forces a new resource to be created. +func (o AccessPackageResourcePackageAssociationOutput) AccessPackageId() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageResourcePackageAssociation) pulumi.StringOutput { return v.AccessPackageId }).(pulumi.StringOutput) +} + +// The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. +func (o AccessPackageResourcePackageAssociationOutput) AccessType() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AccessPackageResourcePackageAssociation) pulumi.StringPtrOutput { return v.AccessType }).(pulumi.StringPtrOutput) +} + +// The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. +func (o AccessPackageResourcePackageAssociationOutput) CatalogResourceAssociationId() pulumi.StringOutput { + return o.ApplyT(func(v *AccessPackageResourcePackageAssociation) pulumi.StringOutput { + return v.CatalogResourceAssociationId + }).(pulumi.StringOutput) +} + +type AccessPackageResourcePackageAssociationArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageResourcePackageAssociationArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AccessPackageResourcePackageAssociation)(nil)).Elem() +} + +func (o AccessPackageResourcePackageAssociationArrayOutput) ToAccessPackageResourcePackageAssociationArrayOutput() AccessPackageResourcePackageAssociationArrayOutput { + return o +} + +func (o AccessPackageResourcePackageAssociationArrayOutput) ToAccessPackageResourcePackageAssociationArrayOutputWithContext(ctx context.Context) AccessPackageResourcePackageAssociationArrayOutput { + return o +} + +func (o AccessPackageResourcePackageAssociationArrayOutput) Index(i pulumi.IntInput) AccessPackageResourcePackageAssociationOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AccessPackageResourcePackageAssociation { + return vs[0].([]*AccessPackageResourcePackageAssociation)[vs[1].(int)] + }).(AccessPackageResourcePackageAssociationOutput) +} + +type AccessPackageResourcePackageAssociationMapOutput struct{ *pulumi.OutputState } + +func (AccessPackageResourcePackageAssociationMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AccessPackageResourcePackageAssociation)(nil)).Elem() +} + +func (o AccessPackageResourcePackageAssociationMapOutput) ToAccessPackageResourcePackageAssociationMapOutput() AccessPackageResourcePackageAssociationMapOutput { + return o +} + +func (o AccessPackageResourcePackageAssociationMapOutput) ToAccessPackageResourcePackageAssociationMapOutputWithContext(ctx context.Context) AccessPackageResourcePackageAssociationMapOutput { + return o +} + +func (o AccessPackageResourcePackageAssociationMapOutput) MapIndex(k pulumi.StringInput) AccessPackageResourcePackageAssociationOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AccessPackageResourcePackageAssociation { + return vs[0].(map[string]*AccessPackageResourcePackageAssociation)[vs[1].(string)] + }).(AccessPackageResourcePackageAssociationOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageResourcePackageAssociationInput)(nil)).Elem(), &AccessPackageResourcePackageAssociation{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageResourcePackageAssociationArrayInput)(nil)).Elem(), AccessPackageResourcePackageAssociationArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageResourcePackageAssociationMapInput)(nil)).Elem(), AccessPackageResourcePackageAssociationMap{}) + pulumi.RegisterOutputType(AccessPackageResourcePackageAssociationOutput{}) + pulumi.RegisterOutputType(AccessPackageResourcePackageAssociationArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageResourcePackageAssociationMapOutput{}) +} diff --git a/sdk/go/azuread/administrativeUnitRoleMember.go b/sdk/go/azuread/administrativeUnitRoleMember.go new file mode 100644 index 000000000..be62305b4 --- /dev/null +++ b/sdk/go/azuread/administrativeUnitRoleMember.go @@ -0,0 +1,319 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this resource. +// +// When authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All` +// +// When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleUser, err := azuread.LookupUser(ctx, &azuread.LookupUserArgs{ +// UserPrincipalName: pulumi.StringRef("jdoe@hashicorp.com"), +// }, nil) +// if err != nil { +// return err +// } +// exampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, "exampleAdministrativeUnit", &azuread.AdministrativeUnitArgs{ +// DisplayName: pulumi.String("Example-AU"), +// }) +// if err != nil { +// return err +// } +// exampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, "exampleDirectoryRole", &azuread.DirectoryRoleArgs{ +// DisplayName: pulumi.String("Security administrator"), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewAdministrativeUnitRoleMember(ctx, "exampleAdministrativeUnitRoleMember", &azuread.AdministrativeUnitRoleMemberArgs{ +// RoleObjectId: exampleDirectoryRole.ObjectId, +// AdministrativeUnitObjectId: exampleAdministrativeUnit.ID(), +// MemberObjectId: *pulumi.String(exampleUser.Id), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. +// +// ```sh +// +// $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember test 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS +// +// ``` +// +// -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. +type AdministrativeUnitRoleMember struct { + pulumi.CustomResourceState + + // The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + AdministrativeUnitObjectId pulumi.StringOutput `pulumi:"administrativeUnitObjectId"` + // The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + MemberObjectId pulumi.StringOutput `pulumi:"memberObjectId"` + // The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + RoleObjectId pulumi.StringOutput `pulumi:"roleObjectId"` +} + +// NewAdministrativeUnitRoleMember registers a new resource with the given unique name, arguments, and options. +func NewAdministrativeUnitRoleMember(ctx *pulumi.Context, + name string, args *AdministrativeUnitRoleMemberArgs, opts ...pulumi.ResourceOption) (*AdministrativeUnitRoleMember, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AdministrativeUnitObjectId == nil { + return nil, errors.New("invalid value for required argument 'AdministrativeUnitObjectId'") + } + if args.MemberObjectId == nil { + return nil, errors.New("invalid value for required argument 'MemberObjectId'") + } + if args.RoleObjectId == nil { + return nil, errors.New("invalid value for required argument 'RoleObjectId'") + } + var resource AdministrativeUnitRoleMember + err := ctx.RegisterResource("azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAdministrativeUnitRoleMember gets an existing AdministrativeUnitRoleMember resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAdministrativeUnitRoleMember(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AdministrativeUnitRoleMemberState, opts ...pulumi.ResourceOption) (*AdministrativeUnitRoleMember, error) { + var resource AdministrativeUnitRoleMember + err := ctx.ReadResource("azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AdministrativeUnitRoleMember resources. +type administrativeUnitRoleMemberState struct { + // The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + AdministrativeUnitObjectId *string `pulumi:"administrativeUnitObjectId"` + // The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + MemberObjectId *string `pulumi:"memberObjectId"` + // The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + RoleObjectId *string `pulumi:"roleObjectId"` +} + +type AdministrativeUnitRoleMemberState struct { + // The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + AdministrativeUnitObjectId pulumi.StringPtrInput + // The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + MemberObjectId pulumi.StringPtrInput + // The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + RoleObjectId pulumi.StringPtrInput +} + +func (AdministrativeUnitRoleMemberState) ElementType() reflect.Type { + return reflect.TypeOf((*administrativeUnitRoleMemberState)(nil)).Elem() +} + +type administrativeUnitRoleMemberArgs struct { + // The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + AdministrativeUnitObjectId string `pulumi:"administrativeUnitObjectId"` + // The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + MemberObjectId string `pulumi:"memberObjectId"` + // The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + RoleObjectId string `pulumi:"roleObjectId"` +} + +// The set of arguments for constructing a AdministrativeUnitRoleMember resource. +type AdministrativeUnitRoleMemberArgs struct { + // The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + AdministrativeUnitObjectId pulumi.StringInput + // The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + MemberObjectId pulumi.StringInput + // The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + RoleObjectId pulumi.StringInput +} + +func (AdministrativeUnitRoleMemberArgs) ElementType() reflect.Type { + return reflect.TypeOf((*administrativeUnitRoleMemberArgs)(nil)).Elem() +} + +type AdministrativeUnitRoleMemberInput interface { + pulumi.Input + + ToAdministrativeUnitRoleMemberOutput() AdministrativeUnitRoleMemberOutput + ToAdministrativeUnitRoleMemberOutputWithContext(ctx context.Context) AdministrativeUnitRoleMemberOutput +} + +func (*AdministrativeUnitRoleMember) ElementType() reflect.Type { + return reflect.TypeOf((**AdministrativeUnitRoleMember)(nil)).Elem() +} + +func (i *AdministrativeUnitRoleMember) ToAdministrativeUnitRoleMemberOutput() AdministrativeUnitRoleMemberOutput { + return i.ToAdministrativeUnitRoleMemberOutputWithContext(context.Background()) +} + +func (i *AdministrativeUnitRoleMember) ToAdministrativeUnitRoleMemberOutputWithContext(ctx context.Context) AdministrativeUnitRoleMemberOutput { + return pulumi.ToOutputWithContext(ctx, i).(AdministrativeUnitRoleMemberOutput) +} + +// AdministrativeUnitRoleMemberArrayInput is an input type that accepts AdministrativeUnitRoleMemberArray and AdministrativeUnitRoleMemberArrayOutput values. +// You can construct a concrete instance of `AdministrativeUnitRoleMemberArrayInput` via: +// +// AdministrativeUnitRoleMemberArray{ AdministrativeUnitRoleMemberArgs{...} } +type AdministrativeUnitRoleMemberArrayInput interface { + pulumi.Input + + ToAdministrativeUnitRoleMemberArrayOutput() AdministrativeUnitRoleMemberArrayOutput + ToAdministrativeUnitRoleMemberArrayOutputWithContext(context.Context) AdministrativeUnitRoleMemberArrayOutput +} + +type AdministrativeUnitRoleMemberArray []AdministrativeUnitRoleMemberInput + +func (AdministrativeUnitRoleMemberArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AdministrativeUnitRoleMember)(nil)).Elem() +} + +func (i AdministrativeUnitRoleMemberArray) ToAdministrativeUnitRoleMemberArrayOutput() AdministrativeUnitRoleMemberArrayOutput { + return i.ToAdministrativeUnitRoleMemberArrayOutputWithContext(context.Background()) +} + +func (i AdministrativeUnitRoleMemberArray) ToAdministrativeUnitRoleMemberArrayOutputWithContext(ctx context.Context) AdministrativeUnitRoleMemberArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AdministrativeUnitRoleMemberArrayOutput) +} + +// AdministrativeUnitRoleMemberMapInput is an input type that accepts AdministrativeUnitRoleMemberMap and AdministrativeUnitRoleMemberMapOutput values. +// You can construct a concrete instance of `AdministrativeUnitRoleMemberMapInput` via: +// +// AdministrativeUnitRoleMemberMap{ "key": AdministrativeUnitRoleMemberArgs{...} } +type AdministrativeUnitRoleMemberMapInput interface { + pulumi.Input + + ToAdministrativeUnitRoleMemberMapOutput() AdministrativeUnitRoleMemberMapOutput + ToAdministrativeUnitRoleMemberMapOutputWithContext(context.Context) AdministrativeUnitRoleMemberMapOutput +} + +type AdministrativeUnitRoleMemberMap map[string]AdministrativeUnitRoleMemberInput + +func (AdministrativeUnitRoleMemberMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AdministrativeUnitRoleMember)(nil)).Elem() +} + +func (i AdministrativeUnitRoleMemberMap) ToAdministrativeUnitRoleMemberMapOutput() AdministrativeUnitRoleMemberMapOutput { + return i.ToAdministrativeUnitRoleMemberMapOutputWithContext(context.Background()) +} + +func (i AdministrativeUnitRoleMemberMap) ToAdministrativeUnitRoleMemberMapOutputWithContext(ctx context.Context) AdministrativeUnitRoleMemberMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AdministrativeUnitRoleMemberMapOutput) +} + +type AdministrativeUnitRoleMemberOutput struct{ *pulumi.OutputState } + +func (AdministrativeUnitRoleMemberOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AdministrativeUnitRoleMember)(nil)).Elem() +} + +func (o AdministrativeUnitRoleMemberOutput) ToAdministrativeUnitRoleMemberOutput() AdministrativeUnitRoleMemberOutput { + return o +} + +func (o AdministrativeUnitRoleMemberOutput) ToAdministrativeUnitRoleMemberOutputWithContext(ctx context.Context) AdministrativeUnitRoleMemberOutput { + return o +} + +// The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. +func (o AdministrativeUnitRoleMemberOutput) AdministrativeUnitObjectId() pulumi.StringOutput { + return o.ApplyT(func(v *AdministrativeUnitRoleMember) pulumi.StringOutput { return v.AdministrativeUnitObjectId }).(pulumi.StringOutput) +} + +// The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. +func (o AdministrativeUnitRoleMemberOutput) MemberObjectId() pulumi.StringOutput { + return o.ApplyT(func(v *AdministrativeUnitRoleMember) pulumi.StringOutput { return v.MemberObjectId }).(pulumi.StringOutput) +} + +// The object ID of the directory role you want to assign. Changing this forces a new resource to be created. +func (o AdministrativeUnitRoleMemberOutput) RoleObjectId() pulumi.StringOutput { + return o.ApplyT(func(v *AdministrativeUnitRoleMember) pulumi.StringOutput { return v.RoleObjectId }).(pulumi.StringOutput) +} + +type AdministrativeUnitRoleMemberArrayOutput struct{ *pulumi.OutputState } + +func (AdministrativeUnitRoleMemberArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AdministrativeUnitRoleMember)(nil)).Elem() +} + +func (o AdministrativeUnitRoleMemberArrayOutput) ToAdministrativeUnitRoleMemberArrayOutput() AdministrativeUnitRoleMemberArrayOutput { + return o +} + +func (o AdministrativeUnitRoleMemberArrayOutput) ToAdministrativeUnitRoleMemberArrayOutputWithContext(ctx context.Context) AdministrativeUnitRoleMemberArrayOutput { + return o +} + +func (o AdministrativeUnitRoleMemberArrayOutput) Index(i pulumi.IntInput) AdministrativeUnitRoleMemberOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AdministrativeUnitRoleMember { + return vs[0].([]*AdministrativeUnitRoleMember)[vs[1].(int)] + }).(AdministrativeUnitRoleMemberOutput) +} + +type AdministrativeUnitRoleMemberMapOutput struct{ *pulumi.OutputState } + +func (AdministrativeUnitRoleMemberMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AdministrativeUnitRoleMember)(nil)).Elem() +} + +func (o AdministrativeUnitRoleMemberMapOutput) ToAdministrativeUnitRoleMemberMapOutput() AdministrativeUnitRoleMemberMapOutput { + return o +} + +func (o AdministrativeUnitRoleMemberMapOutput) ToAdministrativeUnitRoleMemberMapOutputWithContext(ctx context.Context) AdministrativeUnitRoleMemberMapOutput { + return o +} + +func (o AdministrativeUnitRoleMemberMapOutput) MapIndex(k pulumi.StringInput) AdministrativeUnitRoleMemberOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AdministrativeUnitRoleMember { + return vs[0].(map[string]*AdministrativeUnitRoleMember)[vs[1].(string)] + }).(AdministrativeUnitRoleMemberOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AdministrativeUnitRoleMemberInput)(nil)).Elem(), &AdministrativeUnitRoleMember{}) + pulumi.RegisterInputType(reflect.TypeOf((*AdministrativeUnitRoleMemberArrayInput)(nil)).Elem(), AdministrativeUnitRoleMemberArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AdministrativeUnitRoleMemberMapInput)(nil)).Elem(), AdministrativeUnitRoleMemberMap{}) + pulumi.RegisterOutputType(AdministrativeUnitRoleMemberOutput{}) + pulumi.RegisterOutputType(AdministrativeUnitRoleMemberArrayOutput{}) + pulumi.RegisterOutputType(AdministrativeUnitRoleMemberMapOutput{}) +} diff --git a/sdk/go/azuread/application.go b/sdk/go/azuread/application.go index a32b973c7..7a9b82279 100644 --- a/sdk/go/azuread/application.go +++ b/sdk/go/azuread/application.go @@ -283,6 +283,8 @@ type Application struct { PublisherDomain pulumi.StringOutput `pulumi:"publisherDomain"` // A collection of `requiredResourceAccess` blocks as documented below. RequiredResourceAccesses ApplicationRequiredResourceAccessArrayOutput `pulumi:"requiredResourceAccesses"` + // References application context information from a Service or Asset Management database. + ServiceManagementReference pulumi.StringPtrOutput `pulumi:"serviceManagementReference"` // The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. SignInAudience pulumi.StringPtrOutput `pulumi:"signInAudience"` // A `singlePageApplication` block as documented below, which configures single-page application (SPA) related settings for this application. @@ -383,6 +385,8 @@ type applicationState struct { PublisherDomain *string `pulumi:"publisherDomain"` // A collection of `requiredResourceAccess` blocks as documented below. RequiredResourceAccesses []ApplicationRequiredResourceAccess `pulumi:"requiredResourceAccesses"` + // References application context information from a Service or Asset Management database. + ServiceManagementReference *string `pulumi:"serviceManagementReference"` // The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. SignInAudience *string `pulumi:"signInAudience"` // A `singlePageApplication` block as documented below, which configures single-page application (SPA) related settings for this application. @@ -452,6 +456,8 @@ type ApplicationState struct { PublisherDomain pulumi.StringPtrInput // A collection of `requiredResourceAccess` blocks as documented below. RequiredResourceAccesses ApplicationRequiredResourceAccessArrayInput + // References application context information from a Service or Asset Management database. + ServiceManagementReference pulumi.StringPtrInput // The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. SignInAudience pulumi.StringPtrInput // A `singlePageApplication` block as documented below, which configures single-page application (SPA) related settings for this application. @@ -511,6 +517,8 @@ type applicationArgs struct { PublicClient *ApplicationPublicClient `pulumi:"publicClient"` // A collection of `requiredResourceAccess` blocks as documented below. RequiredResourceAccesses []ApplicationRequiredResourceAccess `pulumi:"requiredResourceAccesses"` + // References application context information from a Service or Asset Management database. + ServiceManagementReference *string `pulumi:"serviceManagementReference"` // The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. SignInAudience *string `pulumi:"signInAudience"` // A `singlePageApplication` block as documented below, which configures single-page application (SPA) related settings for this application. @@ -567,6 +575,8 @@ type ApplicationArgs struct { PublicClient ApplicationPublicClientPtrInput // A collection of `requiredResourceAccess` blocks as documented below. RequiredResourceAccesses ApplicationRequiredResourceAccessArrayInput + // References application context information from a Service or Asset Management database. + ServiceManagementReference pulumi.StringPtrInput // The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. SignInAudience pulumi.StringPtrInput // A `singlePageApplication` block as documented below, which configures single-page application (SPA) related settings for this application. @@ -800,6 +810,11 @@ func (o ApplicationOutput) RequiredResourceAccesses() ApplicationRequiredResourc return o.ApplyT(func(v *Application) ApplicationRequiredResourceAccessArrayOutput { return v.RequiredResourceAccesses }).(ApplicationRequiredResourceAccessArrayOutput) } +// References application context information from a Service or Asset Management database. +func (o ApplicationOutput) ServiceManagementReference() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Application) pulumi.StringPtrOutput { return v.ServiceManagementReference }).(pulumi.StringPtrOutput) +} + // The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. func (o ApplicationOutput) SignInAudience() pulumi.StringPtrOutput { return o.ApplyT(func(v *Application) pulumi.StringPtrOutput { return v.SignInAudience }).(pulumi.StringPtrOutput) diff --git a/sdk/go/azuread/getAccessPackage.go b/sdk/go/azuread/getAccessPackage.go new file mode 100644 index 000000000..bd50541cd --- /dev/null +++ b/sdk/go/azuread/getAccessPackage.go @@ -0,0 +1,180 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this data source. +// +// When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. +// +// When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. +// +// ## Example Usage +// +// *Look up by ID* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.LookupAccessPackage(ctx, &azuread.LookupAccessPackageArgs{ +// ObjectId: pulumi.StringRef("00000000-0000-0000-0000-000000000000"), +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// *Look up by DisplayName* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.LookupAccessPackage(ctx, &azuread.LookupAccessPackageArgs{ +// CatalogId: pulumi.StringRef("00000000-0000-0000-0000-000000000000"), +// DisplayName: pulumi.StringRef("My access package Catalog"), +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupAccessPackage(ctx *pulumi.Context, args *LookupAccessPackageArgs, opts ...pulumi.InvokeOption) (*LookupAccessPackageResult, error) { + var rv LookupAccessPackageResult + err := ctx.Invoke("azuread:index/getAccessPackage:getAccessPackage", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getAccessPackage. +type LookupAccessPackageArgs struct { + // The ID of the Catalog this access package is in. + CatalogId *string `pulumi:"catalogId"` + // The display name of the access package. + DisplayName *string `pulumi:"displayName"` + // The ID of this access package. + ObjectId *string `pulumi:"objectId"` +} + +// A collection of values returned by getAccessPackage. +type LookupAccessPackageResult struct { + CatalogId *string `pulumi:"catalogId"` + // The description of the access package. + Description string `pulumi:"description"` + DisplayName string `pulumi:"displayName"` + // Whether the access package is hidden from the requestor. + Hidden bool `pulumi:"hidden"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + ObjectId string `pulumi:"objectId"` +} + +func LookupAccessPackageOutput(ctx *pulumi.Context, args LookupAccessPackageOutputArgs, opts ...pulumi.InvokeOption) LookupAccessPackageResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (LookupAccessPackageResult, error) { + args := v.(LookupAccessPackageArgs) + r, err := LookupAccessPackage(ctx, &args, opts...) + var s LookupAccessPackageResult + if r != nil { + s = *r + } + return s, err + }).(LookupAccessPackageResultOutput) +} + +// A collection of arguments for invoking getAccessPackage. +type LookupAccessPackageOutputArgs struct { + // The ID of the Catalog this access package is in. + CatalogId pulumi.StringPtrInput `pulumi:"catalogId"` + // The display name of the access package. + DisplayName pulumi.StringPtrInput `pulumi:"displayName"` + // The ID of this access package. + ObjectId pulumi.StringPtrInput `pulumi:"objectId"` +} + +func (LookupAccessPackageOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupAccessPackageArgs)(nil)).Elem() +} + +// A collection of values returned by getAccessPackage. +type LookupAccessPackageResultOutput struct{ *pulumi.OutputState } + +func (LookupAccessPackageResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupAccessPackageResult)(nil)).Elem() +} + +func (o LookupAccessPackageResultOutput) ToLookupAccessPackageResultOutput() LookupAccessPackageResultOutput { + return o +} + +func (o LookupAccessPackageResultOutput) ToLookupAccessPackageResultOutputWithContext(ctx context.Context) LookupAccessPackageResultOutput { + return o +} + +func (o LookupAccessPackageResultOutput) CatalogId() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupAccessPackageResult) *string { return v.CatalogId }).(pulumi.StringPtrOutput) +} + +// The description of the access package. +func (o LookupAccessPackageResultOutput) Description() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageResult) string { return v.Description }).(pulumi.StringOutput) +} + +func (o LookupAccessPackageResultOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageResult) string { return v.DisplayName }).(pulumi.StringOutput) +} + +// Whether the access package is hidden from the requestor. +func (o LookupAccessPackageResultOutput) Hidden() pulumi.BoolOutput { + return o.ApplyT(func(v LookupAccessPackageResult) bool { return v.Hidden }).(pulumi.BoolOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupAccessPackageResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o LookupAccessPackageResultOutput) ObjectId() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageResult) string { return v.ObjectId }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupAccessPackageResultOutput{}) +} diff --git a/sdk/go/azuread/getAccessPackageCatalog.go b/sdk/go/azuread/getAccessPackageCatalog.go new file mode 100644 index 000000000..38ff2b8fd --- /dev/null +++ b/sdk/go/azuread/getAccessPackageCatalog.go @@ -0,0 +1,178 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// i +// Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. +// +// ## API Permissions +// +// The following API permissions are required in order to use this data source. +// +// When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. +// +// When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. +// +// ## Example Usage +// +// *Look up by ID* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.LookupAccessPackageCatalog(ctx, &azuread.LookupAccessPackageCatalogArgs{ +// ObjectId: pulumi.StringRef("00000000-0000-0000-0000-000000000000"), +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// *Look up by DisplayName* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.LookupAccessPackageCatalog(ctx, &azuread.LookupAccessPackageCatalogArgs{ +// DisplayName: pulumi.StringRef("My access package Catalog"), +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupAccessPackageCatalog(ctx *pulumi.Context, args *LookupAccessPackageCatalogArgs, opts ...pulumi.InvokeOption) (*LookupAccessPackageCatalogResult, error) { + var rv LookupAccessPackageCatalogResult + err := ctx.Invoke("azuread:index/getAccessPackageCatalog:getAccessPackageCatalog", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getAccessPackageCatalog. +type LookupAccessPackageCatalogArgs struct { + // The display name of the access package catalog. + DisplayName *string `pulumi:"displayName"` + // The ID of this access package catalog. + ObjectId *string `pulumi:"objectId"` +} + +// A collection of values returned by getAccessPackageCatalog. +type LookupAccessPackageCatalogResult struct { + // The description of the access package catalog. + Description string `pulumi:"description"` + DisplayName string `pulumi:"displayName"` + // Whether the access packages in this catalog can be requested by users outside the tenant. + ExternallyVisible bool `pulumi:"externallyVisible"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + ObjectId string `pulumi:"objectId"` + // Whether the access packages in this catalog are available for management. + Published bool `pulumi:"published"` +} + +func LookupAccessPackageCatalogOutput(ctx *pulumi.Context, args LookupAccessPackageCatalogOutputArgs, opts ...pulumi.InvokeOption) LookupAccessPackageCatalogResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (LookupAccessPackageCatalogResult, error) { + args := v.(LookupAccessPackageCatalogArgs) + r, err := LookupAccessPackageCatalog(ctx, &args, opts...) + var s LookupAccessPackageCatalogResult + if r != nil { + s = *r + } + return s, err + }).(LookupAccessPackageCatalogResultOutput) +} + +// A collection of arguments for invoking getAccessPackageCatalog. +type LookupAccessPackageCatalogOutputArgs struct { + // The display name of the access package catalog. + DisplayName pulumi.StringPtrInput `pulumi:"displayName"` + // The ID of this access package catalog. + ObjectId pulumi.StringPtrInput `pulumi:"objectId"` +} + +func (LookupAccessPackageCatalogOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupAccessPackageCatalogArgs)(nil)).Elem() +} + +// A collection of values returned by getAccessPackageCatalog. +type LookupAccessPackageCatalogResultOutput struct{ *pulumi.OutputState } + +func (LookupAccessPackageCatalogResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupAccessPackageCatalogResult)(nil)).Elem() +} + +func (o LookupAccessPackageCatalogResultOutput) ToLookupAccessPackageCatalogResultOutput() LookupAccessPackageCatalogResultOutput { + return o +} + +func (o LookupAccessPackageCatalogResultOutput) ToLookupAccessPackageCatalogResultOutputWithContext(ctx context.Context) LookupAccessPackageCatalogResultOutput { + return o +} + +// The description of the access package catalog. +func (o LookupAccessPackageCatalogResultOutput) Description() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageCatalogResult) string { return v.Description }).(pulumi.StringOutput) +} + +func (o LookupAccessPackageCatalogResultOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageCatalogResult) string { return v.DisplayName }).(pulumi.StringOutput) +} + +// Whether the access packages in this catalog can be requested by users outside the tenant. +func (o LookupAccessPackageCatalogResultOutput) ExternallyVisible() pulumi.BoolOutput { + return o.ApplyT(func(v LookupAccessPackageCatalogResult) bool { return v.ExternallyVisible }).(pulumi.BoolOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupAccessPackageCatalogResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageCatalogResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o LookupAccessPackageCatalogResultOutput) ObjectId() pulumi.StringOutput { + return o.ApplyT(func(v LookupAccessPackageCatalogResult) string { return v.ObjectId }).(pulumi.StringOutput) +} + +// Whether the access packages in this catalog are available for management. +func (o LookupAccessPackageCatalogResultOutput) Published() pulumi.BoolOutput { + return o.ApplyT(func(v LookupAccessPackageCatalogResult) bool { return v.Published }).(pulumi.BoolOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupAccessPackageCatalogResultOutput{}) +} diff --git a/sdk/go/azuread/getApplication.go b/sdk/go/azuread/getApplication.go index ead474e5c..6c71024a1 100644 --- a/sdk/go/azuread/getApplication.go +++ b/sdk/go/azuread/getApplication.go @@ -117,6 +117,8 @@ type LookupApplicationResult struct { PublisherDomain string `pulumi:"publisherDomain"` // A collection of `requiredResourceAccess` blocks as documented below. RequiredResourceAccesses []GetApplicationRequiredResourceAccess `pulumi:"requiredResourceAccesses"` + // References application context information from a Service or Asset Management database. + ServiceManagementReference string `pulumi:"serviceManagementReference"` // The Microsoft account types that are supported for the current application. One of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. SignInAudience string `pulumi:"signInAudience"` // A `singlePageApplication` block as documented below. @@ -300,6 +302,11 @@ func (o LookupApplicationResultOutput) RequiredResourceAccesses() GetApplication }).(GetApplicationRequiredResourceAccessArrayOutput) } +// References application context information from a Service or Asset Management database. +func (o LookupApplicationResultOutput) ServiceManagementReference() pulumi.StringOutput { + return o.ApplyT(func(v LookupApplicationResult) string { return v.ServiceManagementReference }).(pulumi.StringOutput) +} + // The Microsoft account types that are supported for the current application. One of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. func (o LookupApplicationResultOutput) SignInAudience() pulumi.StringOutput { return o.ApplyT(func(v LookupApplicationResult) string { return v.SignInAudience }).(pulumi.StringOutput) diff --git a/sdk/go/azuread/getGroup.go b/sdk/go/azuread/getGroup.go index d0049b05c..af6bd183e 100644 --- a/sdk/go/azuread/getGroup.go +++ b/sdk/go/azuread/getGroup.go @@ -102,6 +102,8 @@ type LookupGroupResult struct { ObjectId string `pulumi:"objectId"` // The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesDomainName string `pulumi:"onpremisesDomainName"` + // The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + OnpremisesGroupType string `pulumi:"onpremisesGroupType"` // The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesNetbiosName string `pulumi:"onpremisesNetbiosName"` // The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used. @@ -126,6 +128,8 @@ type LookupGroupResult struct { Types []string `pulumi:"types"` // The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility. Visibility string `pulumi:"visibility"` + // Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + WritebackEnabled bool `pulumi:"writebackEnabled"` } func LookupGroupOutput(ctx *pulumi.Context, args LookupGroupOutputArgs, opts ...pulumi.InvokeOption) LookupGroupResultOutput { @@ -252,6 +256,11 @@ func (o LookupGroupResultOutput) OnpremisesDomainName() pulumi.StringOutput { return o.ApplyT(func(v LookupGroupResult) string { return v.OnpremisesDomainName }).(pulumi.StringOutput) } +// The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. +func (o LookupGroupResultOutput) OnpremisesGroupType() pulumi.StringOutput { + return o.ApplyT(func(v LookupGroupResult) string { return v.OnpremisesGroupType }).(pulumi.StringOutput) +} + // The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. func (o LookupGroupResultOutput) OnpremisesNetbiosName() pulumi.StringOutput { return o.ApplyT(func(v LookupGroupResult) string { return v.OnpremisesNetbiosName }).(pulumi.StringOutput) @@ -312,6 +321,11 @@ func (o LookupGroupResultOutput) Visibility() pulumi.StringOutput { return o.ApplyT(func(v LookupGroupResult) string { return v.Visibility }).(pulumi.StringOutput) } +// Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. +func (o LookupGroupResultOutput) WritebackEnabled() pulumi.BoolOutput { + return o.ApplyT(func(v LookupGroupResult) bool { return v.WritebackEnabled }).(pulumi.BoolOutput) +} + func init() { pulumi.RegisterOutputType(LookupGroupResultOutput{}) } diff --git a/sdk/go/azuread/getUser.go b/sdk/go/azuread/getUser.go index d5539ff62..16272a75a 100644 --- a/sdk/go/azuread/getUser.go +++ b/sdk/go/azuread/getUser.go @@ -56,6 +56,8 @@ func LookupUser(ctx *pulumi.Context, args *LookupUserArgs, opts ...pulumi.Invoke // A collection of arguments for invoking getUser. type LookupUserArgs struct { + // The SMTP address for the user. + Mail *string `pulumi:"mail"` // The email alias of the user. MailNickname *string `pulumi:"mailNickname"` // The object ID of the user. @@ -171,6 +173,8 @@ func LookupUserOutput(ctx *pulumi.Context, args LookupUserOutputArgs, opts ...pu // A collection of arguments for invoking getUser. type LookupUserOutputArgs struct { + // The SMTP address for the user. + Mail pulumi.StringPtrInput `pulumi:"mail"` // The email alias of the user. MailNickname pulumi.StringPtrInput `pulumi:"mailNickname"` // The object ID of the user. diff --git a/sdk/go/azuread/group.go b/sdk/go/azuread/group.go index 69e841648..e33b0bfc8 100644 --- a/sdk/go/azuread/group.go +++ b/sdk/go/azuread/group.go @@ -17,7 +17,9 @@ import ( // // The following API permissions are required in order to use this resource. // -// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` +// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. +// +// Alternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`. // // If using the `assignableToRole` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All` // @@ -73,6 +75,8 @@ type Group struct { ObjectId pulumi.StringOutput `pulumi:"objectId"` // The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesDomainName pulumi.StringOutput `pulumi:"onpremisesDomainName"` + // The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + OnpremisesGroupType pulumi.StringOutput `pulumi:"onpremisesGroupType"` // The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesNetbiosName pulumi.StringOutput `pulumi:"onpremisesNetbiosName"` // The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used. @@ -99,6 +103,8 @@ type Group struct { Types pulumi.StringArrayOutput `pulumi:"types"` // The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. Visibility pulumi.StringOutput `pulumi:"visibility"` + // Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + WritebackEnabled pulumi.BoolPtrOutput `pulumi:"writebackEnabled"` } // NewGroup registers a new resource with the given unique name, arguments, and options. @@ -165,6 +171,8 @@ type groupState struct { ObjectId *string `pulumi:"objectId"` // The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesDomainName *string `pulumi:"onpremisesDomainName"` + // The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + OnpremisesGroupType *string `pulumi:"onpremisesGroupType"` // The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesNetbiosName *string `pulumi:"onpremisesNetbiosName"` // The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used. @@ -191,6 +199,8 @@ type groupState struct { Types []string `pulumi:"types"` // The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. Visibility *string `pulumi:"visibility"` + // Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + WritebackEnabled *bool `pulumi:"writebackEnabled"` } type GroupState struct { @@ -226,6 +236,8 @@ type GroupState struct { ObjectId pulumi.StringPtrInput // The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesDomainName pulumi.StringPtrInput + // The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + OnpremisesGroupType pulumi.StringPtrInput // The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. OnpremisesNetbiosName pulumi.StringPtrInput // The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used. @@ -252,6 +264,8 @@ type GroupState struct { Types pulumi.StringArrayInput // The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. Visibility pulumi.StringPtrInput + // Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + WritebackEnabled pulumi.BoolPtrInput } func (GroupState) ElementType() reflect.Type { @@ -285,6 +299,8 @@ type groupArgs struct { MailNickname *string `pulumi:"mailNickname"` // A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamicMembership` block. Members []string `pulumi:"members"` + // The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + OnpremisesGroupType *string `pulumi:"onpremisesGroupType"` // A set of owners who own this group. Supported object types are Users or Service Principals Owners []string `pulumi:"owners"` // If `true`, will return an error if an existing group is found with the same name. Defaults to `false`. @@ -299,6 +315,8 @@ type groupArgs struct { Types []string `pulumi:"types"` // The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. Visibility *string `pulumi:"visibility"` + // Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + WritebackEnabled *bool `pulumi:"writebackEnabled"` } // The set of arguments for constructing a Group resource. @@ -329,6 +347,8 @@ type GroupArgs struct { MailNickname pulumi.StringPtrInput // A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamicMembership` block. Members pulumi.StringArrayInput + // The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + OnpremisesGroupType pulumi.StringPtrInput // A set of owners who own this group. Supported object types are Users or Service Principals Owners pulumi.StringArrayInput // If `true`, will return an error if an existing group is found with the same name. Defaults to `false`. @@ -343,6 +363,8 @@ type GroupArgs struct { Types pulumi.StringArrayInput // The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. Visibility pulumi.StringPtrInput + // Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + WritebackEnabled pulumi.BoolPtrInput } func (GroupArgs) ElementType() reflect.Type { @@ -512,6 +534,11 @@ func (o GroupOutput) OnpremisesDomainName() pulumi.StringOutput { return o.ApplyT(func(v *Group) pulumi.StringOutput { return v.OnpremisesDomainName }).(pulumi.StringOutput) } +// The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. +func (o GroupOutput) OnpremisesGroupType() pulumi.StringOutput { + return o.ApplyT(func(v *Group) pulumi.StringOutput { return v.OnpremisesGroupType }).(pulumi.StringOutput) +} + // The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. func (o GroupOutput) OnpremisesNetbiosName() pulumi.StringOutput { return o.ApplyT(func(v *Group) pulumi.StringOutput { return v.OnpremisesNetbiosName }).(pulumi.StringOutput) @@ -577,6 +604,11 @@ func (o GroupOutput) Visibility() pulumi.StringOutput { return o.ApplyT(func(v *Group) pulumi.StringOutput { return v.Visibility }).(pulumi.StringOutput) } +// Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. +func (o GroupOutput) WritebackEnabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *Group) pulumi.BoolPtrOutput { return v.WritebackEnabled }).(pulumi.BoolPtrOutput) +} + type GroupArrayOutput struct{ *pulumi.OutputState } func (GroupArrayOutput) ElementType() reflect.Type { diff --git a/sdk/go/azuread/groupMember.go b/sdk/go/azuread/groupMember.go index f61247ef7..c1ac4c789 100644 --- a/sdk/go/azuread/groupMember.go +++ b/sdk/go/azuread/groupMember.go @@ -19,7 +19,9 @@ import ( // // The following API permissions are required in order to use this resource. // -// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` +// When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. +// +// However, if the authenticated service principal is an owner of the group being managed, an application role is not required. // // When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator` // diff --git a/sdk/go/azuread/init.go b/sdk/go/azuread/init.go index f6517340a..2ce4302cc 100644 --- a/sdk/go/azuread/init.go +++ b/sdk/go/azuread/init.go @@ -20,10 +20,22 @@ func (m *module) Version() semver.Version { func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { switch typ { + case "azuread:index/accessPackage:AccessPackage": + r = &AccessPackage{} + case "azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy": + r = &AccessPackageAssignmentPolicy{} + case "azuread:index/accessPackageCatalog:AccessPackageCatalog": + r = &AccessPackageCatalog{} + case "azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation": + r = &AccessPackageResourceCatalogAssociation{} + case "azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation": + r = &AccessPackageResourcePackageAssociation{} case "azuread:index/administrativeUnit:AdministrativeUnit": r = &AdministrativeUnit{} case "azuread:index/administrativeUnitMember:AdministrativeUnitMember": r = &AdministrativeUnitMember{} + case "azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember": + r = &AdministrativeUnitRoleMember{} case "azuread:index/appRoleAssignment:AppRoleAssignment": r = &AppRoleAssignment{} case "azuread:index/application:Application": @@ -74,6 +86,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &SynchronizationSecret{} case "azuread:index/user:User": r = &User{} + case "azuread:index/userFlowAttribute:UserFlowAttribute": + r = &UserFlowAttribute{} default: return nil, fmt.Errorf("unknown resource type: %s", typ) } @@ -102,6 +116,31 @@ func (p *pkg) ConstructProvider(ctx *pulumi.Context, name, typ, urn string) (pul func init() { version, _ := PkgVersion() + pulumi.RegisterResourceModule( + "azuread", + "index/accessPackage", + &module{version}, + ) + pulumi.RegisterResourceModule( + "azuread", + "index/accessPackageAssignmentPolicy", + &module{version}, + ) + pulumi.RegisterResourceModule( + "azuread", + "index/accessPackageCatalog", + &module{version}, + ) + pulumi.RegisterResourceModule( + "azuread", + "index/accessPackageResourceCatalogAssociation", + &module{version}, + ) + pulumi.RegisterResourceModule( + "azuread", + "index/accessPackageResourcePackageAssociation", + &module{version}, + ) pulumi.RegisterResourceModule( "azuread", "index/administrativeUnit", @@ -112,6 +151,11 @@ func init() { "index/administrativeUnitMember", &module{version}, ) + pulumi.RegisterResourceModule( + "azuread", + "index/administrativeUnitRoleMember", + &module{version}, + ) pulumi.RegisterResourceModule( "azuread", "index/appRoleAssignment", @@ -237,6 +281,11 @@ func init() { "index/user", &module{version}, ) + pulumi.RegisterResourceModule( + "azuread", + "index/userFlowAttribute", + &module{version}, + ) pulumi.RegisterResourcePackage( "azuread", &pkg{version}, diff --git a/sdk/go/azuread/pulumiTypes.go b/sdk/go/azuread/pulumiTypes.go index abd81a5ef..d7de813e4 100644 --- a/sdk/go/azuread/pulumiTypes.go +++ b/sdk/go/azuread/pulumiTypes.go @@ -10,6 +10,1874 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +type AccessPackageAssignmentPolicyApprovalSettings struct { + // Whether an approval is required. + ApprovalRequired *bool `pulumi:"approvalRequired"` + // Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + ApprovalRequiredForExtension *bool `pulumi:"approvalRequiredForExtension"` + // An `approvalStage` block specifying the process to obtain an approval, as documented below. + ApprovalStages []AccessPackageAssignmentPolicyApprovalSettingsApprovalStage `pulumi:"approvalStages"` + // Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + RequestorJustificationRequired *bool `pulumi:"requestorJustificationRequired"` +} + +// AccessPackageAssignmentPolicyApprovalSettingsInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsArgs and AccessPackageAssignmentPolicyApprovalSettingsOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsArgs{...} +type AccessPackageAssignmentPolicyApprovalSettingsInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsOutput() AccessPackageAssignmentPolicyApprovalSettingsOutput + ToAccessPackageAssignmentPolicyApprovalSettingsOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsOutput +} + +type AccessPackageAssignmentPolicyApprovalSettingsArgs struct { + // Whether an approval is required. + ApprovalRequired pulumi.BoolPtrInput `pulumi:"approvalRequired"` + // Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + ApprovalRequiredForExtension pulumi.BoolPtrInput `pulumi:"approvalRequiredForExtension"` + // An `approvalStage` block specifying the process to obtain an approval, as documented below. + ApprovalStages AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayInput `pulumi:"approvalStages"` + // Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + RequestorJustificationRequired pulumi.BoolPtrInput `pulumi:"requestorJustificationRequired"` +} + +func (AccessPackageAssignmentPolicyApprovalSettingsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettings)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsArgs) ToAccessPackageAssignmentPolicyApprovalSettingsOutput() AccessPackageAssignmentPolicyApprovalSettingsOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsArgs) ToAccessPackageAssignmentPolicyApprovalSettingsOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsOutput) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsArgs) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutput() AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsArgs) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsOutput).ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(ctx) +} + +// AccessPackageAssignmentPolicyApprovalSettingsPtrInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsArgs, AccessPackageAssignmentPolicyApprovalSettingsPtr and AccessPackageAssignmentPolicyApprovalSettingsPtrOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsPtrInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsArgs{...} +// +// or: +// +// nil +type AccessPackageAssignmentPolicyApprovalSettingsPtrInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutput() AccessPackageAssignmentPolicyApprovalSettingsPtrOutput + ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsPtrOutput +} + +type accessPackageAssignmentPolicyApprovalSettingsPtrType AccessPackageAssignmentPolicyApprovalSettingsArgs + +func AccessPackageAssignmentPolicyApprovalSettingsPtr(v *AccessPackageAssignmentPolicyApprovalSettingsArgs) AccessPackageAssignmentPolicyApprovalSettingsPtrInput { + return (*accessPackageAssignmentPolicyApprovalSettingsPtrType)(v) +} + +func (*accessPackageAssignmentPolicyApprovalSettingsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicyApprovalSettings)(nil)).Elem() +} + +func (i *accessPackageAssignmentPolicyApprovalSettingsPtrType) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutput() AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(context.Background()) +} + +func (i *accessPackageAssignmentPolicyApprovalSettingsPtrType) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettings)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) ToAccessPackageAssignmentPolicyApprovalSettingsOutput() AccessPackageAssignmentPolicyApprovalSettingsOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) ToAccessPackageAssignmentPolicyApprovalSettingsOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutput() AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return o.ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(context.Background()) +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AccessPackageAssignmentPolicyApprovalSettings) *AccessPackageAssignmentPolicyApprovalSettings { + return &v + }).(AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) +} + +// Whether an approval is required. +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) ApprovalRequired() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettings) *bool { return v.ApprovalRequired }).(pulumi.BoolPtrOutput) +} + +// Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) ApprovalRequiredForExtension() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettings) *bool { return v.ApprovalRequiredForExtension }).(pulumi.BoolPtrOutput) +} + +// An `approvalStage` block specifying the process to obtain an approval, as documented below. +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) ApprovalStages() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettings) []AccessPackageAssignmentPolicyApprovalSettingsApprovalStage { + return v.ApprovalStages + }).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput) +} + +// Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. +func (o AccessPackageAssignmentPolicyApprovalSettingsOutput) RequestorJustificationRequired() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettings) *bool { return v.RequestorJustificationRequired }).(pulumi.BoolPtrOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsPtrOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicyApprovalSettings)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutput() AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) ToAccessPackageAssignmentPolicyApprovalSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsPtrOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) Elem() AccessPackageAssignmentPolicyApprovalSettingsOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyApprovalSettings) AccessPackageAssignmentPolicyApprovalSettings { + if v != nil { + return *v + } + var ret AccessPackageAssignmentPolicyApprovalSettings + return ret + }).(AccessPackageAssignmentPolicyApprovalSettingsOutput) +} + +// Whether an approval is required. +func (o AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) ApprovalRequired() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyApprovalSettings) *bool { + if v == nil { + return nil + } + return v.ApprovalRequired + }).(pulumi.BoolPtrOutput) +} + +// Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. +func (o AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) ApprovalRequiredForExtension() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyApprovalSettings) *bool { + if v == nil { + return nil + } + return v.ApprovalRequiredForExtension + }).(pulumi.BoolPtrOutput) +} + +// An `approvalStage` block specifying the process to obtain an approval, as documented below. +func (o AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) ApprovalStages() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyApprovalSettings) []AccessPackageAssignmentPolicyApprovalSettingsApprovalStage { + if v == nil { + return nil + } + return v.ApprovalStages + }).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput) +} + +// Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. +func (o AccessPackageAssignmentPolicyApprovalSettingsPtrOutput) RequestorJustificationRequired() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyApprovalSettings) *bool { + if v == nil { + return nil + } + return v.RequestorJustificationRequired + }).(pulumi.BoolPtrOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStage struct { + // Whether alternative approvers are enabled. + AlternativeApprovalEnabled *bool `pulumi:"alternativeApprovalEnabled"` + // A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + AlternativeApprovers []AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover `pulumi:"alternativeApprovers"` + // Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + ApprovalTimeoutInDays int `pulumi:"approvalTimeoutInDays"` + // Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + ApproverJustificationRequired *bool `pulumi:"approverJustificationRequired"` + // Number of days before the request is forwarded to alternative approvers. + EnableAlternativeApprovalInDays *int `pulumi:"enableAlternativeApprovalInDays"` + // A block specifying the users who will be asked to approve requests, as documented below. + PrimaryApprovers []AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover `pulumi:"primaryApprovers"` +} + +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs and AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsApprovalStageInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{...} +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs struct { + // Whether alternative approvers are enabled. + AlternativeApprovalEnabled pulumi.BoolPtrInput `pulumi:"alternativeApprovalEnabled"` + // A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + AlternativeApprovers AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayInput `pulumi:"alternativeApprovers"` + // Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + ApprovalTimeoutInDays pulumi.IntInput `pulumi:"approvalTimeoutInDays"` + // Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + ApproverJustificationRequired pulumi.BoolPtrInput `pulumi:"approverJustificationRequired"` + // Number of days before the request is forwarded to alternative approvers. + EnableAlternativeApprovalInDays pulumi.IntPtrInput `pulumi:"enableAlternativeApprovalInDays"` + // A block specifying the users who will be asked to approve requests, as documented below. + PrimaryApprovers AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayInput `pulumi:"primaryApprovers"` +} + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStage)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) +} + +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray and AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{ AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{...} } +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray []AccessPackageAssignmentPolicyApprovalSettingsApprovalStageInput + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyApprovalSettingsApprovalStage)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStage)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput { + return o +} + +// Whether alternative approvers are enabled. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) AlternativeApprovalEnabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStage) *bool { + return v.AlternativeApprovalEnabled + }).(pulumi.BoolPtrOutput) +} + +// A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) AlternativeApprovers() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStage) []AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover { + return v.AlternativeApprovers + }).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput) +} + +// Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) ApprovalTimeoutInDays() pulumi.IntOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStage) int { return v.ApprovalTimeoutInDays }).(pulumi.IntOutput) +} + +// Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) ApproverJustificationRequired() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStage) *bool { + return v.ApproverJustificationRequired + }).(pulumi.BoolPtrOutput) +} + +// Number of days before the request is forwarded to alternative approvers. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) EnableAlternativeApprovalInDays() pulumi.IntPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStage) *int { + return v.EnableAlternativeApprovalInDays + }).(pulumi.IntPtrOutput) +} + +// A block specifying the users who will be asked to approve requests, as documented below. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) PrimaryApprovers() AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStage) []AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover { + return v.PrimaryApprovers + }).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyApprovalSettingsApprovalStage)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyApprovalSettingsApprovalStage { + return vs[0].([]AccessPackageAssignmentPolicyApprovalSettingsApprovalStage)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup *bool `pulumi:"backup"` + // The ID of the subject. + ObjectId *string `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType string `pulumi:"subjectType"` +} + +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs and AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs{...} +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup pulumi.BoolPtrInput `pulumi:"backup"` + // The ID of the subject. + ObjectId pulumi.StringPtrInput `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType pulumi.StringInput `pulumi:"subjectType"` +} + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) +} + +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray and AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray{ AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs{...} } +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray []AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverInput + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput { + return o +} + +// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) Backup() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover) *bool { + return v.Backup + }).(pulumi.BoolPtrOutput) +} + +// The ID of the subject. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) ObjectId() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover) *string { + return v.ObjectId + }).(pulumi.StringPtrOutput) +} + +// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) SubjectType() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover) string { + return v.SubjectType + }).(pulumi.StringOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover { + return vs[0].([]AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup *bool `pulumi:"backup"` + // The ID of the subject. + ObjectId *string `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType string `pulumi:"subjectType"` +} + +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs and AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{...} +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup pulumi.BoolPtrInput `pulumi:"backup"` + // The ID of the subject. + ObjectId pulumi.StringPtrInput `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType pulumi.StringInput `pulumi:"subjectType"` +} + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) +} + +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayInput is an input type that accepts AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray and AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayInput` via: +// +// AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{ AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{...} } +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput + ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray []AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverInput + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput { + return i.ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput { + return o +} + +// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) Backup() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover) *bool { + return v.Backup + }).(pulumi.BoolPtrOutput) +} + +// The ID of the subject. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) ObjectId() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover) *string { + return v.ObjectId + }).(pulumi.StringPtrOutput) +} + +// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) SubjectType() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover) string { + return v.SubjectType + }).(pulumi.StringOutput) +} + +type AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput() AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput) ToAccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover { + return vs[0].([]AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput) +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettings struct { + // Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + AccessRecommendationEnabled *bool `pulumi:"accessRecommendationEnabled"` + // Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + AccessReviewTimeoutBehavior *string `pulumi:"accessReviewTimeoutBehavior"` + // Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + ApproverJustificationRequired *bool `pulumi:"approverJustificationRequired"` + // How many days each occurrence of the access review series will run. + DurationInDays *int `pulumi:"durationInDays"` + // Whether to enable assignment review. + Enabled *bool `pulumi:"enabled"` + // This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + ReviewFrequency *string `pulumi:"reviewFrequency"` + // Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + ReviewType *string `pulumi:"reviewType"` + // One or more `reviewer` blocks to specify the users who will be reviewers (when `reviewType` is `Reviewers`), as documented below. + Reviewers []AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer `pulumi:"reviewers"` + // This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + StartingOn *string `pulumi:"startingOn"` +} + +// AccessPackageAssignmentPolicyAssignmentReviewSettingsInput is an input type that accepts AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs and AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyAssignmentReviewSettingsInput` via: +// +// AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{...} +type AccessPackageAssignmentPolicyAssignmentReviewSettingsInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsOutputWithContext(context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs struct { + // Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + AccessRecommendationEnabled pulumi.BoolPtrInput `pulumi:"accessRecommendationEnabled"` + // Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + AccessReviewTimeoutBehavior pulumi.StringPtrInput `pulumi:"accessReviewTimeoutBehavior"` + // Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + ApproverJustificationRequired pulumi.BoolPtrInput `pulumi:"approverJustificationRequired"` + // How many days each occurrence of the access review series will run. + DurationInDays pulumi.IntPtrInput `pulumi:"durationInDays"` + // Whether to enable assignment review. + Enabled pulumi.BoolPtrInput `pulumi:"enabled"` + // This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + ReviewFrequency pulumi.StringPtrInput `pulumi:"reviewFrequency"` + // Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + ReviewType pulumi.StringPtrInput `pulumi:"reviewType"` + // One or more `reviewer` blocks to specify the users who will be reviewers (when `reviewType` is `Reviewers`), as documented below. + Reviewers AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayInput `pulumi:"reviewers"` + // This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + StartingOn pulumi.StringPtrInput `pulumi:"startingOn"` +} + +func (AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettings)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput { + return i.ToAccessPackageAssignmentPolicyAssignmentReviewSettingsOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return i.ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput).ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(ctx) +} + +// AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrInput is an input type that accepts AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs, AccessPackageAssignmentPolicyAssignmentReviewSettingsPtr and AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrInput` via: +// +// AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{...} +// +// or: +// +// nil +type AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput +} + +type accessPackageAssignmentPolicyAssignmentReviewSettingsPtrType AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs + +func AccessPackageAssignmentPolicyAssignmentReviewSettingsPtr(v *AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs) AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrInput { + return (*accessPackageAssignmentPolicyAssignmentReviewSettingsPtrType)(v) +} + +func (*accessPackageAssignmentPolicyAssignmentReviewSettingsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicyAssignmentReviewSettings)(nil)).Elem() +} + +func (i *accessPackageAssignmentPolicyAssignmentReviewSettingsPtrType) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return i.ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(context.Background()) +} + +func (i *accessPackageAssignmentPolicyAssignmentReviewSettingsPtrType) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettings)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput { + return o +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput { + return o +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return o.ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(context.Background()) +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AccessPackageAssignmentPolicyAssignmentReviewSettings) *AccessPackageAssignmentPolicyAssignmentReviewSettings { + return &v + }).(AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) +} + +// Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) AccessRecommendationEnabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *bool { + return v.AccessRecommendationEnabled + }).(pulumi.BoolPtrOutput) +} + +// Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) AccessReviewTimeoutBehavior() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { + return v.AccessReviewTimeoutBehavior + }).(pulumi.StringPtrOutput) +} + +// Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ApproverJustificationRequired() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *bool { + return v.ApproverJustificationRequired + }).(pulumi.BoolPtrOutput) +} + +// How many days each occurrence of the access review series will run. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) DurationInDays() pulumi.IntPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *int { return v.DurationInDays }).(pulumi.IntPtrOutput) +} + +// Whether to enable assignment review. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *bool { return v.Enabled }).(pulumi.BoolPtrOutput) +} + +// This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ReviewFrequency() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { return v.ReviewFrequency }).(pulumi.StringPtrOutput) +} + +// Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) ReviewType() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { return v.ReviewType }).(pulumi.StringPtrOutput) +} + +// One or more `reviewer` blocks to specify the users who will be reviewers (when `reviewType` is `Reviewers`), as documented below. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) Reviewers() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) []AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer { + return v.Reviewers + }).(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput) +} + +// This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) StartingOn() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { return v.StartingOn }).(pulumi.StringPtrOutput) +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicyAssignmentReviewSettings)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return o +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput { + return o +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) Elem() AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) AccessPackageAssignmentPolicyAssignmentReviewSettings { + if v != nil { + return *v + } + var ret AccessPackageAssignmentPolicyAssignmentReviewSettings + return ret + }).(AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput) +} + +// Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) AccessRecommendationEnabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *bool { + if v == nil { + return nil + } + return v.AccessRecommendationEnabled + }).(pulumi.BoolPtrOutput) +} + +// Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) AccessReviewTimeoutBehavior() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { + if v == nil { + return nil + } + return v.AccessReviewTimeoutBehavior + }).(pulumi.StringPtrOutput) +} + +// Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) ApproverJustificationRequired() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *bool { + if v == nil { + return nil + } + return v.ApproverJustificationRequired + }).(pulumi.BoolPtrOutput) +} + +// How many days each occurrence of the access review series will run. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) DurationInDays() pulumi.IntPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *int { + if v == nil { + return nil + } + return v.DurationInDays + }).(pulumi.IntPtrOutput) +} + +// Whether to enable assignment review. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *bool { + if v == nil { + return nil + } + return v.Enabled + }).(pulumi.BoolPtrOutput) +} + +// This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) ReviewFrequency() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { + if v == nil { + return nil + } + return v.ReviewFrequency + }).(pulumi.StringPtrOutput) +} + +// Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) ReviewType() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { + if v == nil { + return nil + } + return v.ReviewType + }).(pulumi.StringPtrOutput) +} + +// One or more `reviewer` blocks to specify the users who will be reviewers (when `reviewType` is `Reviewers`), as documented below. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) Reviewers() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) []AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer { + if v == nil { + return nil + } + return v.Reviewers + }).(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput) +} + +// This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput) StartingOn() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyAssignmentReviewSettings) *string { + if v == nil { + return nil + } + return v.StartingOn + }).(pulumi.StringPtrOutput) +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup *bool `pulumi:"backup"` + // The ID of the subject. + ObjectId *string `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType string `pulumi:"subjectType"` +} + +// AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerInput is an input type that accepts AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs and AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerInput` via: +// +// AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs{...} +type AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutputWithContext(context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup pulumi.BoolPtrInput `pulumi:"backup"` + // The ID of the subject. + ObjectId pulumi.StringPtrInput `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType pulumi.StringInput `pulumi:"subjectType"` +} + +func (AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput { + return i.ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) +} + +// AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayInput is an input type that accepts AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray and AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayInput` via: +// +// AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray{ AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs{...} } +type AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput + ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray []AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerInput + +func (AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput { + return i.ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput) +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput { + return o +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput { + return o +} + +// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) Backup() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer) *bool { return v.Backup }).(pulumi.BoolPtrOutput) +} + +// The ID of the subject. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) ObjectId() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer) *string { return v.ObjectId }).(pulumi.StringPtrOutput) +} + +// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) SubjectType() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer) string { return v.SubjectType }).(pulumi.StringOutput) +} + +type AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput() AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput) ToAccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer { + return vs[0].([]AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput) +} + +type AccessPackageAssignmentPolicyQuestion struct { + // One or more blocks configuring a choice to the question, as documented below. + Choices []AccessPackageAssignmentPolicyQuestionChoice `pulumi:"choices"` + // Whether this question is required. + Required *bool `pulumi:"required"` + // The sequence number of this question. + Sequence *int `pulumi:"sequence"` + // A block describing the content of this question, as documented below. + Text AccessPackageAssignmentPolicyQuestionText `pulumi:"text"` +} + +// AccessPackageAssignmentPolicyQuestionInput is an input type that accepts AccessPackageAssignmentPolicyQuestionArgs and AccessPackageAssignmentPolicyQuestionOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionInput` via: +// +// AccessPackageAssignmentPolicyQuestionArgs{...} +type AccessPackageAssignmentPolicyQuestionInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionOutput() AccessPackageAssignmentPolicyQuestionOutput + ToAccessPackageAssignmentPolicyQuestionOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionOutput +} + +type AccessPackageAssignmentPolicyQuestionArgs struct { + // One or more blocks configuring a choice to the question, as documented below. + Choices AccessPackageAssignmentPolicyQuestionChoiceArrayInput `pulumi:"choices"` + // Whether this question is required. + Required pulumi.BoolPtrInput `pulumi:"required"` + // The sequence number of this question. + Sequence pulumi.IntPtrInput `pulumi:"sequence"` + // A block describing the content of this question, as documented below. + Text AccessPackageAssignmentPolicyQuestionTextInput `pulumi:"text"` +} + +func (AccessPackageAssignmentPolicyQuestionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestion)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionArgs) ToAccessPackageAssignmentPolicyQuestionOutput() AccessPackageAssignmentPolicyQuestionOutput { + return i.ToAccessPackageAssignmentPolicyQuestionOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionArgs) ToAccessPackageAssignmentPolicyQuestionOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionOutput) +} + +// AccessPackageAssignmentPolicyQuestionArrayInput is an input type that accepts AccessPackageAssignmentPolicyQuestionArray and AccessPackageAssignmentPolicyQuestionArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionArrayInput` via: +// +// AccessPackageAssignmentPolicyQuestionArray{ AccessPackageAssignmentPolicyQuestionArgs{...} } +type AccessPackageAssignmentPolicyQuestionArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionArrayOutput() AccessPackageAssignmentPolicyQuestionArrayOutput + ToAccessPackageAssignmentPolicyQuestionArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionArrayOutput +} + +type AccessPackageAssignmentPolicyQuestionArray []AccessPackageAssignmentPolicyQuestionInput + +func (AccessPackageAssignmentPolicyQuestionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestion)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionArray) ToAccessPackageAssignmentPolicyQuestionArrayOutput() AccessPackageAssignmentPolicyQuestionArrayOutput { + return i.ToAccessPackageAssignmentPolicyQuestionArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionArray) ToAccessPackageAssignmentPolicyQuestionArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionArrayOutput) +} + +type AccessPackageAssignmentPolicyQuestionOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestion)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionOutput) ToAccessPackageAssignmentPolicyQuestionOutput() AccessPackageAssignmentPolicyQuestionOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionOutput) ToAccessPackageAssignmentPolicyQuestionOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionOutput { + return o +} + +// One or more blocks configuring a choice to the question, as documented below. +func (o AccessPackageAssignmentPolicyQuestionOutput) Choices() AccessPackageAssignmentPolicyQuestionChoiceArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestion) []AccessPackageAssignmentPolicyQuestionChoice { + return v.Choices + }).(AccessPackageAssignmentPolicyQuestionChoiceArrayOutput) +} + +// Whether this question is required. +func (o AccessPackageAssignmentPolicyQuestionOutput) Required() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestion) *bool { return v.Required }).(pulumi.BoolPtrOutput) +} + +// The sequence number of this question. +func (o AccessPackageAssignmentPolicyQuestionOutput) Sequence() pulumi.IntPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestion) *int { return v.Sequence }).(pulumi.IntPtrOutput) +} + +// A block describing the content of this question, as documented below. +func (o AccessPackageAssignmentPolicyQuestionOutput) Text() AccessPackageAssignmentPolicyQuestionTextOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestion) AccessPackageAssignmentPolicyQuestionText { return v.Text }).(AccessPackageAssignmentPolicyQuestionTextOutput) +} + +type AccessPackageAssignmentPolicyQuestionArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestion)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionArrayOutput) ToAccessPackageAssignmentPolicyQuestionArrayOutput() AccessPackageAssignmentPolicyQuestionArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionArrayOutput) ToAccessPackageAssignmentPolicyQuestionArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyQuestionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyQuestion { + return vs[0].([]AccessPackageAssignmentPolicyQuestion)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyQuestionOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoice struct { + // The actual value of this choice. + ActualValue string `pulumi:"actualValue"` + // A block describing the display text of this choice, as documented below. + DisplayValue AccessPackageAssignmentPolicyQuestionChoiceDisplayValue `pulumi:"displayValue"` +} + +// AccessPackageAssignmentPolicyQuestionChoiceInput is an input type that accepts AccessPackageAssignmentPolicyQuestionChoiceArgs and AccessPackageAssignmentPolicyQuestionChoiceOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionChoiceInput` via: +// +// AccessPackageAssignmentPolicyQuestionChoiceArgs{...} +type AccessPackageAssignmentPolicyQuestionChoiceInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionChoiceOutput() AccessPackageAssignmentPolicyQuestionChoiceOutput + ToAccessPackageAssignmentPolicyQuestionChoiceOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionChoiceOutput +} + +type AccessPackageAssignmentPolicyQuestionChoiceArgs struct { + // The actual value of this choice. + ActualValue pulumi.StringInput `pulumi:"actualValue"` + // A block describing the display text of this choice, as documented below. + DisplayValue AccessPackageAssignmentPolicyQuestionChoiceDisplayValueInput `pulumi:"displayValue"` +} + +func (AccessPackageAssignmentPolicyQuestionChoiceArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoice)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceArgs) ToAccessPackageAssignmentPolicyQuestionChoiceOutput() AccessPackageAssignmentPolicyQuestionChoiceOutput { + return i.ToAccessPackageAssignmentPolicyQuestionChoiceOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceArgs) ToAccessPackageAssignmentPolicyQuestionChoiceOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionChoiceOutput) +} + +// AccessPackageAssignmentPolicyQuestionChoiceArrayInput is an input type that accepts AccessPackageAssignmentPolicyQuestionChoiceArray and AccessPackageAssignmentPolicyQuestionChoiceArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionChoiceArrayInput` via: +// +// AccessPackageAssignmentPolicyQuestionChoiceArray{ AccessPackageAssignmentPolicyQuestionChoiceArgs{...} } +type AccessPackageAssignmentPolicyQuestionChoiceArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionChoiceArrayOutput() AccessPackageAssignmentPolicyQuestionChoiceArrayOutput + ToAccessPackageAssignmentPolicyQuestionChoiceArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionChoiceArrayOutput +} + +type AccessPackageAssignmentPolicyQuestionChoiceArray []AccessPackageAssignmentPolicyQuestionChoiceInput + +func (AccessPackageAssignmentPolicyQuestionChoiceArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestionChoice)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceArray) ToAccessPackageAssignmentPolicyQuestionChoiceArrayOutput() AccessPackageAssignmentPolicyQuestionChoiceArrayOutput { + return i.ToAccessPackageAssignmentPolicyQuestionChoiceArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceArray) ToAccessPackageAssignmentPolicyQuestionChoiceArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionChoiceArrayOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoiceOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionChoiceOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoice)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceOutput) ToAccessPackageAssignmentPolicyQuestionChoiceOutput() AccessPackageAssignmentPolicyQuestionChoiceOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceOutput) ToAccessPackageAssignmentPolicyQuestionChoiceOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceOutput { + return o +} + +// The actual value of this choice. +func (o AccessPackageAssignmentPolicyQuestionChoiceOutput) ActualValue() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionChoice) string { return v.ActualValue }).(pulumi.StringOutput) +} + +// A block describing the display text of this choice, as documented below. +func (o AccessPackageAssignmentPolicyQuestionChoiceOutput) DisplayValue() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionChoice) AccessPackageAssignmentPolicyQuestionChoiceDisplayValue { + return v.DisplayValue + }).(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoiceArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionChoiceArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestionChoice)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceArrayOutput) ToAccessPackageAssignmentPolicyQuestionChoiceArrayOutput() AccessPackageAssignmentPolicyQuestionChoiceArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceArrayOutput) ToAccessPackageAssignmentPolicyQuestionChoiceArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyQuestionChoiceOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyQuestionChoice { + return vs[0].([]AccessPackageAssignmentPolicyQuestionChoice)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyQuestionChoiceOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValue struct { + // The default text of this question. + DefaultText string `pulumi:"defaultText"` + // One or more blocks describing localized text of this question, as documented below. + LocalizedTexts []AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText `pulumi:"localizedTexts"` +} + +// AccessPackageAssignmentPolicyQuestionChoiceDisplayValueInput is an input type that accepts AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs and AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionChoiceDisplayValueInput` via: +// +// AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs{...} +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput + ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs struct { + // The default text of this question. + DefaultText pulumi.StringInput `pulumi:"defaultText"` + // One or more blocks describing localized text of this question, as documented below. + LocalizedTexts AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayInput `pulumi:"localizedTexts"` +} + +func (AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceDisplayValue)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput { + return i.ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceDisplayValue)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput { + return o +} + +// The default text of this question. +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput) DefaultText() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionChoiceDisplayValue) string { return v.DefaultText }).(pulumi.StringOutput) +} + +// One or more blocks describing localized text of this question, as documented below. +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput) LocalizedTexts() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionChoiceDisplayValue) []AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText { + return v.LocalizedTexts + }).(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText struct { + // The localized content of this question. + Content string `pulumi:"content"` + // The ISO 639 language code for this question content. + LanguageCode string `pulumi:"languageCode"` +} + +// AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextInput is an input type that accepts AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs and AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextInput` via: +// +// AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs{...} +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput + ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs struct { + // The localized content of this question. + Content pulumi.StringInput `pulumi:"content"` + // The ISO 639 language code for this question content. + LanguageCode pulumi.StringInput `pulumi:"languageCode"` +} + +func (AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput { + return i.ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput) +} + +// AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayInput is an input type that accepts AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray and AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayInput` via: +// +// AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray{ AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs{...} } +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput + ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray []AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextInput + +func (AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput { + return i.ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput { + return o +} + +// The localized content of this question. +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput) Content() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText) string { return v.Content }).(pulumi.StringOutput) +} + +// The ISO 639 language code for this question content. +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput) LanguageCode() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText) string { + return v.LanguageCode + }).(pulumi.StringOutput) +} + +type AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput() AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput) ToAccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText { + return vs[0].([]AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput) +} + +type AccessPackageAssignmentPolicyQuestionText struct { + // The default text of this question. + DefaultText string `pulumi:"defaultText"` + // One or more blocks describing localized text of this question, as documented below. + LocalizedTexts []AccessPackageAssignmentPolicyQuestionTextLocalizedText `pulumi:"localizedTexts"` +} + +// AccessPackageAssignmentPolicyQuestionTextInput is an input type that accepts AccessPackageAssignmentPolicyQuestionTextArgs and AccessPackageAssignmentPolicyQuestionTextOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionTextInput` via: +// +// AccessPackageAssignmentPolicyQuestionTextArgs{...} +type AccessPackageAssignmentPolicyQuestionTextInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionTextOutput() AccessPackageAssignmentPolicyQuestionTextOutput + ToAccessPackageAssignmentPolicyQuestionTextOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionTextOutput +} + +type AccessPackageAssignmentPolicyQuestionTextArgs struct { + // The default text of this question. + DefaultText pulumi.StringInput `pulumi:"defaultText"` + // One or more blocks describing localized text of this question, as documented below. + LocalizedTexts AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayInput `pulumi:"localizedTexts"` +} + +func (AccessPackageAssignmentPolicyQuestionTextArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionText)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionTextArgs) ToAccessPackageAssignmentPolicyQuestionTextOutput() AccessPackageAssignmentPolicyQuestionTextOutput { + return i.ToAccessPackageAssignmentPolicyQuestionTextOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionTextArgs) ToAccessPackageAssignmentPolicyQuestionTextOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionTextOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionTextOutput) +} + +type AccessPackageAssignmentPolicyQuestionTextOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionTextOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionText)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionTextOutput) ToAccessPackageAssignmentPolicyQuestionTextOutput() AccessPackageAssignmentPolicyQuestionTextOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionTextOutput) ToAccessPackageAssignmentPolicyQuestionTextOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionTextOutput { + return o +} + +// The default text of this question. +func (o AccessPackageAssignmentPolicyQuestionTextOutput) DefaultText() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionText) string { return v.DefaultText }).(pulumi.StringOutput) +} + +// One or more blocks describing localized text of this question, as documented below. +func (o AccessPackageAssignmentPolicyQuestionTextOutput) LocalizedTexts() AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionText) []AccessPackageAssignmentPolicyQuestionTextLocalizedText { + return v.LocalizedTexts + }).(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput) +} + +type AccessPackageAssignmentPolicyQuestionTextLocalizedText struct { + // The localized content of this question. + Content string `pulumi:"content"` + // The ISO 639 language code for this question content. + LanguageCode string `pulumi:"languageCode"` +} + +// AccessPackageAssignmentPolicyQuestionTextLocalizedTextInput is an input type that accepts AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs and AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionTextLocalizedTextInput` via: +// +// AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs{...} +type AccessPackageAssignmentPolicyQuestionTextLocalizedTextInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput() AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput + ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput +} + +type AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs struct { + // The localized content of this question. + Content pulumi.StringInput `pulumi:"content"` + // The ISO 639 language code for this question content. + LanguageCode pulumi.StringInput `pulumi:"languageCode"` +} + +func (AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionTextLocalizedText)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput() AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput { + return i.ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput) +} + +// AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayInput is an input type that accepts AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray and AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayInput` via: +// +// AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray{ AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs{...} } +type AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput() AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput + ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput +} + +type AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray []AccessPackageAssignmentPolicyQuestionTextLocalizedTextInput + +func (AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestionTextLocalizedText)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput() AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput { + return i.ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput) +} + +type AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionTextLocalizedText)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput() AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput { + return o +} + +// The localized content of this question. +func (o AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput) Content() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionTextLocalizedText) string { return v.Content }).(pulumi.StringOutput) +} + +// The ISO 639 language code for this question content. +func (o AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput) LanguageCode() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyQuestionTextLocalizedText) string { return v.LanguageCode }).(pulumi.StringOutput) +} + +type AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyQuestionTextLocalizedText)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput() AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput) ToAccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyQuestionTextLocalizedText { + return vs[0].([]AccessPackageAssignmentPolicyQuestionTextLocalizedText)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput) +} + +type AccessPackageAssignmentPolicyRequestorSettings struct { + // A block specifying the users who are allowed to request on this policy, as documented below. + Requestors []AccessPackageAssignmentPolicyRequestorSettingsRequestor `pulumi:"requestors"` + // Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + RequestsAccepted *bool `pulumi:"requestsAccepted"` + // Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + ScopeType *string `pulumi:"scopeType"` +} + +// AccessPackageAssignmentPolicyRequestorSettingsInput is an input type that accepts AccessPackageAssignmentPolicyRequestorSettingsArgs and AccessPackageAssignmentPolicyRequestorSettingsOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyRequestorSettingsInput` via: +// +// AccessPackageAssignmentPolicyRequestorSettingsArgs{...} +type AccessPackageAssignmentPolicyRequestorSettingsInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyRequestorSettingsOutput() AccessPackageAssignmentPolicyRequestorSettingsOutput + ToAccessPackageAssignmentPolicyRequestorSettingsOutputWithContext(context.Context) AccessPackageAssignmentPolicyRequestorSettingsOutput +} + +type AccessPackageAssignmentPolicyRequestorSettingsArgs struct { + // A block specifying the users who are allowed to request on this policy, as documented below. + Requestors AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayInput `pulumi:"requestors"` + // Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + RequestsAccepted pulumi.BoolPtrInput `pulumi:"requestsAccepted"` + // Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + ScopeType pulumi.StringPtrInput `pulumi:"scopeType"` +} + +func (AccessPackageAssignmentPolicyRequestorSettingsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettings)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsArgs) ToAccessPackageAssignmentPolicyRequestorSettingsOutput() AccessPackageAssignmentPolicyRequestorSettingsOutput { + return i.ToAccessPackageAssignmentPolicyRequestorSettingsOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsArgs) ToAccessPackageAssignmentPolicyRequestorSettingsOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyRequestorSettingsOutput) +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsArgs) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutput() AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return i.ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsArgs) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyRequestorSettingsOutput).ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(ctx) +} + +// AccessPackageAssignmentPolicyRequestorSettingsPtrInput is an input type that accepts AccessPackageAssignmentPolicyRequestorSettingsArgs, AccessPackageAssignmentPolicyRequestorSettingsPtr and AccessPackageAssignmentPolicyRequestorSettingsPtrOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyRequestorSettingsPtrInput` via: +// +// AccessPackageAssignmentPolicyRequestorSettingsArgs{...} +// +// or: +// +// nil +type AccessPackageAssignmentPolicyRequestorSettingsPtrInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutput() AccessPackageAssignmentPolicyRequestorSettingsPtrOutput + ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(context.Context) AccessPackageAssignmentPolicyRequestorSettingsPtrOutput +} + +type accessPackageAssignmentPolicyRequestorSettingsPtrType AccessPackageAssignmentPolicyRequestorSettingsArgs + +func AccessPackageAssignmentPolicyRequestorSettingsPtr(v *AccessPackageAssignmentPolicyRequestorSettingsArgs) AccessPackageAssignmentPolicyRequestorSettingsPtrInput { + return (*accessPackageAssignmentPolicyRequestorSettingsPtrType)(v) +} + +func (*accessPackageAssignmentPolicyRequestorSettingsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicyRequestorSettings)(nil)).Elem() +} + +func (i *accessPackageAssignmentPolicyRequestorSettingsPtrType) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutput() AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return i.ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(context.Background()) +} + +func (i *accessPackageAssignmentPolicyRequestorSettingsPtrType) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) +} + +type AccessPackageAssignmentPolicyRequestorSettingsOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyRequestorSettingsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettings)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsOutput) ToAccessPackageAssignmentPolicyRequestorSettingsOutput() AccessPackageAssignmentPolicyRequestorSettingsOutput { + return o +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsOutput) ToAccessPackageAssignmentPolicyRequestorSettingsOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsOutput { + return o +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsOutput) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutput() AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return o.ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(context.Background()) +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsOutput) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AccessPackageAssignmentPolicyRequestorSettings) *AccessPackageAssignmentPolicyRequestorSettings { + return &v + }).(AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) +} + +// A block specifying the users who are allowed to request on this policy, as documented below. +func (o AccessPackageAssignmentPolicyRequestorSettingsOutput) Requestors() AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyRequestorSettings) []AccessPackageAssignmentPolicyRequestorSettingsRequestor { + return v.Requestors + }).(AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput) +} + +// Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. +func (o AccessPackageAssignmentPolicyRequestorSettingsOutput) RequestsAccepted() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyRequestorSettings) *bool { return v.RequestsAccepted }).(pulumi.BoolPtrOutput) +} + +// Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. +func (o AccessPackageAssignmentPolicyRequestorSettingsOutput) ScopeType() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyRequestorSettings) *string { return v.ScopeType }).(pulumi.StringPtrOutput) +} + +type AccessPackageAssignmentPolicyRequestorSettingsPtrOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AccessPackageAssignmentPolicyRequestorSettings)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutput() AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return o +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) ToAccessPackageAssignmentPolicyRequestorSettingsPtrOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsPtrOutput { + return o +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) Elem() AccessPackageAssignmentPolicyRequestorSettingsOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyRequestorSettings) AccessPackageAssignmentPolicyRequestorSettings { + if v != nil { + return *v + } + var ret AccessPackageAssignmentPolicyRequestorSettings + return ret + }).(AccessPackageAssignmentPolicyRequestorSettingsOutput) +} + +// A block specifying the users who are allowed to request on this policy, as documented below. +func (o AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) Requestors() AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyRequestorSettings) []AccessPackageAssignmentPolicyRequestorSettingsRequestor { + if v == nil { + return nil + } + return v.Requestors + }).(AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput) +} + +// Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. +func (o AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) RequestsAccepted() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyRequestorSettings) *bool { + if v == nil { + return nil + } + return v.RequestsAccepted + }).(pulumi.BoolPtrOutput) +} + +// Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. +func (o AccessPackageAssignmentPolicyRequestorSettingsPtrOutput) ScopeType() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AccessPackageAssignmentPolicyRequestorSettings) *string { + if v == nil { + return nil + } + return v.ScopeType + }).(pulumi.StringPtrOutput) +} + +type AccessPackageAssignmentPolicyRequestorSettingsRequestor struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup *bool `pulumi:"backup"` + // The ID of the subject. + ObjectId *string `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType string `pulumi:"subjectType"` +} + +// AccessPackageAssignmentPolicyRequestorSettingsRequestorInput is an input type that accepts AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs and AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyRequestorSettingsRequestorInput` via: +// +// AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs{...} +type AccessPackageAssignmentPolicyRequestorSettingsRequestorInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyRequestorSettingsRequestorOutput() AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput + ToAccessPackageAssignmentPolicyRequestorSettingsRequestorOutputWithContext(context.Context) AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput +} + +type AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs struct { + // For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + Backup pulumi.BoolPtrInput `pulumi:"backup"` + // The ID of the subject. + ObjectId pulumi.StringPtrInput `pulumi:"objectId"` + // Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + SubjectType pulumi.StringInput `pulumi:"subjectType"` +} + +func (AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettingsRequestor)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorOutput() AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput { + return i.ToAccessPackageAssignmentPolicyRequestorSettingsRequestorOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) +} + +// AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayInput is an input type that accepts AccessPackageAssignmentPolicyRequestorSettingsRequestorArray and AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput values. +// You can construct a concrete instance of `AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayInput` via: +// +// AccessPackageAssignmentPolicyRequestorSettingsRequestorArray{ AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs{...} } +type AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayInput interface { + pulumi.Input + + ToAccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput() AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput + ToAccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutputWithContext(context.Context) AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput +} + +type AccessPackageAssignmentPolicyRequestorSettingsRequestorArray []AccessPackageAssignmentPolicyRequestorSettingsRequestorInput + +func (AccessPackageAssignmentPolicyRequestorSettingsRequestorArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyRequestorSettingsRequestor)(nil)).Elem() +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsRequestorArray) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput() AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput { + return i.ToAccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutputWithContext(context.Background()) +} + +func (i AccessPackageAssignmentPolicyRequestorSettingsRequestorArray) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput) +} + +type AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettingsRequestor)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorOutput() AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput { + return o +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput { + return o +} + +// For a user in an approval stage, this property indicates whether the user is a backup fallback approver. +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) Backup() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyRequestorSettingsRequestor) *bool { return v.Backup }).(pulumi.BoolPtrOutput) +} + +// The ID of the subject. +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) ObjectId() pulumi.StringPtrOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyRequestorSettingsRequestor) *string { return v.ObjectId }).(pulumi.StringPtrOutput) +} + +// Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) SubjectType() pulumi.StringOutput { + return o.ApplyT(func(v AccessPackageAssignmentPolicyRequestorSettingsRequestor) string { return v.SubjectType }).(pulumi.StringOutput) +} + +type AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput struct{ *pulumi.OutputState } + +func (AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]AccessPackageAssignmentPolicyRequestorSettingsRequestor)(nil)).Elem() +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput() AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput) ToAccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutputWithContext(ctx context.Context) AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput { + return o +} + +func (o AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput) Index(i pulumi.IntInput) AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) AccessPackageAssignmentPolicyRequestorSettingsRequestor { + return vs[0].([]AccessPackageAssignmentPolicyRequestorSettingsRequestor)[vs[1].(int)] + }).(AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput) +} + type ApplicationApi struct { // A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. KnownClientApplications []string `pulumi:"knownClientApplications"` @@ -8423,6 +10291,32 @@ func (o GetUsersUserArrayOutput) Index(i pulumi.IntInput) GetUsersUserOutput { } func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsPtrInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStageInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettingsInput)(nil)).Elem(), AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrInput)(nil)).Elem(), AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerInput)(nil)).Elem(), AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionChoiceArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionChoiceArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceDisplayValueInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionTextInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionTextArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionTextLocalizedTextInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettingsInput)(nil)).Elem(), AccessPackageAssignmentPolicyRequestorSettingsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettingsPtrInput)(nil)).Elem(), AccessPackageAssignmentPolicyRequestorSettingsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettingsRequestorInput)(nil)).Elem(), AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayInput)(nil)).Elem(), AccessPackageAssignmentPolicyRequestorSettingsRequestorArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ApplicationApiInput)(nil)).Elem(), ApplicationApiArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ApplicationApiPtrInput)(nil)).Elem(), ApplicationApiArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ApplicationApiOauth2PermissionScopeInput)(nil)).Elem(), ApplicationApiOauth2PermissionScopeArgs{}) @@ -8541,6 +10435,32 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetServicePrincipalsServicePrincipalArrayInput)(nil)).Elem(), GetServicePrincipalsServicePrincipalArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetUsersUserInput)(nil)).Elem(), GetUsersUserArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetUsersUserArrayInput)(nil)).Elem(), GetUsersUserArray{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsPtrOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyAssignmentReviewSettingsOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyAssignmentReviewSettingsPtrOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionChoiceOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionChoiceArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionTextOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionTextLocalizedTextOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArrayOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyRequestorSettingsOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyRequestorSettingsPtrOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyRequestorSettingsRequestorOutput{}) + pulumi.RegisterOutputType(AccessPackageAssignmentPolicyRequestorSettingsRequestorArrayOutput{}) pulumi.RegisterOutputType(ApplicationApiOutput{}) pulumi.RegisterOutputType(ApplicationApiPtrOutput{}) pulumi.RegisterOutputType(ApplicationApiOauth2PermissionScopeOutput{}) diff --git a/sdk/go/azuread/userFlowAttribute.go b/sdk/go/azuread/userFlowAttribute.go new file mode 100644 index 000000000..52edce333 --- /dev/null +++ b/sdk/go/azuread/userFlowAttribute.go @@ -0,0 +1,312 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package azuread + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages user flow attributes in an Azure Active Directory (Azure AD) tenant. +// +// ## API Permissions +// +// The following API permissions are required in order to use this resource. +// +// When authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All` +// +// ## Example Usage +// +// *Basic example* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.NewUserFlowAttribute(ctx, "example", &azuread.UserFlowAttributeArgs{ +// DataType: pulumi.String("string"), +// Description: pulumi.String("Your hobby"), +// DisplayName: pulumi.String("Hobby"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// User flow attributes can be imported using the `id`, e.g. +// +// ```sh +// +// $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv +// +// ``` +// +// -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). +type UserFlowAttribute struct { + pulumi.CustomResourceState + + // The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + AttributeType pulumi.StringOutput `pulumi:"attributeType"` + // The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + DataType pulumi.StringOutput `pulumi:"dataType"` + // The description of the user flow attribute that is shown to the user at the time of sign-up. + Description pulumi.StringOutput `pulumi:"description"` + // The display name of the user flow attribute. Changing this forces a new resource to be created. + DisplayName pulumi.StringOutput `pulumi:"displayName"` +} + +// NewUserFlowAttribute registers a new resource with the given unique name, arguments, and options. +func NewUserFlowAttribute(ctx *pulumi.Context, + name string, args *UserFlowAttributeArgs, opts ...pulumi.ResourceOption) (*UserFlowAttribute, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.DataType == nil { + return nil, errors.New("invalid value for required argument 'DataType'") + } + if args.Description == nil { + return nil, errors.New("invalid value for required argument 'Description'") + } + if args.DisplayName == nil { + return nil, errors.New("invalid value for required argument 'DisplayName'") + } + var resource UserFlowAttribute + err := ctx.RegisterResource("azuread:index/userFlowAttribute:UserFlowAttribute", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetUserFlowAttribute gets an existing UserFlowAttribute resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetUserFlowAttribute(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *UserFlowAttributeState, opts ...pulumi.ResourceOption) (*UserFlowAttribute, error) { + var resource UserFlowAttribute + err := ctx.ReadResource("azuread:index/userFlowAttribute:UserFlowAttribute", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering UserFlowAttribute resources. +type userFlowAttributeState struct { + // The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + AttributeType *string `pulumi:"attributeType"` + // The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + DataType *string `pulumi:"dataType"` + // The description of the user flow attribute that is shown to the user at the time of sign-up. + Description *string `pulumi:"description"` + // The display name of the user flow attribute. Changing this forces a new resource to be created. + DisplayName *string `pulumi:"displayName"` +} + +type UserFlowAttributeState struct { + // The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + AttributeType pulumi.StringPtrInput + // The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + DataType pulumi.StringPtrInput + // The description of the user flow attribute that is shown to the user at the time of sign-up. + Description pulumi.StringPtrInput + // The display name of the user flow attribute. Changing this forces a new resource to be created. + DisplayName pulumi.StringPtrInput +} + +func (UserFlowAttributeState) ElementType() reflect.Type { + return reflect.TypeOf((*userFlowAttributeState)(nil)).Elem() +} + +type userFlowAttributeArgs struct { + // The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + DataType string `pulumi:"dataType"` + // The description of the user flow attribute that is shown to the user at the time of sign-up. + Description string `pulumi:"description"` + // The display name of the user flow attribute. Changing this forces a new resource to be created. + DisplayName string `pulumi:"displayName"` +} + +// The set of arguments for constructing a UserFlowAttribute resource. +type UserFlowAttributeArgs struct { + // The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + DataType pulumi.StringInput + // The description of the user flow attribute that is shown to the user at the time of sign-up. + Description pulumi.StringInput + // The display name of the user flow attribute. Changing this forces a new resource to be created. + DisplayName pulumi.StringInput +} + +func (UserFlowAttributeArgs) ElementType() reflect.Type { + return reflect.TypeOf((*userFlowAttributeArgs)(nil)).Elem() +} + +type UserFlowAttributeInput interface { + pulumi.Input + + ToUserFlowAttributeOutput() UserFlowAttributeOutput + ToUserFlowAttributeOutputWithContext(ctx context.Context) UserFlowAttributeOutput +} + +func (*UserFlowAttribute) ElementType() reflect.Type { + return reflect.TypeOf((**UserFlowAttribute)(nil)).Elem() +} + +func (i *UserFlowAttribute) ToUserFlowAttributeOutput() UserFlowAttributeOutput { + return i.ToUserFlowAttributeOutputWithContext(context.Background()) +} + +func (i *UserFlowAttribute) ToUserFlowAttributeOutputWithContext(ctx context.Context) UserFlowAttributeOutput { + return pulumi.ToOutputWithContext(ctx, i).(UserFlowAttributeOutput) +} + +// UserFlowAttributeArrayInput is an input type that accepts UserFlowAttributeArray and UserFlowAttributeArrayOutput values. +// You can construct a concrete instance of `UserFlowAttributeArrayInput` via: +// +// UserFlowAttributeArray{ UserFlowAttributeArgs{...} } +type UserFlowAttributeArrayInput interface { + pulumi.Input + + ToUserFlowAttributeArrayOutput() UserFlowAttributeArrayOutput + ToUserFlowAttributeArrayOutputWithContext(context.Context) UserFlowAttributeArrayOutput +} + +type UserFlowAttributeArray []UserFlowAttributeInput + +func (UserFlowAttributeArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*UserFlowAttribute)(nil)).Elem() +} + +func (i UserFlowAttributeArray) ToUserFlowAttributeArrayOutput() UserFlowAttributeArrayOutput { + return i.ToUserFlowAttributeArrayOutputWithContext(context.Background()) +} + +func (i UserFlowAttributeArray) ToUserFlowAttributeArrayOutputWithContext(ctx context.Context) UserFlowAttributeArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(UserFlowAttributeArrayOutput) +} + +// UserFlowAttributeMapInput is an input type that accepts UserFlowAttributeMap and UserFlowAttributeMapOutput values. +// You can construct a concrete instance of `UserFlowAttributeMapInput` via: +// +// UserFlowAttributeMap{ "key": UserFlowAttributeArgs{...} } +type UserFlowAttributeMapInput interface { + pulumi.Input + + ToUserFlowAttributeMapOutput() UserFlowAttributeMapOutput + ToUserFlowAttributeMapOutputWithContext(context.Context) UserFlowAttributeMapOutput +} + +type UserFlowAttributeMap map[string]UserFlowAttributeInput + +func (UserFlowAttributeMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*UserFlowAttribute)(nil)).Elem() +} + +func (i UserFlowAttributeMap) ToUserFlowAttributeMapOutput() UserFlowAttributeMapOutput { + return i.ToUserFlowAttributeMapOutputWithContext(context.Background()) +} + +func (i UserFlowAttributeMap) ToUserFlowAttributeMapOutputWithContext(ctx context.Context) UserFlowAttributeMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(UserFlowAttributeMapOutput) +} + +type UserFlowAttributeOutput struct{ *pulumi.OutputState } + +func (UserFlowAttributeOutput) ElementType() reflect.Type { + return reflect.TypeOf((**UserFlowAttribute)(nil)).Elem() +} + +func (o UserFlowAttributeOutput) ToUserFlowAttributeOutput() UserFlowAttributeOutput { + return o +} + +func (o UserFlowAttributeOutput) ToUserFlowAttributeOutputWithContext(ctx context.Context) UserFlowAttributeOutput { + return o +} + +// The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. +func (o UserFlowAttributeOutput) AttributeType() pulumi.StringOutput { + return o.ApplyT(func(v *UserFlowAttribute) pulumi.StringOutput { return v.AttributeType }).(pulumi.StringOutput) +} + +// The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. +func (o UserFlowAttributeOutput) DataType() pulumi.StringOutput { + return o.ApplyT(func(v *UserFlowAttribute) pulumi.StringOutput { return v.DataType }).(pulumi.StringOutput) +} + +// The description of the user flow attribute that is shown to the user at the time of sign-up. +func (o UserFlowAttributeOutput) Description() pulumi.StringOutput { + return o.ApplyT(func(v *UserFlowAttribute) pulumi.StringOutput { return v.Description }).(pulumi.StringOutput) +} + +// The display name of the user flow attribute. Changing this forces a new resource to be created. +func (o UserFlowAttributeOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v *UserFlowAttribute) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) +} + +type UserFlowAttributeArrayOutput struct{ *pulumi.OutputState } + +func (UserFlowAttributeArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*UserFlowAttribute)(nil)).Elem() +} + +func (o UserFlowAttributeArrayOutput) ToUserFlowAttributeArrayOutput() UserFlowAttributeArrayOutput { + return o +} + +func (o UserFlowAttributeArrayOutput) ToUserFlowAttributeArrayOutputWithContext(ctx context.Context) UserFlowAttributeArrayOutput { + return o +} + +func (o UserFlowAttributeArrayOutput) Index(i pulumi.IntInput) UserFlowAttributeOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *UserFlowAttribute { + return vs[0].([]*UserFlowAttribute)[vs[1].(int)] + }).(UserFlowAttributeOutput) +} + +type UserFlowAttributeMapOutput struct{ *pulumi.OutputState } + +func (UserFlowAttributeMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*UserFlowAttribute)(nil)).Elem() +} + +func (o UserFlowAttributeMapOutput) ToUserFlowAttributeMapOutput() UserFlowAttributeMapOutput { + return o +} + +func (o UserFlowAttributeMapOutput) ToUserFlowAttributeMapOutputWithContext(ctx context.Context) UserFlowAttributeMapOutput { + return o +} + +func (o UserFlowAttributeMapOutput) MapIndex(k pulumi.StringInput) UserFlowAttributeOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *UserFlowAttribute { + return vs[0].(map[string]*UserFlowAttribute)[vs[1].(string)] + }).(UserFlowAttributeOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*UserFlowAttributeInput)(nil)).Elem(), &UserFlowAttribute{}) + pulumi.RegisterInputType(reflect.TypeOf((*UserFlowAttributeArrayInput)(nil)).Elem(), UserFlowAttributeArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*UserFlowAttributeMapInput)(nil)).Elem(), UserFlowAttributeMap{}) + pulumi.RegisterOutputType(UserFlowAttributeOutput{}) + pulumi.RegisterOutputType(UserFlowAttributeArrayOutput{}) + pulumi.RegisterOutputType(UserFlowAttributeMapOutput{}) +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java new file mode 100644 index 000000000..85057bee9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java @@ -0,0 +1,184 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.AccessPackageArgs; +import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.AccessPackageState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.Boolean; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Manages an Access Package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator` + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AccessPackageCatalog; + * import com.pulumi.azuread.AccessPackageCatalogArgs; + * import com.pulumi.azuread.AccessPackage; + * import com.pulumi.azuread.AccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleAccessPackageCatalog = new AccessPackageCatalog("exampleAccessPackageCatalog", AccessPackageCatalogArgs.builder() + * .displayName("example-catalog") + * .description("Example catalog") + * .build()); + * + * var exampleAccessPackage = new AccessPackage("exampleAccessPackage", AccessPackageArgs.builder() + * .catalogId(exampleAccessPackageCatalog.id()) + * .displayName("access-package") + * .description("Access Package") + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * Access Packages can be imported using the `id`, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + * ``` + * + */ +@ResourceType(type="azuread:index/accessPackage:AccessPackage") +public class AccessPackage extends com.pulumi.resources.CustomResource { + /** + * The ID of the Catalog this access package will be created in. + * + */ + @Export(name="catalogId", type=String.class, parameters={}) + private Output catalogId; + + /** + * @return The ID of the Catalog this access package will be created in. + * + */ + public Output catalogId() { + return this.catalogId; + } + /** + * The description of the access package. + * + */ + @Export(name="description", type=String.class, parameters={}) + private Output description; + + /** + * @return The description of the access package. + * + */ + public Output description() { + return this.description; + } + /** + * The display name of the access package. + * + */ + @Export(name="displayName", type=String.class, parameters={}) + private Output displayName; + + /** + * @return The display name of the access package. + * + */ + public Output displayName() { + return this.displayName; + } + /** + * Whether the access package is hidden from the requestor. + * + */ + @Export(name="hidden", type=Boolean.class, parameters={}) + private Output hidden; + + /** + * @return Whether the access package is hidden from the requestor. + * + */ + public Output> hidden() { + return Codegen.optional(this.hidden); + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AccessPackage(String name) { + this(name, AccessPackageArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AccessPackage(String name, AccessPackageArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AccessPackage(String name, AccessPackageArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackage:AccessPackage", name, args == null ? AccessPackageArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AccessPackage(String name, Output id, @Nullable AccessPackageState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackage:AccessPackage", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AccessPackage get(String name, Output id, @Nullable AccessPackageState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AccessPackage(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageArgs.java new file mode 100644 index 000000000..1d27bdfea --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageArgs.java @@ -0,0 +1,198 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageArgs Empty = new AccessPackageArgs(); + + /** + * The ID of the Catalog this access package will be created in. + * + */ + @Import(name="catalogId", required=true) + private Output catalogId; + + /** + * @return The ID of the Catalog this access package will be created in. + * + */ + public Output catalogId() { + return this.catalogId; + } + + /** + * The description of the access package. + * + */ + @Import(name="description", required=true) + private Output description; + + /** + * @return The description of the access package. + * + */ + public Output description() { + return this.description; + } + + /** + * The display name of the access package. + * + */ + @Import(name="displayName", required=true) + private Output displayName; + + /** + * @return The display name of the access package. + * + */ + public Output displayName() { + return this.displayName; + } + + /** + * Whether the access package is hidden from the requestor. + * + */ + @Import(name="hidden") + private @Nullable Output hidden; + + /** + * @return Whether the access package is hidden from the requestor. + * + */ + public Optional> hidden() { + return Optional.ofNullable(this.hidden); + } + + private AccessPackageArgs() {} + + private AccessPackageArgs(AccessPackageArgs $) { + this.catalogId = $.catalogId; + this.description = $.description; + this.displayName = $.displayName; + this.hidden = $.hidden; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageArgs $; + + public Builder() { + $ = new AccessPackageArgs(); + } + + public Builder(AccessPackageArgs defaults) { + $ = new AccessPackageArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param catalogId The ID of the Catalog this access package will be created in. + * + * @return builder + * + */ + public Builder catalogId(Output catalogId) { + $.catalogId = catalogId; + return this; + } + + /** + * @param catalogId The ID of the Catalog this access package will be created in. + * + * @return builder + * + */ + public Builder catalogId(String catalogId) { + return catalogId(Output.of(catalogId)); + } + + /** + * @param description The description of the access package. + * + * @return builder + * + */ + public Builder description(Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the access package. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the access package. + * + * @return builder + * + */ + public Builder displayName(Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the access package. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param hidden Whether the access package is hidden from the requestor. + * + * @return builder + * + */ + public Builder hidden(@Nullable Output hidden) { + $.hidden = hidden; + return this; + } + + /** + * @param hidden Whether the access package is hidden from the requestor. + * + * @return builder + * + */ + public Builder hidden(Boolean hidden) { + return hidden(Output.of(hidden)); + } + + public AccessPackageArgs build() { + $.catalogId = Objects.requireNonNull($.catalogId, "expected parameter 'catalogId' to be non-null"); + $.description = Objects.requireNonNull($.description, "expected parameter 'description' to be non-null"); + $.displayName = Objects.requireNonNull($.displayName, "expected parameter 'displayName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java new file mode 100644 index 000000000..68399d456 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java @@ -0,0 +1,320 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.AccessPackageAssignmentPolicyArgs; +import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyState; +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyApprovalSettings; +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyAssignmentReviewSettings; +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyQuestion; +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyRequestorSettings; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Manages an assignment policy for an access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.Group; + * import com.pulumi.azuread.GroupArgs; + * import com.pulumi.azuread.AccessPackageCatalog; + * import com.pulumi.azuread.AccessPackageCatalogArgs; + * import com.pulumi.azuread.AccessPackage; + * import com.pulumi.azuread.AccessPackageArgs; + * import com.pulumi.azuread.AccessPackageAssignmentPolicy; + * import com.pulumi.azuread.AccessPackageAssignmentPolicyArgs; + * import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs; + * import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs; + * import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs; + * import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs; + * import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleGroup = new Group("exampleGroup", GroupArgs.builder() + * .displayName("group-name") + * .securityEnabled(true) + * .build()); + * + * var exampleAccessPackageCatalog = new AccessPackageCatalog("exampleAccessPackageCatalog", AccessPackageCatalogArgs.builder() + * .displayName("example-catalog") + * .description("Example catalog") + * .build()); + * + * var exampleAccessPackage = new AccessPackage("exampleAccessPackage", AccessPackageArgs.builder() + * .catalogId(exampleAccessPackageCatalog.id()) + * .displayName("access-package") + * .description("Access Package") + * .build()); + * + * var test = new AccessPackageAssignmentPolicy("test", AccessPackageAssignmentPolicyArgs.builder() + * .accessPackageId(azuread_access_package.test().id()) + * .displayName("assignment-policy") + * .description("My assignment policy") + * .durationInDays(90) + * .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder() + * .scopeType("AllExistingDirectoryMemberUsers") + * .build()) + * .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder() + * .approvalRequired(true) + * .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder() + * .approvalTimeoutInDays(14) + * .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder() + * .objectId(azuread_group.test().object_id()) + * .subjectType("groupMembers") + * .build()) + * .build()) + * .build()) + * .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder() + * .enabled(true) + * .reviewFrequency("weekly") + * .durationInDays(3) + * .reviewType("Self") + * .accessReviewTimeoutBehavior("keepAccess") + * .build()) + * .questions(AccessPackageAssignmentPolicyQuestionArgs.builder() + * .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder() + * .defaultText("hello, how are you?") + * .build()) + * .build()) + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * An access package assignment policy can be imported using the ID, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + * ``` + * + */ +@ResourceType(type="azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy") +public class AccessPackageAssignmentPolicy extends com.pulumi.resources.CustomResource { + /** + * The ID of the access package that will contain the policy. + * + */ + @Export(name="accessPackageId", type=String.class, parameters={}) + private Output accessPackageId; + + /** + * @return The ID of the access package that will contain the policy. + * + */ + public Output accessPackageId() { + return this.accessPackageId; + } + /** + * An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + */ + @Export(name="approvalSettings", type=AccessPackageAssignmentPolicyApprovalSettings.class, parameters={}) + private Output approvalSettings; + + /** + * @return An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + */ + public Output> approvalSettings() { + return Codegen.optional(this.approvalSettings); + } + /** + * An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + */ + @Export(name="assignmentReviewSettings", type=AccessPackageAssignmentPolicyAssignmentReviewSettings.class, parameters={}) + private Output assignmentReviewSettings; + + /** + * @return An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + */ + public Output> assignmentReviewSettings() { + return Codegen.optional(this.assignmentReviewSettings); + } + /** + * The description of the policy. + * + */ + @Export(name="description", type=String.class, parameters={}) + private Output description; + + /** + * @return The description of the policy. + * + */ + public Output description() { + return this.description; + } + /** + * The display name of the policy. + * + */ + @Export(name="displayName", type=String.class, parameters={}) + private Output displayName; + + /** + * @return The display name of the policy. + * + */ + public Output displayName() { + return this.displayName; + } + /** + * How many days this assignment is valid for. + * + */ + @Export(name="durationInDays", type=Integer.class, parameters={}) + private Output durationInDays; + + /** + * @return How many days this assignment is valid for. + * + */ + public Output> durationInDays() { + return Codegen.optional(this.durationInDays); + } + /** + * The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + */ + @Export(name="expirationDate", type=String.class, parameters={}) + private Output expirationDate; + + /** + * @return The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + */ + public Output> expirationDate() { + return Codegen.optional(this.expirationDate); + } + /** + * Whether users will be able to request extension of their access to this package before their access expires. + * + */ + @Export(name="extensionEnabled", type=Boolean.class, parameters={}) + private Output extensionEnabled; + + /** + * @return Whether users will be able to request extension of their access to this package before their access expires. + * + */ + public Output> extensionEnabled() { + return Codegen.optional(this.extensionEnabled); + } + /** + * One or more `question` blocks for the requestor, as documented below. + * + */ + @Export(name="questions", type=List.class, parameters={AccessPackageAssignmentPolicyQuestion.class}) + private Output> questions; + + /** + * @return One or more `question` blocks for the requestor, as documented below. + * + */ + public Output>> questions() { + return Codegen.optional(this.questions); + } + /** + * A `requestor_settings` block to configure the users who can request access, as documented below. + * + */ + @Export(name="requestorSettings", type=AccessPackageAssignmentPolicyRequestorSettings.class, parameters={}) + private Output requestorSettings; + + /** + * @return A `requestor_settings` block to configure the users who can request access, as documented below. + * + */ + public Output> requestorSettings() { + return Codegen.optional(this.requestorSettings); + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AccessPackageAssignmentPolicy(String name) { + this(name, AccessPackageAssignmentPolicyArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AccessPackageAssignmentPolicy(String name, AccessPackageAssignmentPolicyArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AccessPackageAssignmentPolicy(String name, AccessPackageAssignmentPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy", name, args == null ? AccessPackageAssignmentPolicyArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AccessPackageAssignmentPolicy(String name, Output id, @Nullable AccessPackageAssignmentPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AccessPackageAssignmentPolicy get(String name, Output id, @Nullable AccessPackageAssignmentPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AccessPackageAssignmentPolicy(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicyArgs.java new file mode 100644 index 000000000..80b15521a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicyArgs.java @@ -0,0 +1,436 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyArgs Empty = new AccessPackageAssignmentPolicyArgs(); + + /** + * The ID of the access package that will contain the policy. + * + */ + @Import(name="accessPackageId", required=true) + private Output accessPackageId; + + /** + * @return The ID of the access package that will contain the policy. + * + */ + public Output accessPackageId() { + return this.accessPackageId; + } + + /** + * An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + */ + @Import(name="approvalSettings") + private @Nullable Output approvalSettings; + + /** + * @return An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + */ + public Optional> approvalSettings() { + return Optional.ofNullable(this.approvalSettings); + } + + /** + * An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + */ + @Import(name="assignmentReviewSettings") + private @Nullable Output assignmentReviewSettings; + + /** + * @return An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + */ + public Optional> assignmentReviewSettings() { + return Optional.ofNullable(this.assignmentReviewSettings); + } + + /** + * The description of the policy. + * + */ + @Import(name="description", required=true) + private Output description; + + /** + * @return The description of the policy. + * + */ + public Output description() { + return this.description; + } + + /** + * The display name of the policy. + * + */ + @Import(name="displayName", required=true) + private Output displayName; + + /** + * @return The display name of the policy. + * + */ + public Output displayName() { + return this.displayName; + } + + /** + * How many days this assignment is valid for. + * + */ + @Import(name="durationInDays") + private @Nullable Output durationInDays; + + /** + * @return How many days this assignment is valid for. + * + */ + public Optional> durationInDays() { + return Optional.ofNullable(this.durationInDays); + } + + /** + * The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + */ + @Import(name="expirationDate") + private @Nullable Output expirationDate; + + /** + * @return The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + */ + public Optional> expirationDate() { + return Optional.ofNullable(this.expirationDate); + } + + /** + * Whether users will be able to request extension of their access to this package before their access expires. + * + */ + @Import(name="extensionEnabled") + private @Nullable Output extensionEnabled; + + /** + * @return Whether users will be able to request extension of their access to this package before their access expires. + * + */ + public Optional> extensionEnabled() { + return Optional.ofNullable(this.extensionEnabled); + } + + /** + * One or more `question` blocks for the requestor, as documented below. + * + */ + @Import(name="questions") + private @Nullable Output> questions; + + /** + * @return One or more `question` blocks for the requestor, as documented below. + * + */ + public Optional>> questions() { + return Optional.ofNullable(this.questions); + } + + /** + * A `requestor_settings` block to configure the users who can request access, as documented below. + * + */ + @Import(name="requestorSettings") + private @Nullable Output requestorSettings; + + /** + * @return A `requestor_settings` block to configure the users who can request access, as documented below. + * + */ + public Optional> requestorSettings() { + return Optional.ofNullable(this.requestorSettings); + } + + private AccessPackageAssignmentPolicyArgs() {} + + private AccessPackageAssignmentPolicyArgs(AccessPackageAssignmentPolicyArgs $) { + this.accessPackageId = $.accessPackageId; + this.approvalSettings = $.approvalSettings; + this.assignmentReviewSettings = $.assignmentReviewSettings; + this.description = $.description; + this.displayName = $.displayName; + this.durationInDays = $.durationInDays; + this.expirationDate = $.expirationDate; + this.extensionEnabled = $.extensionEnabled; + this.questions = $.questions; + this.requestorSettings = $.requestorSettings; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyArgs(); + } + + public Builder(AccessPackageAssignmentPolicyArgs defaults) { + $ = new AccessPackageAssignmentPolicyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param accessPackageId The ID of the access package that will contain the policy. + * + * @return builder + * + */ + public Builder accessPackageId(Output accessPackageId) { + $.accessPackageId = accessPackageId; + return this; + } + + /** + * @param accessPackageId The ID of the access package that will contain the policy. + * + * @return builder + * + */ + public Builder accessPackageId(String accessPackageId) { + return accessPackageId(Output.of(accessPackageId)); + } + + /** + * @param approvalSettings An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + * @return builder + * + */ + public Builder approvalSettings(@Nullable Output approvalSettings) { + $.approvalSettings = approvalSettings; + return this; + } + + /** + * @param approvalSettings An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + * @return builder + * + */ + public Builder approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs approvalSettings) { + return approvalSettings(Output.of(approvalSettings)); + } + + /** + * @param assignmentReviewSettings An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + * @return builder + * + */ + public Builder assignmentReviewSettings(@Nullable Output assignmentReviewSettings) { + $.assignmentReviewSettings = assignmentReviewSettings; + return this; + } + + /** + * @param assignmentReviewSettings An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + * @return builder + * + */ + public Builder assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs assignmentReviewSettings) { + return assignmentReviewSettings(Output.of(assignmentReviewSettings)); + } + + /** + * @param description The description of the policy. + * + * @return builder + * + */ + public Builder description(Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the policy. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the policy. + * + * @return builder + * + */ + public Builder displayName(Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the policy. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param durationInDays How many days this assignment is valid for. + * + * @return builder + * + */ + public Builder durationInDays(@Nullable Output durationInDays) { + $.durationInDays = durationInDays; + return this; + } + + /** + * @param durationInDays How many days this assignment is valid for. + * + * @return builder + * + */ + public Builder durationInDays(Integer durationInDays) { + return durationInDays(Output.of(durationInDays)); + } + + /** + * @param expirationDate The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + * @return builder + * + */ + public Builder expirationDate(@Nullable Output expirationDate) { + $.expirationDate = expirationDate; + return this; + } + + /** + * @param expirationDate The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + * @return builder + * + */ + public Builder expirationDate(String expirationDate) { + return expirationDate(Output.of(expirationDate)); + } + + /** + * @param extensionEnabled Whether users will be able to request extension of their access to this package before their access expires. + * + * @return builder + * + */ + public Builder extensionEnabled(@Nullable Output extensionEnabled) { + $.extensionEnabled = extensionEnabled; + return this; + } + + /** + * @param extensionEnabled Whether users will be able to request extension of their access to this package before their access expires. + * + * @return builder + * + */ + public Builder extensionEnabled(Boolean extensionEnabled) { + return extensionEnabled(Output.of(extensionEnabled)); + } + + /** + * @param questions One or more `question` blocks for the requestor, as documented below. + * + * @return builder + * + */ + public Builder questions(@Nullable Output> questions) { + $.questions = questions; + return this; + } + + /** + * @param questions One or more `question` blocks for the requestor, as documented below. + * + * @return builder + * + */ + public Builder questions(List questions) { + return questions(Output.of(questions)); + } + + /** + * @param questions One or more `question` blocks for the requestor, as documented below. + * + * @return builder + * + */ + public Builder questions(AccessPackageAssignmentPolicyQuestionArgs... questions) { + return questions(List.of(questions)); + } + + /** + * @param requestorSettings A `requestor_settings` block to configure the users who can request access, as documented below. + * + * @return builder + * + */ + public Builder requestorSettings(@Nullable Output requestorSettings) { + $.requestorSettings = requestorSettings; + return this; + } + + /** + * @param requestorSettings A `requestor_settings` block to configure the users who can request access, as documented below. + * + * @return builder + * + */ + public Builder requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs requestorSettings) { + return requestorSettings(Output.of(requestorSettings)); + } + + public AccessPackageAssignmentPolicyArgs build() { + $.accessPackageId = Objects.requireNonNull($.accessPackageId, "expected parameter 'accessPackageId' to be non-null"); + $.description = Objects.requireNonNull($.description, "expected parameter 'description' to be non-null"); + $.displayName = Objects.requireNonNull($.displayName, "expected parameter 'displayName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java new file mode 100644 index 000000000..24a3c960a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java @@ -0,0 +1,176 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.AccessPackageCatalogArgs; +import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.AccessPackageCatalogState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.Boolean; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Manages an access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator` + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AccessPackageCatalog; + * import com.pulumi.azuread.AccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var example = new AccessPackageCatalog("example", AccessPackageCatalogArgs.builder() + * .description("Example access package catalog") + * .displayName("example-access-package-catalog") + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * An Access Package Catalog can be imported using the `id`, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + * ``` + * + */ +@ResourceType(type="azuread:index/accessPackageCatalog:AccessPackageCatalog") +public class AccessPackageCatalog extends com.pulumi.resources.CustomResource { + /** + * The description of the access package catalog. + * + */ + @Export(name="description", type=String.class, parameters={}) + private Output description; + + /** + * @return The description of the access package catalog. + * + */ + public Output description() { + return this.description; + } + /** + * The display name of the access package catalog. + * + */ + @Export(name="displayName", type=String.class, parameters={}) + private Output displayName; + + /** + * @return The display name of the access package catalog. + * + */ + public Output displayName() { + return this.displayName; + } + /** + * Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + @Export(name="externallyVisible", type=Boolean.class, parameters={}) + private Output externallyVisible; + + /** + * @return Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + public Output> externallyVisible() { + return Codegen.optional(this.externallyVisible); + } + /** + * Whether the access packages in this catalog are available for management. + * + */ + @Export(name="published", type=Boolean.class, parameters={}) + private Output published; + + /** + * @return Whether the access packages in this catalog are available for management. + * + */ + public Output> published() { + return Codegen.optional(this.published); + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AccessPackageCatalog(String name) { + this(name, AccessPackageCatalogArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AccessPackageCatalog(String name, AccessPackageCatalogArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AccessPackageCatalog(String name, AccessPackageCatalogArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageCatalog:AccessPackageCatalog", name, args == null ? AccessPackageCatalogArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AccessPackageCatalog(String name, Output id, @Nullable AccessPackageCatalogState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageCatalog:AccessPackageCatalog", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AccessPackageCatalog get(String name, Output id, @Nullable AccessPackageCatalogState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AccessPackageCatalog(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogArgs.java new file mode 100644 index 000000000..9354c5294 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogArgs.java @@ -0,0 +1,197 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageCatalogArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageCatalogArgs Empty = new AccessPackageCatalogArgs(); + + /** + * The description of the access package catalog. + * + */ + @Import(name="description", required=true) + private Output description; + + /** + * @return The description of the access package catalog. + * + */ + public Output description() { + return this.description; + } + + /** + * The display name of the access package catalog. + * + */ + @Import(name="displayName", required=true) + private Output displayName; + + /** + * @return The display name of the access package catalog. + * + */ + public Output displayName() { + return this.displayName; + } + + /** + * Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + @Import(name="externallyVisible") + private @Nullable Output externallyVisible; + + /** + * @return Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + public Optional> externallyVisible() { + return Optional.ofNullable(this.externallyVisible); + } + + /** + * Whether the access packages in this catalog are available for management. + * + */ + @Import(name="published") + private @Nullable Output published; + + /** + * @return Whether the access packages in this catalog are available for management. + * + */ + public Optional> published() { + return Optional.ofNullable(this.published); + } + + private AccessPackageCatalogArgs() {} + + private AccessPackageCatalogArgs(AccessPackageCatalogArgs $) { + this.description = $.description; + this.displayName = $.displayName; + this.externallyVisible = $.externallyVisible; + this.published = $.published; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageCatalogArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageCatalogArgs $; + + public Builder() { + $ = new AccessPackageCatalogArgs(); + } + + public Builder(AccessPackageCatalogArgs defaults) { + $ = new AccessPackageCatalogArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param description The description of the access package catalog. + * + * @return builder + * + */ + public Builder description(Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the access package catalog. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the access package catalog. + * + * @return builder + * + */ + public Builder displayName(Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the access package catalog. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param externallyVisible Whether the access packages in this catalog can be requested by users outside the tenant. + * + * @return builder + * + */ + public Builder externallyVisible(@Nullable Output externallyVisible) { + $.externallyVisible = externallyVisible; + return this; + } + + /** + * @param externallyVisible Whether the access packages in this catalog can be requested by users outside the tenant. + * + * @return builder + * + */ + public Builder externallyVisible(Boolean externallyVisible) { + return externallyVisible(Output.of(externallyVisible)); + } + + /** + * @param published Whether the access packages in this catalog are available for management. + * + * @return builder + * + */ + public Builder published(@Nullable Output published) { + $.published = published; + return this; + } + + /** + * @param published Whether the access packages in this catalog are available for management. + * + * @return builder + * + */ + public Builder published(Boolean published) { + return published(Output.of(published)); + } + + public AccessPackageCatalogArgs build() { + $.description = Objects.requireNonNull($.description, "expected parameter 'description' to be non-null"); + $.displayName = Objects.requireNonNull($.displayName, "expected parameter 'displayName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java new file mode 100644 index 000000000..495a6e9d3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java @@ -0,0 +1,177 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs; +import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.AccessPackageResourceCatalogAssociationState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator` + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.Group; + * import com.pulumi.azuread.GroupArgs; + * import com.pulumi.azuread.AccessPackageCatalog; + * import com.pulumi.azuread.AccessPackageCatalogArgs; + * import com.pulumi.azuread.AccessPackageResourceCatalogAssociation; + * import com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleGroup = new Group("exampleGroup", GroupArgs.builder() + * .displayName("example-group") + * .securityEnabled(true) + * .build()); + * + * var exampleAccessPackageCatalog = new AccessPackageCatalog("exampleAccessPackageCatalog", AccessPackageCatalogArgs.builder() + * .displayName("example-catalog") + * .description("Example catalog") + * .build()); + * + * var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", AccessPackageResourceCatalogAssociationArgs.builder() + * .catalogId(azuread_access_package_catalog.example_catalog().id()) + * .resourceOriginId(azuread_group.example_group().object_id()) + * .resourceOriginSystem("AadGroup") + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + * ``` + * + * -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. + * + */ +@ResourceType(type="azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation") +public class AccessPackageResourceCatalogAssociation extends com.pulumi.resources.CustomResource { + /** + * The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + */ + @Export(name="catalogId", type=String.class, parameters={}) + private Output catalogId; + + /** + * @return The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + */ + public Output catalogId() { + return this.catalogId; + } + /** + * The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + */ + @Export(name="resourceOriginId", type=String.class, parameters={}) + private Output resourceOriginId; + + /** + * @return The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + */ + public Output resourceOriginId() { + return this.resourceOriginId; + } + /** + * The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + */ + @Export(name="resourceOriginSystem", type=String.class, parameters={}) + private Output resourceOriginSystem; + + /** + * @return The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + */ + public Output resourceOriginSystem() { + return this.resourceOriginSystem; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AccessPackageResourceCatalogAssociation(String name) { + this(name, AccessPackageResourceCatalogAssociationArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AccessPackageResourceCatalogAssociation(String name, AccessPackageResourceCatalogAssociationArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AccessPackageResourceCatalogAssociation(String name, AccessPackageResourceCatalogAssociationArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation", name, args == null ? AccessPackageResourceCatalogAssociationArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AccessPackageResourceCatalogAssociation(String name, Output id, @Nullable AccessPackageResourceCatalogAssociationState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AccessPackageResourceCatalogAssociation get(String name, Output id, @Nullable AccessPackageResourceCatalogAssociationState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AccessPackageResourceCatalogAssociation(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociationArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociationArgs.java new file mode 100644 index 000000000..3161a1d86 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociationArgs.java @@ -0,0 +1,158 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; + + +public final class AccessPackageResourceCatalogAssociationArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageResourceCatalogAssociationArgs Empty = new AccessPackageResourceCatalogAssociationArgs(); + + /** + * The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + */ + @Import(name="catalogId", required=true) + private Output catalogId; + + /** + * @return The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + */ + public Output catalogId() { + return this.catalogId; + } + + /** + * The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + */ + @Import(name="resourceOriginId", required=true) + private Output resourceOriginId; + + /** + * @return The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + */ + public Output resourceOriginId() { + return this.resourceOriginId; + } + + /** + * The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + */ + @Import(name="resourceOriginSystem", required=true) + private Output resourceOriginSystem; + + /** + * @return The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + */ + public Output resourceOriginSystem() { + return this.resourceOriginSystem; + } + + private AccessPackageResourceCatalogAssociationArgs() {} + + private AccessPackageResourceCatalogAssociationArgs(AccessPackageResourceCatalogAssociationArgs $) { + this.catalogId = $.catalogId; + this.resourceOriginId = $.resourceOriginId; + this.resourceOriginSystem = $.resourceOriginSystem; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageResourceCatalogAssociationArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageResourceCatalogAssociationArgs $; + + public Builder() { + $ = new AccessPackageResourceCatalogAssociationArgs(); + } + + public Builder(AccessPackageResourceCatalogAssociationArgs defaults) { + $ = new AccessPackageResourceCatalogAssociationArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param catalogId The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogId(Output catalogId) { + $.catalogId = catalogId; + return this; + } + + /** + * @param catalogId The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogId(String catalogId) { + return catalogId(Output.of(catalogId)); + } + + /** + * @param resourceOriginId The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginId(Output resourceOriginId) { + $.resourceOriginId = resourceOriginId; + return this; + } + + /** + * @param resourceOriginId The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginId(String resourceOriginId) { + return resourceOriginId(Output.of(resourceOriginId)); + } + + /** + * @param resourceOriginSystem The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginSystem(Output resourceOriginSystem) { + $.resourceOriginSystem = resourceOriginSystem; + return this; + } + + /** + * @param resourceOriginSystem The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginSystem(String resourceOriginSystem) { + return resourceOriginSystem(Output.of(resourceOriginSystem)); + } + + public AccessPackageResourceCatalogAssociationArgs build() { + $.catalogId = Objects.requireNonNull($.catalogId, "expected parameter 'catalogId' to be non-null"); + $.resourceOriginId = Objects.requireNonNull($.resourceOriginId, "expected parameter 'resourceOriginId' to be non-null"); + $.resourceOriginSystem = Objects.requireNonNull($.resourceOriginSystem, "expected parameter 'resourceOriginSystem' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java new file mode 100644 index 000000000..a352118dd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java @@ -0,0 +1,193 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.AccessPackageResourcePackageAssociationArgs; +import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.AccessPackageResourcePackageAssociationState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Manages the resources added to access packages within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.Group; + * import com.pulumi.azuread.GroupArgs; + * import com.pulumi.azuread.AccessPackageCatalog; + * import com.pulumi.azuread.AccessPackageCatalogArgs; + * import com.pulumi.azuread.AccessPackageResourceCatalogAssociation; + * import com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs; + * import com.pulumi.azuread.AccessPackage; + * import com.pulumi.azuread.AccessPackageArgs; + * import com.pulumi.azuread.AccessPackageResourcePackageAssociation; + * import com.pulumi.azuread.AccessPackageResourcePackageAssociationArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleGroup = new Group("exampleGroup", GroupArgs.builder() + * .displayName("example-group") + * .securityEnabled(true) + * .build()); + * + * var exampleAccessPackageCatalog = new AccessPackageCatalog("exampleAccessPackageCatalog", AccessPackageCatalogArgs.builder() + * .displayName("example-catalog") + * .description("Example catalog") + * .build()); + * + * var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", AccessPackageResourceCatalogAssociationArgs.builder() + * .catalogId(azuread_access_package_catalog.example_catalog().id()) + * .resourceOriginId(azuread_group.example_group().object_id()) + * .resourceOriginSystem("AadGroup") + * .build()); + * + * var exampleAccessPackage = new AccessPackage("exampleAccessPackage", AccessPackageArgs.builder() + * .displayName("example-package") + * .description("Example Package") + * .catalogId(azuread_access_package_catalog.example_catalog().id()) + * .build()); + * + * var exampleAccessPackageResourcePackageAssociation = new AccessPackageResourcePackageAssociation("exampleAccessPackageResourcePackageAssociation", AccessPackageResourcePackageAssociationArgs.builder() + * .accessPackageId(exampleAccessPackage.id()) + * .catalogResourceAssociationId(exampleAccessPackageResourceCatalogAssociation.id()) + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * The resource and catalog association can be imported using the access package ID, the resource association ID, the resource origin ID, and the access type, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + * ``` + * + * -> This ID format is unique to Terraform and is composed of the Access Package ID, the Resource Association ID, the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceAssociationID}/{ResourceOriginID}/{AccessType}`. + * + */ +@ResourceType(type="azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation") +public class AccessPackageResourcePackageAssociation extends com.pulumi.resources.CustomResource { + /** + * The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + */ + @Export(name="accessPackageId", type=String.class, parameters={}) + private Output accessPackageId; + + /** + * @return The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + */ + public Output accessPackageId() { + return this.accessPackageId; + } + /** + * The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + */ + @Export(name="accessType", type=String.class, parameters={}) + private Output accessType; + + /** + * @return The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + */ + public Output> accessType() { + return Codegen.optional(this.accessType); + } + /** + * The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + */ + @Export(name="catalogResourceAssociationId", type=String.class, parameters={}) + private Output catalogResourceAssociationId; + + /** + * @return The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + */ + public Output catalogResourceAssociationId() { + return this.catalogResourceAssociationId; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AccessPackageResourcePackageAssociation(String name) { + this(name, AccessPackageResourcePackageAssociationArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AccessPackageResourcePackageAssociation(String name, AccessPackageResourcePackageAssociationArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AccessPackageResourcePackageAssociation(String name, AccessPackageResourcePackageAssociationArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation", name, args == null ? AccessPackageResourcePackageAssociationArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AccessPackageResourcePackageAssociation(String name, Output id, @Nullable AccessPackageResourcePackageAssociationState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AccessPackageResourcePackageAssociation get(String name, Output id, @Nullable AccessPackageResourcePackageAssociationState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AccessPackageResourcePackageAssociation(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociationArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociationArgs.java new file mode 100644 index 000000000..a43515b9d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociationArgs.java @@ -0,0 +1,159 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageResourcePackageAssociationArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageResourcePackageAssociationArgs Empty = new AccessPackageResourcePackageAssociationArgs(); + + /** + * The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + */ + @Import(name="accessPackageId", required=true) + private Output accessPackageId; + + /** + * @return The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + */ + public Output accessPackageId() { + return this.accessPackageId; + } + + /** + * The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + */ + @Import(name="accessType") + private @Nullable Output accessType; + + /** + * @return The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + */ + public Optional> accessType() { + return Optional.ofNullable(this.accessType); + } + + /** + * The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + */ + @Import(name="catalogResourceAssociationId", required=true) + private Output catalogResourceAssociationId; + + /** + * @return The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + */ + public Output catalogResourceAssociationId() { + return this.catalogResourceAssociationId; + } + + private AccessPackageResourcePackageAssociationArgs() {} + + private AccessPackageResourcePackageAssociationArgs(AccessPackageResourcePackageAssociationArgs $) { + this.accessPackageId = $.accessPackageId; + this.accessType = $.accessType; + this.catalogResourceAssociationId = $.catalogResourceAssociationId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageResourcePackageAssociationArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageResourcePackageAssociationArgs $; + + public Builder() { + $ = new AccessPackageResourcePackageAssociationArgs(); + } + + public Builder(AccessPackageResourcePackageAssociationArgs defaults) { + $ = new AccessPackageResourcePackageAssociationArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param accessPackageId The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessPackageId(Output accessPackageId) { + $.accessPackageId = accessPackageId; + return this; + } + + /** + * @param accessPackageId The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessPackageId(String accessPackageId) { + return accessPackageId(Output.of(accessPackageId)); + } + + /** + * @param accessType The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessType(@Nullable Output accessType) { + $.accessType = accessType; + return this; + } + + /** + * @param accessType The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessType(String accessType) { + return accessType(Output.of(accessType)); + } + + /** + * @param catalogResourceAssociationId The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogResourceAssociationId(Output catalogResourceAssociationId) { + $.catalogResourceAssociationId = catalogResourceAssociationId; + return this; + } + + /** + * @param catalogResourceAssociationId The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogResourceAssociationId(String catalogResourceAssociationId) { + return catalogResourceAssociationId(Output.of(catalogResourceAssociationId)); + } + + public AccessPackageResourcePackageAssociationArgs build() { + $.accessPackageId = Objects.requireNonNull($.accessPackageId, "expected parameter 'accessPackageId' to be non-null"); + $.catalogResourceAssociationId = Objects.requireNonNull($.catalogResourceAssociationId, "expected parameter 'catalogResourceAssociationId' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java new file mode 100644 index 000000000..eae59844d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java @@ -0,0 +1,181 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.AdministrativeUnitRoleMemberArgs; +import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.AdministrativeUnitRoleMemberState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All` + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetUserArgs; + * import com.pulumi.azuread.AdministrativeUnit; + * import com.pulumi.azuread.AdministrativeUnitArgs; + * import com.pulumi.azuread.DirectoryRole; + * import com.pulumi.azuread.DirectoryRoleArgs; + * import com.pulumi.azuread.AdministrativeUnitRoleMember; + * import com.pulumi.azuread.AdministrativeUnitRoleMemberArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder() + * .userPrincipalName("jdoe@hashicorp.com") + * .build()); + * + * var exampleAdministrativeUnit = new AdministrativeUnit("exampleAdministrativeUnit", AdministrativeUnitArgs.builder() + * .displayName("Example-AU") + * .build()); + * + * var exampleDirectoryRole = new DirectoryRole("exampleDirectoryRole", DirectoryRoleArgs.builder() + * .displayName("Security administrator") + * .build()); + * + * var exampleAdministrativeUnitRoleMember = new AdministrativeUnitRoleMember("exampleAdministrativeUnitRoleMember", AdministrativeUnitRoleMemberArgs.builder() + * .roleObjectId(exampleDirectoryRole.objectId()) + * .administrativeUnitObjectId(exampleAdministrativeUnit.id()) + * .memberObjectId(exampleUser.applyValue(getUserResult -> getUserResult.id())) + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. + * + * ```sh + * $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember test 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + * ``` + * + * -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. + * + */ +@ResourceType(type="azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember") +public class AdministrativeUnitRoleMember extends com.pulumi.resources.CustomResource { + /** + * The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + */ + @Export(name="administrativeUnitObjectId", type=String.class, parameters={}) + private Output administrativeUnitObjectId; + + /** + * @return The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + */ + public Output administrativeUnitObjectId() { + return this.administrativeUnitObjectId; + } + /** + * The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + */ + @Export(name="memberObjectId", type=String.class, parameters={}) + private Output memberObjectId; + + /** + * @return The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + */ + public Output memberObjectId() { + return this.memberObjectId; + } + /** + * The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + */ + @Export(name="roleObjectId", type=String.class, parameters={}) + private Output roleObjectId; + + /** + * @return The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + */ + public Output roleObjectId() { + return this.roleObjectId; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AdministrativeUnitRoleMember(String name) { + this(name, AdministrativeUnitRoleMemberArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AdministrativeUnitRoleMember(String name, AdministrativeUnitRoleMemberArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AdministrativeUnitRoleMember(String name, AdministrativeUnitRoleMemberArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember", name, args == null ? AdministrativeUnitRoleMemberArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AdministrativeUnitRoleMember(String name, Output id, @Nullable AdministrativeUnitRoleMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AdministrativeUnitRoleMember get(String name, Output id, @Nullable AdministrativeUnitRoleMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AdministrativeUnitRoleMember(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMemberArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMemberArgs.java new file mode 100644 index 000000000..0f7337a10 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMemberArgs.java @@ -0,0 +1,158 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; + + +public final class AdministrativeUnitRoleMemberArgs extends com.pulumi.resources.ResourceArgs { + + public static final AdministrativeUnitRoleMemberArgs Empty = new AdministrativeUnitRoleMemberArgs(); + + /** + * The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + */ + @Import(name="administrativeUnitObjectId", required=true) + private Output administrativeUnitObjectId; + + /** + * @return The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + */ + public Output administrativeUnitObjectId() { + return this.administrativeUnitObjectId; + } + + /** + * The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + */ + @Import(name="memberObjectId", required=true) + private Output memberObjectId; + + /** + * @return The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + */ + public Output memberObjectId() { + return this.memberObjectId; + } + + /** + * The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + */ + @Import(name="roleObjectId", required=true) + private Output roleObjectId; + + /** + * @return The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + */ + public Output roleObjectId() { + return this.roleObjectId; + } + + private AdministrativeUnitRoleMemberArgs() {} + + private AdministrativeUnitRoleMemberArgs(AdministrativeUnitRoleMemberArgs $) { + this.administrativeUnitObjectId = $.administrativeUnitObjectId; + this.memberObjectId = $.memberObjectId; + this.roleObjectId = $.roleObjectId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AdministrativeUnitRoleMemberArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AdministrativeUnitRoleMemberArgs $; + + public Builder() { + $ = new AdministrativeUnitRoleMemberArgs(); + } + + public Builder(AdministrativeUnitRoleMemberArgs defaults) { + $ = new AdministrativeUnitRoleMemberArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param administrativeUnitObjectId The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder administrativeUnitObjectId(Output administrativeUnitObjectId) { + $.administrativeUnitObjectId = administrativeUnitObjectId; + return this; + } + + /** + * @param administrativeUnitObjectId The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder administrativeUnitObjectId(String administrativeUnitObjectId) { + return administrativeUnitObjectId(Output.of(administrativeUnitObjectId)); + } + + /** + * @param memberObjectId The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder memberObjectId(Output memberObjectId) { + $.memberObjectId = memberObjectId; + return this; + } + + /** + * @param memberObjectId The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder memberObjectId(String memberObjectId) { + return memberObjectId(Output.of(memberObjectId)); + } + + /** + * @param roleObjectId The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder roleObjectId(Output roleObjectId) { + $.roleObjectId = roleObjectId; + return this; + } + + /** + * @param roleObjectId The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder roleObjectId(String roleObjectId) { + return roleObjectId(Output.of(roleObjectId)); + } + + public AdministrativeUnitRoleMemberArgs build() { + $.administrativeUnitObjectId = Objects.requireNonNull($.administrativeUnitObjectId, "expected parameter 'administrativeUnitObjectId' to be non-null"); + $.memberObjectId = Objects.requireNonNull($.memberObjectId, "expected parameter 'memberObjectId' to be non-null"); + $.roleObjectId = Objects.requireNonNull($.roleObjectId, "expected parameter 'roleObjectId' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/Application.java b/sdk/java/src/main/java/com/pulumi/azuread/Application.java index 08d78e03d..3449ff720 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/Application.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/Application.java @@ -587,6 +587,20 @@ public Output publisherDomain() { public Output>> requiredResourceAccesses() { return Codegen.optional(this.requiredResourceAccesses); } + /** + * References application context information from a Service or Asset Management database. + * + */ + @Export(name="serviceManagementReference", type=String.class, parameters={}) + private Output serviceManagementReference; + + /** + * @return References application context information from a Service or Asset Management database. + * + */ + public Output> serviceManagementReference() { + return Codegen.optional(this.serviceManagementReference); + } /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationArgs.java index 1c25e6265..987706bb3 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationArgs.java @@ -310,6 +310,21 @@ public Optional>> requiredRes return Optional.ofNullable(this.requiredResourceAccesses); } + /** + * References application context information from a Service or Asset Management database. + * + */ + @Import(name="serviceManagementReference") + private @Nullable Output serviceManagementReference; + + /** + * @return References application context information from a Service or Asset Management database. + * + */ + public Optional> serviceManagementReference() { + return Optional.ofNullable(this.serviceManagementReference); + } + /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. * @@ -437,6 +452,7 @@ private ApplicationArgs(ApplicationArgs $) { this.privacyStatementUrl = $.privacyStatementUrl; this.publicClient = $.publicClient; this.requiredResourceAccesses = $.requiredResourceAccesses; + this.serviceManagementReference = $.serviceManagementReference; this.signInAudience = $.signInAudience; this.singlePageApplication = $.singlePageApplication; this.supportUrl = $.supportUrl; @@ -923,6 +939,27 @@ public Builder requiredResourceAccesses(ApplicationRequiredResourceAccessArgs... return requiredResourceAccesses(List.of(requiredResourceAccesses)); } + /** + * @param serviceManagementReference References application context information from a Service or Asset Management database. + * + * @return builder + * + */ + public Builder serviceManagementReference(@Nullable Output serviceManagementReference) { + $.serviceManagementReference = serviceManagementReference; + return this; + } + + /** + * @param serviceManagementReference References application context information from a Service or Asset Management database. + * + * @return builder + * + */ + public Builder serviceManagementReference(String serviceManagementReference) { + return serviceManagementReference(Output.of(serviceManagementReference)); + } + /** * @param signInAudience The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AzureadFunctions.java b/sdk/java/src/main/java/com/pulumi/azuread/AzureadFunctions.java index afaf12f78..095967ef5 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AzureadFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AzureadFunctions.java @@ -4,6 +4,10 @@ package com.pulumi.azuread; import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.GetAccessPackageArgs; +import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; +import com.pulumi.azuread.inputs.GetAccessPackageCatalogPlainArgs; +import com.pulumi.azuread.inputs.GetAccessPackagePlainArgs; import com.pulumi.azuread.inputs.GetAdministrativeUnitArgs; import com.pulumi.azuread.inputs.GetAdministrativeUnitPlainArgs; import com.pulumi.azuread.inputs.GetApplicationArgs; @@ -26,6 +30,8 @@ import com.pulumi.azuread.inputs.GetUserPlainArgs; import com.pulumi.azuread.inputs.GetUsersArgs; import com.pulumi.azuread.inputs.GetUsersPlainArgs; +import com.pulumi.azuread.outputs.GetAccessPackageCatalogResult; +import com.pulumi.azuread.outputs.GetAccessPackageResult; import com.pulumi.azuread.outputs.GetAdministrativeUnitResult; import com.pulumi.azuread.outputs.GetApplicationPublishedAppIdsResult; import com.pulumi.azuread.outputs.GetApplicationResult; @@ -48,6 +54,942 @@ import java.util.concurrent.CompletableFuture; public final class AzureadFunctions { + /** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .catalogId("00000000-0000-0000-0000-000000000000") + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getAccessPackage() { + return getAccessPackage(GetAccessPackageArgs.Empty, InvokeOptions.Empty); + } + /** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .catalogId("00000000-0000-0000-0000-000000000000") + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getAccessPackagePlain() { + return getAccessPackagePlain(GetAccessPackagePlainArgs.Empty, InvokeOptions.Empty); + } + /** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .catalogId("00000000-0000-0000-0000-000000000000") + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getAccessPackage(GetAccessPackageArgs args) { + return getAccessPackage(args, InvokeOptions.Empty); + } + /** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .catalogId("00000000-0000-0000-0000-000000000000") + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getAccessPackagePlain(GetAccessPackagePlainArgs args) { + return getAccessPackagePlain(args, InvokeOptions.Empty); + } + /** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .catalogId("00000000-0000-0000-0000-000000000000") + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getAccessPackage(GetAccessPackageArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("azuread:index/getAccessPackage:getAccessPackage", TypeShape.of(GetAccessPackageResult.class), args, Utilities.withVersion(options)); + } + /** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder() + * .catalogId("00000000-0000-0000-0000-000000000000") + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getAccessPackagePlain(GetAccessPackagePlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("azuread:index/getAccessPackage:getAccessPackage", TypeShape.of(GetAccessPackageResult.class), args, Utilities.withVersion(options)); + } + /** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getAccessPackageCatalog() { + return getAccessPackageCatalog(GetAccessPackageCatalogArgs.Empty, InvokeOptions.Empty); + } + /** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getAccessPackageCatalogPlain() { + return getAccessPackageCatalogPlain(GetAccessPackageCatalogPlainArgs.Empty, InvokeOptions.Empty); + } + /** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getAccessPackageCatalog(GetAccessPackageCatalogArgs args) { + return getAccessPackageCatalog(args, InvokeOptions.Empty); + } + /** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getAccessPackageCatalogPlain(GetAccessPackageCatalogPlainArgs args) { + return getAccessPackageCatalogPlain(args, InvokeOptions.Empty); + } + /** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getAccessPackageCatalog(GetAccessPackageCatalogArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("azuread:index/getAccessPackageCatalog:getAccessPackageCatalog", TypeShape.of(GetAccessPackageCatalogResult.class), args, Utilities.withVersion(options)); + } + /** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .objectId("00000000-0000-0000-0000-000000000000") + * .build()); + * + * } + * } + * ``` + * + * *Look up by DisplayName* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder() + * .displayName("My access package Catalog") + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getAccessPackageCatalogPlain(GetAccessPackageCatalogPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("azuread:index/getAccessPackageCatalog:getAccessPackageCatalog", TypeShape.of(GetAccessPackageCatalogResult.class), args, Utilities.withVersion(options)); + } /** * Gets information about an adminisrative unit in Azure Active Directory. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/Group.java b/sdk/java/src/main/java/com/pulumi/azuread/Group.java index 3bfd06b1d..b2e7c1c8a 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/Group.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/Group.java @@ -24,7 +24,9 @@ * * The following API permissions are required in order to use this resource. * - * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + * + * Alternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`. * * If using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All` * @@ -444,6 +446,20 @@ public Output objectId() { public Output onpremisesDomainName() { return this.onpremisesDomainName; } + /** + * The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + @Export(name="onpremisesGroupType", type=String.class, parameters={}) + private Output onpremisesGroupType; + + /** + * @return The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + public Output onpremisesGroupType() { + return this.onpremisesGroupType; + } /** * The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. * @@ -626,6 +642,20 @@ public Output>> types() { public Output visibility() { return this.visibility; } + /** + * Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + @Export(name="writebackEnabled", type=Boolean.class, parameters={}) + private Output writebackEnabled; + + /** + * @return Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + public Output> writebackEnabled() { + return Codegen.optional(this.writebackEnabled); + } /** * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/GroupArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/GroupArgs.java index 3d4fe8ae7..8eef480a9 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/GroupArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/GroupArgs.java @@ -213,6 +213,21 @@ public Optional>> members() { return Optional.ofNullable(this.members); } + /** + * The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + @Import(name="onpremisesGroupType") + private @Nullable Output onpremisesGroupType; + + /** + * @return The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + public Optional> onpremisesGroupType() { + return Optional.ofNullable(this.onpremisesGroupType); + } + /** * A set of owners who own this group. Supported object types are Users or Service Principals * @@ -318,6 +333,21 @@ public Optional> visibility() { return Optional.ofNullable(this.visibility); } + /** + * Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + @Import(name="writebackEnabled") + private @Nullable Output writebackEnabled; + + /** + * @return Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + public Optional> writebackEnabled() { + return Optional.ofNullable(this.writebackEnabled); + } + private GroupArgs() {} private GroupArgs(GroupArgs $) { @@ -334,6 +364,7 @@ private GroupArgs(GroupArgs $) { this.mailEnabled = $.mailEnabled; this.mailNickname = $.mailNickname; this.members = $.members; + this.onpremisesGroupType = $.onpremisesGroupType; this.owners = $.owners; this.preventDuplicateNames = $.preventDuplicateNames; this.provisioningOptions = $.provisioningOptions; @@ -341,6 +372,7 @@ private GroupArgs(GroupArgs $) { this.theme = $.theme; this.types = $.types; this.visibility = $.visibility; + this.writebackEnabled = $.writebackEnabled; } public static Builder builder() { @@ -664,6 +696,27 @@ public Builder members(String... members) { return members(List.of(members)); } + /** + * @param onpremisesGroupType The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + * @return builder + * + */ + public Builder onpremisesGroupType(@Nullable Output onpremisesGroupType) { + $.onpremisesGroupType = onpremisesGroupType; + return this; + } + + /** + * @param onpremisesGroupType The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + * @return builder + * + */ + public Builder onpremisesGroupType(String onpremisesGroupType) { + return onpremisesGroupType(Output.of(onpremisesGroupType)); + } + /** * @param owners A set of owners who own this group. Supported object types are Users or Service Principals * @@ -841,6 +894,27 @@ public Builder visibility(String visibility) { return visibility(Output.of(visibility)); } + /** + * @param writebackEnabled Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + * @return builder + * + */ + public Builder writebackEnabled(@Nullable Output writebackEnabled) { + $.writebackEnabled = writebackEnabled; + return this; + } + + /** + * @param writebackEnabled Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + * @return builder + * + */ + public Builder writebackEnabled(Boolean writebackEnabled) { + return writebackEnabled(Output.of(writebackEnabled)); + } + public GroupArgs build() { $.displayName = Objects.requireNonNull($.displayName, "expected parameter 'displayName' to be non-null"); return $; diff --git a/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java b/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java index 81d50f86a..962c2cc94 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java @@ -22,7 +22,9 @@ * * The following API permissions are required in order to use this resource. * - * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + * + * However, if the authenticated service principal is an owner of the group being managed, an application role is not required. * * When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator` * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java b/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java new file mode 100644 index 000000000..3dbfbdc41 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java @@ -0,0 +1,177 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.azuread.UserFlowAttributeArgs; +import com.pulumi.azuread.Utilities; +import com.pulumi.azuread.inputs.UserFlowAttributeState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * Manages user flow attributes in an Azure Active Directory (Azure AD) tenant. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All` + * + * ## Example Usage + * + * *Basic example* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.UserFlowAttribute; + * import com.pulumi.azuread.UserFlowAttributeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var example = new UserFlowAttribute("example", UserFlowAttributeArgs.builder() + * .dataType("string") + * .description("Your hobby") + * .displayName("Hobby") + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * User flow attributes can be imported using the `id`, e.g. + * + * ```sh + * $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + * ``` + * + * -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). + * + */ +@ResourceType(type="azuread:index/userFlowAttribute:UserFlowAttribute") +public class UserFlowAttribute extends com.pulumi.resources.CustomResource { + /** + * The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + * + */ + @Export(name="attributeType", type=String.class, parameters={}) + private Output attributeType; + + /** + * @return The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + * + */ + public Output attributeType() { + return this.attributeType; + } + /** + * The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + */ + @Export(name="dataType", type=String.class, parameters={}) + private Output dataType; + + /** + * @return The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + */ + public Output dataType() { + return this.dataType; + } + /** + * The description of the user flow attribute that is shown to the user at the time of sign-up. + * + */ + @Export(name="description", type=String.class, parameters={}) + private Output description; + + /** + * @return The description of the user flow attribute that is shown to the user at the time of sign-up. + * + */ + public Output description() { + return this.description; + } + /** + * The display name of the user flow attribute. Changing this forces a new resource to be created. + * + */ + @Export(name="displayName", type=String.class, parameters={}) + private Output displayName; + + /** + * @return The display name of the user flow attribute. Changing this forces a new resource to be created. + * + */ + public Output displayName() { + return this.displayName; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public UserFlowAttribute(String name) { + this(name, UserFlowAttributeArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public UserFlowAttribute(String name, UserFlowAttributeArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public UserFlowAttribute(String name, UserFlowAttributeArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/userFlowAttribute:UserFlowAttribute", name, args == null ? UserFlowAttributeArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private UserFlowAttribute(String name, Output id, @Nullable UserFlowAttributeState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("azuread:index/userFlowAttribute:UserFlowAttribute", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static UserFlowAttribute get(String name, Output id, @Nullable UserFlowAttributeState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new UserFlowAttribute(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttributeArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttributeArgs.java new file mode 100644 index 000000000..930a25af3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttributeArgs.java @@ -0,0 +1,158 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; + + +public final class UserFlowAttributeArgs extends com.pulumi.resources.ResourceArgs { + + public static final UserFlowAttributeArgs Empty = new UserFlowAttributeArgs(); + + /** + * The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + */ + @Import(name="dataType", required=true) + private Output dataType; + + /** + * @return The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + */ + public Output dataType() { + return this.dataType; + } + + /** + * The description of the user flow attribute that is shown to the user at the time of sign-up. + * + */ + @Import(name="description", required=true) + private Output description; + + /** + * @return The description of the user flow attribute that is shown to the user at the time of sign-up. + * + */ + public Output description() { + return this.description; + } + + /** + * The display name of the user flow attribute. Changing this forces a new resource to be created. + * + */ + @Import(name="displayName", required=true) + private Output displayName; + + /** + * @return The display name of the user flow attribute. Changing this forces a new resource to be created. + * + */ + public Output displayName() { + return this.displayName; + } + + private UserFlowAttributeArgs() {} + + private UserFlowAttributeArgs(UserFlowAttributeArgs $) { + this.dataType = $.dataType; + this.description = $.description; + this.displayName = $.displayName; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(UserFlowAttributeArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private UserFlowAttributeArgs $; + + public Builder() { + $ = new UserFlowAttributeArgs(); + } + + public Builder(UserFlowAttributeArgs defaults) { + $ = new UserFlowAttributeArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param dataType The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder dataType(Output dataType) { + $.dataType = dataType; + return this; + } + + /** + * @param dataType The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder dataType(String dataType) { + return dataType(Output.of(dataType)); + } + + /** + * @param description The description of the user flow attribute that is shown to the user at the time of sign-up. + * + * @return builder + * + */ + public Builder description(Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the user flow attribute that is shown to the user at the time of sign-up. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the user flow attribute. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder displayName(Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the user flow attribute. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + public UserFlowAttributeArgs build() { + $.dataType = Objects.requireNonNull($.dataType, "expected parameter 'dataType' to be non-null"); + $.description = Objects.requireNonNull($.description, "expected parameter 'description' to be non-null"); + $.displayName = Objects.requireNonNull($.displayName, "expected parameter 'displayName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.java new file mode 100644 index 000000000..9a7e9a8a7 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.java @@ -0,0 +1,159 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs Empty = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs(); + + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + @Import(name="backup") + private @Nullable Output backup; + + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional> backup() { + return Optional.ofNullable(this.backup); + } + + /** + * The ID of the subject. + * + */ + @Import(name="objectId") + private @Nullable Output objectId; + + /** + * @return The ID of the subject. + * + */ + public Optional> objectId() { + return Optional.ofNullable(this.objectId); + } + + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + @Import(name="subjectType", required=true) + private Output subjectType; + + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public Output subjectType() { + return this.subjectType; + } + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs() {} + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs $) { + this.backup = $.backup; + this.objectId = $.objectId; + this.subjectType = $.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs(); + } + + public Builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs defaults) { + $ = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(@Nullable Output backup) { + $.backup = backup; + return this; + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(Boolean backup) { + return backup(Output.of(backup)); + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(@Nullable Output objectId) { + $.objectId = objectId; + return this; + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(String objectId) { + return objectId(Output.of(objectId)); + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(Output subjectType) { + $.subjectType = subjectType; + return this; + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(String subjectType) { + return subjectType(Output.of(subjectType)); + } + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs build() { + $.subjectType = Objects.requireNonNull($.subjectType, "expected parameter 'subjectType' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.java new file mode 100644 index 000000000..db93c78af --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.java @@ -0,0 +1,293 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs Empty = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(); + + /** + * Whether alternative approvers are enabled. + * + */ + @Import(name="alternativeApprovalEnabled") + private @Nullable Output alternativeApprovalEnabled; + + /** + * @return Whether alternative approvers are enabled. + * + */ + public Optional> alternativeApprovalEnabled() { + return Optional.ofNullable(this.alternativeApprovalEnabled); + } + + /** + * A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + * + */ + @Import(name="alternativeApprovers") + private @Nullable Output> alternativeApprovers; + + /** + * @return A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + * + */ + public Optional>> alternativeApprovers() { + return Optional.ofNullable(this.alternativeApprovers); + } + + /** + * Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + * + */ + @Import(name="approvalTimeoutInDays", required=true) + private Output approvalTimeoutInDays; + + /** + * @return Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + * + */ + public Output approvalTimeoutInDays() { + return this.approvalTimeoutInDays; + } + + /** + * Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + * + */ + @Import(name="approverJustificationRequired") + private @Nullable Output approverJustificationRequired; + + /** + * @return Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + * + */ + public Optional> approverJustificationRequired() { + return Optional.ofNullable(this.approverJustificationRequired); + } + + /** + * Number of days before the request is forwarded to alternative approvers. + * + */ + @Import(name="enableAlternativeApprovalInDays") + private @Nullable Output enableAlternativeApprovalInDays; + + /** + * @return Number of days before the request is forwarded to alternative approvers. + * + */ + public Optional> enableAlternativeApprovalInDays() { + return Optional.ofNullable(this.enableAlternativeApprovalInDays); + } + + /** + * A block specifying the users who will be asked to approve requests, as documented below. + * + */ + @Import(name="primaryApprovers") + private @Nullable Output> primaryApprovers; + + /** + * @return A block specifying the users who will be asked to approve requests, as documented below. + * + */ + public Optional>> primaryApprovers() { + return Optional.ofNullable(this.primaryApprovers); + } + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs() {} + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs $) { + this.alternativeApprovalEnabled = $.alternativeApprovalEnabled; + this.alternativeApprovers = $.alternativeApprovers; + this.approvalTimeoutInDays = $.approvalTimeoutInDays; + this.approverJustificationRequired = $.approverJustificationRequired; + this.enableAlternativeApprovalInDays = $.enableAlternativeApprovalInDays; + this.primaryApprovers = $.primaryApprovers; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(); + } + + public Builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs defaults) { + $ = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param alternativeApprovalEnabled Whether alternative approvers are enabled. + * + * @return builder + * + */ + public Builder alternativeApprovalEnabled(@Nullable Output alternativeApprovalEnabled) { + $.alternativeApprovalEnabled = alternativeApprovalEnabled; + return this; + } + + /** + * @param alternativeApprovalEnabled Whether alternative approvers are enabled. + * + * @return builder + * + */ + public Builder alternativeApprovalEnabled(Boolean alternativeApprovalEnabled) { + return alternativeApprovalEnabled(Output.of(alternativeApprovalEnabled)); + } + + /** + * @param alternativeApprovers A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + * + * @return builder + * + */ + public Builder alternativeApprovers(@Nullable Output> alternativeApprovers) { + $.alternativeApprovers = alternativeApprovers; + return this; + } + + /** + * @param alternativeApprovers A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + * + * @return builder + * + */ + public Builder alternativeApprovers(List alternativeApprovers) { + return alternativeApprovers(Output.of(alternativeApprovers)); + } + + /** + * @param alternativeApprovers A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + * + * @return builder + * + */ + public Builder alternativeApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs... alternativeApprovers) { + return alternativeApprovers(List.of(alternativeApprovers)); + } + + /** + * @param approvalTimeoutInDays Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + * + * @return builder + * + */ + public Builder approvalTimeoutInDays(Output approvalTimeoutInDays) { + $.approvalTimeoutInDays = approvalTimeoutInDays; + return this; + } + + /** + * @param approvalTimeoutInDays Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + * + * @return builder + * + */ + public Builder approvalTimeoutInDays(Integer approvalTimeoutInDays) { + return approvalTimeoutInDays(Output.of(approvalTimeoutInDays)); + } + + /** + * @param approverJustificationRequired Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + * + * @return builder + * + */ + public Builder approverJustificationRequired(@Nullable Output approverJustificationRequired) { + $.approverJustificationRequired = approverJustificationRequired; + return this; + } + + /** + * @param approverJustificationRequired Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + * + * @return builder + * + */ + public Builder approverJustificationRequired(Boolean approverJustificationRequired) { + return approverJustificationRequired(Output.of(approverJustificationRequired)); + } + + /** + * @param enableAlternativeApprovalInDays Number of days before the request is forwarded to alternative approvers. + * + * @return builder + * + */ + public Builder enableAlternativeApprovalInDays(@Nullable Output enableAlternativeApprovalInDays) { + $.enableAlternativeApprovalInDays = enableAlternativeApprovalInDays; + return this; + } + + /** + * @param enableAlternativeApprovalInDays Number of days before the request is forwarded to alternative approvers. + * + * @return builder + * + */ + public Builder enableAlternativeApprovalInDays(Integer enableAlternativeApprovalInDays) { + return enableAlternativeApprovalInDays(Output.of(enableAlternativeApprovalInDays)); + } + + /** + * @param primaryApprovers A block specifying the users who will be asked to approve requests, as documented below. + * + * @return builder + * + */ + public Builder primaryApprovers(@Nullable Output> primaryApprovers) { + $.primaryApprovers = primaryApprovers; + return this; + } + + /** + * @param primaryApprovers A block specifying the users who will be asked to approve requests, as documented below. + * + * @return builder + * + */ + public Builder primaryApprovers(List primaryApprovers) { + return primaryApprovers(Output.of(primaryApprovers)); + } + + /** + * @param primaryApprovers A block specifying the users who will be asked to approve requests, as documented below. + * + * @return builder + * + */ + public Builder primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs... primaryApprovers) { + return primaryApprovers(List.of(primaryApprovers)); + } + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs build() { + $.approvalTimeoutInDays = Objects.requireNonNull($.approvalTimeoutInDays, "expected parameter 'approvalTimeoutInDays' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.java new file mode 100644 index 000000000..f64466f44 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.java @@ -0,0 +1,159 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs Empty = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(); + + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + @Import(name="backup") + private @Nullable Output backup; + + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional> backup() { + return Optional.ofNullable(this.backup); + } + + /** + * The ID of the subject. + * + */ + @Import(name="objectId") + private @Nullable Output objectId; + + /** + * @return The ID of the subject. + * + */ + public Optional> objectId() { + return Optional.ofNullable(this.objectId); + } + + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + @Import(name="subjectType", required=true) + private Output subjectType; + + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public Output subjectType() { + return this.subjectType; + } + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs() {} + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs $) { + this.backup = $.backup; + this.objectId = $.objectId; + this.subjectType = $.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(); + } + + public Builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs defaults) { + $ = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(@Nullable Output backup) { + $.backup = backup; + return this; + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(Boolean backup) { + return backup(Output.of(backup)); + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(@Nullable Output objectId) { + $.objectId = objectId; + return this; + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(String objectId) { + return objectId(Output.of(objectId)); + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(Output subjectType) { + $.subjectType = subjectType; + return this; + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(String subjectType) { + return subjectType(Output.of(subjectType)); + } + + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs build() { + $.subjectType = Objects.requireNonNull($.subjectType, "expected parameter 'subjectType' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.java new file mode 100644 index 000000000..47c4b3d1c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyApprovalSettingsArgs.java @@ -0,0 +1,206 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyApprovalSettingsArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyApprovalSettingsArgs Empty = new AccessPackageAssignmentPolicyApprovalSettingsArgs(); + + /** + * Whether an approval is required. + * + */ + @Import(name="approvalRequired") + private @Nullable Output approvalRequired; + + /** + * @return Whether an approval is required. + * + */ + public Optional> approvalRequired() { + return Optional.ofNullable(this.approvalRequired); + } + + /** + * Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + * + */ + @Import(name="approvalRequiredForExtension") + private @Nullable Output approvalRequiredForExtension; + + /** + * @return Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + * + */ + public Optional> approvalRequiredForExtension() { + return Optional.ofNullable(this.approvalRequiredForExtension); + } + + /** + * An `approval_stage` block specifying the process to obtain an approval, as documented below. + * + */ + @Import(name="approvalStages") + private @Nullable Output> approvalStages; + + /** + * @return An `approval_stage` block specifying the process to obtain an approval, as documented below. + * + */ + public Optional>> approvalStages() { + return Optional.ofNullable(this.approvalStages); + } + + /** + * Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + * + */ + @Import(name="requestorJustificationRequired") + private @Nullable Output requestorJustificationRequired; + + /** + * @return Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + * + */ + public Optional> requestorJustificationRequired() { + return Optional.ofNullable(this.requestorJustificationRequired); + } + + private AccessPackageAssignmentPolicyApprovalSettingsArgs() {} + + private AccessPackageAssignmentPolicyApprovalSettingsArgs(AccessPackageAssignmentPolicyApprovalSettingsArgs $) { + this.approvalRequired = $.approvalRequired; + this.approvalRequiredForExtension = $.approvalRequiredForExtension; + this.approvalStages = $.approvalStages; + this.requestorJustificationRequired = $.requestorJustificationRequired; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettingsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyApprovalSettingsArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyApprovalSettingsArgs(); + } + + public Builder(AccessPackageAssignmentPolicyApprovalSettingsArgs defaults) { + $ = new AccessPackageAssignmentPolicyApprovalSettingsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param approvalRequired Whether an approval is required. + * + * @return builder + * + */ + public Builder approvalRequired(@Nullable Output approvalRequired) { + $.approvalRequired = approvalRequired; + return this; + } + + /** + * @param approvalRequired Whether an approval is required. + * + * @return builder + * + */ + public Builder approvalRequired(Boolean approvalRequired) { + return approvalRequired(Output.of(approvalRequired)); + } + + /** + * @param approvalRequiredForExtension Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + * + * @return builder + * + */ + public Builder approvalRequiredForExtension(@Nullable Output approvalRequiredForExtension) { + $.approvalRequiredForExtension = approvalRequiredForExtension; + return this; + } + + /** + * @param approvalRequiredForExtension Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + * + * @return builder + * + */ + public Builder approvalRequiredForExtension(Boolean approvalRequiredForExtension) { + return approvalRequiredForExtension(Output.of(approvalRequiredForExtension)); + } + + /** + * @param approvalStages An `approval_stage` block specifying the process to obtain an approval, as documented below. + * + * @return builder + * + */ + public Builder approvalStages(@Nullable Output> approvalStages) { + $.approvalStages = approvalStages; + return this; + } + + /** + * @param approvalStages An `approval_stage` block specifying the process to obtain an approval, as documented below. + * + * @return builder + * + */ + public Builder approvalStages(List approvalStages) { + return approvalStages(Output.of(approvalStages)); + } + + /** + * @param approvalStages An `approval_stage` block specifying the process to obtain an approval, as documented below. + * + * @return builder + * + */ + public Builder approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs... approvalStages) { + return approvalStages(List.of(approvalStages)); + } + + /** + * @param requestorJustificationRequired Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + * + * @return builder + * + */ + public Builder requestorJustificationRequired(@Nullable Output requestorJustificationRequired) { + $.requestorJustificationRequired = requestorJustificationRequired; + return this; + } + + /** + * @param requestorJustificationRequired Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + * + * @return builder + * + */ + public Builder requestorJustificationRequired(Boolean requestorJustificationRequired) { + return requestorJustificationRequired(Output.of(requestorJustificationRequired)); + } + + public AccessPackageAssignmentPolicyApprovalSettingsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.java new file mode 100644 index 000000000..c80230d6c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.java @@ -0,0 +1,393 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs Empty = new AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(); + + /** + * Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + * + */ + @Import(name="accessRecommendationEnabled") + private @Nullable Output accessRecommendationEnabled; + + /** + * @return Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + * + */ + public Optional> accessRecommendationEnabled() { + return Optional.ofNullable(this.accessRecommendationEnabled); + } + + /** + * Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + * + */ + @Import(name="accessReviewTimeoutBehavior") + private @Nullable Output accessReviewTimeoutBehavior; + + /** + * @return Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + * + */ + public Optional> accessReviewTimeoutBehavior() { + return Optional.ofNullable(this.accessReviewTimeoutBehavior); + } + + /** + * Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + * + */ + @Import(name="approverJustificationRequired") + private @Nullable Output approverJustificationRequired; + + /** + * @return Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + * + */ + public Optional> approverJustificationRequired() { + return Optional.ofNullable(this.approverJustificationRequired); + } + + /** + * How many days each occurrence of the access review series will run. + * + */ + @Import(name="durationInDays") + private @Nullable Output durationInDays; + + /** + * @return How many days each occurrence of the access review series will run. + * + */ + public Optional> durationInDays() { + return Optional.ofNullable(this.durationInDays); + } + + /** + * Whether to enable assignment review. + * + */ + @Import(name="enabled") + private @Nullable Output enabled; + + /** + * @return Whether to enable assignment review. + * + */ + public Optional> enabled() { + return Optional.ofNullable(this.enabled); + } + + /** + * This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + * + */ + @Import(name="reviewFrequency") + private @Nullable Output reviewFrequency; + + /** + * @return This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + * + */ + public Optional> reviewFrequency() { + return Optional.ofNullable(this.reviewFrequency); + } + + /** + * Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + * + */ + @Import(name="reviewType") + private @Nullable Output reviewType; + + /** + * @return Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + * + */ + public Optional> reviewType() { + return Optional.ofNullable(this.reviewType); + } + + /** + * One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + * + */ + @Import(name="reviewers") + private @Nullable Output> reviewers; + + /** + * @return One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + * + */ + public Optional>> reviewers() { + return Optional.ofNullable(this.reviewers); + } + + /** + * This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + * + */ + @Import(name="startingOn") + private @Nullable Output startingOn; + + /** + * @return This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + * + */ + public Optional> startingOn() { + return Optional.ofNullable(this.startingOn); + } + + private AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs() {} + + private AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs $) { + this.accessRecommendationEnabled = $.accessRecommendationEnabled; + this.accessReviewTimeoutBehavior = $.accessReviewTimeoutBehavior; + this.approverJustificationRequired = $.approverJustificationRequired; + this.durationInDays = $.durationInDays; + this.enabled = $.enabled; + this.reviewFrequency = $.reviewFrequency; + this.reviewType = $.reviewType; + this.reviewers = $.reviewers; + this.startingOn = $.startingOn; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(); + } + + public Builder(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs defaults) { + $ = new AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param accessRecommendationEnabled Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + * + * @return builder + * + */ + public Builder accessRecommendationEnabled(@Nullable Output accessRecommendationEnabled) { + $.accessRecommendationEnabled = accessRecommendationEnabled; + return this; + } + + /** + * @param accessRecommendationEnabled Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + * + * @return builder + * + */ + public Builder accessRecommendationEnabled(Boolean accessRecommendationEnabled) { + return accessRecommendationEnabled(Output.of(accessRecommendationEnabled)); + } + + /** + * @param accessReviewTimeoutBehavior Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + * + * @return builder + * + */ + public Builder accessReviewTimeoutBehavior(@Nullable Output accessReviewTimeoutBehavior) { + $.accessReviewTimeoutBehavior = accessReviewTimeoutBehavior; + return this; + } + + /** + * @param accessReviewTimeoutBehavior Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + * + * @return builder + * + */ + public Builder accessReviewTimeoutBehavior(String accessReviewTimeoutBehavior) { + return accessReviewTimeoutBehavior(Output.of(accessReviewTimeoutBehavior)); + } + + /** + * @param approverJustificationRequired Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + * + * @return builder + * + */ + public Builder approverJustificationRequired(@Nullable Output approverJustificationRequired) { + $.approverJustificationRequired = approverJustificationRequired; + return this; + } + + /** + * @param approverJustificationRequired Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + * + * @return builder + * + */ + public Builder approverJustificationRequired(Boolean approverJustificationRequired) { + return approverJustificationRequired(Output.of(approverJustificationRequired)); + } + + /** + * @param durationInDays How many days each occurrence of the access review series will run. + * + * @return builder + * + */ + public Builder durationInDays(@Nullable Output durationInDays) { + $.durationInDays = durationInDays; + return this; + } + + /** + * @param durationInDays How many days each occurrence of the access review series will run. + * + * @return builder + * + */ + public Builder durationInDays(Integer durationInDays) { + return durationInDays(Output.of(durationInDays)); + } + + /** + * @param enabled Whether to enable assignment review. + * + * @return builder + * + */ + public Builder enabled(@Nullable Output enabled) { + $.enabled = enabled; + return this; + } + + /** + * @param enabled Whether to enable assignment review. + * + * @return builder + * + */ + public Builder enabled(Boolean enabled) { + return enabled(Output.of(enabled)); + } + + /** + * @param reviewFrequency This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + * + * @return builder + * + */ + public Builder reviewFrequency(@Nullable Output reviewFrequency) { + $.reviewFrequency = reviewFrequency; + return this; + } + + /** + * @param reviewFrequency This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + * + * @return builder + * + */ + public Builder reviewFrequency(String reviewFrequency) { + return reviewFrequency(Output.of(reviewFrequency)); + } + + /** + * @param reviewType Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + * + * @return builder + * + */ + public Builder reviewType(@Nullable Output reviewType) { + $.reviewType = reviewType; + return this; + } + + /** + * @param reviewType Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + * + * @return builder + * + */ + public Builder reviewType(String reviewType) { + return reviewType(Output.of(reviewType)); + } + + /** + * @param reviewers One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + * + * @return builder + * + */ + public Builder reviewers(@Nullable Output> reviewers) { + $.reviewers = reviewers; + return this; + } + + /** + * @param reviewers One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + * + * @return builder + * + */ + public Builder reviewers(List reviewers) { + return reviewers(Output.of(reviewers)); + } + + /** + * @param reviewers One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + * + * @return builder + * + */ + public Builder reviewers(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs... reviewers) { + return reviewers(List.of(reviewers)); + } + + /** + * @param startingOn This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + * + * @return builder + * + */ + public Builder startingOn(@Nullable Output startingOn) { + $.startingOn = startingOn; + return this; + } + + /** + * @param startingOn This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + * + * @return builder + * + */ + public Builder startingOn(String startingOn) { + return startingOn(Output.of(startingOn)); + } + + public AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.java new file mode 100644 index 000000000..5055158c1 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.java @@ -0,0 +1,159 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs Empty = new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs(); + + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + @Import(name="backup") + private @Nullable Output backup; + + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional> backup() { + return Optional.ofNullable(this.backup); + } + + /** + * The ID of the subject. + * + */ + @Import(name="objectId") + private @Nullable Output objectId; + + /** + * @return The ID of the subject. + * + */ + public Optional> objectId() { + return Optional.ofNullable(this.objectId); + } + + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + @Import(name="subjectType", required=true) + private Output subjectType; + + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public Output subjectType() { + return this.subjectType; + } + + private AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs() {} + + private AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs $) { + this.backup = $.backup; + this.objectId = $.objectId; + this.subjectType = $.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs(); + } + + public Builder(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs defaults) { + $ = new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(@Nullable Output backup) { + $.backup = backup; + return this; + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(Boolean backup) { + return backup(Output.of(backup)); + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(@Nullable Output objectId) { + $.objectId = objectId; + return this; + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(String objectId) { + return objectId(Output.of(objectId)); + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(Output subjectType) { + $.subjectType = subjectType; + return this; + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(String subjectType) { + return subjectType(Output.of(subjectType)); + } + + public AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs build() { + $.subjectType = Objects.requireNonNull($.subjectType, "expected parameter 'subjectType' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionArgs.java new file mode 100644 index 000000000..47a0237f0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionArgs.java @@ -0,0 +1,209 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionChoiceArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyQuestionArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyQuestionArgs Empty = new AccessPackageAssignmentPolicyQuestionArgs(); + + /** + * One or more blocks configuring a choice to the question, as documented below. + * + */ + @Import(name="choices") + private @Nullable Output> choices; + + /** + * @return One or more blocks configuring a choice to the question, as documented below. + * + */ + public Optional>> choices() { + return Optional.ofNullable(this.choices); + } + + /** + * Whether this question is required. + * + */ + @Import(name="required") + private @Nullable Output required; + + /** + * @return Whether this question is required. + * + */ + public Optional> required() { + return Optional.ofNullable(this.required); + } + + /** + * The sequence number of this question. + * + */ + @Import(name="sequence") + private @Nullable Output sequence; + + /** + * @return The sequence number of this question. + * + */ + public Optional> sequence() { + return Optional.ofNullable(this.sequence); + } + + /** + * A block describing the content of this question, as documented below. + * + */ + @Import(name="text", required=true) + private Output text; + + /** + * @return A block describing the content of this question, as documented below. + * + */ + public Output text() { + return this.text; + } + + private AccessPackageAssignmentPolicyQuestionArgs() {} + + private AccessPackageAssignmentPolicyQuestionArgs(AccessPackageAssignmentPolicyQuestionArgs $) { + this.choices = $.choices; + this.required = $.required; + this.sequence = $.sequence; + this.text = $.text; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyQuestionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyQuestionArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyQuestionArgs(); + } + + public Builder(AccessPackageAssignmentPolicyQuestionArgs defaults) { + $ = new AccessPackageAssignmentPolicyQuestionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param choices One or more blocks configuring a choice to the question, as documented below. + * + * @return builder + * + */ + public Builder choices(@Nullable Output> choices) { + $.choices = choices; + return this; + } + + /** + * @param choices One or more blocks configuring a choice to the question, as documented below. + * + * @return builder + * + */ + public Builder choices(List choices) { + return choices(Output.of(choices)); + } + + /** + * @param choices One or more blocks configuring a choice to the question, as documented below. + * + * @return builder + * + */ + public Builder choices(AccessPackageAssignmentPolicyQuestionChoiceArgs... choices) { + return choices(List.of(choices)); + } + + /** + * @param required Whether this question is required. + * + * @return builder + * + */ + public Builder required(@Nullable Output required) { + $.required = required; + return this; + } + + /** + * @param required Whether this question is required. + * + * @return builder + * + */ + public Builder required(Boolean required) { + return required(Output.of(required)); + } + + /** + * @param sequence The sequence number of this question. + * + * @return builder + * + */ + public Builder sequence(@Nullable Output sequence) { + $.sequence = sequence; + return this; + } + + /** + * @param sequence The sequence number of this question. + * + * @return builder + * + */ + public Builder sequence(Integer sequence) { + return sequence(Output.of(sequence)); + } + + /** + * @param text A block describing the content of this question, as documented below. + * + * @return builder + * + */ + public Builder text(Output text) { + $.text = text; + return this; + } + + /** + * @param text A block describing the content of this question, as documented below. + * + * @return builder + * + */ + public Builder text(AccessPackageAssignmentPolicyQuestionTextArgs text) { + return text(Output.of(text)); + } + + public AccessPackageAssignmentPolicyQuestionArgs build() { + $.text = Objects.requireNonNull($.text, "expected parameter 'text' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.java new file mode 100644 index 000000000..a1afd2e2c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceArgs.java @@ -0,0 +1,121 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; + + +public final class AccessPackageAssignmentPolicyQuestionChoiceArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyQuestionChoiceArgs Empty = new AccessPackageAssignmentPolicyQuestionChoiceArgs(); + + /** + * The actual value of this choice. + * + */ + @Import(name="actualValue", required=true) + private Output actualValue; + + /** + * @return The actual value of this choice. + * + */ + public Output actualValue() { + return this.actualValue; + } + + /** + * A block describing the display text of this choice, as documented below. + * + */ + @Import(name="displayValue", required=true) + private Output displayValue; + + /** + * @return A block describing the display text of this choice, as documented below. + * + */ + public Output displayValue() { + return this.displayValue; + } + + private AccessPackageAssignmentPolicyQuestionChoiceArgs() {} + + private AccessPackageAssignmentPolicyQuestionChoiceArgs(AccessPackageAssignmentPolicyQuestionChoiceArgs $) { + this.actualValue = $.actualValue; + this.displayValue = $.displayValue; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyQuestionChoiceArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyQuestionChoiceArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyQuestionChoiceArgs(); + } + + public Builder(AccessPackageAssignmentPolicyQuestionChoiceArgs defaults) { + $ = new AccessPackageAssignmentPolicyQuestionChoiceArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param actualValue The actual value of this choice. + * + * @return builder + * + */ + public Builder actualValue(Output actualValue) { + $.actualValue = actualValue; + return this; + } + + /** + * @param actualValue The actual value of this choice. + * + * @return builder + * + */ + public Builder actualValue(String actualValue) { + return actualValue(Output.of(actualValue)); + } + + /** + * @param displayValue A block describing the display text of this choice, as documented below. + * + * @return builder + * + */ + public Builder displayValue(Output displayValue) { + $.displayValue = displayValue; + return this; + } + + /** + * @param displayValue A block describing the display text of this choice, as documented below. + * + * @return builder + * + */ + public Builder displayValue(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs displayValue) { + return displayValue(Output.of(displayValue)); + } + + public AccessPackageAssignmentPolicyQuestionChoiceArgs build() { + $.actualValue = Objects.requireNonNull($.actualValue, "expected parameter 'actualValue' to be non-null"); + $.displayValue = Objects.requireNonNull($.displayValue, "expected parameter 'displayValue' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.java new file mode 100644 index 000000000..116398212 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.java @@ -0,0 +1,133 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs Empty = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs(); + + /** + * The default text of this question. + * + */ + @Import(name="defaultText", required=true) + private Output defaultText; + + /** + * @return The default text of this question. + * + */ + public Output defaultText() { + return this.defaultText; + } + + /** + * One or more blocks describing localized text of this question, as documented below. + * + */ + @Import(name="localizedTexts") + private @Nullable Output> localizedTexts; + + /** + * @return One or more blocks describing localized text of this question, as documented below. + * + */ + public Optional>> localizedTexts() { + return Optional.ofNullable(this.localizedTexts); + } + + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs() {} + + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs $) { + this.defaultText = $.defaultText; + this.localizedTexts = $.localizedTexts; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs(); + } + + public Builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs defaults) { + $ = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param defaultText The default text of this question. + * + * @return builder + * + */ + public Builder defaultText(Output defaultText) { + $.defaultText = defaultText; + return this; + } + + /** + * @param defaultText The default text of this question. + * + * @return builder + * + */ + public Builder defaultText(String defaultText) { + return defaultText(Output.of(defaultText)); + } + + /** + * @param localizedTexts One or more blocks describing localized text of this question, as documented below. + * + * @return builder + * + */ + public Builder localizedTexts(@Nullable Output> localizedTexts) { + $.localizedTexts = localizedTexts; + return this; + } + + /** + * @param localizedTexts One or more blocks describing localized text of this question, as documented below. + * + * @return builder + * + */ + public Builder localizedTexts(List localizedTexts) { + return localizedTexts(Output.of(localizedTexts)); + } + + /** + * @param localizedTexts One or more blocks describing localized text of this question, as documented below. + * + * @return builder + * + */ + public Builder localizedTexts(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs... localizedTexts) { + return localizedTexts(List.of(localizedTexts)); + } + + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs build() { + $.defaultText = Objects.requireNonNull($.defaultText, "expected parameter 'defaultText' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.java new file mode 100644 index 000000000..bd96c0c3b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.java @@ -0,0 +1,120 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; + + +public final class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs Empty = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs(); + + /** + * The localized content of this question. + * + */ + @Import(name="content", required=true) + private Output content; + + /** + * @return The localized content of this question. + * + */ + public Output content() { + return this.content; + } + + /** + * The ISO 639 language code for this question content. + * + */ + @Import(name="languageCode", required=true) + private Output languageCode; + + /** + * @return The ISO 639 language code for this question content. + * + */ + public Output languageCode() { + return this.languageCode; + } + + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs() {} + + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs $) { + this.content = $.content; + this.languageCode = $.languageCode; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs(); + } + + public Builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs defaults) { + $ = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param content The localized content of this question. + * + * @return builder + * + */ + public Builder content(Output content) { + $.content = content; + return this; + } + + /** + * @param content The localized content of this question. + * + * @return builder + * + */ + public Builder content(String content) { + return content(Output.of(content)); + } + + /** + * @param languageCode The ISO 639 language code for this question content. + * + * @return builder + * + */ + public Builder languageCode(Output languageCode) { + $.languageCode = languageCode; + return this; + } + + /** + * @param languageCode The ISO 639 language code for this question content. + * + * @return builder + * + */ + public Builder languageCode(String languageCode) { + return languageCode(Output.of(languageCode)); + } + + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs build() { + $.content = Objects.requireNonNull($.content, "expected parameter 'content' to be non-null"); + $.languageCode = Objects.requireNonNull($.languageCode, "expected parameter 'languageCode' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextArgs.java new file mode 100644 index 000000000..9c9d7e363 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextArgs.java @@ -0,0 +1,133 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyQuestionTextArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyQuestionTextArgs Empty = new AccessPackageAssignmentPolicyQuestionTextArgs(); + + /** + * The default text of this question. + * + */ + @Import(name="defaultText", required=true) + private Output defaultText; + + /** + * @return The default text of this question. + * + */ + public Output defaultText() { + return this.defaultText; + } + + /** + * One or more blocks describing localized text of this question, as documented below. + * + */ + @Import(name="localizedTexts") + private @Nullable Output> localizedTexts; + + /** + * @return One or more blocks describing localized text of this question, as documented below. + * + */ + public Optional>> localizedTexts() { + return Optional.ofNullable(this.localizedTexts); + } + + private AccessPackageAssignmentPolicyQuestionTextArgs() {} + + private AccessPackageAssignmentPolicyQuestionTextArgs(AccessPackageAssignmentPolicyQuestionTextArgs $) { + this.defaultText = $.defaultText; + this.localizedTexts = $.localizedTexts; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyQuestionTextArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyQuestionTextArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyQuestionTextArgs(); + } + + public Builder(AccessPackageAssignmentPolicyQuestionTextArgs defaults) { + $ = new AccessPackageAssignmentPolicyQuestionTextArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param defaultText The default text of this question. + * + * @return builder + * + */ + public Builder defaultText(Output defaultText) { + $.defaultText = defaultText; + return this; + } + + /** + * @param defaultText The default text of this question. + * + * @return builder + * + */ + public Builder defaultText(String defaultText) { + return defaultText(Output.of(defaultText)); + } + + /** + * @param localizedTexts One or more blocks describing localized text of this question, as documented below. + * + * @return builder + * + */ + public Builder localizedTexts(@Nullable Output> localizedTexts) { + $.localizedTexts = localizedTexts; + return this; + } + + /** + * @param localizedTexts One or more blocks describing localized text of this question, as documented below. + * + * @return builder + * + */ + public Builder localizedTexts(List localizedTexts) { + return localizedTexts(Output.of(localizedTexts)); + } + + /** + * @param localizedTexts One or more blocks describing localized text of this question, as documented below. + * + * @return builder + * + */ + public Builder localizedTexts(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs... localizedTexts) { + return localizedTexts(List.of(localizedTexts)); + } + + public AccessPackageAssignmentPolicyQuestionTextArgs build() { + $.defaultText = Objects.requireNonNull($.defaultText, "expected parameter 'defaultText' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.java new file mode 100644 index 000000000..8db8c35d4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.java @@ -0,0 +1,120 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; + + +public final class AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs Empty = new AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs(); + + /** + * The localized content of this question. + * + */ + @Import(name="content", required=true) + private Output content; + + /** + * @return The localized content of this question. + * + */ + public Output content() { + return this.content; + } + + /** + * The ISO 639 language code for this question content. + * + */ + @Import(name="languageCode", required=true) + private Output languageCode; + + /** + * @return The ISO 639 language code for this question content. + * + */ + public Output languageCode() { + return this.languageCode; + } + + private AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs() {} + + private AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs $) { + this.content = $.content; + this.languageCode = $.languageCode; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs(); + } + + public Builder(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs defaults) { + $ = new AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param content The localized content of this question. + * + * @return builder + * + */ + public Builder content(Output content) { + $.content = content; + return this; + } + + /** + * @param content The localized content of this question. + * + * @return builder + * + */ + public Builder content(String content) { + return content(Output.of(content)); + } + + /** + * @param languageCode The ISO 639 language code for this question content. + * + * @return builder + * + */ + public Builder languageCode(Output languageCode) { + $.languageCode = languageCode; + return this; + } + + /** + * @param languageCode The ISO 639 language code for this question content. + * + * @return builder + * + */ + public Builder languageCode(String languageCode) { + return languageCode(Output.of(languageCode)); + } + + public AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs build() { + $.content = Objects.requireNonNull($.content, "expected parameter 'content' to be non-null"); + $.languageCode = Objects.requireNonNull($.languageCode, "expected parameter 'languageCode' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.java new file mode 100644 index 000000000..c5d2ca818 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsArgs.java @@ -0,0 +1,170 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyRequestorSettingsArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyRequestorSettingsArgs Empty = new AccessPackageAssignmentPolicyRequestorSettingsArgs(); + + /** + * A block specifying the users who are allowed to request on this policy, as documented below. + * + */ + @Import(name="requestors") + private @Nullable Output> requestors; + + /** + * @return A block specifying the users who are allowed to request on this policy, as documented below. + * + */ + public Optional>> requestors() { + return Optional.ofNullable(this.requestors); + } + + /** + * Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + * + */ + @Import(name="requestsAccepted") + private @Nullable Output requestsAccepted; + + /** + * @return Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + * + */ + public Optional> requestsAccepted() { + return Optional.ofNullable(this.requestsAccepted); + } + + /** + * Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + * + */ + @Import(name="scopeType") + private @Nullable Output scopeType; + + /** + * @return Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + * + */ + public Optional> scopeType() { + return Optional.ofNullable(this.scopeType); + } + + private AccessPackageAssignmentPolicyRequestorSettingsArgs() {} + + private AccessPackageAssignmentPolicyRequestorSettingsArgs(AccessPackageAssignmentPolicyRequestorSettingsArgs $) { + this.requestors = $.requestors; + this.requestsAccepted = $.requestsAccepted; + this.scopeType = $.scopeType; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyRequestorSettingsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyRequestorSettingsArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyRequestorSettingsArgs(); + } + + public Builder(AccessPackageAssignmentPolicyRequestorSettingsArgs defaults) { + $ = new AccessPackageAssignmentPolicyRequestorSettingsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param requestors A block specifying the users who are allowed to request on this policy, as documented below. + * + * @return builder + * + */ + public Builder requestors(@Nullable Output> requestors) { + $.requestors = requestors; + return this; + } + + /** + * @param requestors A block specifying the users who are allowed to request on this policy, as documented below. + * + * @return builder + * + */ + public Builder requestors(List requestors) { + return requestors(Output.of(requestors)); + } + + /** + * @param requestors A block specifying the users who are allowed to request on this policy, as documented below. + * + * @return builder + * + */ + public Builder requestors(AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs... requestors) { + return requestors(List.of(requestors)); + } + + /** + * @param requestsAccepted Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + * + * @return builder + * + */ + public Builder requestsAccepted(@Nullable Output requestsAccepted) { + $.requestsAccepted = requestsAccepted; + return this; + } + + /** + * @param requestsAccepted Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + * + * @return builder + * + */ + public Builder requestsAccepted(Boolean requestsAccepted) { + return requestsAccepted(Output.of(requestsAccepted)); + } + + /** + * @param scopeType Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + * + * @return builder + * + */ + public Builder scopeType(@Nullable Output scopeType) { + $.scopeType = scopeType; + return this; + } + + /** + * @param scopeType Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + * + * @return builder + * + */ + public Builder scopeType(String scopeType) { + return scopeType(Output.of(scopeType)); + } + + public AccessPackageAssignmentPolicyRequestorSettingsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.java new file mode 100644 index 000000000..06ad5d55d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.java @@ -0,0 +1,159 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs Empty = new AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs(); + + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + @Import(name="backup") + private @Nullable Output backup; + + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional> backup() { + return Optional.ofNullable(this.backup); + } + + /** + * The ID of the subject. + * + */ + @Import(name="objectId") + private @Nullable Output objectId; + + /** + * @return The ID of the subject. + * + */ + public Optional> objectId() { + return Optional.ofNullable(this.objectId); + } + + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + @Import(name="subjectType", required=true) + private Output subjectType; + + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public Output subjectType() { + return this.subjectType; + } + + private AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs() {} + + private AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs(AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs $) { + this.backup = $.backup; + this.objectId = $.objectId; + this.subjectType = $.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs(); + } + + public Builder(AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs defaults) { + $ = new AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(@Nullable Output backup) { + $.backup = backup; + return this; + } + + /** + * @param backup For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + * @return builder + * + */ + public Builder backup(Boolean backup) { + return backup(Output.of(backup)); + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(@Nullable Output objectId) { + $.objectId = objectId; + return this; + } + + /** + * @param objectId The ID of the subject. + * + * @return builder + * + */ + public Builder objectId(String objectId) { + return objectId(Output.of(objectId)); + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(Output subjectType) { + $.subjectType = subjectType; + return this; + } + + /** + * @param subjectType Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + * @return builder + * + */ + public Builder subjectType(String subjectType) { + return subjectType(Output.of(subjectType)); + } + + public AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs build() { + $.subjectType = Objects.requireNonNull($.subjectType, "expected parameter 'subjectType' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyState.java new file mode 100644 index 000000000..85c62c62a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageAssignmentPolicyState.java @@ -0,0 +1,433 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs; +import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageAssignmentPolicyState extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageAssignmentPolicyState Empty = new AccessPackageAssignmentPolicyState(); + + /** + * The ID of the access package that will contain the policy. + * + */ + @Import(name="accessPackageId") + private @Nullable Output accessPackageId; + + /** + * @return The ID of the access package that will contain the policy. + * + */ + public Optional> accessPackageId() { + return Optional.ofNullable(this.accessPackageId); + } + + /** + * An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + */ + @Import(name="approvalSettings") + private @Nullable Output approvalSettings; + + /** + * @return An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + */ + public Optional> approvalSettings() { + return Optional.ofNullable(this.approvalSettings); + } + + /** + * An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + */ + @Import(name="assignmentReviewSettings") + private @Nullable Output assignmentReviewSettings; + + /** + * @return An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + */ + public Optional> assignmentReviewSettings() { + return Optional.ofNullable(this.assignmentReviewSettings); + } + + /** + * The description of the policy. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return The description of the policy. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * The display name of the policy. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return The display name of the policy. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * How many days this assignment is valid for. + * + */ + @Import(name="durationInDays") + private @Nullable Output durationInDays; + + /** + * @return How many days this assignment is valid for. + * + */ + public Optional> durationInDays() { + return Optional.ofNullable(this.durationInDays); + } + + /** + * The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + */ + @Import(name="expirationDate") + private @Nullable Output expirationDate; + + /** + * @return The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + */ + public Optional> expirationDate() { + return Optional.ofNullable(this.expirationDate); + } + + /** + * Whether users will be able to request extension of their access to this package before their access expires. + * + */ + @Import(name="extensionEnabled") + private @Nullable Output extensionEnabled; + + /** + * @return Whether users will be able to request extension of their access to this package before their access expires. + * + */ + public Optional> extensionEnabled() { + return Optional.ofNullable(this.extensionEnabled); + } + + /** + * One or more `question` blocks for the requestor, as documented below. + * + */ + @Import(name="questions") + private @Nullable Output> questions; + + /** + * @return One or more `question` blocks for the requestor, as documented below. + * + */ + public Optional>> questions() { + return Optional.ofNullable(this.questions); + } + + /** + * A `requestor_settings` block to configure the users who can request access, as documented below. + * + */ + @Import(name="requestorSettings") + private @Nullable Output requestorSettings; + + /** + * @return A `requestor_settings` block to configure the users who can request access, as documented below. + * + */ + public Optional> requestorSettings() { + return Optional.ofNullable(this.requestorSettings); + } + + private AccessPackageAssignmentPolicyState() {} + + private AccessPackageAssignmentPolicyState(AccessPackageAssignmentPolicyState $) { + this.accessPackageId = $.accessPackageId; + this.approvalSettings = $.approvalSettings; + this.assignmentReviewSettings = $.assignmentReviewSettings; + this.description = $.description; + this.displayName = $.displayName; + this.durationInDays = $.durationInDays; + this.expirationDate = $.expirationDate; + this.extensionEnabled = $.extensionEnabled; + this.questions = $.questions; + this.requestorSettings = $.requestorSettings; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageAssignmentPolicyState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageAssignmentPolicyState $; + + public Builder() { + $ = new AccessPackageAssignmentPolicyState(); + } + + public Builder(AccessPackageAssignmentPolicyState defaults) { + $ = new AccessPackageAssignmentPolicyState(Objects.requireNonNull(defaults)); + } + + /** + * @param accessPackageId The ID of the access package that will contain the policy. + * + * @return builder + * + */ + public Builder accessPackageId(@Nullable Output accessPackageId) { + $.accessPackageId = accessPackageId; + return this; + } + + /** + * @param accessPackageId The ID of the access package that will contain the policy. + * + * @return builder + * + */ + public Builder accessPackageId(String accessPackageId) { + return accessPackageId(Output.of(accessPackageId)); + } + + /** + * @param approvalSettings An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + * @return builder + * + */ + public Builder approvalSettings(@Nullable Output approvalSettings) { + $.approvalSettings = approvalSettings; + return this; + } + + /** + * @param approvalSettings An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + * + * @return builder + * + */ + public Builder approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs approvalSettings) { + return approvalSettings(Output.of(approvalSettings)); + } + + /** + * @param assignmentReviewSettings An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + * @return builder + * + */ + public Builder assignmentReviewSettings(@Nullable Output assignmentReviewSettings) { + $.assignmentReviewSettings = assignmentReviewSettings; + return this; + } + + /** + * @param assignmentReviewSettings An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + * + * @return builder + * + */ + public Builder assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs assignmentReviewSettings) { + return assignmentReviewSettings(Output.of(assignmentReviewSettings)); + } + + /** + * @param description The description of the policy. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the policy. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the policy. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the policy. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param durationInDays How many days this assignment is valid for. + * + * @return builder + * + */ + public Builder durationInDays(@Nullable Output durationInDays) { + $.durationInDays = durationInDays; + return this; + } + + /** + * @param durationInDays How many days this assignment is valid for. + * + * @return builder + * + */ + public Builder durationInDays(Integer durationInDays) { + return durationInDays(Output.of(durationInDays)); + } + + /** + * @param expirationDate The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + * @return builder + * + */ + public Builder expirationDate(@Nullable Output expirationDate) { + $.expirationDate = expirationDate; + return this; + } + + /** + * @param expirationDate The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + * + * @return builder + * + */ + public Builder expirationDate(String expirationDate) { + return expirationDate(Output.of(expirationDate)); + } + + /** + * @param extensionEnabled Whether users will be able to request extension of their access to this package before their access expires. + * + * @return builder + * + */ + public Builder extensionEnabled(@Nullable Output extensionEnabled) { + $.extensionEnabled = extensionEnabled; + return this; + } + + /** + * @param extensionEnabled Whether users will be able to request extension of their access to this package before their access expires. + * + * @return builder + * + */ + public Builder extensionEnabled(Boolean extensionEnabled) { + return extensionEnabled(Output.of(extensionEnabled)); + } + + /** + * @param questions One or more `question` blocks for the requestor, as documented below. + * + * @return builder + * + */ + public Builder questions(@Nullable Output> questions) { + $.questions = questions; + return this; + } + + /** + * @param questions One or more `question` blocks for the requestor, as documented below. + * + * @return builder + * + */ + public Builder questions(List questions) { + return questions(Output.of(questions)); + } + + /** + * @param questions One or more `question` blocks for the requestor, as documented below. + * + * @return builder + * + */ + public Builder questions(AccessPackageAssignmentPolicyQuestionArgs... questions) { + return questions(List.of(questions)); + } + + /** + * @param requestorSettings A `requestor_settings` block to configure the users who can request access, as documented below. + * + * @return builder + * + */ + public Builder requestorSettings(@Nullable Output requestorSettings) { + $.requestorSettings = requestorSettings; + return this; + } + + /** + * @param requestorSettings A `requestor_settings` block to configure the users who can request access, as documented below. + * + * @return builder + * + */ + public Builder requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs requestorSettings) { + return requestorSettings(Output.of(requestorSettings)); + } + + public AccessPackageAssignmentPolicyState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageCatalogState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageCatalogState.java new file mode 100644 index 000000000..04539385e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageCatalogState.java @@ -0,0 +1,195 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageCatalogState extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageCatalogState Empty = new AccessPackageCatalogState(); + + /** + * The description of the access package catalog. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return The description of the access package catalog. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * The display name of the access package catalog. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return The display name of the access package catalog. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + @Import(name="externallyVisible") + private @Nullable Output externallyVisible; + + /** + * @return Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + public Optional> externallyVisible() { + return Optional.ofNullable(this.externallyVisible); + } + + /** + * Whether the access packages in this catalog are available for management. + * + */ + @Import(name="published") + private @Nullable Output published; + + /** + * @return Whether the access packages in this catalog are available for management. + * + */ + public Optional> published() { + return Optional.ofNullable(this.published); + } + + private AccessPackageCatalogState() {} + + private AccessPackageCatalogState(AccessPackageCatalogState $) { + this.description = $.description; + this.displayName = $.displayName; + this.externallyVisible = $.externallyVisible; + this.published = $.published; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageCatalogState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageCatalogState $; + + public Builder() { + $ = new AccessPackageCatalogState(); + } + + public Builder(AccessPackageCatalogState defaults) { + $ = new AccessPackageCatalogState(Objects.requireNonNull(defaults)); + } + + /** + * @param description The description of the access package catalog. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the access package catalog. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the access package catalog. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the access package catalog. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param externallyVisible Whether the access packages in this catalog can be requested by users outside the tenant. + * + * @return builder + * + */ + public Builder externallyVisible(@Nullable Output externallyVisible) { + $.externallyVisible = externallyVisible; + return this; + } + + /** + * @param externallyVisible Whether the access packages in this catalog can be requested by users outside the tenant. + * + * @return builder + * + */ + public Builder externallyVisible(Boolean externallyVisible) { + return externallyVisible(Output.of(externallyVisible)); + } + + /** + * @param published Whether the access packages in this catalog are available for management. + * + * @return builder + * + */ + public Builder published(@Nullable Output published) { + $.published = published; + return this; + } + + /** + * @param published Whether the access packages in this catalog are available for management. + * + * @return builder + * + */ + public Builder published(Boolean published) { + return published(Output.of(published)); + } + + public AccessPackageCatalogState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourceCatalogAssociationState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourceCatalogAssociationState.java new file mode 100644 index 000000000..c34c2f4b3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourceCatalogAssociationState.java @@ -0,0 +1,157 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageResourceCatalogAssociationState extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageResourceCatalogAssociationState Empty = new AccessPackageResourceCatalogAssociationState(); + + /** + * The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + */ + @Import(name="catalogId") + private @Nullable Output catalogId; + + /** + * @return The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + */ + public Optional> catalogId() { + return Optional.ofNullable(this.catalogId); + } + + /** + * The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + */ + @Import(name="resourceOriginId") + private @Nullable Output resourceOriginId; + + /** + * @return The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + */ + public Optional> resourceOriginId() { + return Optional.ofNullable(this.resourceOriginId); + } + + /** + * The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + */ + @Import(name="resourceOriginSystem") + private @Nullable Output resourceOriginSystem; + + /** + * @return The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + */ + public Optional> resourceOriginSystem() { + return Optional.ofNullable(this.resourceOriginSystem); + } + + private AccessPackageResourceCatalogAssociationState() {} + + private AccessPackageResourceCatalogAssociationState(AccessPackageResourceCatalogAssociationState $) { + this.catalogId = $.catalogId; + this.resourceOriginId = $.resourceOriginId; + this.resourceOriginSystem = $.resourceOriginSystem; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageResourceCatalogAssociationState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageResourceCatalogAssociationState $; + + public Builder() { + $ = new AccessPackageResourceCatalogAssociationState(); + } + + public Builder(AccessPackageResourceCatalogAssociationState defaults) { + $ = new AccessPackageResourceCatalogAssociationState(Objects.requireNonNull(defaults)); + } + + /** + * @param catalogId The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogId(@Nullable Output catalogId) { + $.catalogId = catalogId; + return this; + } + + /** + * @param catalogId The unique ID of the access package catalog. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogId(String catalogId) { + return catalogId(Output.of(catalogId)); + } + + /** + * @param resourceOriginId The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginId(@Nullable Output resourceOriginId) { + $.resourceOriginId = resourceOriginId; + return this; + } + + /** + * @param resourceOriginId The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginId(String resourceOriginId) { + return resourceOriginId(Output.of(resourceOriginId)); + } + + /** + * @param resourceOriginSystem The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginSystem(@Nullable Output resourceOriginSystem) { + $.resourceOriginSystem = resourceOriginSystem; + return this; + } + + /** + * @param resourceOriginSystem The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder resourceOriginSystem(String resourceOriginSystem) { + return resourceOriginSystem(Output.of(resourceOriginSystem)); + } + + public AccessPackageResourceCatalogAssociationState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourcePackageAssociationState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourcePackageAssociationState.java new file mode 100644 index 000000000..93beabfb7 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageResourcePackageAssociationState.java @@ -0,0 +1,157 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageResourcePackageAssociationState extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageResourcePackageAssociationState Empty = new AccessPackageResourcePackageAssociationState(); + + /** + * The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + */ + @Import(name="accessPackageId") + private @Nullable Output accessPackageId; + + /** + * @return The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + */ + public Optional> accessPackageId() { + return Optional.ofNullable(this.accessPackageId); + } + + /** + * The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + */ + @Import(name="accessType") + private @Nullable Output accessType; + + /** + * @return The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + */ + public Optional> accessType() { + return Optional.ofNullable(this.accessType); + } + + /** + * The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + */ + @Import(name="catalogResourceAssociationId") + private @Nullable Output catalogResourceAssociationId; + + /** + * @return The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + */ + public Optional> catalogResourceAssociationId() { + return Optional.ofNullable(this.catalogResourceAssociationId); + } + + private AccessPackageResourcePackageAssociationState() {} + + private AccessPackageResourcePackageAssociationState(AccessPackageResourcePackageAssociationState $) { + this.accessPackageId = $.accessPackageId; + this.accessType = $.accessType; + this.catalogResourceAssociationId = $.catalogResourceAssociationId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageResourcePackageAssociationState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageResourcePackageAssociationState $; + + public Builder() { + $ = new AccessPackageResourcePackageAssociationState(); + } + + public Builder(AccessPackageResourcePackageAssociationState defaults) { + $ = new AccessPackageResourcePackageAssociationState(Objects.requireNonNull(defaults)); + } + + /** + * @param accessPackageId The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessPackageId(@Nullable Output accessPackageId) { + $.accessPackageId = accessPackageId; + return this; + } + + /** + * @param accessPackageId The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessPackageId(String accessPackageId) { + return accessPackageId(Output.of(accessPackageId)); + } + + /** + * @param accessType The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessType(@Nullable Output accessType) { + $.accessType = accessType; + return this; + } + + /** + * @param accessType The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder accessType(String accessType) { + return accessType(Output.of(accessType)); + } + + /** + * @param catalogResourceAssociationId The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogResourceAssociationId(@Nullable Output catalogResourceAssociationId) { + $.catalogResourceAssociationId = catalogResourceAssociationId; + return this; + } + + /** + * @param catalogResourceAssociationId The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder catalogResourceAssociationId(String catalogResourceAssociationId) { + return catalogResourceAssociationId(Output.of(catalogResourceAssociationId)); + } + + public AccessPackageResourcePackageAssociationState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageState.java new file mode 100644 index 000000000..3898b23ff --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AccessPackageState.java @@ -0,0 +1,195 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AccessPackageState extends com.pulumi.resources.ResourceArgs { + + public static final AccessPackageState Empty = new AccessPackageState(); + + /** + * The ID of the Catalog this access package will be created in. + * + */ + @Import(name="catalogId") + private @Nullable Output catalogId; + + /** + * @return The ID of the Catalog this access package will be created in. + * + */ + public Optional> catalogId() { + return Optional.ofNullable(this.catalogId); + } + + /** + * The description of the access package. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return The description of the access package. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * The display name of the access package. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return The display name of the access package. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * Whether the access package is hidden from the requestor. + * + */ + @Import(name="hidden") + private @Nullable Output hidden; + + /** + * @return Whether the access package is hidden from the requestor. + * + */ + public Optional> hidden() { + return Optional.ofNullable(this.hidden); + } + + private AccessPackageState() {} + + private AccessPackageState(AccessPackageState $) { + this.catalogId = $.catalogId; + this.description = $.description; + this.displayName = $.displayName; + this.hidden = $.hidden; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AccessPackageState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AccessPackageState $; + + public Builder() { + $ = new AccessPackageState(); + } + + public Builder(AccessPackageState defaults) { + $ = new AccessPackageState(Objects.requireNonNull(defaults)); + } + + /** + * @param catalogId The ID of the Catalog this access package will be created in. + * + * @return builder + * + */ + public Builder catalogId(@Nullable Output catalogId) { + $.catalogId = catalogId; + return this; + } + + /** + * @param catalogId The ID of the Catalog this access package will be created in. + * + * @return builder + * + */ + public Builder catalogId(String catalogId) { + return catalogId(Output.of(catalogId)); + } + + /** + * @param description The description of the access package. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the access package. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the access package. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the access package. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param hidden Whether the access package is hidden from the requestor. + * + * @return builder + * + */ + public Builder hidden(@Nullable Output hidden) { + $.hidden = hidden; + return this; + } + + /** + * @param hidden Whether the access package is hidden from the requestor. + * + * @return builder + * + */ + public Builder hidden(Boolean hidden) { + return hidden(Output.of(hidden)); + } + + public AccessPackageState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitRoleMemberState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitRoleMemberState.java new file mode 100644 index 000000000..ce293aa45 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitRoleMemberState.java @@ -0,0 +1,157 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AdministrativeUnitRoleMemberState extends com.pulumi.resources.ResourceArgs { + + public static final AdministrativeUnitRoleMemberState Empty = new AdministrativeUnitRoleMemberState(); + + /** + * The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + */ + @Import(name="administrativeUnitObjectId") + private @Nullable Output administrativeUnitObjectId; + + /** + * @return The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + */ + public Optional> administrativeUnitObjectId() { + return Optional.ofNullable(this.administrativeUnitObjectId); + } + + /** + * The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + */ + @Import(name="memberObjectId") + private @Nullable Output memberObjectId; + + /** + * @return The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + */ + public Optional> memberObjectId() { + return Optional.ofNullable(this.memberObjectId); + } + + /** + * The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + */ + @Import(name="roleObjectId") + private @Nullable Output roleObjectId; + + /** + * @return The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + */ + public Optional> roleObjectId() { + return Optional.ofNullable(this.roleObjectId); + } + + private AdministrativeUnitRoleMemberState() {} + + private AdministrativeUnitRoleMemberState(AdministrativeUnitRoleMemberState $) { + this.administrativeUnitObjectId = $.administrativeUnitObjectId; + this.memberObjectId = $.memberObjectId; + this.roleObjectId = $.roleObjectId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AdministrativeUnitRoleMemberState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AdministrativeUnitRoleMemberState $; + + public Builder() { + $ = new AdministrativeUnitRoleMemberState(); + } + + public Builder(AdministrativeUnitRoleMemberState defaults) { + $ = new AdministrativeUnitRoleMemberState(Objects.requireNonNull(defaults)); + } + + /** + * @param administrativeUnitObjectId The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder administrativeUnitObjectId(@Nullable Output administrativeUnitObjectId) { + $.administrativeUnitObjectId = administrativeUnitObjectId; + return this; + } + + /** + * @param administrativeUnitObjectId The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder administrativeUnitObjectId(String administrativeUnitObjectId) { + return administrativeUnitObjectId(Output.of(administrativeUnitObjectId)); + } + + /** + * @param memberObjectId The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder memberObjectId(@Nullable Output memberObjectId) { + $.memberObjectId = memberObjectId; + return this; + } + + /** + * @param memberObjectId The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder memberObjectId(String memberObjectId) { + return memberObjectId(Output.of(memberObjectId)); + } + + /** + * @param roleObjectId The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder roleObjectId(@Nullable Output roleObjectId) { + $.roleObjectId = roleObjectId; + return this; + } + + /** + * @param roleObjectId The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder roleObjectId(String roleObjectId) { + return roleObjectId(Output.of(roleObjectId)); + } + + public AdministrativeUnitRoleMemberState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/ApplicationState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ApplicationState.java index 3981bfeab..873b56a34 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/ApplicationState.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ApplicationState.java @@ -416,6 +416,21 @@ public Optional>> requiredRes return Optional.ofNullable(this.requiredResourceAccesses); } + /** + * References application context information from a Service or Asset Management database. + * + */ + @Import(name="serviceManagementReference") + private @Nullable Output serviceManagementReference; + + /** + * @return References application context information from a Service or Asset Management database. + * + */ + public Optional> serviceManagementReference() { + return Optional.ofNullable(this.serviceManagementReference); + } + /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. * @@ -550,6 +565,7 @@ private ApplicationState(ApplicationState $) { this.publicClient = $.publicClient; this.publisherDomain = $.publisherDomain; this.requiredResourceAccesses = $.requiredResourceAccesses; + this.serviceManagementReference = $.serviceManagementReference; this.signInAudience = $.signInAudience; this.singlePageApplication = $.singlePageApplication; this.supportUrl = $.supportUrl; @@ -1183,6 +1199,27 @@ public Builder requiredResourceAccesses(ApplicationRequiredResourceAccessArgs... return requiredResourceAccesses(List.of(requiredResourceAccesses)); } + /** + * @param serviceManagementReference References application context information from a Service or Asset Management database. + * + * @return builder + * + */ + public Builder serviceManagementReference(@Nullable Output serviceManagementReference) { + $.serviceManagementReference = serviceManagementReference; + return this; + } + + /** + * @param serviceManagementReference References application context information from a Service or Asset Management database. + * + * @return builder + * + */ + public Builder serviceManagementReference(String serviceManagementReference) { + return serviceManagementReference(Output.of(serviceManagementReference)); + } + /** * @param signInAudience The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageArgs.java new file mode 100644 index 000000000..6d053de29 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageArgs.java @@ -0,0 +1,157 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAccessPackageArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAccessPackageArgs Empty = new GetAccessPackageArgs(); + + /** + * The ID of the Catalog this access package is in. + * + */ + @Import(name="catalogId") + private @Nullable Output catalogId; + + /** + * @return The ID of the Catalog this access package is in. + * + */ + public Optional> catalogId() { + return Optional.ofNullable(this.catalogId); + } + + /** + * The display name of the access package. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return The display name of the access package. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * The ID of this access package. + * + */ + @Import(name="objectId") + private @Nullable Output objectId; + + /** + * @return The ID of this access package. + * + */ + public Optional> objectId() { + return Optional.ofNullable(this.objectId); + } + + private GetAccessPackageArgs() {} + + private GetAccessPackageArgs(GetAccessPackageArgs $) { + this.catalogId = $.catalogId; + this.displayName = $.displayName; + this.objectId = $.objectId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAccessPackageArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAccessPackageArgs $; + + public Builder() { + $ = new GetAccessPackageArgs(); + } + + public Builder(GetAccessPackageArgs defaults) { + $ = new GetAccessPackageArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param catalogId The ID of the Catalog this access package is in. + * + * @return builder + * + */ + public Builder catalogId(@Nullable Output catalogId) { + $.catalogId = catalogId; + return this; + } + + /** + * @param catalogId The ID of the Catalog this access package is in. + * + * @return builder + * + */ + public Builder catalogId(String catalogId) { + return catalogId(Output.of(catalogId)); + } + + /** + * @param displayName The display name of the access package. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the access package. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param objectId The ID of this access package. + * + * @return builder + * + */ + public Builder objectId(@Nullable Output objectId) { + $.objectId = objectId; + return this; + } + + /** + * @param objectId The ID of this access package. + * + * @return builder + * + */ + public Builder objectId(String objectId) { + return objectId(Output.of(objectId)); + } + + public GetAccessPackageArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogArgs.java new file mode 100644 index 000000000..44d16bb36 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogArgs.java @@ -0,0 +1,120 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAccessPackageCatalogArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAccessPackageCatalogArgs Empty = new GetAccessPackageCatalogArgs(); + + /** + * The display name of the access package catalog. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return The display name of the access package catalog. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * The ID of this access package catalog. + * + */ + @Import(name="objectId") + private @Nullable Output objectId; + + /** + * @return The ID of this access package catalog. + * + */ + public Optional> objectId() { + return Optional.ofNullable(this.objectId); + } + + private GetAccessPackageCatalogArgs() {} + + private GetAccessPackageCatalogArgs(GetAccessPackageCatalogArgs $) { + this.displayName = $.displayName; + this.objectId = $.objectId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAccessPackageCatalogArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAccessPackageCatalogArgs $; + + public Builder() { + $ = new GetAccessPackageCatalogArgs(); + } + + public Builder(GetAccessPackageCatalogArgs defaults) { + $ = new GetAccessPackageCatalogArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param displayName The display name of the access package catalog. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the access package catalog. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param objectId The ID of this access package catalog. + * + * @return builder + * + */ + public Builder objectId(@Nullable Output objectId) { + $.objectId = objectId; + return this; + } + + /** + * @param objectId The ID of this access package catalog. + * + * @return builder + * + */ + public Builder objectId(String objectId) { + return objectId(Output.of(objectId)); + } + + public GetAccessPackageCatalogArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogPlainArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogPlainArgs.java new file mode 100644 index 000000000..b2576fb9c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackageCatalogPlainArgs.java @@ -0,0 +1,99 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAccessPackageCatalogPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAccessPackageCatalogPlainArgs Empty = new GetAccessPackageCatalogPlainArgs(); + + /** + * The display name of the access package catalog. + * + */ + @Import(name="displayName") + private @Nullable String displayName; + + /** + * @return The display name of the access package catalog. + * + */ + public Optional displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * The ID of this access package catalog. + * + */ + @Import(name="objectId") + private @Nullable String objectId; + + /** + * @return The ID of this access package catalog. + * + */ + public Optional objectId() { + return Optional.ofNullable(this.objectId); + } + + private GetAccessPackageCatalogPlainArgs() {} + + private GetAccessPackageCatalogPlainArgs(GetAccessPackageCatalogPlainArgs $) { + this.displayName = $.displayName; + this.objectId = $.objectId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAccessPackageCatalogPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAccessPackageCatalogPlainArgs $; + + public Builder() { + $ = new GetAccessPackageCatalogPlainArgs(); + } + + public Builder(GetAccessPackageCatalogPlainArgs defaults) { + $ = new GetAccessPackageCatalogPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param displayName The display name of the access package catalog. + * + * @return builder + * + */ + public Builder displayName(@Nullable String displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param objectId The ID of this access package catalog. + * + * @return builder + * + */ + public Builder objectId(@Nullable String objectId) { + $.objectId = objectId; + return this; + } + + public GetAccessPackageCatalogPlainArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackagePlainArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackagePlainArgs.java new file mode 100644 index 000000000..8a144729d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetAccessPackagePlainArgs.java @@ -0,0 +1,126 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAccessPackagePlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAccessPackagePlainArgs Empty = new GetAccessPackagePlainArgs(); + + /** + * The ID of the Catalog this access package is in. + * + */ + @Import(name="catalogId") + private @Nullable String catalogId; + + /** + * @return The ID of the Catalog this access package is in. + * + */ + public Optional catalogId() { + return Optional.ofNullable(this.catalogId); + } + + /** + * The display name of the access package. + * + */ + @Import(name="displayName") + private @Nullable String displayName; + + /** + * @return The display name of the access package. + * + */ + public Optional displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * The ID of this access package. + * + */ + @Import(name="objectId") + private @Nullable String objectId; + + /** + * @return The ID of this access package. + * + */ + public Optional objectId() { + return Optional.ofNullable(this.objectId); + } + + private GetAccessPackagePlainArgs() {} + + private GetAccessPackagePlainArgs(GetAccessPackagePlainArgs $) { + this.catalogId = $.catalogId; + this.displayName = $.displayName; + this.objectId = $.objectId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAccessPackagePlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAccessPackagePlainArgs $; + + public Builder() { + $ = new GetAccessPackagePlainArgs(); + } + + public Builder(GetAccessPackagePlainArgs defaults) { + $ = new GetAccessPackagePlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param catalogId The ID of the Catalog this access package is in. + * + * @return builder + * + */ + public Builder catalogId(@Nullable String catalogId) { + $.catalogId = catalogId; + return this; + } + + /** + * @param displayName The display name of the access package. + * + * @return builder + * + */ + public Builder displayName(@Nullable String displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param objectId The ID of this access package. + * + * @return builder + * + */ + public Builder objectId(@Nullable String objectId) { + $.objectId = objectId; + return this; + } + + public GetAccessPackagePlainArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java index 8daecee0e..899b47e56 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java @@ -15,6 +15,21 @@ public final class GetUserArgs extends com.pulumi.resources.InvokeArgs { public static final GetUserArgs Empty = new GetUserArgs(); + /** + * The SMTP address for the user. + * + */ + @Import(name="mail") + private @Nullable Output mail; + + /** + * @return The SMTP address for the user. + * + */ + public Optional> mail() { + return Optional.ofNullable(this.mail); + } + /** * The email alias of the user. * @@ -63,6 +78,7 @@ public Optional> userPrincipalName() { private GetUserArgs() {} private GetUserArgs(GetUserArgs $) { + this.mail = $.mail; this.mailNickname = $.mailNickname; this.objectId = $.objectId; this.userPrincipalName = $.userPrincipalName; @@ -86,6 +102,27 @@ public Builder(GetUserArgs defaults) { $ = new GetUserArgs(Objects.requireNonNull(defaults)); } + /** + * @param mail The SMTP address for the user. + * + * @return builder + * + */ + public Builder mail(@Nullable Output mail) { + $.mail = mail; + return this; + } + + /** + * @param mail The SMTP address for the user. + * + * @return builder + * + */ + public Builder mail(String mail) { + return mail(Output.of(mail)); + } + /** * @param mailNickname The email alias of the user. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java index c20b21980..4c9f9f12a 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java @@ -14,6 +14,21 @@ public final class GetUserPlainArgs extends com.pulumi.resources.InvokeArgs { public static final GetUserPlainArgs Empty = new GetUserPlainArgs(); + /** + * The SMTP address for the user. + * + */ + @Import(name="mail") + private @Nullable String mail; + + /** + * @return The SMTP address for the user. + * + */ + public Optional mail() { + return Optional.ofNullable(this.mail); + } + /** * The email alias of the user. * @@ -62,6 +77,7 @@ public Optional userPrincipalName() { private GetUserPlainArgs() {} private GetUserPlainArgs(GetUserPlainArgs $) { + this.mail = $.mail; this.mailNickname = $.mailNickname; this.objectId = $.objectId; this.userPrincipalName = $.userPrincipalName; @@ -85,6 +101,17 @@ public Builder(GetUserPlainArgs defaults) { $ = new GetUserPlainArgs(Objects.requireNonNull(defaults)); } + /** + * @param mail The SMTP address for the user. + * + * @return builder + * + */ + public Builder mail(@Nullable String mail) { + $.mail = mail; + return this; + } + /** * @param mailNickname The email alias of the user. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GroupState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GroupState.java index 3f5077e6a..ad88aa364 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GroupState.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GroupState.java @@ -258,6 +258,21 @@ public Optional> onpremisesDomainName() { return Optional.ofNullable(this.onpremisesDomainName); } + /** + * The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + @Import(name="onpremisesGroupType") + private @Nullable Output onpremisesGroupType; + + /** + * @return The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + public Optional> onpremisesGroupType() { + return Optional.ofNullable(this.onpremisesGroupType); + } + /** * The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. * @@ -453,6 +468,21 @@ public Optional> visibility() { return Optional.ofNullable(this.visibility); } + /** + * Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + @Import(name="writebackEnabled") + private @Nullable Output writebackEnabled; + + /** + * @return Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + public Optional> writebackEnabled() { + return Optional.ofNullable(this.writebackEnabled); + } + private GroupState() {} private GroupState(GroupState $) { @@ -472,6 +502,7 @@ private GroupState(GroupState $) { this.members = $.members; this.objectId = $.objectId; this.onpremisesDomainName = $.onpremisesDomainName; + this.onpremisesGroupType = $.onpremisesGroupType; this.onpremisesNetbiosName = $.onpremisesNetbiosName; this.onpremisesSamAccountName = $.onpremisesSamAccountName; this.onpremisesSecurityIdentifier = $.onpremisesSecurityIdentifier; @@ -485,6 +516,7 @@ private GroupState(GroupState $) { this.theme = $.theme; this.types = $.types; this.visibility = $.visibility; + this.writebackEnabled = $.writebackEnabled; } public static Builder builder() { @@ -871,6 +903,27 @@ public Builder onpremisesDomainName(String onpremisesDomainName) { return onpremisesDomainName(Output.of(onpremisesDomainName)); } + /** + * @param onpremisesGroupType The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + * @return builder + * + */ + public Builder onpremisesGroupType(@Nullable Output onpremisesGroupType) { + $.onpremisesGroupType = onpremisesGroupType; + return this; + } + + /** + * @param onpremisesGroupType The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + * @return builder + * + */ + public Builder onpremisesGroupType(String onpremisesGroupType) { + return onpremisesGroupType(Output.of(onpremisesGroupType)); + } + /** * @param onpremisesNetbiosName The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. * @@ -1184,6 +1237,27 @@ public Builder visibility(String visibility) { return visibility(Output.of(visibility)); } + /** + * @param writebackEnabled Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + * @return builder + * + */ + public Builder writebackEnabled(@Nullable Output writebackEnabled) { + $.writebackEnabled = writebackEnabled; + return this; + } + + /** + * @param writebackEnabled Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + * @return builder + * + */ + public Builder writebackEnabled(Boolean writebackEnabled) { + return writebackEnabled(Output.of(writebackEnabled)); + } + public GroupState build() { return $; } diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/UserFlowAttributeState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/UserFlowAttributeState.java new file mode 100644 index 000000000..a1779d270 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/UserFlowAttributeState.java @@ -0,0 +1,194 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class UserFlowAttributeState extends com.pulumi.resources.ResourceArgs { + + public static final UserFlowAttributeState Empty = new UserFlowAttributeState(); + + /** + * The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + * + */ + @Import(name="attributeType") + private @Nullable Output attributeType; + + /** + * @return The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + * + */ + public Optional> attributeType() { + return Optional.ofNullable(this.attributeType); + } + + /** + * The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + */ + @Import(name="dataType") + private @Nullable Output dataType; + + /** + * @return The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + */ + public Optional> dataType() { + return Optional.ofNullable(this.dataType); + } + + /** + * The description of the user flow attribute that is shown to the user at the time of sign-up. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return The description of the user flow attribute that is shown to the user at the time of sign-up. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * The display name of the user flow attribute. Changing this forces a new resource to be created. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return The display name of the user flow attribute. Changing this forces a new resource to be created. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + private UserFlowAttributeState() {} + + private UserFlowAttributeState(UserFlowAttributeState $) { + this.attributeType = $.attributeType; + this.dataType = $.dataType; + this.description = $.description; + this.displayName = $.displayName; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(UserFlowAttributeState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private UserFlowAttributeState $; + + public Builder() { + $ = new UserFlowAttributeState(); + } + + public Builder(UserFlowAttributeState defaults) { + $ = new UserFlowAttributeState(Objects.requireNonNull(defaults)); + } + + /** + * @param attributeType The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + * + * @return builder + * + */ + public Builder attributeType(@Nullable Output attributeType) { + $.attributeType = attributeType; + return this; + } + + /** + * @param attributeType The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + * + * @return builder + * + */ + public Builder attributeType(String attributeType) { + return attributeType(Output.of(attributeType)); + } + + /** + * @param dataType The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder dataType(@Nullable Output dataType) { + $.dataType = dataType; + return this; + } + + /** + * @param dataType The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder dataType(String dataType) { + return dataType(Output.of(dataType)); + } + + /** + * @param description The description of the user flow attribute that is shown to the user at the time of sign-up. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the user flow attribute that is shown to the user at the time of sign-up. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName The display name of the user flow attribute. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName The display name of the user flow attribute. Changing this forces a new resource to be created. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + public UserFlowAttributeState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettings.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettings.java new file mode 100644 index 000000000..f85667af4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettings.java @@ -0,0 +1,121 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStage; +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyApprovalSettings { + /** + * @return Whether an approval is required. + * + */ + private @Nullable Boolean approvalRequired; + /** + * @return Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + * + */ + private @Nullable Boolean approvalRequiredForExtension; + /** + * @return An `approval_stage` block specifying the process to obtain an approval, as documented below. + * + */ + private @Nullable List approvalStages; + /** + * @return Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + * + */ + private @Nullable Boolean requestorJustificationRequired; + + private AccessPackageAssignmentPolicyApprovalSettings() {} + /** + * @return Whether an approval is required. + * + */ + public Optional approvalRequired() { + return Optional.ofNullable(this.approvalRequired); + } + /** + * @return Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + * + */ + public Optional approvalRequiredForExtension() { + return Optional.ofNullable(this.approvalRequiredForExtension); + } + /** + * @return An `approval_stage` block specifying the process to obtain an approval, as documented below. + * + */ + public List approvalStages() { + return this.approvalStages == null ? List.of() : this.approvalStages; + } + /** + * @return Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + * + */ + public Optional requestorJustificationRequired() { + return Optional.ofNullable(this.requestorJustificationRequired); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettings defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean approvalRequired; + private @Nullable Boolean approvalRequiredForExtension; + private @Nullable List approvalStages; + private @Nullable Boolean requestorJustificationRequired; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyApprovalSettings defaults) { + Objects.requireNonNull(defaults); + this.approvalRequired = defaults.approvalRequired; + this.approvalRequiredForExtension = defaults.approvalRequiredForExtension; + this.approvalStages = defaults.approvalStages; + this.requestorJustificationRequired = defaults.requestorJustificationRequired; + } + + @CustomType.Setter + public Builder approvalRequired(@Nullable Boolean approvalRequired) { + this.approvalRequired = approvalRequired; + return this; + } + @CustomType.Setter + public Builder approvalRequiredForExtension(@Nullable Boolean approvalRequiredForExtension) { + this.approvalRequiredForExtension = approvalRequiredForExtension; + return this; + } + @CustomType.Setter + public Builder approvalStages(@Nullable List approvalStages) { + this.approvalStages = approvalStages; + return this; + } + public Builder approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStage... approvalStages) { + return approvalStages(List.of(approvalStages)); + } + @CustomType.Setter + public Builder requestorJustificationRequired(@Nullable Boolean requestorJustificationRequired) { + this.requestorJustificationRequired = requestorJustificationRequired; + return this; + } + public AccessPackageAssignmentPolicyApprovalSettings build() { + final var o = new AccessPackageAssignmentPolicyApprovalSettings(); + o.approvalRequired = approvalRequired; + o.approvalRequiredForExtension = approvalRequiredForExtension; + o.approvalStages = approvalStages; + o.requestorJustificationRequired = requestorJustificationRequired; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.java new file mode 100644 index 000000000..e444983ff --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.java @@ -0,0 +1,166 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover; +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover; +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.Integer; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyApprovalSettingsApprovalStage { + /** + * @return Whether alternative approvers are enabled. + * + */ + private @Nullable Boolean alternativeApprovalEnabled; + /** + * @return A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + * + */ + private @Nullable List alternativeApprovers; + /** + * @return Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + * + */ + private Integer approvalTimeoutInDays; + /** + * @return Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + * + */ + private @Nullable Boolean approverJustificationRequired; + /** + * @return Number of days before the request is forwarded to alternative approvers. + * + */ + private @Nullable Integer enableAlternativeApprovalInDays; + /** + * @return A block specifying the users who will be asked to approve requests, as documented below. + * + */ + private @Nullable List primaryApprovers; + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStage() {} + /** + * @return Whether alternative approvers are enabled. + * + */ + public Optional alternativeApprovalEnabled() { + return Optional.ofNullable(this.alternativeApprovalEnabled); + } + /** + * @return A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + * + */ + public List alternativeApprovers() { + return this.alternativeApprovers == null ? List.of() : this.alternativeApprovers; + } + /** + * @return Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + * + */ + public Integer approvalTimeoutInDays() { + return this.approvalTimeoutInDays; + } + /** + * @return Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + * + */ + public Optional approverJustificationRequired() { + return Optional.ofNullable(this.approverJustificationRequired); + } + /** + * @return Number of days before the request is forwarded to alternative approvers. + * + */ + public Optional enableAlternativeApprovalInDays() { + return Optional.ofNullable(this.enableAlternativeApprovalInDays); + } + /** + * @return A block specifying the users who will be asked to approve requests, as documented below. + * + */ + public List primaryApprovers() { + return this.primaryApprovers == null ? List.of() : this.primaryApprovers; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStage defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean alternativeApprovalEnabled; + private @Nullable List alternativeApprovers; + private Integer approvalTimeoutInDays; + private @Nullable Boolean approverJustificationRequired; + private @Nullable Integer enableAlternativeApprovalInDays; + private @Nullable List primaryApprovers; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStage defaults) { + Objects.requireNonNull(defaults); + this.alternativeApprovalEnabled = defaults.alternativeApprovalEnabled; + this.alternativeApprovers = defaults.alternativeApprovers; + this.approvalTimeoutInDays = defaults.approvalTimeoutInDays; + this.approverJustificationRequired = defaults.approverJustificationRequired; + this.enableAlternativeApprovalInDays = defaults.enableAlternativeApprovalInDays; + this.primaryApprovers = defaults.primaryApprovers; + } + + @CustomType.Setter + public Builder alternativeApprovalEnabled(@Nullable Boolean alternativeApprovalEnabled) { + this.alternativeApprovalEnabled = alternativeApprovalEnabled; + return this; + } + @CustomType.Setter + public Builder alternativeApprovers(@Nullable List alternativeApprovers) { + this.alternativeApprovers = alternativeApprovers; + return this; + } + public Builder alternativeApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover... alternativeApprovers) { + return alternativeApprovers(List.of(alternativeApprovers)); + } + @CustomType.Setter + public Builder approvalTimeoutInDays(Integer approvalTimeoutInDays) { + this.approvalTimeoutInDays = Objects.requireNonNull(approvalTimeoutInDays); + return this; + } + @CustomType.Setter + public Builder approverJustificationRequired(@Nullable Boolean approverJustificationRequired) { + this.approverJustificationRequired = approverJustificationRequired; + return this; + } + @CustomType.Setter + public Builder enableAlternativeApprovalInDays(@Nullable Integer enableAlternativeApprovalInDays) { + this.enableAlternativeApprovalInDays = enableAlternativeApprovalInDays; + return this; + } + @CustomType.Setter + public Builder primaryApprovers(@Nullable List primaryApprovers) { + this.primaryApprovers = primaryApprovers; + return this; + } + public Builder primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover... primaryApprovers) { + return primaryApprovers(List.of(primaryApprovers)); + } + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStage build() { + final var o = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStage(); + o.alternativeApprovalEnabled = alternativeApprovalEnabled; + o.alternativeApprovers = alternativeApprovers; + o.approvalTimeoutInDays = approvalTimeoutInDays; + o.approverJustificationRequired = approverJustificationRequired; + o.enableAlternativeApprovalInDays = enableAlternativeApprovalInDays; + o.primaryApprovers = primaryApprovers; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.java new file mode 100644 index 000000000..e816a2cf9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.java @@ -0,0 +1,97 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover { + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + private @Nullable Boolean backup; + /** + * @return The ID of the subject. + * + */ + private @Nullable String objectId; + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + private String subjectType; + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover() {} + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional backup() { + return Optional.ofNullable(this.backup); + } + /** + * @return The ID of the subject. + * + */ + public Optional objectId() { + return Optional.ofNullable(this.objectId); + } + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public String subjectType() { + return this.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean backup; + private @Nullable String objectId; + private String subjectType; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover defaults) { + Objects.requireNonNull(defaults); + this.backup = defaults.backup; + this.objectId = defaults.objectId; + this.subjectType = defaults.subjectType; + } + + @CustomType.Setter + public Builder backup(@Nullable Boolean backup) { + this.backup = backup; + return this; + } + @CustomType.Setter + public Builder objectId(@Nullable String objectId) { + this.objectId = objectId; + return this; + } + @CustomType.Setter + public Builder subjectType(String subjectType) { + this.subjectType = Objects.requireNonNull(subjectType); + return this; + } + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover build() { + final var o = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover(); + o.backup = backup; + o.objectId = objectId; + o.subjectType = subjectType; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.java new file mode 100644 index 000000000..3e392c139 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.java @@ -0,0 +1,97 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover { + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + private @Nullable Boolean backup; + /** + * @return The ID of the subject. + * + */ + private @Nullable String objectId; + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + private String subjectType; + + private AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover() {} + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional backup() { + return Optional.ofNullable(this.backup); + } + /** + * @return The ID of the subject. + * + */ + public Optional objectId() { + return Optional.ofNullable(this.objectId); + } + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public String subjectType() { + return this.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean backup; + private @Nullable String objectId; + private String subjectType; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover defaults) { + Objects.requireNonNull(defaults); + this.backup = defaults.backup; + this.objectId = defaults.objectId; + this.subjectType = defaults.subjectType; + } + + @CustomType.Setter + public Builder backup(@Nullable Boolean backup) { + this.backup = backup; + return this; + } + @CustomType.Setter + public Builder objectId(@Nullable String objectId) { + this.objectId = objectId; + return this; + } + @CustomType.Setter + public Builder subjectType(String subjectType) { + this.subjectType = Objects.requireNonNull(subjectType); + return this; + } + public AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover build() { + final var o = new AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover(); + o.backup = backup; + o.objectId = objectId; + o.subjectType = subjectType; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.java new file mode 100644 index 000000000..4f3e44fbe --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettings.java @@ -0,0 +1,223 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer; +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyAssignmentReviewSettings { + /** + * @return Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + * + */ + private @Nullable Boolean accessRecommendationEnabled; + /** + * @return Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + * + */ + private @Nullable String accessReviewTimeoutBehavior; + /** + * @return Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + * + */ + private @Nullable Boolean approverJustificationRequired; + /** + * @return How many days each occurrence of the access review series will run. + * + */ + private @Nullable Integer durationInDays; + /** + * @return Whether to enable assignment review. + * + */ + private @Nullable Boolean enabled; + /** + * @return This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + * + */ + private @Nullable String reviewFrequency; + /** + * @return Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + * + */ + private @Nullable String reviewType; + /** + * @return One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + * + */ + private @Nullable List reviewers; + /** + * @return This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + * + */ + private @Nullable String startingOn; + + private AccessPackageAssignmentPolicyAssignmentReviewSettings() {} + /** + * @return Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + * + */ + public Optional accessRecommendationEnabled() { + return Optional.ofNullable(this.accessRecommendationEnabled); + } + /** + * @return Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + * + */ + public Optional accessReviewTimeoutBehavior() { + return Optional.ofNullable(this.accessReviewTimeoutBehavior); + } + /** + * @return Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + * + */ + public Optional approverJustificationRequired() { + return Optional.ofNullable(this.approverJustificationRequired); + } + /** + * @return How many days each occurrence of the access review series will run. + * + */ + public Optional durationInDays() { + return Optional.ofNullable(this.durationInDays); + } + /** + * @return Whether to enable assignment review. + * + */ + public Optional enabled() { + return Optional.ofNullable(this.enabled); + } + /** + * @return This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + * + */ + public Optional reviewFrequency() { + return Optional.ofNullable(this.reviewFrequency); + } + /** + * @return Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + * + */ + public Optional reviewType() { + return Optional.ofNullable(this.reviewType); + } + /** + * @return One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + * + */ + public List reviewers() { + return this.reviewers == null ? List.of() : this.reviewers; + } + /** + * @return This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + * + */ + public Optional startingOn() { + return Optional.ofNullable(this.startingOn); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyAssignmentReviewSettings defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean accessRecommendationEnabled; + private @Nullable String accessReviewTimeoutBehavior; + private @Nullable Boolean approverJustificationRequired; + private @Nullable Integer durationInDays; + private @Nullable Boolean enabled; + private @Nullable String reviewFrequency; + private @Nullable String reviewType; + private @Nullable List reviewers; + private @Nullable String startingOn; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyAssignmentReviewSettings defaults) { + Objects.requireNonNull(defaults); + this.accessRecommendationEnabled = defaults.accessRecommendationEnabled; + this.accessReviewTimeoutBehavior = defaults.accessReviewTimeoutBehavior; + this.approverJustificationRequired = defaults.approverJustificationRequired; + this.durationInDays = defaults.durationInDays; + this.enabled = defaults.enabled; + this.reviewFrequency = defaults.reviewFrequency; + this.reviewType = defaults.reviewType; + this.reviewers = defaults.reviewers; + this.startingOn = defaults.startingOn; + } + + @CustomType.Setter + public Builder accessRecommendationEnabled(@Nullable Boolean accessRecommendationEnabled) { + this.accessRecommendationEnabled = accessRecommendationEnabled; + return this; + } + @CustomType.Setter + public Builder accessReviewTimeoutBehavior(@Nullable String accessReviewTimeoutBehavior) { + this.accessReviewTimeoutBehavior = accessReviewTimeoutBehavior; + return this; + } + @CustomType.Setter + public Builder approverJustificationRequired(@Nullable Boolean approverJustificationRequired) { + this.approverJustificationRequired = approverJustificationRequired; + return this; + } + @CustomType.Setter + public Builder durationInDays(@Nullable Integer durationInDays) { + this.durationInDays = durationInDays; + return this; + } + @CustomType.Setter + public Builder enabled(@Nullable Boolean enabled) { + this.enabled = enabled; + return this; + } + @CustomType.Setter + public Builder reviewFrequency(@Nullable String reviewFrequency) { + this.reviewFrequency = reviewFrequency; + return this; + } + @CustomType.Setter + public Builder reviewType(@Nullable String reviewType) { + this.reviewType = reviewType; + return this; + } + @CustomType.Setter + public Builder reviewers(@Nullable List reviewers) { + this.reviewers = reviewers; + return this; + } + public Builder reviewers(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer... reviewers) { + return reviewers(List.of(reviewers)); + } + @CustomType.Setter + public Builder startingOn(@Nullable String startingOn) { + this.startingOn = startingOn; + return this; + } + public AccessPackageAssignmentPolicyAssignmentReviewSettings build() { + final var o = new AccessPackageAssignmentPolicyAssignmentReviewSettings(); + o.accessRecommendationEnabled = accessRecommendationEnabled; + o.accessReviewTimeoutBehavior = accessReviewTimeoutBehavior; + o.approverJustificationRequired = approverJustificationRequired; + o.durationInDays = durationInDays; + o.enabled = enabled; + o.reviewFrequency = reviewFrequency; + o.reviewType = reviewType; + o.reviewers = reviewers; + o.startingOn = startingOn; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.java new file mode 100644 index 000000000..6734078c8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.java @@ -0,0 +1,97 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer { + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + private @Nullable Boolean backup; + /** + * @return The ID of the subject. + * + */ + private @Nullable String objectId; + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + private String subjectType; + + private AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer() {} + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional backup() { + return Optional.ofNullable(this.backup); + } + /** + * @return The ID of the subject. + * + */ + public Optional objectId() { + return Optional.ofNullable(this.objectId); + } + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public String subjectType() { + return this.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean backup; + private @Nullable String objectId; + private String subjectType; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer defaults) { + Objects.requireNonNull(defaults); + this.backup = defaults.backup; + this.objectId = defaults.objectId; + this.subjectType = defaults.subjectType; + } + + @CustomType.Setter + public Builder backup(@Nullable Boolean backup) { + this.backup = backup; + return this; + } + @CustomType.Setter + public Builder objectId(@Nullable String objectId) { + this.objectId = objectId; + return this; + } + @CustomType.Setter + public Builder subjectType(String subjectType) { + this.subjectType = Objects.requireNonNull(subjectType); + return this; + } + public AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer build() { + final var o = new AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer(); + o.backup = backup; + o.objectId = objectId; + o.subjectType = subjectType; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestion.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestion.java new file mode 100644 index 000000000..aee391800 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestion.java @@ -0,0 +1,123 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyQuestionChoice; +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyQuestionText; +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.Integer; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyQuestion { + /** + * @return One or more blocks configuring a choice to the question, as documented below. + * + */ + private @Nullable List choices; + /** + * @return Whether this question is required. + * + */ + private @Nullable Boolean required; + /** + * @return The sequence number of this question. + * + */ + private @Nullable Integer sequence; + /** + * @return A block describing the content of this question, as documented below. + * + */ + private AccessPackageAssignmentPolicyQuestionText text; + + private AccessPackageAssignmentPolicyQuestion() {} + /** + * @return One or more blocks configuring a choice to the question, as documented below. + * + */ + public List choices() { + return this.choices == null ? List.of() : this.choices; + } + /** + * @return Whether this question is required. + * + */ + public Optional required() { + return Optional.ofNullable(this.required); + } + /** + * @return The sequence number of this question. + * + */ + public Optional sequence() { + return Optional.ofNullable(this.sequence); + } + /** + * @return A block describing the content of this question, as documented below. + * + */ + public AccessPackageAssignmentPolicyQuestionText text() { + return this.text; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyQuestion defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List choices; + private @Nullable Boolean required; + private @Nullable Integer sequence; + private AccessPackageAssignmentPolicyQuestionText text; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyQuestion defaults) { + Objects.requireNonNull(defaults); + this.choices = defaults.choices; + this.required = defaults.required; + this.sequence = defaults.sequence; + this.text = defaults.text; + } + + @CustomType.Setter + public Builder choices(@Nullable List choices) { + this.choices = choices; + return this; + } + public Builder choices(AccessPackageAssignmentPolicyQuestionChoice... choices) { + return choices(List.of(choices)); + } + @CustomType.Setter + public Builder required(@Nullable Boolean required) { + this.required = required; + return this; + } + @CustomType.Setter + public Builder sequence(@Nullable Integer sequence) { + this.sequence = sequence; + return this; + } + @CustomType.Setter + public Builder text(AccessPackageAssignmentPolicyQuestionText text) { + this.text = Objects.requireNonNull(text); + return this; + } + public AccessPackageAssignmentPolicyQuestion build() { + final var o = new AccessPackageAssignmentPolicyQuestion(); + o.choices = choices; + o.required = required; + o.sequence = sequence; + o.text = text; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoice.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoice.java new file mode 100644 index 000000000..aa2ad3bb9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoice.java @@ -0,0 +1,75 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValue; +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class AccessPackageAssignmentPolicyQuestionChoice { + /** + * @return The actual value of this choice. + * + */ + private String actualValue; + /** + * @return A block describing the display text of this choice, as documented below. + * + */ + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValue displayValue; + + private AccessPackageAssignmentPolicyQuestionChoice() {} + /** + * @return The actual value of this choice. + * + */ + public String actualValue() { + return this.actualValue; + } + /** + * @return A block describing the display text of this choice, as documented below. + * + */ + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValue displayValue() { + return this.displayValue; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyQuestionChoice defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String actualValue; + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValue displayValue; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyQuestionChoice defaults) { + Objects.requireNonNull(defaults); + this.actualValue = defaults.actualValue; + this.displayValue = defaults.displayValue; + } + + @CustomType.Setter + public Builder actualValue(String actualValue) { + this.actualValue = Objects.requireNonNull(actualValue); + return this; + } + @CustomType.Setter + public Builder displayValue(AccessPackageAssignmentPolicyQuestionChoiceDisplayValue displayValue) { + this.displayValue = Objects.requireNonNull(displayValue); + return this; + } + public AccessPackageAssignmentPolicyQuestionChoice build() { + final var o = new AccessPackageAssignmentPolicyQuestionChoice(); + o.actualValue = actualValue; + o.displayValue = displayValue; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.java new file mode 100644 index 000000000..3e60d05e9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText; +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyQuestionChoiceDisplayValue { + /** + * @return The default text of this question. + * + */ + private String defaultText; + /** + * @return One or more blocks describing localized text of this question, as documented below. + * + */ + private @Nullable List localizedTexts; + + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValue() {} + /** + * @return The default text of this question. + * + */ + public String defaultText() { + return this.defaultText; + } + /** + * @return One or more blocks describing localized text of this question, as documented below. + * + */ + public List localizedTexts() { + return this.localizedTexts == null ? List.of() : this.localizedTexts; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValue defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String defaultText; + private @Nullable List localizedTexts; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValue defaults) { + Objects.requireNonNull(defaults); + this.defaultText = defaults.defaultText; + this.localizedTexts = defaults.localizedTexts; + } + + @CustomType.Setter + public Builder defaultText(String defaultText) { + this.defaultText = Objects.requireNonNull(defaultText); + return this; + } + @CustomType.Setter + public Builder localizedTexts(@Nullable List localizedTexts) { + this.localizedTexts = localizedTexts; + return this; + } + public Builder localizedTexts(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText... localizedTexts) { + return localizedTexts(List.of(localizedTexts)); + } + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValue build() { + final var o = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValue(); + o.defaultText = defaultText; + o.localizedTexts = localizedTexts; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.java new file mode 100644 index 000000000..17b5317e1 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.java @@ -0,0 +1,74 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText { + /** + * @return The localized content of this question. + * + */ + private String content; + /** + * @return The ISO 639 language code for this question content. + * + */ + private String languageCode; + + private AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText() {} + /** + * @return The localized content of this question. + * + */ + public String content() { + return this.content; + } + /** + * @return The ISO 639 language code for this question content. + * + */ + public String languageCode() { + return this.languageCode; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String content; + private String languageCode; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText defaults) { + Objects.requireNonNull(defaults); + this.content = defaults.content; + this.languageCode = defaults.languageCode; + } + + @CustomType.Setter + public Builder content(String content) { + this.content = Objects.requireNonNull(content); + return this; + } + @CustomType.Setter + public Builder languageCode(String languageCode) { + this.languageCode = Objects.requireNonNull(languageCode); + return this; + } + public AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText build() { + final var o = new AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText(); + o.content = content; + o.languageCode = languageCode; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionText.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionText.java new file mode 100644 index 000000000..0b8fdeb16 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionText.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyQuestionTextLocalizedText; +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyQuestionText { + /** + * @return The default text of this question. + * + */ + private String defaultText; + /** + * @return One or more blocks describing localized text of this question, as documented below. + * + */ + private @Nullable List localizedTexts; + + private AccessPackageAssignmentPolicyQuestionText() {} + /** + * @return The default text of this question. + * + */ + public String defaultText() { + return this.defaultText; + } + /** + * @return One or more blocks describing localized text of this question, as documented below. + * + */ + public List localizedTexts() { + return this.localizedTexts == null ? List.of() : this.localizedTexts; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyQuestionText defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String defaultText; + private @Nullable List localizedTexts; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyQuestionText defaults) { + Objects.requireNonNull(defaults); + this.defaultText = defaults.defaultText; + this.localizedTexts = defaults.localizedTexts; + } + + @CustomType.Setter + public Builder defaultText(String defaultText) { + this.defaultText = Objects.requireNonNull(defaultText); + return this; + } + @CustomType.Setter + public Builder localizedTexts(@Nullable List localizedTexts) { + this.localizedTexts = localizedTexts; + return this; + } + public Builder localizedTexts(AccessPackageAssignmentPolicyQuestionTextLocalizedText... localizedTexts) { + return localizedTexts(List.of(localizedTexts)); + } + public AccessPackageAssignmentPolicyQuestionText build() { + final var o = new AccessPackageAssignmentPolicyQuestionText(); + o.defaultText = defaultText; + o.localizedTexts = localizedTexts; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.java new file mode 100644 index 000000000..4ad24ff14 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyQuestionTextLocalizedText.java @@ -0,0 +1,74 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class AccessPackageAssignmentPolicyQuestionTextLocalizedText { + /** + * @return The localized content of this question. + * + */ + private String content; + /** + * @return The ISO 639 language code for this question content. + * + */ + private String languageCode; + + private AccessPackageAssignmentPolicyQuestionTextLocalizedText() {} + /** + * @return The localized content of this question. + * + */ + public String content() { + return this.content; + } + /** + * @return The ISO 639 language code for this question content. + * + */ + public String languageCode() { + return this.languageCode; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyQuestionTextLocalizedText defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String content; + private String languageCode; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyQuestionTextLocalizedText defaults) { + Objects.requireNonNull(defaults); + this.content = defaults.content; + this.languageCode = defaults.languageCode; + } + + @CustomType.Setter + public Builder content(String content) { + this.content = Objects.requireNonNull(content); + return this; + } + @CustomType.Setter + public Builder languageCode(String languageCode) { + this.languageCode = Objects.requireNonNull(languageCode); + return this; + } + public AccessPackageAssignmentPolicyQuestionTextLocalizedText build() { + final var o = new AccessPackageAssignmentPolicyQuestionTextLocalizedText(); + o.content = content; + o.languageCode = languageCode; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettings.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettings.java new file mode 100644 index 000000000..413a6a066 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettings.java @@ -0,0 +1,102 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.azuread.outputs.AccessPackageAssignmentPolicyRequestorSettingsRequestor; +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyRequestorSettings { + /** + * @return A block specifying the users who are allowed to request on this policy, as documented below. + * + */ + private @Nullable List requestors; + /** + * @return Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + * + */ + private @Nullable Boolean requestsAccepted; + /** + * @return Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + * + */ + private @Nullable String scopeType; + + private AccessPackageAssignmentPolicyRequestorSettings() {} + /** + * @return A block specifying the users who are allowed to request on this policy, as documented below. + * + */ + public List requestors() { + return this.requestors == null ? List.of() : this.requestors; + } + /** + * @return Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + * + */ + public Optional requestsAccepted() { + return Optional.ofNullable(this.requestsAccepted); + } + /** + * @return Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + * + */ + public Optional scopeType() { + return Optional.ofNullable(this.scopeType); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyRequestorSettings defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List requestors; + private @Nullable Boolean requestsAccepted; + private @Nullable String scopeType; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyRequestorSettings defaults) { + Objects.requireNonNull(defaults); + this.requestors = defaults.requestors; + this.requestsAccepted = defaults.requestsAccepted; + this.scopeType = defaults.scopeType; + } + + @CustomType.Setter + public Builder requestors(@Nullable List requestors) { + this.requestors = requestors; + return this; + } + public Builder requestors(AccessPackageAssignmentPolicyRequestorSettingsRequestor... requestors) { + return requestors(List.of(requestors)); + } + @CustomType.Setter + public Builder requestsAccepted(@Nullable Boolean requestsAccepted) { + this.requestsAccepted = requestsAccepted; + return this; + } + @CustomType.Setter + public Builder scopeType(@Nullable String scopeType) { + this.scopeType = scopeType; + return this; + } + public AccessPackageAssignmentPolicyRequestorSettings build() { + final var o = new AccessPackageAssignmentPolicyRequestorSettings(); + o.requestors = requestors; + o.requestsAccepted = requestsAccepted; + o.scopeType = scopeType; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.java new file mode 100644 index 000000000..c20f79344 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/AccessPackageAssignmentPolicyRequestorSettingsRequestor.java @@ -0,0 +1,97 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AccessPackageAssignmentPolicyRequestorSettingsRequestor { + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + private @Nullable Boolean backup; + /** + * @return The ID of the subject. + * + */ + private @Nullable String objectId; + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + private String subjectType; + + private AccessPackageAssignmentPolicyRequestorSettingsRequestor() {} + /** + * @return For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + * + */ + public Optional backup() { + return Optional.ofNullable(this.backup); + } + /** + * @return The ID of the subject. + * + */ + public Optional objectId() { + return Optional.ofNullable(this.objectId); + } + /** + * @return Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + * + */ + public String subjectType() { + return this.subjectType; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AccessPackageAssignmentPolicyRequestorSettingsRequestor defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean backup; + private @Nullable String objectId; + private String subjectType; + public Builder() {} + public Builder(AccessPackageAssignmentPolicyRequestorSettingsRequestor defaults) { + Objects.requireNonNull(defaults); + this.backup = defaults.backup; + this.objectId = defaults.objectId; + this.subjectType = defaults.subjectType; + } + + @CustomType.Setter + public Builder backup(@Nullable Boolean backup) { + this.backup = backup; + return this; + } + @CustomType.Setter + public Builder objectId(@Nullable String objectId) { + this.objectId = objectId; + return this; + } + @CustomType.Setter + public Builder subjectType(String subjectType) { + this.subjectType = Objects.requireNonNull(subjectType); + return this; + } + public AccessPackageAssignmentPolicyRequestorSettingsRequestor build() { + final var o = new AccessPackageAssignmentPolicyRequestorSettingsRequestor(); + o.backup = backup; + o.objectId = objectId; + o.subjectType = subjectType; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageCatalogResult.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageCatalogResult.java new file mode 100644 index 000000000..a4c19d470 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageCatalogResult.java @@ -0,0 +1,139 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetAccessPackageCatalogResult { + /** + * @return The description of the access package catalog. + * + */ + private String description; + private String displayName; + /** + * @return Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + private Boolean externallyVisible; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String objectId; + /** + * @return Whether the access packages in this catalog are available for management. + * + */ + private Boolean published; + + private GetAccessPackageCatalogResult() {} + /** + * @return The description of the access package catalog. + * + */ + public String description() { + return this.description; + } + public String displayName() { + return this.displayName; + } + /** + * @return Whether the access packages in this catalog can be requested by users outside the tenant. + * + */ + public Boolean externallyVisible() { + return this.externallyVisible; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String objectId() { + return this.objectId; + } + /** + * @return Whether the access packages in this catalog are available for management. + * + */ + public Boolean published() { + return this.published; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetAccessPackageCatalogResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String description; + private String displayName; + private Boolean externallyVisible; + private String id; + private String objectId; + private Boolean published; + public Builder() {} + public Builder(GetAccessPackageCatalogResult defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.displayName = defaults.displayName; + this.externallyVisible = defaults.externallyVisible; + this.id = defaults.id; + this.objectId = defaults.objectId; + this.published = defaults.published; + } + + @CustomType.Setter + public Builder description(String description) { + this.description = Objects.requireNonNull(description); + return this; + } + @CustomType.Setter + public Builder displayName(String displayName) { + this.displayName = Objects.requireNonNull(displayName); + return this; + } + @CustomType.Setter + public Builder externallyVisible(Boolean externallyVisible) { + this.externallyVisible = Objects.requireNonNull(externallyVisible); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder objectId(String objectId) { + this.objectId = Objects.requireNonNull(objectId); + return this; + } + @CustomType.Setter + public Builder published(Boolean published) { + this.published = Objects.requireNonNull(published); + return this; + } + public GetAccessPackageCatalogResult build() { + final var o = new GetAccessPackageCatalogResult(); + o.description = description; + o.displayName = displayName; + o.externallyVisible = externallyVisible; + o.id = id; + o.objectId = objectId; + o.published = published; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageResult.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageResult.java new file mode 100644 index 000000000..4418f0252 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetAccessPackageResult.java @@ -0,0 +1,133 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetAccessPackageResult { + private @Nullable String catalogId; + /** + * @return The description of the access package. + * + */ + private String description; + private String displayName; + /** + * @return Whether the access package is hidden from the requestor. + * + */ + private Boolean hidden; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String objectId; + + private GetAccessPackageResult() {} + public Optional catalogId() { + return Optional.ofNullable(this.catalogId); + } + /** + * @return The description of the access package. + * + */ + public String description() { + return this.description; + } + public String displayName() { + return this.displayName; + } + /** + * @return Whether the access package is hidden from the requestor. + * + */ + public Boolean hidden() { + return this.hidden; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String objectId() { + return this.objectId; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetAccessPackageResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String catalogId; + private String description; + private String displayName; + private Boolean hidden; + private String id; + private String objectId; + public Builder() {} + public Builder(GetAccessPackageResult defaults) { + Objects.requireNonNull(defaults); + this.catalogId = defaults.catalogId; + this.description = defaults.description; + this.displayName = defaults.displayName; + this.hidden = defaults.hidden; + this.id = defaults.id; + this.objectId = defaults.objectId; + } + + @CustomType.Setter + public Builder catalogId(@Nullable String catalogId) { + this.catalogId = catalogId; + return this; + } + @CustomType.Setter + public Builder description(String description) { + this.description = Objects.requireNonNull(description); + return this; + } + @CustomType.Setter + public Builder displayName(String displayName) { + this.displayName = Objects.requireNonNull(displayName); + return this; + } + @CustomType.Setter + public Builder hidden(Boolean hidden) { + this.hidden = Objects.requireNonNull(hidden); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder objectId(String objectId) { + this.objectId = Objects.requireNonNull(objectId); + return this; + } + public GetAccessPackageResult build() { + final var o = new GetAccessPackageResult(); + o.catalogId = catalogId; + o.description = description; + o.displayName = displayName; + o.hidden = hidden; + o.id = id; + o.objectId = objectId; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetApplicationResult.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetApplicationResult.java index 16ad35d77..d9d30a073 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetApplicationResult.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetApplicationResult.java @@ -145,6 +145,11 @@ public final class GetApplicationResult { * */ private List requiredResourceAccesses; + /** + * @return References application context information from a Service or Asset Management database. + * + */ + private String serviceManagementReference; /** * @return The Microsoft account types that are supported for the current application. One of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. * @@ -352,6 +357,13 @@ public String publisherDomain() { public List requiredResourceAccesses() { return this.requiredResourceAccesses; } + /** + * @return References application context information from a Service or Asset Management database. + * + */ + public String serviceManagementReference() { + return this.serviceManagementReference; + } /** * @return The Microsoft account types that are supported for the current application. One of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. * @@ -429,6 +441,7 @@ public static final class Builder { private List publicClients; private String publisherDomain; private List requiredResourceAccesses; + private String serviceManagementReference; private String signInAudience; private List singlePageApplications; private String supportUrl; @@ -463,6 +476,7 @@ public Builder(GetApplicationResult defaults) { this.publicClients = defaults.publicClients; this.publisherDomain = defaults.publisherDomain; this.requiredResourceAccesses = defaults.requiredResourceAccesses; + this.serviceManagementReference = defaults.serviceManagementReference; this.signInAudience = defaults.signInAudience; this.singlePageApplications = defaults.singlePageApplications; this.supportUrl = defaults.supportUrl; @@ -624,6 +638,11 @@ public Builder requiredResourceAccesses(GetApplicationRequiredResourceAccess... return requiredResourceAccesses(List.of(requiredResourceAccesses)); } @CustomType.Setter + public Builder serviceManagementReference(String serviceManagementReference) { + this.serviceManagementReference = Objects.requireNonNull(serviceManagementReference); + return this; + } + @CustomType.Setter public Builder signInAudience(String signInAudience) { this.signInAudience = Objects.requireNonNull(signInAudience); return this; @@ -689,6 +708,7 @@ public GetApplicationResult build() { o.publicClients = publicClients; o.publisherDomain = publisherDomain; o.requiredResourceAccesses = requiredResourceAccesses; + o.serviceManagementReference = serviceManagementReference; o.signInAudience = signInAudience; o.singlePageApplications = singlePageApplications; o.supportUrl = supportUrl; diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetGroupResult.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetGroupResult.java index 6112b0101..f01caefe2 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetGroupResult.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetGroupResult.java @@ -92,6 +92,11 @@ public final class GetGroupResult { * */ private String onpremisesDomainName; + /** + * @return The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + private String onpremisesGroupType; /** * @return The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. * @@ -152,6 +157,11 @@ public final class GetGroupResult { * */ private String visibility; + /** + * @return Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + private Boolean writebackEnabled; private GetGroupResult() {} /** @@ -266,6 +276,13 @@ public String objectId() { public String onpremisesDomainName() { return this.onpremisesDomainName; } + /** + * @return The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + * + */ + public String onpremisesGroupType() { + return this.onpremisesGroupType; + } /** * @return The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. * @@ -350,6 +367,13 @@ public List types() { public String visibility() { return this.visibility; } + /** + * @return Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + * + */ + public Boolean writebackEnabled() { + return this.writebackEnabled; + } public static Builder builder() { return new Builder(); @@ -376,6 +400,7 @@ public static final class Builder { private List members; private String objectId; private String onpremisesDomainName; + private String onpremisesGroupType; private String onpremisesNetbiosName; private String onpremisesSamAccountName; private String onpremisesSecurityIdentifier; @@ -388,6 +413,7 @@ public static final class Builder { private String theme; private List types; private String visibility; + private Boolean writebackEnabled; public Builder() {} public Builder(GetGroupResult defaults) { Objects.requireNonNull(defaults); @@ -407,6 +433,7 @@ public Builder(GetGroupResult defaults) { this.members = defaults.members; this.objectId = defaults.objectId; this.onpremisesDomainName = defaults.onpremisesDomainName; + this.onpremisesGroupType = defaults.onpremisesGroupType; this.onpremisesNetbiosName = defaults.onpremisesNetbiosName; this.onpremisesSamAccountName = defaults.onpremisesSamAccountName; this.onpremisesSecurityIdentifier = defaults.onpremisesSecurityIdentifier; @@ -419,6 +446,7 @@ public Builder(GetGroupResult defaults) { this.theme = defaults.theme; this.types = defaults.types; this.visibility = defaults.visibility; + this.writebackEnabled = defaults.writebackEnabled; } @CustomType.Setter @@ -511,6 +539,11 @@ public Builder onpremisesDomainName(String onpremisesDomainName) { return this; } @CustomType.Setter + public Builder onpremisesGroupType(String onpremisesGroupType) { + this.onpremisesGroupType = Objects.requireNonNull(onpremisesGroupType); + return this; + } + @CustomType.Setter public Builder onpremisesNetbiosName(String onpremisesNetbiosName) { this.onpremisesNetbiosName = Objects.requireNonNull(onpremisesNetbiosName); return this; @@ -582,6 +615,11 @@ public Builder visibility(String visibility) { this.visibility = Objects.requireNonNull(visibility); return this; } + @CustomType.Setter + public Builder writebackEnabled(Boolean writebackEnabled) { + this.writebackEnabled = Objects.requireNonNull(writebackEnabled); + return this; + } public GetGroupResult build() { final var o = new GetGroupResult(); o.assignableToRole = assignableToRole; @@ -600,6 +638,7 @@ public GetGroupResult build() { o.members = members; o.objectId = objectId; o.onpremisesDomainName = onpremisesDomainName; + o.onpremisesGroupType = onpremisesGroupType; o.onpremisesNetbiosName = onpremisesNetbiosName; o.onpremisesSamAccountName = onpremisesSamAccountName; o.onpremisesSecurityIdentifier = onpremisesSecurityIdentifier; @@ -612,6 +651,7 @@ public GetGroupResult build() { o.theme = theme; o.types = types; o.visibility = visibility; + o.writebackEnabled = writebackEnabled; return o; } } diff --git a/sdk/nodejs/accessPackage.ts b/sdk/nodejs/accessPackage.ts new file mode 100644 index 000000000..309482946 --- /dev/null +++ b/sdk/nodejs/accessPackage.ts @@ -0,0 +1,168 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Manages an Access Package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator` + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const exampleAccessPackageCatalog = new azuread.AccessPackageCatalog("exampleAccessPackageCatalog", { + * displayName: "example-catalog", + * description: "Example catalog", + * }); + * const exampleAccessPackage = new azuread.AccessPackage("exampleAccessPackage", { + * catalogId: exampleAccessPackageCatalog.id, + * displayName: "access-package", + * description: "Access Package", + * }); + * ``` + * + * ## Import + * + * Access Packages can be imported using the `id`, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + * ``` + */ +export class AccessPackage extends pulumi.CustomResource { + /** + * Get an existing AccessPackage resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AccessPackageState, opts?: pulumi.CustomResourceOptions): AccessPackage { + return new AccessPackage(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'azuread:index/accessPackage:AccessPackage'; + + /** + * Returns true if the given object is an instance of AccessPackage. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AccessPackage { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AccessPackage.__pulumiType; + } + + /** + * The ID of the Catalog this access package will be created in. + */ + public readonly catalogId!: pulumi.Output; + /** + * The description of the access package. + */ + public readonly description!: pulumi.Output; + /** + * The display name of the access package. + */ + public readonly displayName!: pulumi.Output; + /** + * Whether the access package is hidden from the requestor. + */ + public readonly hidden!: pulumi.Output; + + /** + * Create a AccessPackage resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AccessPackageArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AccessPackageArgs | AccessPackageState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AccessPackageState | undefined; + resourceInputs["catalogId"] = state ? state.catalogId : undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["displayName"] = state ? state.displayName : undefined; + resourceInputs["hidden"] = state ? state.hidden : undefined; + } else { + const args = argsOrState as AccessPackageArgs | undefined; + if ((!args || args.catalogId === undefined) && !opts.urn) { + throw new Error("Missing required property 'catalogId'"); + } + if ((!args || args.description === undefined) && !opts.urn) { + throw new Error("Missing required property 'description'"); + } + if ((!args || args.displayName === undefined) && !opts.urn) { + throw new Error("Missing required property 'displayName'"); + } + resourceInputs["catalogId"] = args ? args.catalogId : undefined; + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["displayName"] = args ? args.displayName : undefined; + resourceInputs["hidden"] = args ? args.hidden : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AccessPackage.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AccessPackage resources. + */ +export interface AccessPackageState { + /** + * The ID of the Catalog this access package will be created in. + */ + catalogId?: pulumi.Input; + /** + * The description of the access package. + */ + description?: pulumi.Input; + /** + * The display name of the access package. + */ + displayName?: pulumi.Input; + /** + * Whether the access package is hidden from the requestor. + */ + hidden?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AccessPackage resource. + */ +export interface AccessPackageArgs { + /** + * The ID of the Catalog this access package will be created in. + */ + catalogId: pulumi.Input; + /** + * The description of the access package. + */ + description: pulumi.Input; + /** + * The display name of the access package. + */ + displayName: pulumi.Input; + /** + * Whether the access package is hidden from the requestor. + */ + hidden?: pulumi.Input; +} diff --git a/sdk/nodejs/accessPackageAssignmentPolicy.ts b/sdk/nodejs/accessPackageAssignmentPolicy.ts new file mode 100644 index 000000000..b83162381 --- /dev/null +++ b/sdk/nodejs/accessPackageAssignmentPolicy.ts @@ -0,0 +1,289 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "./types/input"; +import * as outputs from "./types/output"; +import * as utilities from "./utilities"; + +/** + * Manages an assignment policy for an access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const exampleGroup = new azuread.Group("exampleGroup", { + * displayName: "group-name", + * securityEnabled: true, + * }); + * const exampleAccessPackageCatalog = new azuread.AccessPackageCatalog("exampleAccessPackageCatalog", { + * displayName: "example-catalog", + * description: "Example catalog", + * }); + * const exampleAccessPackage = new azuread.AccessPackage("exampleAccessPackage", { + * catalogId: exampleAccessPackageCatalog.id, + * displayName: "access-package", + * description: "Access Package", + * }); + * const test = new azuread.AccessPackageAssignmentPolicy("test", { + * accessPackageId: azuread_access_package.test.id, + * displayName: "assignment-policy", + * description: "My assignment policy", + * durationInDays: 90, + * requestorSettings: { + * scopeType: "AllExistingDirectoryMemberUsers", + * }, + * approvalSettings: { + * approvalRequired: true, + * approvalStages: [{ + * approvalTimeoutInDays: 14, + * primaryApprovers: [{ + * objectId: azuread_group.test.object_id, + * subjectType: "groupMembers", + * }], + * }], + * }, + * assignmentReviewSettings: { + * enabled: true, + * reviewFrequency: "weekly", + * durationInDays: 3, + * reviewType: "Self", + * accessReviewTimeoutBehavior: "keepAccess", + * }, + * questions: [{ + * text: { + * defaultText: "hello, how are you?", + * }, + * }], + * }); + * ``` + * + * ## Import + * + * An access package assignment policy can be imported using the ID, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + * ``` + */ +export class AccessPackageAssignmentPolicy extends pulumi.CustomResource { + /** + * Get an existing AccessPackageAssignmentPolicy resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AccessPackageAssignmentPolicyState, opts?: pulumi.CustomResourceOptions): AccessPackageAssignmentPolicy { + return new AccessPackageAssignmentPolicy(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy'; + + /** + * Returns true if the given object is an instance of AccessPackageAssignmentPolicy. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AccessPackageAssignmentPolicy { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AccessPackageAssignmentPolicy.__pulumiType; + } + + /** + * The ID of the access package that will contain the policy. + */ + public readonly accessPackageId!: pulumi.Output; + /** + * An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + */ + public readonly approvalSettings!: pulumi.Output; + /** + * An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + */ + public readonly assignmentReviewSettings!: pulumi.Output; + /** + * The description of the policy. + */ + public readonly description!: pulumi.Output; + /** + * The display name of the policy. + */ + public readonly displayName!: pulumi.Output; + /** + * How many days this assignment is valid for. + */ + public readonly durationInDays!: pulumi.Output; + /** + * The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + */ + public readonly expirationDate!: pulumi.Output; + /** + * Whether users will be able to request extension of their access to this package before their access expires. + */ + public readonly extensionEnabled!: pulumi.Output; + /** + * One or more `question` blocks for the requestor, as documented below. + */ + public readonly questions!: pulumi.Output; + /** + * A `requestorSettings` block to configure the users who can request access, as documented below. + */ + public readonly requestorSettings!: pulumi.Output; + + /** + * Create a AccessPackageAssignmentPolicy resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AccessPackageAssignmentPolicyArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AccessPackageAssignmentPolicyArgs | AccessPackageAssignmentPolicyState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AccessPackageAssignmentPolicyState | undefined; + resourceInputs["accessPackageId"] = state ? state.accessPackageId : undefined; + resourceInputs["approvalSettings"] = state ? state.approvalSettings : undefined; + resourceInputs["assignmentReviewSettings"] = state ? state.assignmentReviewSettings : undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["displayName"] = state ? state.displayName : undefined; + resourceInputs["durationInDays"] = state ? state.durationInDays : undefined; + resourceInputs["expirationDate"] = state ? state.expirationDate : undefined; + resourceInputs["extensionEnabled"] = state ? state.extensionEnabled : undefined; + resourceInputs["questions"] = state ? state.questions : undefined; + resourceInputs["requestorSettings"] = state ? state.requestorSettings : undefined; + } else { + const args = argsOrState as AccessPackageAssignmentPolicyArgs | undefined; + if ((!args || args.accessPackageId === undefined) && !opts.urn) { + throw new Error("Missing required property 'accessPackageId'"); + } + if ((!args || args.description === undefined) && !opts.urn) { + throw new Error("Missing required property 'description'"); + } + if ((!args || args.displayName === undefined) && !opts.urn) { + throw new Error("Missing required property 'displayName'"); + } + resourceInputs["accessPackageId"] = args ? args.accessPackageId : undefined; + resourceInputs["approvalSettings"] = args ? args.approvalSettings : undefined; + resourceInputs["assignmentReviewSettings"] = args ? args.assignmentReviewSettings : undefined; + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["displayName"] = args ? args.displayName : undefined; + resourceInputs["durationInDays"] = args ? args.durationInDays : undefined; + resourceInputs["expirationDate"] = args ? args.expirationDate : undefined; + resourceInputs["extensionEnabled"] = args ? args.extensionEnabled : undefined; + resourceInputs["questions"] = args ? args.questions : undefined; + resourceInputs["requestorSettings"] = args ? args.requestorSettings : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AccessPackageAssignmentPolicy.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AccessPackageAssignmentPolicy resources. + */ +export interface AccessPackageAssignmentPolicyState { + /** + * The ID of the access package that will contain the policy. + */ + accessPackageId?: pulumi.Input; + /** + * An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + */ + approvalSettings?: pulumi.Input; + /** + * An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + */ + assignmentReviewSettings?: pulumi.Input; + /** + * The description of the policy. + */ + description?: pulumi.Input; + /** + * The display name of the policy. + */ + displayName?: pulumi.Input; + /** + * How many days this assignment is valid for. + */ + durationInDays?: pulumi.Input; + /** + * The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + */ + expirationDate?: pulumi.Input; + /** + * Whether users will be able to request extension of their access to this package before their access expires. + */ + extensionEnabled?: pulumi.Input; + /** + * One or more `question` blocks for the requestor, as documented below. + */ + questions?: pulumi.Input[]>; + /** + * A `requestorSettings` block to configure the users who can request access, as documented below. + */ + requestorSettings?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AccessPackageAssignmentPolicy resource. + */ +export interface AccessPackageAssignmentPolicyArgs { + /** + * The ID of the access package that will contain the policy. + */ + accessPackageId: pulumi.Input; + /** + * An `approvalSettings` block to specify whether approvals are required and how they are obtained, as documented below. + */ + approvalSettings?: pulumi.Input; + /** + * An `assignmentReviewSettings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + */ + assignmentReviewSettings?: pulumi.Input; + /** + * The description of the policy. + */ + description: pulumi.Input; + /** + * The display name of the policy. + */ + displayName: pulumi.Input; + /** + * How many days this assignment is valid for. + */ + durationInDays?: pulumi.Input; + /** + * The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + */ + expirationDate?: pulumi.Input; + /** + * Whether users will be able to request extension of their access to this package before their access expires. + */ + extensionEnabled?: pulumi.Input; + /** + * One or more `question` blocks for the requestor, as documented below. + */ + questions?: pulumi.Input[]>; + /** + * A `requestorSettings` block to configure the users who can request access, as documented below. + */ + requestorSettings?: pulumi.Input; +} diff --git a/sdk/nodejs/accessPackageCatalog.ts b/sdk/nodejs/accessPackageCatalog.ts new file mode 100644 index 000000000..a85036bce --- /dev/null +++ b/sdk/nodejs/accessPackageCatalog.ts @@ -0,0 +1,160 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Manages an access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator` + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = new azuread.AccessPackageCatalog("example", { + * description: "Example access package catalog", + * displayName: "example-access-package-catalog", + * }); + * ``` + * + * ## Import + * + * An Access Package Catalog can be imported using the `id`, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + * ``` + */ +export class AccessPackageCatalog extends pulumi.CustomResource { + /** + * Get an existing AccessPackageCatalog resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AccessPackageCatalogState, opts?: pulumi.CustomResourceOptions): AccessPackageCatalog { + return new AccessPackageCatalog(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'azuread:index/accessPackageCatalog:AccessPackageCatalog'; + + /** + * Returns true if the given object is an instance of AccessPackageCatalog. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AccessPackageCatalog { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AccessPackageCatalog.__pulumiType; + } + + /** + * The description of the access package catalog. + */ + public readonly description!: pulumi.Output; + /** + * The display name of the access package catalog. + */ + public readonly displayName!: pulumi.Output; + /** + * Whether the access packages in this catalog can be requested by users outside the tenant. + */ + public readonly externallyVisible!: pulumi.Output; + /** + * Whether the access packages in this catalog are available for management. + */ + public readonly published!: pulumi.Output; + + /** + * Create a AccessPackageCatalog resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AccessPackageCatalogArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AccessPackageCatalogArgs | AccessPackageCatalogState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AccessPackageCatalogState | undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["displayName"] = state ? state.displayName : undefined; + resourceInputs["externallyVisible"] = state ? state.externallyVisible : undefined; + resourceInputs["published"] = state ? state.published : undefined; + } else { + const args = argsOrState as AccessPackageCatalogArgs | undefined; + if ((!args || args.description === undefined) && !opts.urn) { + throw new Error("Missing required property 'description'"); + } + if ((!args || args.displayName === undefined) && !opts.urn) { + throw new Error("Missing required property 'displayName'"); + } + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["displayName"] = args ? args.displayName : undefined; + resourceInputs["externallyVisible"] = args ? args.externallyVisible : undefined; + resourceInputs["published"] = args ? args.published : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AccessPackageCatalog.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AccessPackageCatalog resources. + */ +export interface AccessPackageCatalogState { + /** + * The description of the access package catalog. + */ + description?: pulumi.Input; + /** + * The display name of the access package catalog. + */ + displayName?: pulumi.Input; + /** + * Whether the access packages in this catalog can be requested by users outside the tenant. + */ + externallyVisible?: pulumi.Input; + /** + * Whether the access packages in this catalog are available for management. + */ + published?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AccessPackageCatalog resource. + */ +export interface AccessPackageCatalogArgs { + /** + * The description of the access package catalog. + */ + description: pulumi.Input; + /** + * The display name of the access package catalog. + */ + displayName: pulumi.Input; + /** + * Whether the access packages in this catalog can be requested by users outside the tenant. + */ + externallyVisible?: pulumi.Input; + /** + * Whether the access packages in this catalog are available for management. + */ + published?: pulumi.Input; +} diff --git a/sdk/nodejs/accessPackageResourceCatalogAssociation.ts b/sdk/nodejs/accessPackageResourceCatalogAssociation.ts new file mode 100644 index 000000000..56511e989 --- /dev/null +++ b/sdk/nodejs/accessPackageResourceCatalogAssociation.ts @@ -0,0 +1,160 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator` + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const exampleGroup = new azuread.Group("exampleGroup", { + * displayName: "example-group", + * securityEnabled: true, + * }); + * const exampleAccessPackageCatalog = new azuread.AccessPackageCatalog("exampleAccessPackageCatalog", { + * displayName: "example-catalog", + * description: "Example catalog", + * }); + * const exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", { + * catalogId: azuread_access_package_catalog.example_catalog.id, + * resourceOriginId: azuread_group.example_group.object_id, + * resourceOriginSystem: "AadGroup", + * }); + * ``` + * + * ## Import + * + * The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + * ``` + * + * -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. + */ +export class AccessPackageResourceCatalogAssociation extends pulumi.CustomResource { + /** + * Get an existing AccessPackageResourceCatalogAssociation resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AccessPackageResourceCatalogAssociationState, opts?: pulumi.CustomResourceOptions): AccessPackageResourceCatalogAssociation { + return new AccessPackageResourceCatalogAssociation(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation'; + + /** + * Returns true if the given object is an instance of AccessPackageResourceCatalogAssociation. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AccessPackageResourceCatalogAssociation { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AccessPackageResourceCatalogAssociation.__pulumiType; + } + + /** + * The unique ID of the access package catalog. Changing this forces a new resource to be created. + */ + public readonly catalogId!: pulumi.Output; + /** + * The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + */ + public readonly resourceOriginId!: pulumi.Output; + /** + * The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + */ + public readonly resourceOriginSystem!: pulumi.Output; + + /** + * Create a AccessPackageResourceCatalogAssociation resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AccessPackageResourceCatalogAssociationArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AccessPackageResourceCatalogAssociationArgs | AccessPackageResourceCatalogAssociationState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AccessPackageResourceCatalogAssociationState | undefined; + resourceInputs["catalogId"] = state ? state.catalogId : undefined; + resourceInputs["resourceOriginId"] = state ? state.resourceOriginId : undefined; + resourceInputs["resourceOriginSystem"] = state ? state.resourceOriginSystem : undefined; + } else { + const args = argsOrState as AccessPackageResourceCatalogAssociationArgs | undefined; + if ((!args || args.catalogId === undefined) && !opts.urn) { + throw new Error("Missing required property 'catalogId'"); + } + if ((!args || args.resourceOriginId === undefined) && !opts.urn) { + throw new Error("Missing required property 'resourceOriginId'"); + } + if ((!args || args.resourceOriginSystem === undefined) && !opts.urn) { + throw new Error("Missing required property 'resourceOriginSystem'"); + } + resourceInputs["catalogId"] = args ? args.catalogId : undefined; + resourceInputs["resourceOriginId"] = args ? args.resourceOriginId : undefined; + resourceInputs["resourceOriginSystem"] = args ? args.resourceOriginSystem : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AccessPackageResourceCatalogAssociation.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AccessPackageResourceCatalogAssociation resources. + */ +export interface AccessPackageResourceCatalogAssociationState { + /** + * The unique ID of the access package catalog. Changing this forces a new resource to be created. + */ + catalogId?: pulumi.Input; + /** + * The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + */ + resourceOriginId?: pulumi.Input; + /** + * The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + */ + resourceOriginSystem?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AccessPackageResourceCatalogAssociation resource. + */ +export interface AccessPackageResourceCatalogAssociationArgs { + /** + * The unique ID of the access package catalog. Changing this forces a new resource to be created. + */ + catalogId: pulumi.Input; + /** + * The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + */ + resourceOriginId: pulumi.Input; + /** + * The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + */ + resourceOriginSystem: pulumi.Input; +} diff --git a/sdk/nodejs/accessPackageResourcePackageAssociation.ts b/sdk/nodejs/accessPackageResourcePackageAssociation.ts new file mode 100644 index 000000000..81809ee6c --- /dev/null +++ b/sdk/nodejs/accessPackageResourcePackageAssociation.ts @@ -0,0 +1,166 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Manages the resources added to access packages within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const exampleGroup = new azuread.Group("exampleGroup", { + * displayName: "example-group", + * securityEnabled: true, + * }); + * const exampleAccessPackageCatalog = new azuread.AccessPackageCatalog("exampleAccessPackageCatalog", { + * displayName: "example-catalog", + * description: "Example catalog", + * }); + * const exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", { + * catalogId: azuread_access_package_catalog.example_catalog.id, + * resourceOriginId: azuread_group.example_group.object_id, + * resourceOriginSystem: "AadGroup", + * }); + * const exampleAccessPackage = new azuread.AccessPackage("exampleAccessPackage", { + * displayName: "example-package", + * description: "Example Package", + * catalogId: azuread_access_package_catalog.example_catalog.id, + * }); + * const exampleAccessPackageResourcePackageAssociation = new azuread.AccessPackageResourcePackageAssociation("exampleAccessPackageResourcePackageAssociation", { + * accessPackageId: exampleAccessPackage.id, + * catalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.id, + * }); + * ``` + * + * ## Import + * + * The resource and catalog association can be imported using the access package ID, the resource association ID, the resource origin ID, and the access type, e.g. + * + * ```sh + * $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + * ``` + * + * -> This ID format is unique to Terraform and is composed of the Access Package ID, the Resource Association ID, the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceAssociationID}/{ResourceOriginID}/{AccessType}`. + */ +export class AccessPackageResourcePackageAssociation extends pulumi.CustomResource { + /** + * Get an existing AccessPackageResourcePackageAssociation resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AccessPackageResourcePackageAssociationState, opts?: pulumi.CustomResourceOptions): AccessPackageResourcePackageAssociation { + return new AccessPackageResourcePackageAssociation(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation'; + + /** + * Returns true if the given object is an instance of AccessPackageResourcePackageAssociation. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AccessPackageResourcePackageAssociation { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AccessPackageResourcePackageAssociation.__pulumiType; + } + + /** + * The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + */ + public readonly accessPackageId!: pulumi.Output; + /** + * The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + */ + public readonly accessType!: pulumi.Output; + /** + * The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + */ + public readonly catalogResourceAssociationId!: pulumi.Output; + + /** + * Create a AccessPackageResourcePackageAssociation resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AccessPackageResourcePackageAssociationArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AccessPackageResourcePackageAssociationArgs | AccessPackageResourcePackageAssociationState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AccessPackageResourcePackageAssociationState | undefined; + resourceInputs["accessPackageId"] = state ? state.accessPackageId : undefined; + resourceInputs["accessType"] = state ? state.accessType : undefined; + resourceInputs["catalogResourceAssociationId"] = state ? state.catalogResourceAssociationId : undefined; + } else { + const args = argsOrState as AccessPackageResourcePackageAssociationArgs | undefined; + if ((!args || args.accessPackageId === undefined) && !opts.urn) { + throw new Error("Missing required property 'accessPackageId'"); + } + if ((!args || args.catalogResourceAssociationId === undefined) && !opts.urn) { + throw new Error("Missing required property 'catalogResourceAssociationId'"); + } + resourceInputs["accessPackageId"] = args ? args.accessPackageId : undefined; + resourceInputs["accessType"] = args ? args.accessType : undefined; + resourceInputs["catalogResourceAssociationId"] = args ? args.catalogResourceAssociationId : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AccessPackageResourcePackageAssociation.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AccessPackageResourcePackageAssociation resources. + */ +export interface AccessPackageResourcePackageAssociationState { + /** + * The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + */ + accessPackageId?: pulumi.Input; + /** + * The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + */ + accessType?: pulumi.Input; + /** + * The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + */ + catalogResourceAssociationId?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AccessPackageResourcePackageAssociation resource. + */ +export interface AccessPackageResourcePackageAssociationArgs { + /** + * The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + */ + accessPackageId: pulumi.Input; + /** + * The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + */ + accessType?: pulumi.Input; + /** + * The ID of the catalog association from the `azuread.AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + */ + catalogResourceAssociationId: pulumi.Input; +} diff --git a/sdk/nodejs/administrativeUnitRoleMember.ts b/sdk/nodejs/administrativeUnitRoleMember.ts new file mode 100644 index 000000000..168e437aa --- /dev/null +++ b/sdk/nodejs/administrativeUnitRoleMember.ts @@ -0,0 +1,157 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All` + * + * When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const exampleUser = azuread.getUser({ + * userPrincipalName: "jdoe@hashicorp.com", + * }); + * const exampleAdministrativeUnit = new azuread.AdministrativeUnit("exampleAdministrativeUnit", {displayName: "Example-AU"}); + * const exampleDirectoryRole = new azuread.DirectoryRole("exampleDirectoryRole", {displayName: "Security administrator"}); + * const exampleAdministrativeUnitRoleMember = new azuread.AdministrativeUnitRoleMember("exampleAdministrativeUnitRoleMember", { + * roleObjectId: exampleDirectoryRole.objectId, + * administrativeUnitObjectId: exampleAdministrativeUnit.id, + * memberObjectId: exampleUser.then(exampleUser => exampleUser.id), + * }); + * ``` + * + * ## Import + * + * Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. + * + * ```sh + * $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember test 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + * ``` + * + * -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. + */ +export class AdministrativeUnitRoleMember extends pulumi.CustomResource { + /** + * Get an existing AdministrativeUnitRoleMember resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AdministrativeUnitRoleMemberState, opts?: pulumi.CustomResourceOptions): AdministrativeUnitRoleMember { + return new AdministrativeUnitRoleMember(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember'; + + /** + * Returns true if the given object is an instance of AdministrativeUnitRoleMember. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AdministrativeUnitRoleMember { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AdministrativeUnitRoleMember.__pulumiType; + } + + /** + * The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + */ + public readonly administrativeUnitObjectId!: pulumi.Output; + /** + * The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + */ + public readonly memberObjectId!: pulumi.Output; + /** + * The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + */ + public readonly roleObjectId!: pulumi.Output; + + /** + * Create a AdministrativeUnitRoleMember resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AdministrativeUnitRoleMemberArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AdministrativeUnitRoleMemberArgs | AdministrativeUnitRoleMemberState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AdministrativeUnitRoleMemberState | undefined; + resourceInputs["administrativeUnitObjectId"] = state ? state.administrativeUnitObjectId : undefined; + resourceInputs["memberObjectId"] = state ? state.memberObjectId : undefined; + resourceInputs["roleObjectId"] = state ? state.roleObjectId : undefined; + } else { + const args = argsOrState as AdministrativeUnitRoleMemberArgs | undefined; + if ((!args || args.administrativeUnitObjectId === undefined) && !opts.urn) { + throw new Error("Missing required property 'administrativeUnitObjectId'"); + } + if ((!args || args.memberObjectId === undefined) && !opts.urn) { + throw new Error("Missing required property 'memberObjectId'"); + } + if ((!args || args.roleObjectId === undefined) && !opts.urn) { + throw new Error("Missing required property 'roleObjectId'"); + } + resourceInputs["administrativeUnitObjectId"] = args ? args.administrativeUnitObjectId : undefined; + resourceInputs["memberObjectId"] = args ? args.memberObjectId : undefined; + resourceInputs["roleObjectId"] = args ? args.roleObjectId : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AdministrativeUnitRoleMember.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AdministrativeUnitRoleMember resources. + */ +export interface AdministrativeUnitRoleMemberState { + /** + * The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + */ + administrativeUnitObjectId?: pulumi.Input; + /** + * The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + */ + memberObjectId?: pulumi.Input; + /** + * The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + */ + roleObjectId?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AdministrativeUnitRoleMember resource. + */ +export interface AdministrativeUnitRoleMemberArgs { + /** + * The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + */ + administrativeUnitObjectId: pulumi.Input; + /** + * The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + */ + memberObjectId: pulumi.Input; + /** + * The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + */ + roleObjectId: pulumi.Input; +} diff --git a/sdk/nodejs/application.ts b/sdk/nodejs/application.ts index 5f26734eb..aa610c7e7 100644 --- a/sdk/nodejs/application.ts +++ b/sdk/nodejs/application.ts @@ -288,6 +288,10 @@ export class Application extends pulumi.CustomResource { * A collection of `requiredResourceAccess` blocks as documented below. */ public readonly requiredResourceAccesses!: pulumi.Output; + /** + * References application context information from a Service or Asset Management database. + */ + public readonly serviceManagementReference!: pulumi.Output; /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. */ @@ -356,6 +360,7 @@ export class Application extends pulumi.CustomResource { resourceInputs["publicClient"] = state ? state.publicClient : undefined; resourceInputs["publisherDomain"] = state ? state.publisherDomain : undefined; resourceInputs["requiredResourceAccesses"] = state ? state.requiredResourceAccesses : undefined; + resourceInputs["serviceManagementReference"] = state ? state.serviceManagementReference : undefined; resourceInputs["signInAudience"] = state ? state.signInAudience : undefined; resourceInputs["singlePageApplication"] = state ? state.singlePageApplication : undefined; resourceInputs["supportUrl"] = state ? state.supportUrl : undefined; @@ -387,6 +392,7 @@ export class Application extends pulumi.CustomResource { resourceInputs["privacyStatementUrl"] = args ? args.privacyStatementUrl : undefined; resourceInputs["publicClient"] = args ? args.publicClient : undefined; resourceInputs["requiredResourceAccesses"] = args ? args.requiredResourceAccesses : undefined; + resourceInputs["serviceManagementReference"] = args ? args.serviceManagementReference : undefined; resourceInputs["signInAudience"] = args ? args.signInAudience : undefined; resourceInputs["singlePageApplication"] = args ? args.singlePageApplication : undefined; resourceInputs["supportUrl"] = args ? args.supportUrl : undefined; @@ -515,6 +521,10 @@ export interface ApplicationState { * A collection of `requiredResourceAccess` blocks as documented below. */ requiredResourceAccesses?: pulumi.Input[]>; + /** + * References application context information from a Service or Asset Management database. + */ + serviceManagementReference?: pulumi.Input; /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. */ @@ -625,6 +635,10 @@ export interface ApplicationArgs { * A collection of `requiredResourceAccess` blocks as documented below. */ requiredResourceAccesses?: pulumi.Input[]>; + /** + * References application context information from a Service or Asset Management database. + */ + serviceManagementReference?: pulumi.Input; /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. */ diff --git a/sdk/nodejs/getAccessPackage.ts b/sdk/nodejs/getAccessPackage.ts new file mode 100644 index 000000000..594105739 --- /dev/null +++ b/sdk/nodejs/getAccessPackage.ts @@ -0,0 +1,148 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackage({ + * objectId: "00000000-0000-0000-0000-000000000000", + * }); + * ``` + * + * *Look up by DisplayName* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackage({ + * catalogId: "00000000-0000-0000-0000-000000000000", + * displayName: "My access package Catalog", + * }); + * ``` + */ +export function getAccessPackage(args?: GetAccessPackageArgs, opts?: pulumi.InvokeOptions): Promise { + args = args || {}; + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("azuread:index/getAccessPackage:getAccessPackage", { + "catalogId": args.catalogId, + "displayName": args.displayName, + "objectId": args.objectId, + }, opts); +} + +/** + * A collection of arguments for invoking getAccessPackage. + */ +export interface GetAccessPackageArgs { + /** + * The ID of the Catalog this access package is in. + */ + catalogId?: string; + /** + * The display name of the access package. + */ + displayName?: string; + /** + * The ID of this access package. + */ + objectId?: string; +} + +/** + * A collection of values returned by getAccessPackage. + */ +export interface GetAccessPackageResult { + readonly catalogId?: string; + /** + * The description of the access package. + */ + readonly description: string; + readonly displayName: string; + /** + * Whether the access package is hidden from the requestor. + */ + readonly hidden: boolean; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly objectId: string; +} +/** + * Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackage({ + * objectId: "00000000-0000-0000-0000-000000000000", + * }); + * ``` + * + * *Look up by DisplayName* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackage({ + * catalogId: "00000000-0000-0000-0000-000000000000", + * displayName: "My access package Catalog", + * }); + * ``` + */ +export function getAccessPackageOutput(args?: GetAccessPackageOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getAccessPackage(a, opts)) +} + +/** + * A collection of arguments for invoking getAccessPackage. + */ +export interface GetAccessPackageOutputArgs { + /** + * The ID of the Catalog this access package is in. + */ + catalogId?: pulumi.Input; + /** + * The display name of the access package. + */ + displayName?: pulumi.Input; + /** + * The ID of this access package. + */ + objectId?: pulumi.Input; +} diff --git a/sdk/nodejs/getAccessPackageCatalog.ts b/sdk/nodejs/getAccessPackageCatalog.ts new file mode 100644 index 000000000..484ce28c0 --- /dev/null +++ b/sdk/nodejs/getAccessPackageCatalog.ts @@ -0,0 +1,142 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackageCatalog({ + * objectId: "00000000-0000-0000-0000-000000000000", + * }); + * ``` + * + * *Look up by DisplayName* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackageCatalog({ + * displayName: "My access package Catalog", + * }); + * ``` + */ +export function getAccessPackageCatalog(args?: GetAccessPackageCatalogArgs, opts?: pulumi.InvokeOptions): Promise { + args = args || {}; + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("azuread:index/getAccessPackageCatalog:getAccessPackageCatalog", { + "displayName": args.displayName, + "objectId": args.objectId, + }, opts); +} + +/** + * A collection of arguments for invoking getAccessPackageCatalog. + */ +export interface GetAccessPackageCatalogArgs { + /** + * The display name of the access package catalog. + */ + displayName?: string; + /** + * The ID of this access package catalog. + */ + objectId?: string; +} + +/** + * A collection of values returned by getAccessPackageCatalog. + */ +export interface GetAccessPackageCatalogResult { + /** + * The description of the access package catalog. + */ + readonly description: string; + readonly displayName: string; + /** + * Whether the access packages in this catalog can be requested by users outside the tenant. + */ + readonly externallyVisible: boolean; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly objectId: string; + /** + * Whether the access packages in this catalog are available for management. + */ + readonly published: boolean; +} +/** + * i + * Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + * + * ## API Permissions + * + * The following API permissions are required in order to use this data source. + * + * When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + * + * When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + * + * ## Example Usage + * + * *Look up by ID* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackageCatalog({ + * objectId: "00000000-0000-0000-0000-000000000000", + * }); + * ``` + * + * *Look up by DisplayName* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = azuread.getAccessPackageCatalog({ + * displayName: "My access package Catalog", + * }); + * ``` + */ +export function getAccessPackageCatalogOutput(args?: GetAccessPackageCatalogOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getAccessPackageCatalog(a, opts)) +} + +/** + * A collection of arguments for invoking getAccessPackageCatalog. + */ +export interface GetAccessPackageCatalogOutputArgs { + /** + * The display name of the access package catalog. + */ + displayName?: pulumi.Input; + /** + * The ID of this access package catalog. + */ + objectId?: pulumi.Input; +} diff --git a/sdk/nodejs/getApplication.ts b/sdk/nodejs/getApplication.ts index 9bae7abfb..08517a3b0 100644 --- a/sdk/nodejs/getApplication.ts +++ b/sdk/nodejs/getApplication.ts @@ -162,6 +162,10 @@ export interface GetApplicationResult { * A collection of `requiredResourceAccess` blocks as documented below. */ readonly requiredResourceAccesses: outputs.GetApplicationRequiredResourceAccess[]; + /** + * References application context information from a Service or Asset Management database. + */ + readonly serviceManagementReference: string; /** * The Microsoft account types that are supported for the current application. One of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. */ diff --git a/sdk/nodejs/getGroup.ts b/sdk/nodejs/getGroup.ts index 7d65c6572..c4484fca1 100644 --- a/sdk/nodejs/getGroup.ts +++ b/sdk/nodejs/getGroup.ts @@ -132,6 +132,10 @@ export interface GetGroupResult { * The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. */ readonly onpremisesDomainName: string; + /** + * The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + */ + readonly onpremisesGroupType: string; /** * The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. */ @@ -180,6 +184,10 @@ export interface GetGroupResult { * The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility. */ readonly visibility: string; + /** + * Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + */ + readonly writebackEnabled: boolean; } /** * Gets information about an Azure Active Directory group. diff --git a/sdk/nodejs/getUser.ts b/sdk/nodejs/getUser.ts index 946e80ff0..2388a0a75 100644 --- a/sdk/nodejs/getUser.ts +++ b/sdk/nodejs/getUser.ts @@ -31,6 +31,7 @@ export function getUser(args?: GetUserArgs, opts?: pulumi.InvokeOptions): Promis opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("azuread:index/getUser:getUser", { + "mail": args.mail, "mailNickname": args.mailNickname, "objectId": args.objectId, "userPrincipalName": args.userPrincipalName, @@ -41,6 +42,10 @@ export function getUser(args?: GetUserArgs, opts?: pulumi.InvokeOptions): Promis * A collection of arguments for invoking getUser. */ export interface GetUserArgs { + /** + * The SMTP address for the user. + */ + mail?: string; /** * The email alias of the user. */ @@ -266,6 +271,10 @@ export function getUserOutput(args?: GetUserOutputArgs, opts?: pulumi.InvokeOpti * A collection of arguments for invoking getUser. */ export interface GetUserOutputArgs { + /** + * The SMTP address for the user. + */ + mail?: pulumi.Input; /** * The email alias of the user. */ diff --git a/sdk/nodejs/group.ts b/sdk/nodejs/group.ts index ece718f2d..df138cfa1 100644 --- a/sdk/nodejs/group.ts +++ b/sdk/nodejs/group.ts @@ -13,7 +13,9 @@ import * as utilities from "./utilities"; * * The following API permissions are required in order to use this resource. * - * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + * + * Alternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`. * * If using the `assignableToRole` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All` * @@ -125,6 +127,10 @@ export class Group extends pulumi.CustomResource { * The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. */ public /*out*/ readonly onpremisesDomainName!: pulumi.Output; + /** + * The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + */ + public readonly onpremisesGroupType!: pulumi.Output; /** * The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. */ @@ -177,6 +183,10 @@ export class Group extends pulumi.CustomResource { * The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. */ public readonly visibility!: pulumi.Output; + /** + * Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + */ + public readonly writebackEnabled!: pulumi.Output; /** * Create a Group resource with the given unique name, arguments, and options. @@ -207,6 +217,7 @@ export class Group extends pulumi.CustomResource { resourceInputs["members"] = state ? state.members : undefined; resourceInputs["objectId"] = state ? state.objectId : undefined; resourceInputs["onpremisesDomainName"] = state ? state.onpremisesDomainName : undefined; + resourceInputs["onpremisesGroupType"] = state ? state.onpremisesGroupType : undefined; resourceInputs["onpremisesNetbiosName"] = state ? state.onpremisesNetbiosName : undefined; resourceInputs["onpremisesSamAccountName"] = state ? state.onpremisesSamAccountName : undefined; resourceInputs["onpremisesSecurityIdentifier"] = state ? state.onpremisesSecurityIdentifier : undefined; @@ -220,6 +231,7 @@ export class Group extends pulumi.CustomResource { resourceInputs["theme"] = state ? state.theme : undefined; resourceInputs["types"] = state ? state.types : undefined; resourceInputs["visibility"] = state ? state.visibility : undefined; + resourceInputs["writebackEnabled"] = state ? state.writebackEnabled : undefined; } else { const args = argsOrState as GroupArgs | undefined; if ((!args || args.displayName === undefined) && !opts.urn) { @@ -238,6 +250,7 @@ export class Group extends pulumi.CustomResource { resourceInputs["mailEnabled"] = args ? args.mailEnabled : undefined; resourceInputs["mailNickname"] = args ? args.mailNickname : undefined; resourceInputs["members"] = args ? args.members : undefined; + resourceInputs["onpremisesGroupType"] = args ? args.onpremisesGroupType : undefined; resourceInputs["owners"] = args ? args.owners : undefined; resourceInputs["preventDuplicateNames"] = args ? args.preventDuplicateNames : undefined; resourceInputs["provisioningOptions"] = args ? args.provisioningOptions : undefined; @@ -245,6 +258,7 @@ export class Group extends pulumi.CustomResource { resourceInputs["theme"] = args ? args.theme : undefined; resourceInputs["types"] = args ? args.types : undefined; resourceInputs["visibility"] = args ? args.visibility : undefined; + resourceInputs["writebackEnabled"] = args ? args.writebackEnabled : undefined; resourceInputs["mail"] = undefined /*out*/; resourceInputs["objectId"] = undefined /*out*/; resourceInputs["onpremisesDomainName"] = undefined /*out*/; @@ -328,6 +342,10 @@ export interface GroupState { * The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. */ onpremisesDomainName?: pulumi.Input; + /** + * The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + */ + onpremisesGroupType?: pulumi.Input; /** * The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. */ @@ -380,6 +398,10 @@ export interface GroupState { * The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. */ visibility?: pulumi.Input; + /** + * Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + */ + writebackEnabled?: pulumi.Input; } /** @@ -438,6 +460,10 @@ export interface GroupArgs { * A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamicMembership` block. */ members?: pulumi.Input[]>; + /** + * The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + */ + onpremisesGroupType?: pulumi.Input; /** * A set of owners who own this group. Supported object types are Users or Service Principals */ @@ -466,4 +492,8 @@ export interface GroupArgs { * The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. */ visibility?: pulumi.Input; + /** + * Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + */ + writebackEnabled?: pulumi.Input; } diff --git a/sdk/nodejs/groupMember.ts b/sdk/nodejs/groupMember.ts index e1ed597dd..1277bb2db 100644 --- a/sdk/nodejs/groupMember.ts +++ b/sdk/nodejs/groupMember.ts @@ -13,7 +13,9 @@ import * as utilities from "./utilities"; * * The following API permissions are required in order to use this resource. * - * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + * When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + * + * However, if the authenticated service principal is an owner of the group being managed, an application role is not required. * * When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator` * diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts index a711314a3..6b15c74e6 100644 --- a/sdk/nodejs/index.ts +++ b/sdk/nodejs/index.ts @@ -5,6 +5,31 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "./utilities"; // Export members: +export { AccessPackageArgs, AccessPackageState } from "./accessPackage"; +export type AccessPackage = import("./accessPackage").AccessPackage; +export const AccessPackage: typeof import("./accessPackage").AccessPackage = null as any; +utilities.lazyLoad(exports, ["AccessPackage"], () => require("./accessPackage")); + +export { AccessPackageAssignmentPolicyArgs, AccessPackageAssignmentPolicyState } from "./accessPackageAssignmentPolicy"; +export type AccessPackageAssignmentPolicy = import("./accessPackageAssignmentPolicy").AccessPackageAssignmentPolicy; +export const AccessPackageAssignmentPolicy: typeof import("./accessPackageAssignmentPolicy").AccessPackageAssignmentPolicy = null as any; +utilities.lazyLoad(exports, ["AccessPackageAssignmentPolicy"], () => require("./accessPackageAssignmentPolicy")); + +export { AccessPackageCatalogArgs, AccessPackageCatalogState } from "./accessPackageCatalog"; +export type AccessPackageCatalog = import("./accessPackageCatalog").AccessPackageCatalog; +export const AccessPackageCatalog: typeof import("./accessPackageCatalog").AccessPackageCatalog = null as any; +utilities.lazyLoad(exports, ["AccessPackageCatalog"], () => require("./accessPackageCatalog")); + +export { AccessPackageResourceCatalogAssociationArgs, AccessPackageResourceCatalogAssociationState } from "./accessPackageResourceCatalogAssociation"; +export type AccessPackageResourceCatalogAssociation = import("./accessPackageResourceCatalogAssociation").AccessPackageResourceCatalogAssociation; +export const AccessPackageResourceCatalogAssociation: typeof import("./accessPackageResourceCatalogAssociation").AccessPackageResourceCatalogAssociation = null as any; +utilities.lazyLoad(exports, ["AccessPackageResourceCatalogAssociation"], () => require("./accessPackageResourceCatalogAssociation")); + +export { AccessPackageResourcePackageAssociationArgs, AccessPackageResourcePackageAssociationState } from "./accessPackageResourcePackageAssociation"; +export type AccessPackageResourcePackageAssociation = import("./accessPackageResourcePackageAssociation").AccessPackageResourcePackageAssociation; +export const AccessPackageResourcePackageAssociation: typeof import("./accessPackageResourcePackageAssociation").AccessPackageResourcePackageAssociation = null as any; +utilities.lazyLoad(exports, ["AccessPackageResourcePackageAssociation"], () => require("./accessPackageResourcePackageAssociation")); + export { AdministrativeUnitArgs, AdministrativeUnitState } from "./administrativeUnit"; export type AdministrativeUnit = import("./administrativeUnit").AdministrativeUnit; export const AdministrativeUnit: typeof import("./administrativeUnit").AdministrativeUnit = null as any; @@ -15,6 +40,11 @@ export type AdministrativeUnitMember = import("./administrativeUnitMember").Admi export const AdministrativeUnitMember: typeof import("./administrativeUnitMember").AdministrativeUnitMember = null as any; utilities.lazyLoad(exports, ["AdministrativeUnitMember"], () => require("./administrativeUnitMember")); +export { AdministrativeUnitRoleMemberArgs, AdministrativeUnitRoleMemberState } from "./administrativeUnitRoleMember"; +export type AdministrativeUnitRoleMember = import("./administrativeUnitRoleMember").AdministrativeUnitRoleMember; +export const AdministrativeUnitRoleMember: typeof import("./administrativeUnitRoleMember").AdministrativeUnitRoleMember = null as any; +utilities.lazyLoad(exports, ["AdministrativeUnitRoleMember"], () => require("./administrativeUnitRoleMember")); + export { AppRoleAssignmentArgs, AppRoleAssignmentState } from "./appRoleAssignment"; export type AppRoleAssignment = import("./appRoleAssignment").AppRoleAssignment; export const AppRoleAssignment: typeof import("./appRoleAssignment").AppRoleAssignment = null as any; @@ -75,6 +105,16 @@ export type DirectoryRoleMember = import("./directoryRoleMember").DirectoryRoleM export const DirectoryRoleMember: typeof import("./directoryRoleMember").DirectoryRoleMember = null as any; utilities.lazyLoad(exports, ["DirectoryRoleMember"], () => require("./directoryRoleMember")); +export { GetAccessPackageArgs, GetAccessPackageResult, GetAccessPackageOutputArgs } from "./getAccessPackage"; +export const getAccessPackage: typeof import("./getAccessPackage").getAccessPackage = null as any; +export const getAccessPackageOutput: typeof import("./getAccessPackage").getAccessPackageOutput = null as any; +utilities.lazyLoad(exports, ["getAccessPackage","getAccessPackageOutput"], () => require("./getAccessPackage")); + +export { GetAccessPackageCatalogArgs, GetAccessPackageCatalogResult, GetAccessPackageCatalogOutputArgs } from "./getAccessPackageCatalog"; +export const getAccessPackageCatalog: typeof import("./getAccessPackageCatalog").getAccessPackageCatalog = null as any; +export const getAccessPackageCatalogOutput: typeof import("./getAccessPackageCatalog").getAccessPackageCatalogOutput = null as any; +utilities.lazyLoad(exports, ["getAccessPackageCatalog","getAccessPackageCatalogOutput"], () => require("./getAccessPackageCatalog")); + export { GetAdministrativeUnitArgs, GetAdministrativeUnitResult, GetAdministrativeUnitOutputArgs } from "./getAdministrativeUnit"; export const getAdministrativeUnit: typeof import("./getAdministrativeUnit").getAdministrativeUnit = null as any; export const getAdministrativeUnitOutput: typeof import("./getAdministrativeUnit").getAdministrativeUnitOutput = null as any; @@ -212,6 +252,11 @@ export type User = import("./user").User; export const User: typeof import("./user").User = null as any; utilities.lazyLoad(exports, ["User"], () => require("./user")); +export { UserFlowAttributeArgs, UserFlowAttributeState } from "./userFlowAttribute"; +export type UserFlowAttribute = import("./userFlowAttribute").UserFlowAttribute; +export const UserFlowAttribute: typeof import("./userFlowAttribute").UserFlowAttribute = null as any; +utilities.lazyLoad(exports, ["UserFlowAttribute"], () => require("./userFlowAttribute")); + // Export sub-modules: import * as config from "./config"; @@ -226,10 +271,22 @@ const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { switch (type) { + case "azuread:index/accessPackage:AccessPackage": + return new AccessPackage(name, undefined, { urn }) + case "azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy": + return new AccessPackageAssignmentPolicy(name, undefined, { urn }) + case "azuread:index/accessPackageCatalog:AccessPackageCatalog": + return new AccessPackageCatalog(name, undefined, { urn }) + case "azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation": + return new AccessPackageResourceCatalogAssociation(name, undefined, { urn }) + case "azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation": + return new AccessPackageResourcePackageAssociation(name, undefined, { urn }) case "azuread:index/administrativeUnit:AdministrativeUnit": return new AdministrativeUnit(name, undefined, { urn }) case "azuread:index/administrativeUnitMember:AdministrativeUnitMember": return new AdministrativeUnitMember(name, undefined, { urn }) + case "azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember": + return new AdministrativeUnitRoleMember(name, undefined, { urn }) case "azuread:index/appRoleAssignment:AppRoleAssignment": return new AppRoleAssignment(name, undefined, { urn }) case "azuread:index/application:Application": @@ -280,13 +337,21 @@ const _module = { return new SynchronizationSecret(name, undefined, { urn }) case "azuread:index/user:User": return new User(name, undefined, { urn }) + case "azuread:index/userFlowAttribute:UserFlowAttribute": + return new UserFlowAttribute(name, undefined, { urn }) default: throw new Error(`unknown resource type ${type}`); } }, }; +pulumi.runtime.registerResourceModule("azuread", "index/accessPackage", _module) +pulumi.runtime.registerResourceModule("azuread", "index/accessPackageAssignmentPolicy", _module) +pulumi.runtime.registerResourceModule("azuread", "index/accessPackageCatalog", _module) +pulumi.runtime.registerResourceModule("azuread", "index/accessPackageResourceCatalogAssociation", _module) +pulumi.runtime.registerResourceModule("azuread", "index/accessPackageResourcePackageAssociation", _module) pulumi.runtime.registerResourceModule("azuread", "index/administrativeUnit", _module) pulumi.runtime.registerResourceModule("azuread", "index/administrativeUnitMember", _module) +pulumi.runtime.registerResourceModule("azuread", "index/administrativeUnitRoleMember", _module) pulumi.runtime.registerResourceModule("azuread", "index/appRoleAssignment", _module) pulumi.runtime.registerResourceModule("azuread", "index/application", _module) pulumi.runtime.registerResourceModule("azuread", "index/applicationCertificate", _module) @@ -312,6 +377,7 @@ pulumi.runtime.registerResourceModule("azuread", "index/servicePrincipalTokenSig pulumi.runtime.registerResourceModule("azuread", "index/synchronizationJob", _module) pulumi.runtime.registerResourceModule("azuread", "index/synchronizationSecret", _module) pulumi.runtime.registerResourceModule("azuread", "index/user", _module) +pulumi.runtime.registerResourceModule("azuread", "index/userFlowAttribute", _module) pulumi.runtime.registerResourcePackage("azuread", { version: utilities.getVersion(), constructProvider: (name: string, type: string, urn: string): pulumi.ProviderResource => { diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index d8fd48cfc..228d703f0 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -13,8 +13,14 @@ "strict": true }, "files": [ + "accessPackage.ts", + "accessPackageAssignmentPolicy.ts", + "accessPackageCatalog.ts", + "accessPackageResourceCatalogAssociation.ts", + "accessPackageResourcePackageAssociation.ts", "administrativeUnit.ts", "administrativeUnitMember.ts", + "administrativeUnitRoleMember.ts", "appRoleAssignment.ts", "application.ts", "applicationCertificate.ts", @@ -29,6 +35,8 @@ "directoryRole.ts", "directoryRoleAssignment.ts", "directoryRoleMember.ts", + "getAccessPackage.ts", + "getAccessPackageCatalog.ts", "getAdministrativeUnit.ts", "getApplication.ts", "getApplicationPublishedAppIds.ts", @@ -61,6 +69,7 @@ "types/input.ts", "types/output.ts", "user.ts", + "userFlowAttribute.ts", "utilities.ts" ] } diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 2caa779b7..0901298e6 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -5,6 +5,240 @@ import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; +export interface AccessPackageAssignmentPolicyApprovalSettings { + /** + * Whether an approval is required. + */ + approvalRequired?: pulumi.Input; + /** + * Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + */ + approvalRequiredForExtension?: pulumi.Input; + /** + * An `approvalStage` block specifying the process to obtain an approval, as documented below. + */ + approvalStages?: pulumi.Input[]>; + /** + * Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + */ + requestorJustificationRequired?: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyApprovalSettingsApprovalStage { + /** + * Whether alternative approvers are enabled. + */ + alternativeApprovalEnabled?: pulumi.Input; + /** + * A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + */ + alternativeApprovers?: pulumi.Input[]>; + /** + * Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + */ + approvalTimeoutInDays: pulumi.Input; + /** + * Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + */ + approverJustificationRequired?: pulumi.Input; + /** + * Number of days before the request is forwarded to alternative approvers. + */ + enableAlternativeApprovalInDays?: pulumi.Input; + /** + * A block specifying the users who will be asked to approve requests, as documented below. + */ + primaryApprovers?: pulumi.Input[]>; +} + +export interface AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: pulumi.Input; + /** + * The ID of the subject. + */ + objectId?: pulumi.Input; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: pulumi.Input; + /** + * The ID of the subject. + */ + objectId?: pulumi.Input; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyAssignmentReviewSettings { + /** + * Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + */ + accessRecommendationEnabled?: pulumi.Input; + /** + * Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + */ + accessReviewTimeoutBehavior?: pulumi.Input; + /** + * Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + */ + approverJustificationRequired?: pulumi.Input; + /** + * How many days each occurrence of the access review series will run. + */ + durationInDays?: pulumi.Input; + /** + * Whether to enable assignment review. + */ + enabled?: pulumi.Input; + /** + * This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + */ + reviewFrequency?: pulumi.Input; + /** + * Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + */ + reviewType?: pulumi.Input; + /** + * One or more `reviewer` blocks to specify the users who will be reviewers (when `reviewType` is `Reviewers`), as documented below. + */ + reviewers?: pulumi.Input[]>; + /** + * This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + */ + startingOn?: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: pulumi.Input; + /** + * The ID of the subject. + */ + objectId?: pulumi.Input; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyQuestion { + /** + * One or more blocks configuring a choice to the question, as documented below. + */ + choices?: pulumi.Input[]>; + /** + * Whether this question is required. + */ + required?: pulumi.Input; + /** + * The sequence number of this question. + */ + sequence?: pulumi.Input; + /** + * A block describing the content of this question, as documented below. + */ + text: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyQuestionChoice { + /** + * The actual value of this choice. + */ + actualValue: pulumi.Input; + /** + * A block describing the display text of this choice, as documented below. + */ + displayValue: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyQuestionChoiceDisplayValue { + /** + * The default text of this question. + */ + defaultText: pulumi.Input; + /** + * One or more blocks describing localized text of this question, as documented below. + */ + localizedTexts?: pulumi.Input[]>; +} + +export interface AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText { + /** + * The localized content of this question. + */ + content: pulumi.Input; + /** + * The ISO 639 language code for this question content. + */ + languageCode: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyQuestionText { + /** + * The default text of this question. + */ + defaultText: pulumi.Input; + /** + * One or more blocks describing localized text of this question, as documented below. + */ + localizedTexts?: pulumi.Input[]>; +} + +export interface AccessPackageAssignmentPolicyQuestionTextLocalizedText { + /** + * The localized content of this question. + */ + content: pulumi.Input; + /** + * The ISO 639 language code for this question content. + */ + languageCode: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyRequestorSettings { + /** + * A block specifying the users who are allowed to request on this policy, as documented below. + */ + requestors?: pulumi.Input[]>; + /** + * Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + */ + requestsAccepted?: pulumi.Input; + /** + * Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + */ + scopeType?: pulumi.Input; +} + +export interface AccessPackageAssignmentPolicyRequestorSettingsRequestor { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: pulumi.Input; + /** + * The ID of the subject. + */ + objectId?: pulumi.Input; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: pulumi.Input; +} + export interface ApplicationApi { /** * A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 837326625..e5f4de26c 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -5,6 +5,240 @@ import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; +export interface AccessPackageAssignmentPolicyApprovalSettings { + /** + * Whether an approval is required. + */ + approvalRequired?: boolean; + /** + * Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + */ + approvalRequiredForExtension?: boolean; + /** + * An `approvalStage` block specifying the process to obtain an approval, as documented below. + */ + approvalStages?: outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStage[]; + /** + * Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + */ + requestorJustificationRequired?: boolean; +} + +export interface AccessPackageAssignmentPolicyApprovalSettingsApprovalStage { + /** + * Whether alternative approvers are enabled. + */ + alternativeApprovalEnabled?: boolean; + /** + * A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + */ + alternativeApprovers?: outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover[]; + /** + * Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + */ + approvalTimeoutInDays: number; + /** + * Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + */ + approverJustificationRequired?: boolean; + /** + * Number of days before the request is forwarded to alternative approvers. + */ + enableAlternativeApprovalInDays?: number; + /** + * A block specifying the users who will be asked to approve requests, as documented below. + */ + primaryApprovers?: outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover[]; +} + +export interface AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: boolean; + /** + * The ID of the subject. + */ + objectId?: string; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: string; +} + +export interface AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: boolean; + /** + * The ID of the subject. + */ + objectId?: string; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: string; +} + +export interface AccessPackageAssignmentPolicyAssignmentReviewSettings { + /** + * Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + */ + accessRecommendationEnabled?: boolean; + /** + * Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + */ + accessReviewTimeoutBehavior?: string; + /** + * Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + */ + approverJustificationRequired?: boolean; + /** + * How many days each occurrence of the access review series will run. + */ + durationInDays?: number; + /** + * Whether to enable assignment review. + */ + enabled?: boolean; + /** + * This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + */ + reviewFrequency?: string; + /** + * Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + */ + reviewType?: string; + /** + * One or more `reviewer` blocks to specify the users who will be reviewers (when `reviewType` is `Reviewers`), as documented below. + */ + reviewers?: outputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer[]; + /** + * This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + */ + startingOn?: string; +} + +export interface AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: boolean; + /** + * The ID of the subject. + */ + objectId?: string; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: string; +} + +export interface AccessPackageAssignmentPolicyQuestion { + /** + * One or more blocks configuring a choice to the question, as documented below. + */ + choices?: outputs.AccessPackageAssignmentPolicyQuestionChoice[]; + /** + * Whether this question is required. + */ + required?: boolean; + /** + * The sequence number of this question. + */ + sequence?: number; + /** + * A block describing the content of this question, as documented below. + */ + text: outputs.AccessPackageAssignmentPolicyQuestionText; +} + +export interface AccessPackageAssignmentPolicyQuestionChoice { + /** + * The actual value of this choice. + */ + actualValue: string; + /** + * A block describing the display text of this choice, as documented below. + */ + displayValue: outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValue; +} + +export interface AccessPackageAssignmentPolicyQuestionChoiceDisplayValue { + /** + * The default text of this question. + */ + defaultText: string; + /** + * One or more blocks describing localized text of this question, as documented below. + */ + localizedTexts?: outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText[]; +} + +export interface AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText { + /** + * The localized content of this question. + */ + content: string; + /** + * The ISO 639 language code for this question content. + */ + languageCode: string; +} + +export interface AccessPackageAssignmentPolicyQuestionText { + /** + * The default text of this question. + */ + defaultText: string; + /** + * One or more blocks describing localized text of this question, as documented below. + */ + localizedTexts?: outputs.AccessPackageAssignmentPolicyQuestionTextLocalizedText[]; +} + +export interface AccessPackageAssignmentPolicyQuestionTextLocalizedText { + /** + * The localized content of this question. + */ + content: string; + /** + * The ISO 639 language code for this question content. + */ + languageCode: string; +} + +export interface AccessPackageAssignmentPolicyRequestorSettings { + /** + * A block specifying the users who are allowed to request on this policy, as documented below. + */ + requestors?: outputs.AccessPackageAssignmentPolicyRequestorSettingsRequestor[]; + /** + * Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + */ + requestsAccepted?: boolean; + /** + * Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + */ + scopeType?: string; +} + +export interface AccessPackageAssignmentPolicyRequestorSettingsRequestor { + /** + * For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + */ + backup?: boolean; + /** + * The ID of the subject. + */ + objectId?: string; + /** + * Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + */ + subjectType: string; +} + export interface ApplicationApi { /** * A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. diff --git a/sdk/nodejs/userFlowAttribute.ts b/sdk/nodejs/userFlowAttribute.ts new file mode 100644 index 000000000..33acc68de --- /dev/null +++ b/sdk/nodejs/userFlowAttribute.ts @@ -0,0 +1,162 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Manages user flow attributes in an Azure Active Directory (Azure AD) tenant. + * + * ## API Permissions + * + * The following API permissions are required in order to use this resource. + * + * When authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All` + * + * ## Example Usage + * + * *Basic example* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = new azuread.UserFlowAttribute("example", { + * dataType: "string", + * description: "Your hobby", + * displayName: "Hobby", + * }); + * ``` + * + * ## Import + * + * User flow attributes can be imported using the `id`, e.g. + * + * ```sh + * $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + * ``` + * + * -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). + */ +export class UserFlowAttribute extends pulumi.CustomResource { + /** + * Get an existing UserFlowAttribute resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: UserFlowAttributeState, opts?: pulumi.CustomResourceOptions): UserFlowAttribute { + return new UserFlowAttribute(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'azuread:index/userFlowAttribute:UserFlowAttribute'; + + /** + * Returns true if the given object is an instance of UserFlowAttribute. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is UserFlowAttribute { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === UserFlowAttribute.__pulumiType; + } + + /** + * The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + */ + public /*out*/ readonly attributeType!: pulumi.Output; + /** + * The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + */ + public readonly dataType!: pulumi.Output; + /** + * The description of the user flow attribute that is shown to the user at the time of sign-up. + */ + public readonly description!: pulumi.Output; + /** + * The display name of the user flow attribute. Changing this forces a new resource to be created. + */ + public readonly displayName!: pulumi.Output; + + /** + * Create a UserFlowAttribute resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: UserFlowAttributeArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: UserFlowAttributeArgs | UserFlowAttributeState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as UserFlowAttributeState | undefined; + resourceInputs["attributeType"] = state ? state.attributeType : undefined; + resourceInputs["dataType"] = state ? state.dataType : undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["displayName"] = state ? state.displayName : undefined; + } else { + const args = argsOrState as UserFlowAttributeArgs | undefined; + if ((!args || args.dataType === undefined) && !opts.urn) { + throw new Error("Missing required property 'dataType'"); + } + if ((!args || args.description === undefined) && !opts.urn) { + throw new Error("Missing required property 'description'"); + } + if ((!args || args.displayName === undefined) && !opts.urn) { + throw new Error("Missing required property 'displayName'"); + } + resourceInputs["dataType"] = args ? args.dataType : undefined; + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["displayName"] = args ? args.displayName : undefined; + resourceInputs["attributeType"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(UserFlowAttribute.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering UserFlowAttribute resources. + */ +export interface UserFlowAttributeState { + /** + * The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + */ + attributeType?: pulumi.Input; + /** + * The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + */ + dataType?: pulumi.Input; + /** + * The description of the user flow attribute that is shown to the user at the time of sign-up. + */ + description?: pulumi.Input; + /** + * The display name of the user flow attribute. Changing this forces a new resource to be created. + */ + displayName?: pulumi.Input; +} + +/** + * The set of arguments for constructing a UserFlowAttribute resource. + */ +export interface UserFlowAttributeArgs { + /** + * The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + */ + dataType: pulumi.Input; + /** + * The description of the user flow attribute that is shown to the user at the time of sign-up. + */ + description: pulumi.Input; + /** + * The display name of the user flow attribute. Changing this forces a new resource to be created. + */ + displayName: pulumi.Input; +} diff --git a/sdk/python/pulumi_azuread/__init__.py b/sdk/python/pulumi_azuread/__init__.py index a15a53b99..926dac47e 100644 --- a/sdk/python/pulumi_azuread/__init__.py +++ b/sdk/python/pulumi_azuread/__init__.py @@ -5,8 +5,14 @@ from . import _utilities import typing # Export this package's modules as members: +from .access_package import * +from .access_package_assignment_policy import * +from .access_package_catalog import * +from .access_package_resource_catalog_association import * +from .access_package_resource_package_association import * from .administrative_unit import * from .administrative_unit_member import * +from .administrative_unit_role_member import * from .app_role_assignment import * from .application import * from .application_certificate import * @@ -19,6 +25,8 @@ from .directory_role import * from .directory_role_assignment import * from .directory_role_member import * +from .get_access_package import * +from .get_access_package_catalog import * from .get_administrative_unit import * from .get_application import * from .get_application_published_app_ids import * @@ -47,6 +55,7 @@ from .synchronization_job import * from .synchronization_secret import * from .user import * +from .user_flow_attribute import * from ._inputs import * from . import outputs @@ -60,6 +69,46 @@ _utilities.register( resource_modules=""" [ + { + "pkg": "azuread", + "mod": "index/accessPackage", + "fqn": "pulumi_azuread", + "classes": { + "azuread:index/accessPackage:AccessPackage": "AccessPackage" + } + }, + { + "pkg": "azuread", + "mod": "index/accessPackageAssignmentPolicy", + "fqn": "pulumi_azuread", + "classes": { + "azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy": "AccessPackageAssignmentPolicy" + } + }, + { + "pkg": "azuread", + "mod": "index/accessPackageCatalog", + "fqn": "pulumi_azuread", + "classes": { + "azuread:index/accessPackageCatalog:AccessPackageCatalog": "AccessPackageCatalog" + } + }, + { + "pkg": "azuread", + "mod": "index/accessPackageResourceCatalogAssociation", + "fqn": "pulumi_azuread", + "classes": { + "azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation": "AccessPackageResourceCatalogAssociation" + } + }, + { + "pkg": "azuread", + "mod": "index/accessPackageResourcePackageAssociation", + "fqn": "pulumi_azuread", + "classes": { + "azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation": "AccessPackageResourcePackageAssociation" + } + }, { "pkg": "azuread", "mod": "index/administrativeUnit", @@ -76,6 +125,14 @@ "azuread:index/administrativeUnitMember:AdministrativeUnitMember": "AdministrativeUnitMember" } }, + { + "pkg": "azuread", + "mod": "index/administrativeUnitRoleMember", + "fqn": "pulumi_azuread", + "classes": { + "azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember": "AdministrativeUnitRoleMember" + } + }, { "pkg": "azuread", "mod": "index/appRoleAssignment", @@ -275,6 +332,14 @@ "classes": { "azuread:index/user:User": "User" } + }, + { + "pkg": "azuread", + "mod": "index/userFlowAttribute", + "fqn": "pulumi_azuread", + "classes": { + "azuread:index/userFlowAttribute:UserFlowAttribute": "UserFlowAttribute" + } } ] """, diff --git a/sdk/python/pulumi_azuread/_inputs.py b/sdk/python/pulumi_azuread/_inputs.py index 8937ca722..8122992cc 100644 --- a/sdk/python/pulumi_azuread/_inputs.py +++ b/sdk/python/pulumi_azuread/_inputs.py @@ -10,6 +10,20 @@ from . import _utilities __all__ = [ + 'AccessPackageAssignmentPolicyApprovalSettingsArgs', + 'AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs', + 'AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs', + 'AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs', + 'AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs', + 'AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs', + 'AccessPackageAssignmentPolicyQuestionArgs', + 'AccessPackageAssignmentPolicyQuestionChoiceArgs', + 'AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs', + 'AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs', + 'AccessPackageAssignmentPolicyQuestionTextArgs', + 'AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs', + 'AccessPackageAssignmentPolicyRequestorSettingsArgs', + 'AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs', 'ApplicationApiArgs', 'ApplicationApiOauth2PermissionScopeArgs', 'ApplicationAppRoleArgs', @@ -47,6 +61,858 @@ 'SynchronizationSecretCredentialArgs', ] +@pulumi.input_type +class AccessPackageAssignmentPolicyApprovalSettingsArgs: + def __init__(__self__, *, + approval_required: Optional[pulumi.Input[bool]] = None, + approval_required_for_extension: Optional[pulumi.Input[bool]] = None, + approval_stages: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs']]]] = None, + requestor_justification_required: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[bool] approval_required: Whether an approval is required. + :param pulumi.Input[bool] approval_required_for_extension: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs']]] approval_stages: An `approval_stage` block specifying the process to obtain an approval, as documented below. + :param pulumi.Input[bool] requestor_justification_required: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + """ + if approval_required is not None: + pulumi.set(__self__, "approval_required", approval_required) + if approval_required_for_extension is not None: + pulumi.set(__self__, "approval_required_for_extension", approval_required_for_extension) + if approval_stages is not None: + pulumi.set(__self__, "approval_stages", approval_stages) + if requestor_justification_required is not None: + pulumi.set(__self__, "requestor_justification_required", requestor_justification_required) + + @property + @pulumi.getter(name="approvalRequired") + def approval_required(self) -> Optional[pulumi.Input[bool]]: + """ + Whether an approval is required. + """ + return pulumi.get(self, "approval_required") + + @approval_required.setter + def approval_required(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "approval_required", value) + + @property + @pulumi.getter(name="approvalRequiredForExtension") + def approval_required_for_extension(self) -> Optional[pulumi.Input[bool]]: + """ + Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + """ + return pulumi.get(self, "approval_required_for_extension") + + @approval_required_for_extension.setter + def approval_required_for_extension(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "approval_required_for_extension", value) + + @property + @pulumi.getter(name="approvalStages") + def approval_stages(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs']]]]: + """ + An `approval_stage` block specifying the process to obtain an approval, as documented below. + """ + return pulumi.get(self, "approval_stages") + + @approval_stages.setter + def approval_stages(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs']]]]): + pulumi.set(self, "approval_stages", value) + + @property + @pulumi.getter(name="requestorJustificationRequired") + def requestor_justification_required(self) -> Optional[pulumi.Input[bool]]: + """ + Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + """ + return pulumi.get(self, "requestor_justification_required") + + @requestor_justification_required.setter + def requestor_justification_required(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "requestor_justification_required", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs: + def __init__(__self__, *, + approval_timeout_in_days: pulumi.Input[int], + alternative_approval_enabled: Optional[pulumi.Input[bool]] = None, + alternative_approvers: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs']]]] = None, + approver_justification_required: Optional[pulumi.Input[bool]] = None, + enable_alternative_approval_in_days: Optional[pulumi.Input[int]] = None, + primary_approvers: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs']]]] = None): + """ + :param pulumi.Input[int] approval_timeout_in_days: Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + :param pulumi.Input[bool] alternative_approval_enabled: Whether alternative approvers are enabled. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs']]] alternative_approvers: A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + :param pulumi.Input[bool] approver_justification_required: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + :param pulumi.Input[int] enable_alternative_approval_in_days: Number of days before the request is forwarded to alternative approvers. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs']]] primary_approvers: A block specifying the users who will be asked to approve requests, as documented below. + """ + pulumi.set(__self__, "approval_timeout_in_days", approval_timeout_in_days) + if alternative_approval_enabled is not None: + pulumi.set(__self__, "alternative_approval_enabled", alternative_approval_enabled) + if alternative_approvers is not None: + pulumi.set(__self__, "alternative_approvers", alternative_approvers) + if approver_justification_required is not None: + pulumi.set(__self__, "approver_justification_required", approver_justification_required) + if enable_alternative_approval_in_days is not None: + pulumi.set(__self__, "enable_alternative_approval_in_days", enable_alternative_approval_in_days) + if primary_approvers is not None: + pulumi.set(__self__, "primary_approvers", primary_approvers) + + @property + @pulumi.getter(name="approvalTimeoutInDays") + def approval_timeout_in_days(self) -> pulumi.Input[int]: + """ + Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + """ + return pulumi.get(self, "approval_timeout_in_days") + + @approval_timeout_in_days.setter + def approval_timeout_in_days(self, value: pulumi.Input[int]): + pulumi.set(self, "approval_timeout_in_days", value) + + @property + @pulumi.getter(name="alternativeApprovalEnabled") + def alternative_approval_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Whether alternative approvers are enabled. + """ + return pulumi.get(self, "alternative_approval_enabled") + + @alternative_approval_enabled.setter + def alternative_approval_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "alternative_approval_enabled", value) + + @property + @pulumi.getter(name="alternativeApprovers") + def alternative_approvers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs']]]]: + """ + A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + """ + return pulumi.get(self, "alternative_approvers") + + @alternative_approvers.setter + def alternative_approvers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs']]]]): + pulumi.set(self, "alternative_approvers", value) + + @property + @pulumi.getter(name="approverJustificationRequired") + def approver_justification_required(self) -> Optional[pulumi.Input[bool]]: + """ + Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + """ + return pulumi.get(self, "approver_justification_required") + + @approver_justification_required.setter + def approver_justification_required(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "approver_justification_required", value) + + @property + @pulumi.getter(name="enableAlternativeApprovalInDays") + def enable_alternative_approval_in_days(self) -> Optional[pulumi.Input[int]]: + """ + Number of days before the request is forwarded to alternative approvers. + """ + return pulumi.get(self, "enable_alternative_approval_in_days") + + @enable_alternative_approval_in_days.setter + def enable_alternative_approval_in_days(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "enable_alternative_approval_in_days", value) + + @property + @pulumi.getter(name="primaryApprovers") + def primary_approvers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs']]]]: + """ + A block specifying the users who will be asked to approve requests, as documented below. + """ + return pulumi.get(self, "primary_approvers") + + @primary_approvers.setter + def primary_approvers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs']]]]): + pulumi.set(self, "primary_approvers", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs: + def __init__(__self__, *, + subject_type: pulumi.Input[str], + backup: Optional[pulumi.Input[bool]] = None, + object_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param pulumi.Input[bool] backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param pulumi.Input[str] object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> pulumi.Input[str]: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @subject_type.setter + def subject_type(self, value: pulumi.Input[str]): + pulumi.set(self, "subject_type", value) + + @property + @pulumi.getter + def backup(self) -> Optional[pulumi.Input[bool]]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @backup.setter + def backup(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "backup", value) + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + @object_id.setter + def object_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "object_id", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs: + def __init__(__self__, *, + subject_type: pulumi.Input[str], + backup: Optional[pulumi.Input[bool]] = None, + object_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param pulumi.Input[bool] backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param pulumi.Input[str] object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> pulumi.Input[str]: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @subject_type.setter + def subject_type(self, value: pulumi.Input[str]): + pulumi.set(self, "subject_type", value) + + @property + @pulumi.getter + def backup(self) -> Optional[pulumi.Input[bool]]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @backup.setter + def backup(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "backup", value) + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + @object_id.setter + def object_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "object_id", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs: + def __init__(__self__, *, + access_recommendation_enabled: Optional[pulumi.Input[bool]] = None, + access_review_timeout_behavior: Optional[pulumi.Input[str]] = None, + approver_justification_required: Optional[pulumi.Input[bool]] = None, + duration_in_days: Optional[pulumi.Input[int]] = None, + enabled: Optional[pulumi.Input[bool]] = None, + review_frequency: Optional[pulumi.Input[str]] = None, + review_type: Optional[pulumi.Input[str]] = None, + reviewers: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs']]]] = None, + starting_on: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[bool] access_recommendation_enabled: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + :param pulumi.Input[str] access_review_timeout_behavior: Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + :param pulumi.Input[bool] approver_justification_required: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + :param pulumi.Input[int] duration_in_days: How many days each occurrence of the access review series will run. + :param pulumi.Input[bool] enabled: Whether to enable assignment review. + :param pulumi.Input[str] review_frequency: This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + :param pulumi.Input[str] review_type: Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs']]] reviewers: One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + :param pulumi.Input[str] starting_on: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + """ + if access_recommendation_enabled is not None: + pulumi.set(__self__, "access_recommendation_enabled", access_recommendation_enabled) + if access_review_timeout_behavior is not None: + pulumi.set(__self__, "access_review_timeout_behavior", access_review_timeout_behavior) + if approver_justification_required is not None: + pulumi.set(__self__, "approver_justification_required", approver_justification_required) + if duration_in_days is not None: + pulumi.set(__self__, "duration_in_days", duration_in_days) + if enabled is not None: + pulumi.set(__self__, "enabled", enabled) + if review_frequency is not None: + pulumi.set(__self__, "review_frequency", review_frequency) + if review_type is not None: + pulumi.set(__self__, "review_type", review_type) + if reviewers is not None: + pulumi.set(__self__, "reviewers", reviewers) + if starting_on is not None: + pulumi.set(__self__, "starting_on", starting_on) + + @property + @pulumi.getter(name="accessRecommendationEnabled") + def access_recommendation_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + """ + return pulumi.get(self, "access_recommendation_enabled") + + @access_recommendation_enabled.setter + def access_recommendation_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "access_recommendation_enabled", value) + + @property + @pulumi.getter(name="accessReviewTimeoutBehavior") + def access_review_timeout_behavior(self) -> Optional[pulumi.Input[str]]: + """ + Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + """ + return pulumi.get(self, "access_review_timeout_behavior") + + @access_review_timeout_behavior.setter + def access_review_timeout_behavior(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "access_review_timeout_behavior", value) + + @property + @pulumi.getter(name="approverJustificationRequired") + def approver_justification_required(self) -> Optional[pulumi.Input[bool]]: + """ + Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + """ + return pulumi.get(self, "approver_justification_required") + + @approver_justification_required.setter + def approver_justification_required(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "approver_justification_required", value) + + @property + @pulumi.getter(name="durationInDays") + def duration_in_days(self) -> Optional[pulumi.Input[int]]: + """ + How many days each occurrence of the access review series will run. + """ + return pulumi.get(self, "duration_in_days") + + @duration_in_days.setter + def duration_in_days(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "duration_in_days", value) + + @property + @pulumi.getter + def enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable assignment review. + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="reviewFrequency") + def review_frequency(self) -> Optional[pulumi.Input[str]]: + """ + This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + """ + return pulumi.get(self, "review_frequency") + + @review_frequency.setter + def review_frequency(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "review_frequency", value) + + @property + @pulumi.getter(name="reviewType") + def review_type(self) -> Optional[pulumi.Input[str]]: + """ + Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + """ + return pulumi.get(self, "review_type") + + @review_type.setter + def review_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "review_type", value) + + @property + @pulumi.getter + def reviewers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs']]]]: + """ + One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + """ + return pulumi.get(self, "reviewers") + + @reviewers.setter + def reviewers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs']]]]): + pulumi.set(self, "reviewers", value) + + @property + @pulumi.getter(name="startingOn") + def starting_on(self) -> Optional[pulumi.Input[str]]: + """ + This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + """ + return pulumi.get(self, "starting_on") + + @starting_on.setter + def starting_on(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "starting_on", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs: + def __init__(__self__, *, + subject_type: pulumi.Input[str], + backup: Optional[pulumi.Input[bool]] = None, + object_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param pulumi.Input[bool] backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param pulumi.Input[str] object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> pulumi.Input[str]: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @subject_type.setter + def subject_type(self, value: pulumi.Input[str]): + pulumi.set(self, "subject_type", value) + + @property + @pulumi.getter + def backup(self) -> Optional[pulumi.Input[bool]]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @backup.setter + def backup(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "backup", value) + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + @object_id.setter + def object_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "object_id", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyQuestionArgs: + def __init__(__self__, *, + text: pulumi.Input['AccessPackageAssignmentPolicyQuestionTextArgs'], + choices: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceArgs']]]] = None, + required: Optional[pulumi.Input[bool]] = None, + sequence: Optional[pulumi.Input[int]] = None): + """ + :param pulumi.Input['AccessPackageAssignmentPolicyQuestionTextArgs'] text: A block describing the content of this question, as documented below. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceArgs']]] choices: One or more blocks configuring a choice to the question, as documented below. + :param pulumi.Input[bool] required: Whether this question is required. + :param pulumi.Input[int] sequence: The sequence number of this question. + """ + pulumi.set(__self__, "text", text) + if choices is not None: + pulumi.set(__self__, "choices", choices) + if required is not None: + pulumi.set(__self__, "required", required) + if sequence is not None: + pulumi.set(__self__, "sequence", sequence) + + @property + @pulumi.getter + def text(self) -> pulumi.Input['AccessPackageAssignmentPolicyQuestionTextArgs']: + """ + A block describing the content of this question, as documented below. + """ + return pulumi.get(self, "text") + + @text.setter + def text(self, value: pulumi.Input['AccessPackageAssignmentPolicyQuestionTextArgs']): + pulumi.set(self, "text", value) + + @property + @pulumi.getter + def choices(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceArgs']]]]: + """ + One or more blocks configuring a choice to the question, as documented below. + """ + return pulumi.get(self, "choices") + + @choices.setter + def choices(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceArgs']]]]): + pulumi.set(self, "choices", value) + + @property + @pulumi.getter + def required(self) -> Optional[pulumi.Input[bool]]: + """ + Whether this question is required. + """ + return pulumi.get(self, "required") + + @required.setter + def required(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "required", value) + + @property + @pulumi.getter + def sequence(self) -> Optional[pulumi.Input[int]]: + """ + The sequence number of this question. + """ + return pulumi.get(self, "sequence") + + @sequence.setter + def sequence(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "sequence", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyQuestionChoiceArgs: + def __init__(__self__, *, + actual_value: pulumi.Input[str], + display_value: pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs']): + """ + :param pulumi.Input[str] actual_value: The actual value of this choice. + :param pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs'] display_value: A block describing the display text of this choice, as documented below. + """ + pulumi.set(__self__, "actual_value", actual_value) + pulumi.set(__self__, "display_value", display_value) + + @property + @pulumi.getter(name="actualValue") + def actual_value(self) -> pulumi.Input[str]: + """ + The actual value of this choice. + """ + return pulumi.get(self, "actual_value") + + @actual_value.setter + def actual_value(self, value: pulumi.Input[str]): + pulumi.set(self, "actual_value", value) + + @property + @pulumi.getter(name="displayValue") + def display_value(self) -> pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs']: + """ + A block describing the display text of this choice, as documented below. + """ + return pulumi.get(self, "display_value") + + @display_value.setter + def display_value(self, value: pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs']): + pulumi.set(self, "display_value", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs: + def __init__(__self__, *, + default_text: pulumi.Input[str], + localized_texts: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs']]]] = None): + """ + :param pulumi.Input[str] default_text: The default text of this question. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs']]] localized_texts: One or more blocks describing localized text of this question, as documented below. + """ + pulumi.set(__self__, "default_text", default_text) + if localized_texts is not None: + pulumi.set(__self__, "localized_texts", localized_texts) + + @property + @pulumi.getter(name="defaultText") + def default_text(self) -> pulumi.Input[str]: + """ + The default text of this question. + """ + return pulumi.get(self, "default_text") + + @default_text.setter + def default_text(self, value: pulumi.Input[str]): + pulumi.set(self, "default_text", value) + + @property + @pulumi.getter(name="localizedTexts") + def localized_texts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs']]]]: + """ + One or more blocks describing localized text of this question, as documented below. + """ + return pulumi.get(self, "localized_texts") + + @localized_texts.setter + def localized_texts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs']]]]): + pulumi.set(self, "localized_texts", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs: + def __init__(__self__, *, + content: pulumi.Input[str], + language_code: pulumi.Input[str]): + """ + :param pulumi.Input[str] content: The localized content of this question. + :param pulumi.Input[str] language_code: The ISO 639 language code for this question content. + """ + pulumi.set(__self__, "content", content) + pulumi.set(__self__, "language_code", language_code) + + @property + @pulumi.getter + def content(self) -> pulumi.Input[str]: + """ + The localized content of this question. + """ + return pulumi.get(self, "content") + + @content.setter + def content(self, value: pulumi.Input[str]): + pulumi.set(self, "content", value) + + @property + @pulumi.getter(name="languageCode") + def language_code(self) -> pulumi.Input[str]: + """ + The ISO 639 language code for this question content. + """ + return pulumi.get(self, "language_code") + + @language_code.setter + def language_code(self, value: pulumi.Input[str]): + pulumi.set(self, "language_code", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyQuestionTextArgs: + def __init__(__self__, *, + default_text: pulumi.Input[str], + localized_texts: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs']]]] = None): + """ + :param pulumi.Input[str] default_text: The default text of this question. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs']]] localized_texts: One or more blocks describing localized text of this question, as documented below. + """ + pulumi.set(__self__, "default_text", default_text) + if localized_texts is not None: + pulumi.set(__self__, "localized_texts", localized_texts) + + @property + @pulumi.getter(name="defaultText") + def default_text(self) -> pulumi.Input[str]: + """ + The default text of this question. + """ + return pulumi.get(self, "default_text") + + @default_text.setter + def default_text(self, value: pulumi.Input[str]): + pulumi.set(self, "default_text", value) + + @property + @pulumi.getter(name="localizedTexts") + def localized_texts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs']]]]: + """ + One or more blocks describing localized text of this question, as documented below. + """ + return pulumi.get(self, "localized_texts") + + @localized_texts.setter + def localized_texts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs']]]]): + pulumi.set(self, "localized_texts", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs: + def __init__(__self__, *, + content: pulumi.Input[str], + language_code: pulumi.Input[str]): + """ + :param pulumi.Input[str] content: The localized content of this question. + :param pulumi.Input[str] language_code: The ISO 639 language code for this question content. + """ + pulumi.set(__self__, "content", content) + pulumi.set(__self__, "language_code", language_code) + + @property + @pulumi.getter + def content(self) -> pulumi.Input[str]: + """ + The localized content of this question. + """ + return pulumi.get(self, "content") + + @content.setter + def content(self, value: pulumi.Input[str]): + pulumi.set(self, "content", value) + + @property + @pulumi.getter(name="languageCode") + def language_code(self) -> pulumi.Input[str]: + """ + The ISO 639 language code for this question content. + """ + return pulumi.get(self, "language_code") + + @language_code.setter + def language_code(self, value: pulumi.Input[str]): + pulumi.set(self, "language_code", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyRequestorSettingsArgs: + def __init__(__self__, *, + requestors: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs']]]] = None, + requests_accepted: Optional[pulumi.Input[bool]] = None, + scope_type: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs']]] requestors: A block specifying the users who are allowed to request on this policy, as documented below. + :param pulumi.Input[bool] requests_accepted: Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + :param pulumi.Input[str] scope_type: Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + """ + if requestors is not None: + pulumi.set(__self__, "requestors", requestors) + if requests_accepted is not None: + pulumi.set(__self__, "requests_accepted", requests_accepted) + if scope_type is not None: + pulumi.set(__self__, "scope_type", scope_type) + + @property + @pulumi.getter + def requestors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs']]]]: + """ + A block specifying the users who are allowed to request on this policy, as documented below. + """ + return pulumi.get(self, "requestors") + + @requestors.setter + def requestors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs']]]]): + pulumi.set(self, "requestors", value) + + @property + @pulumi.getter(name="requestsAccepted") + def requests_accepted(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + """ + return pulumi.get(self, "requests_accepted") + + @requests_accepted.setter + def requests_accepted(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "requests_accepted", value) + + @property + @pulumi.getter(name="scopeType") + def scope_type(self) -> Optional[pulumi.Input[str]]: + """ + Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + """ + return pulumi.get(self, "scope_type") + + @scope_type.setter + def scope_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "scope_type", value) + + +@pulumi.input_type +class AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs: + def __init__(__self__, *, + subject_type: pulumi.Input[str], + backup: Optional[pulumi.Input[bool]] = None, + object_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param pulumi.Input[bool] backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param pulumi.Input[str] object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> pulumi.Input[str]: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @subject_type.setter + def subject_type(self, value: pulumi.Input[str]): + pulumi.set(self, "subject_type", value) + + @property + @pulumi.getter + def backup(self) -> Optional[pulumi.Input[bool]]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @backup.setter + def backup(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "backup", value) + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + @object_id.setter + def object_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "object_id", value) + + @pulumi.input_type class ApplicationApiArgs: def __init__(__self__, *, diff --git a/sdk/python/pulumi_azuread/access_package.py b/sdk/python/pulumi_azuread/access_package.py new file mode 100644 index 000000000..114cc5649 --- /dev/null +++ b/sdk/python/pulumi_azuread/access_package.py @@ -0,0 +1,351 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['AccessPackageArgs', 'AccessPackage'] + +@pulumi.input_type +class AccessPackageArgs: + def __init__(__self__, *, + catalog_id: pulumi.Input[str], + description: pulumi.Input[str], + display_name: pulumi.Input[str], + hidden: Optional[pulumi.Input[bool]] = None): + """ + The set of arguments for constructing a AccessPackage resource. + :param pulumi.Input[str] catalog_id: The ID of the Catalog this access package will be created in. + :param pulumi.Input[str] description: The description of the access package. + :param pulumi.Input[str] display_name: The display name of the access package. + :param pulumi.Input[bool] hidden: Whether the access package is hidden from the requestor. + """ + pulumi.set(__self__, "catalog_id", catalog_id) + pulumi.set(__self__, "description", description) + pulumi.set(__self__, "display_name", display_name) + if hidden is not None: + pulumi.set(__self__, "hidden", hidden) + + @property + @pulumi.getter(name="catalogId") + def catalog_id(self) -> pulumi.Input[str]: + """ + The ID of the Catalog this access package will be created in. + """ + return pulumi.get(self, "catalog_id") + + @catalog_id.setter + def catalog_id(self, value: pulumi.Input[str]): + pulumi.set(self, "catalog_id", value) + + @property + @pulumi.getter + def description(self) -> pulumi.Input[str]: + """ + The description of the access package. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: pulumi.Input[str]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Input[str]: + """ + The display name of the access package. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: pulumi.Input[str]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter + def hidden(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the access package is hidden from the requestor. + """ + return pulumi.get(self, "hidden") + + @hidden.setter + def hidden(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "hidden", value) + + +@pulumi.input_type +class _AccessPackageState: + def __init__(__self__, *, + catalog_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + hidden: Optional[pulumi.Input[bool]] = None): + """ + Input properties used for looking up and filtering AccessPackage resources. + :param pulumi.Input[str] catalog_id: The ID of the Catalog this access package will be created in. + :param pulumi.Input[str] description: The description of the access package. + :param pulumi.Input[str] display_name: The display name of the access package. + :param pulumi.Input[bool] hidden: Whether the access package is hidden from the requestor. + """ + if catalog_id is not None: + pulumi.set(__self__, "catalog_id", catalog_id) + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if hidden is not None: + pulumi.set(__self__, "hidden", hidden) + + @property + @pulumi.getter(name="catalogId") + def catalog_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the Catalog this access package will be created in. + """ + return pulumi.get(self, "catalog_id") + + @catalog_id.setter + def catalog_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "catalog_id", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + The description of the access package. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + The display name of the access package. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter + def hidden(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the access package is hidden from the requestor. + """ + return pulumi.get(self, "hidden") + + @hidden.setter + def hidden(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "hidden", value) + + +class AccessPackage(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + catalog_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + hidden: Optional[pulumi.Input[bool]] = None, + __props__=None): + """ + Manages an Access Package within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package = azuread.AccessPackage("exampleAccessPackage", + catalog_id=example_access_package_catalog.id, + display_name="access-package", + description="Access Package") + ``` + + ## Import + + Access Packages can be imported using the `id`, e.g. + + ```sh + $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] catalog_id: The ID of the Catalog this access package will be created in. + :param pulumi.Input[str] description: The description of the access package. + :param pulumi.Input[str] display_name: The display name of the access package. + :param pulumi.Input[bool] hidden: Whether the access package is hidden from the requestor. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AccessPackageArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages an Access Package within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package = azuread.AccessPackage("exampleAccessPackage", + catalog_id=example_access_package_catalog.id, + display_name="access-package", + description="Access Package") + ``` + + ## Import + + Access Packages can be imported using the `id`, e.g. + + ```sh + $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + ``` + + :param str resource_name: The name of the resource. + :param AccessPackageArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AccessPackageArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + catalog_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + hidden: Optional[pulumi.Input[bool]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AccessPackageArgs.__new__(AccessPackageArgs) + + if catalog_id is None and not opts.urn: + raise TypeError("Missing required property 'catalog_id'") + __props__.__dict__["catalog_id"] = catalog_id + if description is None and not opts.urn: + raise TypeError("Missing required property 'description'") + __props__.__dict__["description"] = description + if display_name is None and not opts.urn: + raise TypeError("Missing required property 'display_name'") + __props__.__dict__["display_name"] = display_name + __props__.__dict__["hidden"] = hidden + super(AccessPackage, __self__).__init__( + 'azuread:index/accessPackage:AccessPackage', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + catalog_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + hidden: Optional[pulumi.Input[bool]] = None) -> 'AccessPackage': + """ + Get an existing AccessPackage resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] catalog_id: The ID of the Catalog this access package will be created in. + :param pulumi.Input[str] description: The description of the access package. + :param pulumi.Input[str] display_name: The display name of the access package. + :param pulumi.Input[bool] hidden: Whether the access package is hidden from the requestor. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AccessPackageState.__new__(_AccessPackageState) + + __props__.__dict__["catalog_id"] = catalog_id + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["hidden"] = hidden + return AccessPackage(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="catalogId") + def catalog_id(self) -> pulumi.Output[str]: + """ + The ID of the Catalog this access package will be created in. + """ + return pulumi.get(self, "catalog_id") + + @property + @pulumi.getter + def description(self) -> pulumi.Output[str]: + """ + The description of the access package. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Output[str]: + """ + The display name of the access package. + """ + return pulumi.get(self, "display_name") + + @property + @pulumi.getter + def hidden(self) -> pulumi.Output[Optional[bool]]: + """ + Whether the access package is hidden from the requestor. + """ + return pulumi.get(self, "hidden") + diff --git a/sdk/python/pulumi_azuread/access_package_assignment_policy.py b/sdk/python/pulumi_azuread/access_package_assignment_policy.py new file mode 100644 index 000000000..af0c9d8d0 --- /dev/null +++ b/sdk/python/pulumi_azuread/access_package_assignment_policy.py @@ -0,0 +1,701 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['AccessPackageAssignmentPolicyArgs', 'AccessPackageAssignmentPolicy'] + +@pulumi.input_type +class AccessPackageAssignmentPolicyArgs: + def __init__(__self__, *, + access_package_id: pulumi.Input[str], + description: pulumi.Input[str], + display_name: pulumi.Input[str], + approval_settings: Optional[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs']] = None, + assignment_review_settings: Optional[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']] = None, + duration_in_days: Optional[pulumi.Input[int]] = None, + expiration_date: Optional[pulumi.Input[str]] = None, + extension_enabled: Optional[pulumi.Input[bool]] = None, + questions: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]]] = None, + requestor_settings: Optional[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs']] = None): + """ + The set of arguments for constructing a AccessPackageAssignmentPolicy resource. + :param pulumi.Input[str] access_package_id: The ID of the access package that will contain the policy. + :param pulumi.Input[str] description: The description of the policy. + :param pulumi.Input[str] display_name: The display name of the policy. + :param pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs'] approval_settings: An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + :param pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs'] assignment_review_settings: An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + :param pulumi.Input[int] duration_in_days: How many days this assignment is valid for. + :param pulumi.Input[str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + :param pulumi.Input[bool] extension_enabled: Whether users will be able to request extension of their access to this package before their access expires. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]] questions: One or more `question` blocks for the requestor, as documented below. + :param pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs'] requestor_settings: A `requestor_settings` block to configure the users who can request access, as documented below. + """ + pulumi.set(__self__, "access_package_id", access_package_id) + pulumi.set(__self__, "description", description) + pulumi.set(__self__, "display_name", display_name) + if approval_settings is not None: + pulumi.set(__self__, "approval_settings", approval_settings) + if assignment_review_settings is not None: + pulumi.set(__self__, "assignment_review_settings", assignment_review_settings) + if duration_in_days is not None: + pulumi.set(__self__, "duration_in_days", duration_in_days) + if expiration_date is not None: + pulumi.set(__self__, "expiration_date", expiration_date) + if extension_enabled is not None: + pulumi.set(__self__, "extension_enabled", extension_enabled) + if questions is not None: + pulumi.set(__self__, "questions", questions) + if requestor_settings is not None: + pulumi.set(__self__, "requestor_settings", requestor_settings) + + @property + @pulumi.getter(name="accessPackageId") + def access_package_id(self) -> pulumi.Input[str]: + """ + The ID of the access package that will contain the policy. + """ + return pulumi.get(self, "access_package_id") + + @access_package_id.setter + def access_package_id(self, value: pulumi.Input[str]): + pulumi.set(self, "access_package_id", value) + + @property + @pulumi.getter + def description(self) -> pulumi.Input[str]: + """ + The description of the policy. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: pulumi.Input[str]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Input[str]: + """ + The display name of the policy. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: pulumi.Input[str]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter(name="approvalSettings") + def approval_settings(self) -> Optional[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs']]: + """ + An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + """ + return pulumi.get(self, "approval_settings") + + @approval_settings.setter + def approval_settings(self, value: Optional[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs']]): + pulumi.set(self, "approval_settings", value) + + @property + @pulumi.getter(name="assignmentReviewSettings") + def assignment_review_settings(self) -> Optional[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']]: + """ + An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + """ + return pulumi.get(self, "assignment_review_settings") + + @assignment_review_settings.setter + def assignment_review_settings(self, value: Optional[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']]): + pulumi.set(self, "assignment_review_settings", value) + + @property + @pulumi.getter(name="durationInDays") + def duration_in_days(self) -> Optional[pulumi.Input[int]]: + """ + How many days this assignment is valid for. + """ + return pulumi.get(self, "duration_in_days") + + @duration_in_days.setter + def duration_in_days(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "duration_in_days", value) + + @property + @pulumi.getter(name="expirationDate") + def expiration_date(self) -> Optional[pulumi.Input[str]]: + """ + The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + """ + return pulumi.get(self, "expiration_date") + + @expiration_date.setter + def expiration_date(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "expiration_date", value) + + @property + @pulumi.getter(name="extensionEnabled") + def extension_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Whether users will be able to request extension of their access to this package before their access expires. + """ + return pulumi.get(self, "extension_enabled") + + @extension_enabled.setter + def extension_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "extension_enabled", value) + + @property + @pulumi.getter + def questions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]]]: + """ + One or more `question` blocks for the requestor, as documented below. + """ + return pulumi.get(self, "questions") + + @questions.setter + def questions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]]]): + pulumi.set(self, "questions", value) + + @property + @pulumi.getter(name="requestorSettings") + def requestor_settings(self) -> Optional[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs']]: + """ + A `requestor_settings` block to configure the users who can request access, as documented below. + """ + return pulumi.get(self, "requestor_settings") + + @requestor_settings.setter + def requestor_settings(self, value: Optional[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs']]): + pulumi.set(self, "requestor_settings", value) + + +@pulumi.input_type +class _AccessPackageAssignmentPolicyState: + def __init__(__self__, *, + access_package_id: Optional[pulumi.Input[str]] = None, + approval_settings: Optional[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs']] = None, + assignment_review_settings: Optional[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + duration_in_days: Optional[pulumi.Input[int]] = None, + expiration_date: Optional[pulumi.Input[str]] = None, + extension_enabled: Optional[pulumi.Input[bool]] = None, + questions: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]]] = None, + requestor_settings: Optional[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs']] = None): + """ + Input properties used for looking up and filtering AccessPackageAssignmentPolicy resources. + :param pulumi.Input[str] access_package_id: The ID of the access package that will contain the policy. + :param pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs'] approval_settings: An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + :param pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs'] assignment_review_settings: An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + :param pulumi.Input[str] description: The description of the policy. + :param pulumi.Input[str] display_name: The display name of the policy. + :param pulumi.Input[int] duration_in_days: How many days this assignment is valid for. + :param pulumi.Input[str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + :param pulumi.Input[bool] extension_enabled: Whether users will be able to request extension of their access to this package before their access expires. + :param pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]] questions: One or more `question` blocks for the requestor, as documented below. + :param pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs'] requestor_settings: A `requestor_settings` block to configure the users who can request access, as documented below. + """ + if access_package_id is not None: + pulumi.set(__self__, "access_package_id", access_package_id) + if approval_settings is not None: + pulumi.set(__self__, "approval_settings", approval_settings) + if assignment_review_settings is not None: + pulumi.set(__self__, "assignment_review_settings", assignment_review_settings) + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if duration_in_days is not None: + pulumi.set(__self__, "duration_in_days", duration_in_days) + if expiration_date is not None: + pulumi.set(__self__, "expiration_date", expiration_date) + if extension_enabled is not None: + pulumi.set(__self__, "extension_enabled", extension_enabled) + if questions is not None: + pulumi.set(__self__, "questions", questions) + if requestor_settings is not None: + pulumi.set(__self__, "requestor_settings", requestor_settings) + + @property + @pulumi.getter(name="accessPackageId") + def access_package_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the access package that will contain the policy. + """ + return pulumi.get(self, "access_package_id") + + @access_package_id.setter + def access_package_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "access_package_id", value) + + @property + @pulumi.getter(name="approvalSettings") + def approval_settings(self) -> Optional[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs']]: + """ + An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + """ + return pulumi.get(self, "approval_settings") + + @approval_settings.setter + def approval_settings(self, value: Optional[pulumi.Input['AccessPackageAssignmentPolicyApprovalSettingsArgs']]): + pulumi.set(self, "approval_settings", value) + + @property + @pulumi.getter(name="assignmentReviewSettings") + def assignment_review_settings(self) -> Optional[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']]: + """ + An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + """ + return pulumi.get(self, "assignment_review_settings") + + @assignment_review_settings.setter + def assignment_review_settings(self, value: Optional[pulumi.Input['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']]): + pulumi.set(self, "assignment_review_settings", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + The description of the policy. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + The display name of the policy. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter(name="durationInDays") + def duration_in_days(self) -> Optional[pulumi.Input[int]]: + """ + How many days this assignment is valid for. + """ + return pulumi.get(self, "duration_in_days") + + @duration_in_days.setter + def duration_in_days(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "duration_in_days", value) + + @property + @pulumi.getter(name="expirationDate") + def expiration_date(self) -> Optional[pulumi.Input[str]]: + """ + The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + """ + return pulumi.get(self, "expiration_date") + + @expiration_date.setter + def expiration_date(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "expiration_date", value) + + @property + @pulumi.getter(name="extensionEnabled") + def extension_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Whether users will be able to request extension of their access to this package before their access expires. + """ + return pulumi.get(self, "extension_enabled") + + @extension_enabled.setter + def extension_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "extension_enabled", value) + + @property + @pulumi.getter + def questions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]]]: + """ + One or more `question` blocks for the requestor, as documented below. + """ + return pulumi.get(self, "questions") + + @questions.setter + def questions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPackageAssignmentPolicyQuestionArgs']]]]): + pulumi.set(self, "questions", value) + + @property + @pulumi.getter(name="requestorSettings") + def requestor_settings(self) -> Optional[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs']]: + """ + A `requestor_settings` block to configure the users who can request access, as documented below. + """ + return pulumi.get(self, "requestor_settings") + + @requestor_settings.setter + def requestor_settings(self, value: Optional[pulumi.Input['AccessPackageAssignmentPolicyRequestorSettingsArgs']]): + pulumi.set(self, "requestor_settings", value) + + +class AccessPackageAssignmentPolicy(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + access_package_id: Optional[pulumi.Input[str]] = None, + approval_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyApprovalSettingsArgs']]] = None, + assignment_review_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + duration_in_days: Optional[pulumi.Input[int]] = None, + expiration_date: Optional[pulumi.Input[str]] = None, + extension_enabled: Optional[pulumi.Input[bool]] = None, + questions: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyQuestionArgs']]]]] = None, + requestor_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyRequestorSettingsArgs']]] = None, + __props__=None): + """ + Manages an assignment policy for an access package within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance. + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_group = azuread.Group("exampleGroup", + display_name="group-name", + security_enabled=True) + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package = azuread.AccessPackage("exampleAccessPackage", + catalog_id=example_access_package_catalog.id, + display_name="access-package", + description="Access Package") + test = azuread.AccessPackageAssignmentPolicy("test", + access_package_id=azuread_access_package["test"]["id"], + display_name="assignment-policy", + description="My assignment policy", + duration_in_days=90, + requestor_settings=azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs( + scope_type="AllExistingDirectoryMemberUsers", + ), + approval_settings=azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs( + approval_required=True, + approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs( + approval_timeout_in_days=14, + primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs( + object_id=azuread_group["test"]["object_id"], + subject_type="groupMembers", + )], + )], + ), + assignment_review_settings=azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs( + enabled=True, + review_frequency="weekly", + duration_in_days=3, + review_type="Self", + access_review_timeout_behavior="keepAccess", + ), + questions=[azuread.AccessPackageAssignmentPolicyQuestionArgs( + text=azuread.AccessPackageAssignmentPolicyQuestionTextArgs( + default_text="hello, how are you?", + ), + )]) + ``` + + ## Import + + An access package assignment policy can be imported using the ID, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] access_package_id: The ID of the access package that will contain the policy. + :param pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyApprovalSettingsArgs']] approval_settings: An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + :param pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']] assignment_review_settings: An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + :param pulumi.Input[str] description: The description of the policy. + :param pulumi.Input[str] display_name: The display name of the policy. + :param pulumi.Input[int] duration_in_days: How many days this assignment is valid for. + :param pulumi.Input[str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + :param pulumi.Input[bool] extension_enabled: Whether users will be able to request extension of their access to this package before their access expires. + :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyQuestionArgs']]]] questions: One or more `question` blocks for the requestor, as documented below. + :param pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyRequestorSettingsArgs']] requestor_settings: A `requestor_settings` block to configure the users who can request access, as documented below. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AccessPackageAssignmentPolicyArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages an assignment policy for an access package within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance. + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_group = azuread.Group("exampleGroup", + display_name="group-name", + security_enabled=True) + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package = azuread.AccessPackage("exampleAccessPackage", + catalog_id=example_access_package_catalog.id, + display_name="access-package", + description="Access Package") + test = azuread.AccessPackageAssignmentPolicy("test", + access_package_id=azuread_access_package["test"]["id"], + display_name="assignment-policy", + description="My assignment policy", + duration_in_days=90, + requestor_settings=azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs( + scope_type="AllExistingDirectoryMemberUsers", + ), + approval_settings=azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs( + approval_required=True, + approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs( + approval_timeout_in_days=14, + primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs( + object_id=azuread_group["test"]["object_id"], + subject_type="groupMembers", + )], + )], + ), + assignment_review_settings=azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs( + enabled=True, + review_frequency="weekly", + duration_in_days=3, + review_type="Self", + access_review_timeout_behavior="keepAccess", + ), + questions=[azuread.AccessPackageAssignmentPolicyQuestionArgs( + text=azuread.AccessPackageAssignmentPolicyQuestionTextArgs( + default_text="hello, how are you?", + ), + )]) + ``` + + ## Import + + An access package assignment policy can be imported using the ID, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + ``` + + :param str resource_name: The name of the resource. + :param AccessPackageAssignmentPolicyArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AccessPackageAssignmentPolicyArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + access_package_id: Optional[pulumi.Input[str]] = None, + approval_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyApprovalSettingsArgs']]] = None, + assignment_review_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + duration_in_days: Optional[pulumi.Input[int]] = None, + expiration_date: Optional[pulumi.Input[str]] = None, + extension_enabled: Optional[pulumi.Input[bool]] = None, + questions: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyQuestionArgs']]]]] = None, + requestor_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyRequestorSettingsArgs']]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AccessPackageAssignmentPolicyArgs.__new__(AccessPackageAssignmentPolicyArgs) + + if access_package_id is None and not opts.urn: + raise TypeError("Missing required property 'access_package_id'") + __props__.__dict__["access_package_id"] = access_package_id + __props__.__dict__["approval_settings"] = approval_settings + __props__.__dict__["assignment_review_settings"] = assignment_review_settings + if description is None and not opts.urn: + raise TypeError("Missing required property 'description'") + __props__.__dict__["description"] = description + if display_name is None and not opts.urn: + raise TypeError("Missing required property 'display_name'") + __props__.__dict__["display_name"] = display_name + __props__.__dict__["duration_in_days"] = duration_in_days + __props__.__dict__["expiration_date"] = expiration_date + __props__.__dict__["extension_enabled"] = extension_enabled + __props__.__dict__["questions"] = questions + __props__.__dict__["requestor_settings"] = requestor_settings + super(AccessPackageAssignmentPolicy, __self__).__init__( + 'azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + access_package_id: Optional[pulumi.Input[str]] = None, + approval_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyApprovalSettingsArgs']]] = None, + assignment_review_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + duration_in_days: Optional[pulumi.Input[int]] = None, + expiration_date: Optional[pulumi.Input[str]] = None, + extension_enabled: Optional[pulumi.Input[bool]] = None, + questions: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyQuestionArgs']]]]] = None, + requestor_settings: Optional[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyRequestorSettingsArgs']]] = None) -> 'AccessPackageAssignmentPolicy': + """ + Get an existing AccessPackageAssignmentPolicy resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] access_package_id: The ID of the access package that will contain the policy. + :param pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyApprovalSettingsArgs']] approval_settings: An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + :param pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs']] assignment_review_settings: An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + :param pulumi.Input[str] description: The description of the policy. + :param pulumi.Input[str] display_name: The display name of the policy. + :param pulumi.Input[int] duration_in_days: How many days this assignment is valid for. + :param pulumi.Input[str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + :param pulumi.Input[bool] extension_enabled: Whether users will be able to request extension of their access to this package before their access expires. + :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyQuestionArgs']]]] questions: One or more `question` blocks for the requestor, as documented below. + :param pulumi.Input[pulumi.InputType['AccessPackageAssignmentPolicyRequestorSettingsArgs']] requestor_settings: A `requestor_settings` block to configure the users who can request access, as documented below. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AccessPackageAssignmentPolicyState.__new__(_AccessPackageAssignmentPolicyState) + + __props__.__dict__["access_package_id"] = access_package_id + __props__.__dict__["approval_settings"] = approval_settings + __props__.__dict__["assignment_review_settings"] = assignment_review_settings + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["duration_in_days"] = duration_in_days + __props__.__dict__["expiration_date"] = expiration_date + __props__.__dict__["extension_enabled"] = extension_enabled + __props__.__dict__["questions"] = questions + __props__.__dict__["requestor_settings"] = requestor_settings + return AccessPackageAssignmentPolicy(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="accessPackageId") + def access_package_id(self) -> pulumi.Output[str]: + """ + The ID of the access package that will contain the policy. + """ + return pulumi.get(self, "access_package_id") + + @property + @pulumi.getter(name="approvalSettings") + def approval_settings(self) -> pulumi.Output[Optional['outputs.AccessPackageAssignmentPolicyApprovalSettings']]: + """ + An `approval_settings` block to specify whether approvals are required and how they are obtained, as documented below. + """ + return pulumi.get(self, "approval_settings") + + @property + @pulumi.getter(name="assignmentReviewSettings") + def assignment_review_settings(self) -> pulumi.Output[Optional['outputs.AccessPackageAssignmentPolicyAssignmentReviewSettings']]: + """ + An `assignment_review_settings` block, to specify whether assignment review is needed and how it is conducted, as documented below. + """ + return pulumi.get(self, "assignment_review_settings") + + @property + @pulumi.getter + def description(self) -> pulumi.Output[str]: + """ + The description of the policy. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Output[str]: + """ + The display name of the policy. + """ + return pulumi.get(self, "display_name") + + @property + @pulumi.getter(name="durationInDays") + def duration_in_days(self) -> pulumi.Output[Optional[int]]: + """ + How many days this assignment is valid for. + """ + return pulumi.get(self, "duration_in_days") + + @property + @pulumi.getter(name="expirationDate") + def expiration_date(self) -> pulumi.Output[Optional[str]]: + """ + The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z). + """ + return pulumi.get(self, "expiration_date") + + @property + @pulumi.getter(name="extensionEnabled") + def extension_enabled(self) -> pulumi.Output[Optional[bool]]: + """ + Whether users will be able to request extension of their access to this package before their access expires. + """ + return pulumi.get(self, "extension_enabled") + + @property + @pulumi.getter + def questions(self) -> pulumi.Output[Optional[Sequence['outputs.AccessPackageAssignmentPolicyQuestion']]]: + """ + One or more `question` blocks for the requestor, as documented below. + """ + return pulumi.get(self, "questions") + + @property + @pulumi.getter(name="requestorSettings") + def requestor_settings(self) -> pulumi.Output[Optional['outputs.AccessPackageAssignmentPolicyRequestorSettings']]: + """ + A `requestor_settings` block to configure the users who can request access, as documented below. + """ + return pulumi.get(self, "requestor_settings") + diff --git a/sdk/python/pulumi_azuread/access_package_catalog.py b/sdk/python/pulumi_azuread/access_package_catalog.py new file mode 100644 index 000000000..b592f782a --- /dev/null +++ b/sdk/python/pulumi_azuread/access_package_catalog.py @@ -0,0 +1,342 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['AccessPackageCatalogArgs', 'AccessPackageCatalog'] + +@pulumi.input_type +class AccessPackageCatalogArgs: + def __init__(__self__, *, + description: pulumi.Input[str], + display_name: pulumi.Input[str], + externally_visible: Optional[pulumi.Input[bool]] = None, + published: Optional[pulumi.Input[bool]] = None): + """ + The set of arguments for constructing a AccessPackageCatalog resource. + :param pulumi.Input[str] description: The description of the access package catalog. + :param pulumi.Input[str] display_name: The display name of the access package catalog. + :param pulumi.Input[bool] externally_visible: Whether the access packages in this catalog can be requested by users outside the tenant. + :param pulumi.Input[bool] published: Whether the access packages in this catalog are available for management. + """ + pulumi.set(__self__, "description", description) + pulumi.set(__self__, "display_name", display_name) + if externally_visible is not None: + pulumi.set(__self__, "externally_visible", externally_visible) + if published is not None: + pulumi.set(__self__, "published", published) + + @property + @pulumi.getter + def description(self) -> pulumi.Input[str]: + """ + The description of the access package catalog. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: pulumi.Input[str]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Input[str]: + """ + The display name of the access package catalog. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: pulumi.Input[str]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter(name="externallyVisible") + def externally_visible(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the access packages in this catalog can be requested by users outside the tenant. + """ + return pulumi.get(self, "externally_visible") + + @externally_visible.setter + def externally_visible(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "externally_visible", value) + + @property + @pulumi.getter + def published(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the access packages in this catalog are available for management. + """ + return pulumi.get(self, "published") + + @published.setter + def published(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "published", value) + + +@pulumi.input_type +class _AccessPackageCatalogState: + def __init__(__self__, *, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + externally_visible: Optional[pulumi.Input[bool]] = None, + published: Optional[pulumi.Input[bool]] = None): + """ + Input properties used for looking up and filtering AccessPackageCatalog resources. + :param pulumi.Input[str] description: The description of the access package catalog. + :param pulumi.Input[str] display_name: The display name of the access package catalog. + :param pulumi.Input[bool] externally_visible: Whether the access packages in this catalog can be requested by users outside the tenant. + :param pulumi.Input[bool] published: Whether the access packages in this catalog are available for management. + """ + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if externally_visible is not None: + pulumi.set(__self__, "externally_visible", externally_visible) + if published is not None: + pulumi.set(__self__, "published", published) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + The description of the access package catalog. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + The display name of the access package catalog. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter(name="externallyVisible") + def externally_visible(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the access packages in this catalog can be requested by users outside the tenant. + """ + return pulumi.get(self, "externally_visible") + + @externally_visible.setter + def externally_visible(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "externally_visible", value) + + @property + @pulumi.getter + def published(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the access packages in this catalog are available for management. + """ + return pulumi.get(self, "published") + + @published.setter + def published(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "published", value) + + +class AccessPackageCatalog(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + externally_visible: Optional[pulumi.Input[bool]] = None, + published: Optional[pulumi.Input[bool]] = None, + __props__=None): + """ + Manages an access package catalog within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.AccessPackageCatalog("example", + description="Example access package catalog", + display_name="example-access-package-catalog") + ``` + + ## Import + + An Access Package Catalog can be imported using the `id`, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] description: The description of the access package catalog. + :param pulumi.Input[str] display_name: The display name of the access package catalog. + :param pulumi.Input[bool] externally_visible: Whether the access packages in this catalog can be requested by users outside the tenant. + :param pulumi.Input[bool] published: Whether the access packages in this catalog are available for management. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AccessPackageCatalogArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages an access package catalog within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.AccessPackageCatalog("example", + description="Example access package catalog", + display_name="example-access-package-catalog") + ``` + + ## Import + + An Access Package Catalog can be imported using the `id`, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + ``` + + :param str resource_name: The name of the resource. + :param AccessPackageCatalogArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AccessPackageCatalogArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + externally_visible: Optional[pulumi.Input[bool]] = None, + published: Optional[pulumi.Input[bool]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AccessPackageCatalogArgs.__new__(AccessPackageCatalogArgs) + + if description is None and not opts.urn: + raise TypeError("Missing required property 'description'") + __props__.__dict__["description"] = description + if display_name is None and not opts.urn: + raise TypeError("Missing required property 'display_name'") + __props__.__dict__["display_name"] = display_name + __props__.__dict__["externally_visible"] = externally_visible + __props__.__dict__["published"] = published + super(AccessPackageCatalog, __self__).__init__( + 'azuread:index/accessPackageCatalog:AccessPackageCatalog', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + externally_visible: Optional[pulumi.Input[bool]] = None, + published: Optional[pulumi.Input[bool]] = None) -> 'AccessPackageCatalog': + """ + Get an existing AccessPackageCatalog resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] description: The description of the access package catalog. + :param pulumi.Input[str] display_name: The display name of the access package catalog. + :param pulumi.Input[bool] externally_visible: Whether the access packages in this catalog can be requested by users outside the tenant. + :param pulumi.Input[bool] published: Whether the access packages in this catalog are available for management. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AccessPackageCatalogState.__new__(_AccessPackageCatalogState) + + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["externally_visible"] = externally_visible + __props__.__dict__["published"] = published + return AccessPackageCatalog(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def description(self) -> pulumi.Output[str]: + """ + The description of the access package catalog. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Output[str]: + """ + The display name of the access package catalog. + """ + return pulumi.get(self, "display_name") + + @property + @pulumi.getter(name="externallyVisible") + def externally_visible(self) -> pulumi.Output[Optional[bool]]: + """ + Whether the access packages in this catalog can be requested by users outside the tenant. + """ + return pulumi.get(self, "externally_visible") + + @property + @pulumi.getter + def published(self) -> pulumi.Output[Optional[bool]]: + """ + Whether the access packages in this catalog are available for management. + """ + return pulumi.get(self, "published") + diff --git a/sdk/python/pulumi_azuread/access_package_resource_catalog_association.py b/sdk/python/pulumi_azuread/access_package_resource_catalog_association.py new file mode 100644 index 000000000..25f71533f --- /dev/null +++ b/sdk/python/pulumi_azuread/access_package_resource_catalog_association.py @@ -0,0 +1,314 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['AccessPackageResourceCatalogAssociationArgs', 'AccessPackageResourceCatalogAssociation'] + +@pulumi.input_type +class AccessPackageResourceCatalogAssociationArgs: + def __init__(__self__, *, + catalog_id: pulumi.Input[str], + resource_origin_id: pulumi.Input[str], + resource_origin_system: pulumi.Input[str]): + """ + The set of arguments for constructing a AccessPackageResourceCatalogAssociation resource. + :param pulumi.Input[str] catalog_id: The unique ID of the access package catalog. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_id: The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_system: The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + """ + pulumi.set(__self__, "catalog_id", catalog_id) + pulumi.set(__self__, "resource_origin_id", resource_origin_id) + pulumi.set(__self__, "resource_origin_system", resource_origin_system) + + @property + @pulumi.getter(name="catalogId") + def catalog_id(self) -> pulumi.Input[str]: + """ + The unique ID of the access package catalog. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "catalog_id") + + @catalog_id.setter + def catalog_id(self, value: pulumi.Input[str]): + pulumi.set(self, "catalog_id", value) + + @property + @pulumi.getter(name="resourceOriginId") + def resource_origin_id(self) -> pulumi.Input[str]: + """ + The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "resource_origin_id") + + @resource_origin_id.setter + def resource_origin_id(self, value: pulumi.Input[str]): + pulumi.set(self, "resource_origin_id", value) + + @property + @pulumi.getter(name="resourceOriginSystem") + def resource_origin_system(self) -> pulumi.Input[str]: + """ + The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "resource_origin_system") + + @resource_origin_system.setter + def resource_origin_system(self, value: pulumi.Input[str]): + pulumi.set(self, "resource_origin_system", value) + + +@pulumi.input_type +class _AccessPackageResourceCatalogAssociationState: + def __init__(__self__, *, + catalog_id: Optional[pulumi.Input[str]] = None, + resource_origin_id: Optional[pulumi.Input[str]] = None, + resource_origin_system: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AccessPackageResourceCatalogAssociation resources. + :param pulumi.Input[str] catalog_id: The unique ID of the access package catalog. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_id: The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_system: The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + """ + if catalog_id is not None: + pulumi.set(__self__, "catalog_id", catalog_id) + if resource_origin_id is not None: + pulumi.set(__self__, "resource_origin_id", resource_origin_id) + if resource_origin_system is not None: + pulumi.set(__self__, "resource_origin_system", resource_origin_system) + + @property + @pulumi.getter(name="catalogId") + def catalog_id(self) -> Optional[pulumi.Input[str]]: + """ + The unique ID of the access package catalog. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "catalog_id") + + @catalog_id.setter + def catalog_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "catalog_id", value) + + @property + @pulumi.getter(name="resourceOriginId") + def resource_origin_id(self) -> Optional[pulumi.Input[str]]: + """ + The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "resource_origin_id") + + @resource_origin_id.setter + def resource_origin_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "resource_origin_id", value) + + @property + @pulumi.getter(name="resourceOriginSystem") + def resource_origin_system(self) -> Optional[pulumi.Input[str]]: + """ + The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "resource_origin_system") + + @resource_origin_system.setter + def resource_origin_system(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "resource_origin_system", value) + + +class AccessPackageResourceCatalogAssociation(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + catalog_id: Optional[pulumi.Input[str]] = None, + resource_origin_id: Optional[pulumi.Input[str]] = None, + resource_origin_system: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_group = azuread.Group("exampleGroup", + display_name="example-group", + security_enabled=True) + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", + catalog_id=azuread_access_package_catalog["example_catalog"]["id"], + resource_origin_id=azuread_group["example_group"]["object_id"], + resource_origin_system="AadGroup") + ``` + + ## Import + + The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + ``` + + -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] catalog_id: The unique ID of the access package catalog. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_id: The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_system: The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AccessPackageResourceCatalogAssociationArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_group = azuread.Group("exampleGroup", + display_name="example-group", + security_enabled=True) + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", + catalog_id=azuread_access_package_catalog["example_catalog"]["id"], + resource_origin_id=azuread_group["example_group"]["object_id"], + resource_origin_system="AadGroup") + ``` + + ## Import + + The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + ``` + + -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. + + :param str resource_name: The name of the resource. + :param AccessPackageResourceCatalogAssociationArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AccessPackageResourceCatalogAssociationArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + catalog_id: Optional[pulumi.Input[str]] = None, + resource_origin_id: Optional[pulumi.Input[str]] = None, + resource_origin_system: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AccessPackageResourceCatalogAssociationArgs.__new__(AccessPackageResourceCatalogAssociationArgs) + + if catalog_id is None and not opts.urn: + raise TypeError("Missing required property 'catalog_id'") + __props__.__dict__["catalog_id"] = catalog_id + if resource_origin_id is None and not opts.urn: + raise TypeError("Missing required property 'resource_origin_id'") + __props__.__dict__["resource_origin_id"] = resource_origin_id + if resource_origin_system is None and not opts.urn: + raise TypeError("Missing required property 'resource_origin_system'") + __props__.__dict__["resource_origin_system"] = resource_origin_system + super(AccessPackageResourceCatalogAssociation, __self__).__init__( + 'azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + catalog_id: Optional[pulumi.Input[str]] = None, + resource_origin_id: Optional[pulumi.Input[str]] = None, + resource_origin_system: Optional[pulumi.Input[str]] = None) -> 'AccessPackageResourceCatalogAssociation': + """ + Get an existing AccessPackageResourceCatalogAssociation resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] catalog_id: The unique ID of the access package catalog. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_id: The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + :param pulumi.Input[str] resource_origin_system: The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AccessPackageResourceCatalogAssociationState.__new__(_AccessPackageResourceCatalogAssociationState) + + __props__.__dict__["catalog_id"] = catalog_id + __props__.__dict__["resource_origin_id"] = resource_origin_id + __props__.__dict__["resource_origin_system"] = resource_origin_system + return AccessPackageResourceCatalogAssociation(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="catalogId") + def catalog_id(self) -> pulumi.Output[str]: + """ + The unique ID of the access package catalog. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "catalog_id") + + @property + @pulumi.getter(name="resourceOriginId") + def resource_origin_id(self) -> pulumi.Output[str]: + """ + The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "resource_origin_id") + + @property + @pulumi.getter(name="resourceOriginSystem") + def resource_origin_system(self) -> pulumi.Output[str]: + """ + The type of the resource in the origin system, such as `SharePointOnline`, `AadApplication` or `AadGroup`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "resource_origin_system") + diff --git a/sdk/python/pulumi_azuread/access_package_resource_package_association.py b/sdk/python/pulumi_azuread/access_package_resource_package_association.py new file mode 100644 index 000000000..d215cd5eb --- /dev/null +++ b/sdk/python/pulumi_azuread/access_package_resource_package_association.py @@ -0,0 +1,327 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['AccessPackageResourcePackageAssociationArgs', 'AccessPackageResourcePackageAssociation'] + +@pulumi.input_type +class AccessPackageResourcePackageAssociationArgs: + def __init__(__self__, *, + access_package_id: pulumi.Input[str], + catalog_resource_association_id: pulumi.Input[str], + access_type: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a AccessPackageResourcePackageAssociation resource. + :param pulumi.Input[str] access_package_id: The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + :param pulumi.Input[str] catalog_resource_association_id: The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + :param pulumi.Input[str] access_type: The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + """ + pulumi.set(__self__, "access_package_id", access_package_id) + pulumi.set(__self__, "catalog_resource_association_id", catalog_resource_association_id) + if access_type is not None: + pulumi.set(__self__, "access_type", access_type) + + @property + @pulumi.getter(name="accessPackageId") + def access_package_id(self) -> pulumi.Input[str]: + """ + The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "access_package_id") + + @access_package_id.setter + def access_package_id(self, value: pulumi.Input[str]): + pulumi.set(self, "access_package_id", value) + + @property + @pulumi.getter(name="catalogResourceAssociationId") + def catalog_resource_association_id(self) -> pulumi.Input[str]: + """ + The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "catalog_resource_association_id") + + @catalog_resource_association_id.setter + def catalog_resource_association_id(self, value: pulumi.Input[str]): + pulumi.set(self, "catalog_resource_association_id", value) + + @property + @pulumi.getter(name="accessType") + def access_type(self) -> Optional[pulumi.Input[str]]: + """ + The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "access_type") + + @access_type.setter + def access_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "access_type", value) + + +@pulumi.input_type +class _AccessPackageResourcePackageAssociationState: + def __init__(__self__, *, + access_package_id: Optional[pulumi.Input[str]] = None, + access_type: Optional[pulumi.Input[str]] = None, + catalog_resource_association_id: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AccessPackageResourcePackageAssociation resources. + :param pulumi.Input[str] access_package_id: The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + :param pulumi.Input[str] access_type: The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + :param pulumi.Input[str] catalog_resource_association_id: The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + """ + if access_package_id is not None: + pulumi.set(__self__, "access_package_id", access_package_id) + if access_type is not None: + pulumi.set(__self__, "access_type", access_type) + if catalog_resource_association_id is not None: + pulumi.set(__self__, "catalog_resource_association_id", catalog_resource_association_id) + + @property + @pulumi.getter(name="accessPackageId") + def access_package_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "access_package_id") + + @access_package_id.setter + def access_package_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "access_package_id", value) + + @property + @pulumi.getter(name="accessType") + def access_type(self) -> Optional[pulumi.Input[str]]: + """ + The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "access_type") + + @access_type.setter + def access_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "access_type", value) + + @property + @pulumi.getter(name="catalogResourceAssociationId") + def catalog_resource_association_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "catalog_resource_association_id") + + @catalog_resource_association_id.setter + def catalog_resource_association_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "catalog_resource_association_id", value) + + +class AccessPackageResourcePackageAssociation(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + access_package_id: Optional[pulumi.Input[str]] = None, + access_type: Optional[pulumi.Input[str]] = None, + catalog_resource_association_id: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Manages the resources added to access packages within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`. + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_group = azuread.Group("exampleGroup", + display_name="example-group", + security_enabled=True) + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", + catalog_id=azuread_access_package_catalog["example_catalog"]["id"], + resource_origin_id=azuread_group["example_group"]["object_id"], + resource_origin_system="AadGroup") + example_access_package = azuread.AccessPackage("exampleAccessPackage", + display_name="example-package", + description="Example Package", + catalog_id=azuread_access_package_catalog["example_catalog"]["id"]) + example_access_package_resource_package_association = azuread.AccessPackageResourcePackageAssociation("exampleAccessPackageResourcePackageAssociation", + access_package_id=example_access_package.id, + catalog_resource_association_id=example_access_package_resource_catalog_association.id) + ``` + + ## Import + + The resource and catalog association can be imported using the access package ID, the resource association ID, the resource origin ID, and the access type, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + ``` + + -> This ID format is unique to Terraform and is composed of the Access Package ID, the Resource Association ID, the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceAssociationID}/{ResourceOriginID}/{AccessType}`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] access_package_id: The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + :param pulumi.Input[str] access_type: The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + :param pulumi.Input[str] catalog_resource_association_id: The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AccessPackageResourcePackageAssociationArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages the resources added to access packages within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`. + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_group = azuread.Group("exampleGroup", + display_name="example-group", + security_enabled=True) + example_access_package_catalog = azuread.AccessPackageCatalog("exampleAccessPackageCatalog", + display_name="example-catalog", + description="Example catalog") + example_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation("exampleAccessPackageResourceCatalogAssociation", + catalog_id=azuread_access_package_catalog["example_catalog"]["id"], + resource_origin_id=azuread_group["example_group"]["object_id"], + resource_origin_system="AadGroup") + example_access_package = azuread.AccessPackage("exampleAccessPackage", + display_name="example-package", + description="Example Package", + catalog_id=azuread_access_package_catalog["example_catalog"]["id"]) + example_access_package_resource_package_association = azuread.AccessPackageResourcePackageAssociation("exampleAccessPackageResourcePackageAssociation", + access_package_id=example_access_package.id, + catalog_resource_association_id=example_access_package_resource_catalog_association.id) + ``` + + ## Import + + The resource and catalog association can be imported using the access package ID, the resource association ID, the resource origin ID, and the access type, e.g. + + ```sh + $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + ``` + + -> This ID format is unique to Terraform and is composed of the Access Package ID, the Resource Association ID, the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceAssociationID}/{ResourceOriginID}/{AccessType}`. + + :param str resource_name: The name of the resource. + :param AccessPackageResourcePackageAssociationArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AccessPackageResourcePackageAssociationArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + access_package_id: Optional[pulumi.Input[str]] = None, + access_type: Optional[pulumi.Input[str]] = None, + catalog_resource_association_id: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AccessPackageResourcePackageAssociationArgs.__new__(AccessPackageResourcePackageAssociationArgs) + + if access_package_id is None and not opts.urn: + raise TypeError("Missing required property 'access_package_id'") + __props__.__dict__["access_package_id"] = access_package_id + __props__.__dict__["access_type"] = access_type + if catalog_resource_association_id is None and not opts.urn: + raise TypeError("Missing required property 'catalog_resource_association_id'") + __props__.__dict__["catalog_resource_association_id"] = catalog_resource_association_id + super(AccessPackageResourcePackageAssociation, __self__).__init__( + 'azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + access_package_id: Optional[pulumi.Input[str]] = None, + access_type: Optional[pulumi.Input[str]] = None, + catalog_resource_association_id: Optional[pulumi.Input[str]] = None) -> 'AccessPackageResourcePackageAssociation': + """ + Get an existing AccessPackageResourcePackageAssociation resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] access_package_id: The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + :param pulumi.Input[str] access_type: The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + :param pulumi.Input[str] catalog_resource_association_id: The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AccessPackageResourcePackageAssociationState.__new__(_AccessPackageResourcePackageAssociationState) + + __props__.__dict__["access_package_id"] = access_package_id + __props__.__dict__["access_type"] = access_type + __props__.__dict__["catalog_resource_association_id"] = catalog_resource_association_id + return AccessPackageResourcePackageAssociation(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="accessPackageId") + def access_package_id(self) -> pulumi.Output[str]: + """ + The ID of access package this resource association is configured to. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "access_package_id") + + @property + @pulumi.getter(name="accessType") + def access_type(self) -> pulumi.Output[Optional[str]]: + """ + The role of access type to the specified resource. Valid values are `Member`, or `Owner` The default is `Member`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "access_type") + + @property + @pulumi.getter(name="catalogResourceAssociationId") + def catalog_resource_association_id(self) -> pulumi.Output[str]: + """ + The ID of the catalog association from the `AccessPackageResourceCatalogAssociation` resource. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "catalog_resource_association_id") + diff --git a/sdk/python/pulumi_azuread/administrative_unit_role_member.py b/sdk/python/pulumi_azuread/administrative_unit_role_member.py new file mode 100644 index 000000000..16ac85746 --- /dev/null +++ b/sdk/python/pulumi_azuread/administrative_unit_role_member.py @@ -0,0 +1,308 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['AdministrativeUnitRoleMemberArgs', 'AdministrativeUnitRoleMember'] + +@pulumi.input_type +class AdministrativeUnitRoleMemberArgs: + def __init__(__self__, *, + administrative_unit_object_id: pulumi.Input[str], + member_object_id: pulumi.Input[str], + role_object_id: pulumi.Input[str]): + """ + The set of arguments for constructing a AdministrativeUnitRoleMember resource. + :param pulumi.Input[str] administrative_unit_object_id: The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + :param pulumi.Input[str] member_object_id: The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + :param pulumi.Input[str] role_object_id: The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + """ + pulumi.set(__self__, "administrative_unit_object_id", administrative_unit_object_id) + pulumi.set(__self__, "member_object_id", member_object_id) + pulumi.set(__self__, "role_object_id", role_object_id) + + @property + @pulumi.getter(name="administrativeUnitObjectId") + def administrative_unit_object_id(self) -> pulumi.Input[str]: + """ + The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "administrative_unit_object_id") + + @administrative_unit_object_id.setter + def administrative_unit_object_id(self, value: pulumi.Input[str]): + pulumi.set(self, "administrative_unit_object_id", value) + + @property + @pulumi.getter(name="memberObjectId") + def member_object_id(self) -> pulumi.Input[str]: + """ + The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "member_object_id") + + @member_object_id.setter + def member_object_id(self, value: pulumi.Input[str]): + pulumi.set(self, "member_object_id", value) + + @property + @pulumi.getter(name="roleObjectId") + def role_object_id(self) -> pulumi.Input[str]: + """ + The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "role_object_id") + + @role_object_id.setter + def role_object_id(self, value: pulumi.Input[str]): + pulumi.set(self, "role_object_id", value) + + +@pulumi.input_type +class _AdministrativeUnitRoleMemberState: + def __init__(__self__, *, + administrative_unit_object_id: Optional[pulumi.Input[str]] = None, + member_object_id: Optional[pulumi.Input[str]] = None, + role_object_id: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AdministrativeUnitRoleMember resources. + :param pulumi.Input[str] administrative_unit_object_id: The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + :param pulumi.Input[str] member_object_id: The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + :param pulumi.Input[str] role_object_id: The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + """ + if administrative_unit_object_id is not None: + pulumi.set(__self__, "administrative_unit_object_id", administrative_unit_object_id) + if member_object_id is not None: + pulumi.set(__self__, "member_object_id", member_object_id) + if role_object_id is not None: + pulumi.set(__self__, "role_object_id", role_object_id) + + @property + @pulumi.getter(name="administrativeUnitObjectId") + def administrative_unit_object_id(self) -> Optional[pulumi.Input[str]]: + """ + The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "administrative_unit_object_id") + + @administrative_unit_object_id.setter + def administrative_unit_object_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "administrative_unit_object_id", value) + + @property + @pulumi.getter(name="memberObjectId") + def member_object_id(self) -> Optional[pulumi.Input[str]]: + """ + The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "member_object_id") + + @member_object_id.setter + def member_object_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "member_object_id", value) + + @property + @pulumi.getter(name="roleObjectId") + def role_object_id(self) -> Optional[pulumi.Input[str]]: + """ + The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "role_object_id") + + @role_object_id.setter + def role_object_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role_object_id", value) + + +class AdministrativeUnitRoleMember(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + administrative_unit_object_id: Optional[pulumi.Input[str]] = None, + member_object_id: Optional[pulumi.Input[str]] = None, + role_object_id: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All` + + When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_user = azuread.get_user(user_principal_name="jdoe@hashicorp.com") + example_administrative_unit = azuread.AdministrativeUnit("exampleAdministrativeUnit", display_name="Example-AU") + example_directory_role = azuread.DirectoryRole("exampleDirectoryRole", display_name="Security administrator") + example_administrative_unit_role_member = azuread.AdministrativeUnitRoleMember("exampleAdministrativeUnitRoleMember", + role_object_id=example_directory_role.object_id, + administrative_unit_object_id=example_administrative_unit.id, + member_object_id=example_user.id) + ``` + + ## Import + + Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. + + ```sh + $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember test 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + ``` + + -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] administrative_unit_object_id: The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + :param pulumi.Input[str] member_object_id: The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + :param pulumi.Input[str] role_object_id: The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AdministrativeUnitRoleMemberArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All` + + When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` + + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example_user = azuread.get_user(user_principal_name="jdoe@hashicorp.com") + example_administrative_unit = azuread.AdministrativeUnit("exampleAdministrativeUnit", display_name="Example-AU") + example_directory_role = azuread.DirectoryRole("exampleDirectoryRole", display_name="Security administrator") + example_administrative_unit_role_member = azuread.AdministrativeUnitRoleMember("exampleAdministrativeUnitRoleMember", + role_object_id=example_directory_role.object_id, + administrative_unit_object_id=example_administrative_unit.id, + member_object_id=example_user.id) + ``` + + ## Import + + Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. + + ```sh + $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember test 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + ``` + + -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. + + :param str resource_name: The name of the resource. + :param AdministrativeUnitRoleMemberArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AdministrativeUnitRoleMemberArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + administrative_unit_object_id: Optional[pulumi.Input[str]] = None, + member_object_id: Optional[pulumi.Input[str]] = None, + role_object_id: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AdministrativeUnitRoleMemberArgs.__new__(AdministrativeUnitRoleMemberArgs) + + if administrative_unit_object_id is None and not opts.urn: + raise TypeError("Missing required property 'administrative_unit_object_id'") + __props__.__dict__["administrative_unit_object_id"] = administrative_unit_object_id + if member_object_id is None and not opts.urn: + raise TypeError("Missing required property 'member_object_id'") + __props__.__dict__["member_object_id"] = member_object_id + if role_object_id is None and not opts.urn: + raise TypeError("Missing required property 'role_object_id'") + __props__.__dict__["role_object_id"] = role_object_id + super(AdministrativeUnitRoleMember, __self__).__init__( + 'azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + administrative_unit_object_id: Optional[pulumi.Input[str]] = None, + member_object_id: Optional[pulumi.Input[str]] = None, + role_object_id: Optional[pulumi.Input[str]] = None) -> 'AdministrativeUnitRoleMember': + """ + Get an existing AdministrativeUnitRoleMember resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] administrative_unit_object_id: The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + :param pulumi.Input[str] member_object_id: The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + :param pulumi.Input[str] role_object_id: The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AdministrativeUnitRoleMemberState.__new__(_AdministrativeUnitRoleMemberState) + + __props__.__dict__["administrative_unit_object_id"] = administrative_unit_object_id + __props__.__dict__["member_object_id"] = member_object_id + __props__.__dict__["role_object_id"] = role_object_id + return AdministrativeUnitRoleMember(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="administrativeUnitObjectId") + def administrative_unit_object_id(self) -> pulumi.Output[str]: + """ + The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "administrative_unit_object_id") + + @property + @pulumi.getter(name="memberObjectId") + def member_object_id(self) -> pulumi.Output[str]: + """ + The object ID of the user, group or service principal you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "member_object_id") + + @property + @pulumi.getter(name="roleObjectId") + def role_object_id(self) -> pulumi.Output[str]: + """ + The object ID of the directory role you want to assign. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "role_object_id") + diff --git a/sdk/python/pulumi_azuread/application.py b/sdk/python/pulumi_azuread/application.py index c24f2e62c..7d3907b0f 100644 --- a/sdk/python/pulumi_azuread/application.py +++ b/sdk/python/pulumi_azuread/application.py @@ -35,6 +35,7 @@ def __init__(__self__, *, privacy_statement_url: Optional[pulumi.Input[str]] = None, public_client: Optional[pulumi.Input['ApplicationPublicClientArgs']] = None, required_resource_accesses: Optional[pulumi.Input[Sequence[pulumi.Input['ApplicationRequiredResourceAccessArgs']]]] = None, + service_management_reference: Optional[pulumi.Input[str]] = None, sign_in_audience: Optional[pulumi.Input[str]] = None, single_page_application: Optional[pulumi.Input['ApplicationSinglePageApplicationArgs']] = None, support_url: Optional[pulumi.Input[str]] = None, @@ -63,6 +64,7 @@ def __init__(__self__, *, :param pulumi.Input[str] privacy_statement_url: URL of the application's privacy statement. :param pulumi.Input['ApplicationPublicClientArgs'] public_client: A `public_client` block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device. :param pulumi.Input[Sequence[pulumi.Input['ApplicationRequiredResourceAccessArgs']]] required_resource_accesses: A collection of `required_resource_access` blocks as documented below. + :param pulumi.Input[str] service_management_reference: References application context information from a Service or Asset Management database. :param pulumi.Input[str] sign_in_audience: The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. :param pulumi.Input['ApplicationSinglePageApplicationArgs'] single_page_application: A `single_page_application` block as documented below, which configures single-page application (SPA) related settings for this application. :param pulumi.Input[str] support_url: URL of the application's support page. @@ -108,6 +110,8 @@ def __init__(__self__, *, pulumi.set(__self__, "public_client", public_client) if required_resource_accesses is not None: pulumi.set(__self__, "required_resource_accesses", required_resource_accesses) + if service_management_reference is not None: + pulumi.set(__self__, "service_management_reference", service_management_reference) if sign_in_audience is not None: pulumi.set(__self__, "sign_in_audience", sign_in_audience) if single_page_application is not None: @@ -351,6 +355,18 @@ def required_resource_accesses(self) -> Optional[pulumi.Input[Sequence[pulumi.In def required_resource_accesses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ApplicationRequiredResourceAccessArgs']]]]): pulumi.set(self, "required_resource_accesses", value) + @property + @pulumi.getter(name="serviceManagementReference") + def service_management_reference(self) -> Optional[pulumi.Input[str]]: + """ + References application context information from a Service or Asset Management database. + """ + return pulumi.get(self, "service_management_reference") + + @service_management_reference.setter + def service_management_reference(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "service_management_reference", value) + @property @pulumi.getter(name="signInAudience") def sign_in_audience(self) -> Optional[pulumi.Input[str]]: @@ -465,6 +481,7 @@ def __init__(__self__, *, public_client: Optional[pulumi.Input['ApplicationPublicClientArgs']] = None, publisher_domain: Optional[pulumi.Input[str]] = None, required_resource_accesses: Optional[pulumi.Input[Sequence[pulumi.Input['ApplicationRequiredResourceAccessArgs']]]] = None, + service_management_reference: Optional[pulumi.Input[str]] = None, sign_in_audience: Optional[pulumi.Input[str]] = None, single_page_application: Optional[pulumi.Input['ApplicationSinglePageApplicationArgs']] = None, support_url: Optional[pulumi.Input[str]] = None, @@ -500,6 +517,7 @@ def __init__(__self__, *, :param pulumi.Input['ApplicationPublicClientArgs'] public_client: A `public_client` block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device. :param pulumi.Input[str] publisher_domain: The verified publisher domain for the application. :param pulumi.Input[Sequence[pulumi.Input['ApplicationRequiredResourceAccessArgs']]] required_resource_accesses: A collection of `required_resource_access` blocks as documented below. + :param pulumi.Input[str] service_management_reference: References application context information from a Service or Asset Management database. :param pulumi.Input[str] sign_in_audience: The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. :param pulumi.Input['ApplicationSinglePageApplicationArgs'] single_page_application: A `single_page_application` block as documented below, which configures single-page application (SPA) related settings for this application. :param pulumi.Input[str] support_url: URL of the application's support page. @@ -560,6 +578,8 @@ def __init__(__self__, *, pulumi.set(__self__, "publisher_domain", publisher_domain) if required_resource_accesses is not None: pulumi.set(__self__, "required_resource_accesses", required_resource_accesses) + if service_management_reference is not None: + pulumi.set(__self__, "service_management_reference", service_management_reference) if sign_in_audience is not None: pulumi.set(__self__, "sign_in_audience", sign_in_audience) if single_page_application is not None: @@ -887,6 +907,18 @@ def required_resource_accesses(self) -> Optional[pulumi.Input[Sequence[pulumi.In def required_resource_accesses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ApplicationRequiredResourceAccessArgs']]]]): pulumi.set(self, "required_resource_accesses", value) + @property + @pulumi.getter(name="serviceManagementReference") + def service_management_reference(self) -> Optional[pulumi.Input[str]]: + """ + References application context information from a Service or Asset Management database. + """ + return pulumi.get(self, "service_management_reference") + + @service_management_reference.setter + def service_management_reference(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "service_management_reference", value) + @property @pulumi.getter(name="signInAudience") def sign_in_audience(self) -> Optional[pulumi.Input[str]]: @@ -996,6 +1028,7 @@ def __init__(__self__, privacy_statement_url: Optional[pulumi.Input[str]] = None, public_client: Optional[pulumi.Input[pulumi.InputType['ApplicationPublicClientArgs']]] = None, required_resource_accesses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['ApplicationRequiredResourceAccessArgs']]]]] = None, + service_management_reference: Optional[pulumi.Input[str]] = None, sign_in_audience: Optional[pulumi.Input[str]] = None, single_page_application: Optional[pulumi.Input[pulumi.InputType['ApplicationSinglePageApplicationArgs']]] = None, support_url: Optional[pulumi.Input[str]] = None, @@ -1170,6 +1203,7 @@ def __init__(__self__, :param pulumi.Input[str] privacy_statement_url: URL of the application's privacy statement. :param pulumi.Input[pulumi.InputType['ApplicationPublicClientArgs']] public_client: A `public_client` block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['ApplicationRequiredResourceAccessArgs']]]] required_resource_accesses: A collection of `required_resource_access` blocks as documented below. + :param pulumi.Input[str] service_management_reference: References application context information from a Service or Asset Management database. :param pulumi.Input[str] sign_in_audience: The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. :param pulumi.Input[pulumi.InputType['ApplicationSinglePageApplicationArgs']] single_page_application: A `single_page_application` block as documented below, which configures single-page application (SPA) related settings for this application. :param pulumi.Input[str] support_url: URL of the application's support page. @@ -1363,6 +1397,7 @@ def _internal_init(__self__, privacy_statement_url: Optional[pulumi.Input[str]] = None, public_client: Optional[pulumi.Input[pulumi.InputType['ApplicationPublicClientArgs']]] = None, required_resource_accesses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['ApplicationRequiredResourceAccessArgs']]]]] = None, + service_management_reference: Optional[pulumi.Input[str]] = None, sign_in_audience: Optional[pulumi.Input[str]] = None, single_page_application: Optional[pulumi.Input[pulumi.InputType['ApplicationSinglePageApplicationArgs']]] = None, support_url: Optional[pulumi.Input[str]] = None, @@ -1400,6 +1435,7 @@ def _internal_init(__self__, __props__.__dict__["privacy_statement_url"] = privacy_statement_url __props__.__dict__["public_client"] = public_client __props__.__dict__["required_resource_accesses"] = required_resource_accesses + __props__.__dict__["service_management_reference"] = service_management_reference __props__.__dict__["sign_in_audience"] = sign_in_audience __props__.__dict__["single_page_application"] = single_page_application __props__.__dict__["support_url"] = support_url @@ -1450,6 +1486,7 @@ def get(resource_name: str, public_client: Optional[pulumi.Input[pulumi.InputType['ApplicationPublicClientArgs']]] = None, publisher_domain: Optional[pulumi.Input[str]] = None, required_resource_accesses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['ApplicationRequiredResourceAccessArgs']]]]] = None, + service_management_reference: Optional[pulumi.Input[str]] = None, sign_in_audience: Optional[pulumi.Input[str]] = None, single_page_application: Optional[pulumi.Input[pulumi.InputType['ApplicationSinglePageApplicationArgs']]] = None, support_url: Optional[pulumi.Input[str]] = None, @@ -1490,6 +1527,7 @@ def get(resource_name: str, :param pulumi.Input[pulumi.InputType['ApplicationPublicClientArgs']] public_client: A `public_client` block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device. :param pulumi.Input[str] publisher_domain: The verified publisher domain for the application. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['ApplicationRequiredResourceAccessArgs']]]] required_resource_accesses: A collection of `required_resource_access` blocks as documented below. + :param pulumi.Input[str] service_management_reference: References application context information from a Service or Asset Management database. :param pulumi.Input[str] sign_in_audience: The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. :param pulumi.Input[pulumi.InputType['ApplicationSinglePageApplicationArgs']] single_page_application: A `single_page_application` block as documented below, which configures single-page application (SPA) related settings for this application. :param pulumi.Input[str] support_url: URL of the application's support page. @@ -1528,6 +1566,7 @@ def get(resource_name: str, __props__.__dict__["public_client"] = public_client __props__.__dict__["publisher_domain"] = publisher_domain __props__.__dict__["required_resource_accesses"] = required_resource_accesses + __props__.__dict__["service_management_reference"] = service_management_reference __props__.__dict__["sign_in_audience"] = sign_in_audience __props__.__dict__["single_page_application"] = single_page_application __props__.__dict__["support_url"] = support_url @@ -1745,6 +1784,14 @@ def required_resource_accesses(self) -> pulumi.Output[Optional[Sequence['outputs """ return pulumi.get(self, "required_resource_accesses") + @property + @pulumi.getter(name="serviceManagementReference") + def service_management_reference(self) -> pulumi.Output[Optional[str]]: + """ + References application context information from a Service or Asset Management database. + """ + return pulumi.get(self, "service_management_reference") + @property @pulumi.getter(name="signInAudience") def sign_in_audience(self) -> pulumi.Output[Optional[str]]: diff --git a/sdk/python/pulumi_azuread/get_access_package.py b/sdk/python/pulumi_azuread/get_access_package.py new file mode 100644 index 000000000..30b5a4b7e --- /dev/null +++ b/sdk/python/pulumi_azuread/get_access_package.py @@ -0,0 +1,197 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = [ + 'GetAccessPackageResult', + 'AwaitableGetAccessPackageResult', + 'get_access_package', + 'get_access_package_output', +] + +@pulumi.output_type +class GetAccessPackageResult: + """ + A collection of values returned by getAccessPackage. + """ + def __init__(__self__, catalog_id=None, description=None, display_name=None, hidden=None, id=None, object_id=None): + if catalog_id and not isinstance(catalog_id, str): + raise TypeError("Expected argument 'catalog_id' to be a str") + pulumi.set(__self__, "catalog_id", catalog_id) + if description and not isinstance(description, str): + raise TypeError("Expected argument 'description' to be a str") + pulumi.set(__self__, "description", description) + if display_name and not isinstance(display_name, str): + raise TypeError("Expected argument 'display_name' to be a str") + pulumi.set(__self__, "display_name", display_name) + if hidden and not isinstance(hidden, bool): + raise TypeError("Expected argument 'hidden' to be a bool") + pulumi.set(__self__, "hidden", hidden) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if object_id and not isinstance(object_id, str): + raise TypeError("Expected argument 'object_id' to be a str") + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="catalogId") + def catalog_id(self) -> Optional[str]: + return pulumi.get(self, "catalog_id") + + @property + @pulumi.getter + def description(self) -> str: + """ + The description of the access package. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> str: + return pulumi.get(self, "display_name") + + @property + @pulumi.getter + def hidden(self) -> bool: + """ + Whether the access package is hidden from the requestor. + """ + return pulumi.get(self, "hidden") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> str: + return pulumi.get(self, "object_id") + + +class AwaitableGetAccessPackageResult(GetAccessPackageResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetAccessPackageResult( + catalog_id=self.catalog_id, + description=self.description, + display_name=self.display_name, + hidden=self.hidden, + id=self.id, + object_id=self.object_id) + + +def get_access_package(catalog_id: Optional[str] = None, + display_name: Optional[str] = None, + object_id: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetAccessPackageResult: + """ + Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this data source. + + When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + + ## Example Usage + + *Look up by ID* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package(object_id="00000000-0000-0000-0000-000000000000") + ``` + + *Look up by DisplayName* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package(catalog_id="00000000-0000-0000-0000-000000000000", + display_name="My access package Catalog") + ``` + + + :param str catalog_id: The ID of the Catalog this access package is in. + :param str display_name: The display name of the access package. + :param str object_id: The ID of this access package. + """ + __args__ = dict() + __args__['catalogId'] = catalog_id + __args__['displayName'] = display_name + __args__['objectId'] = object_id + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('azuread:index/getAccessPackage:getAccessPackage', __args__, opts=opts, typ=GetAccessPackageResult).value + + return AwaitableGetAccessPackageResult( + catalog_id=__ret__.catalog_id, + description=__ret__.description, + display_name=__ret__.display_name, + hidden=__ret__.hidden, + id=__ret__.id, + object_id=__ret__.object_id) + + +@_utilities.lift_output_func(get_access_package) +def get_access_package_output(catalog_id: Optional[pulumi.Input[Optional[str]]] = None, + display_name: Optional[pulumi.Input[Optional[str]]] = None, + object_id: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessPackageResult]: + """ + Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this data source. + + When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`. + + ## Example Usage + + *Look up by ID* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package(object_id="00000000-0000-0000-0000-000000000000") + ``` + + *Look up by DisplayName* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package(catalog_id="00000000-0000-0000-0000-000000000000", + display_name="My access package Catalog") + ``` + + + :param str catalog_id: The ID of the Catalog this access package is in. + :param str display_name: The display name of the access package. + :param str object_id: The ID of this access package. + """ + ... diff --git a/sdk/python/pulumi_azuread/get_access_package_catalog.py b/sdk/python/pulumi_azuread/get_access_package_catalog.py new file mode 100644 index 000000000..4a88b9b8f --- /dev/null +++ b/sdk/python/pulumi_azuread/get_access_package_catalog.py @@ -0,0 +1,195 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = [ + 'GetAccessPackageCatalogResult', + 'AwaitableGetAccessPackageCatalogResult', + 'get_access_package_catalog', + 'get_access_package_catalog_output', +] + +@pulumi.output_type +class GetAccessPackageCatalogResult: + """ + A collection of values returned by getAccessPackageCatalog. + """ + def __init__(__self__, description=None, display_name=None, externally_visible=None, id=None, object_id=None, published=None): + if description and not isinstance(description, str): + raise TypeError("Expected argument 'description' to be a str") + pulumi.set(__self__, "description", description) + if display_name and not isinstance(display_name, str): + raise TypeError("Expected argument 'display_name' to be a str") + pulumi.set(__self__, "display_name", display_name) + if externally_visible and not isinstance(externally_visible, bool): + raise TypeError("Expected argument 'externally_visible' to be a bool") + pulumi.set(__self__, "externally_visible", externally_visible) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if object_id and not isinstance(object_id, str): + raise TypeError("Expected argument 'object_id' to be a str") + pulumi.set(__self__, "object_id", object_id) + if published and not isinstance(published, bool): + raise TypeError("Expected argument 'published' to be a bool") + pulumi.set(__self__, "published", published) + + @property + @pulumi.getter + def description(self) -> str: + """ + The description of the access package catalog. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> str: + return pulumi.get(self, "display_name") + + @property + @pulumi.getter(name="externallyVisible") + def externally_visible(self) -> bool: + """ + Whether the access packages in this catalog can be requested by users outside the tenant. + """ + return pulumi.get(self, "externally_visible") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> str: + return pulumi.get(self, "object_id") + + @property + @pulumi.getter + def published(self) -> bool: + """ + Whether the access packages in this catalog are available for management. + """ + return pulumi.get(self, "published") + + +class AwaitableGetAccessPackageCatalogResult(GetAccessPackageCatalogResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetAccessPackageCatalogResult( + description=self.description, + display_name=self.display_name, + externally_visible=self.externally_visible, + id=self.id, + object_id=self.object_id, + published=self.published) + + +def get_access_package_catalog(display_name: Optional[str] = None, + object_id: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetAccessPackageCatalogResult: + """ + i + Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this data source. + + When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + + ## Example Usage + + *Look up by ID* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package_catalog(object_id="00000000-0000-0000-0000-000000000000") + ``` + + *Look up by DisplayName* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package_catalog(display_name="My access package Catalog") + ``` + + + :param str display_name: The display name of the access package catalog. + :param str object_id: The ID of this access package catalog. + """ + __args__ = dict() + __args__['displayName'] = display_name + __args__['objectId'] = object_id + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('azuread:index/getAccessPackageCatalog:getAccessPackageCatalog', __args__, opts=opts, typ=GetAccessPackageCatalogResult).value + + return AwaitableGetAccessPackageCatalogResult( + description=__ret__.description, + display_name=__ret__.display_name, + externally_visible=__ret__.externally_visible, + id=__ret__.id, + object_id=__ret__.object_id, + published=__ret__.published) + + +@_utilities.lift_output_func(get_access_package_catalog) +def get_access_package_catalog_output(display_name: Optional[pulumi.Input[Optional[str]]] = None, + object_id: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessPackageCatalogResult]: + """ + i + Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. + + ## API Permissions + + The following API permissions are required in order to use this data source. + + When authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`. + + When authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`. + + ## Example Usage + + *Look up by ID* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package_catalog(object_id="00000000-0000-0000-0000-000000000000") + ``` + + *Look up by DisplayName* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.get_access_package_catalog(display_name="My access package Catalog") + ``` + + + :param str display_name: The display name of the access package catalog. + :param str object_id: The ID of this access package catalog. + """ + ... diff --git a/sdk/python/pulumi_azuread/get_application.py b/sdk/python/pulumi_azuread/get_application.py index 3046ed8b8..01c630be4 100644 --- a/sdk/python/pulumi_azuread/get_application.py +++ b/sdk/python/pulumi_azuread/get_application.py @@ -22,7 +22,7 @@ class GetApplicationResult: """ A collection of values returned by getApplication. """ - def __init__(__self__, apis=None, app_role_ids=None, app_roles=None, application_id=None, description=None, device_only_auth_enabled=None, disabled_by_microsoft=None, display_name=None, fallback_public_client_enabled=None, feature_tags=None, group_membership_claims=None, id=None, identifier_uris=None, logo_url=None, marketing_url=None, notes=None, oauth2_permission_scope_ids=None, oauth2_post_response_required=None, object_id=None, optional_claims=None, owners=None, privacy_statement_url=None, public_clients=None, publisher_domain=None, required_resource_accesses=None, sign_in_audience=None, single_page_applications=None, support_url=None, tags=None, terms_of_service_url=None, webs=None): + def __init__(__self__, apis=None, app_role_ids=None, app_roles=None, application_id=None, description=None, device_only_auth_enabled=None, disabled_by_microsoft=None, display_name=None, fallback_public_client_enabled=None, feature_tags=None, group_membership_claims=None, id=None, identifier_uris=None, logo_url=None, marketing_url=None, notes=None, oauth2_permission_scope_ids=None, oauth2_post_response_required=None, object_id=None, optional_claims=None, owners=None, privacy_statement_url=None, public_clients=None, publisher_domain=None, required_resource_accesses=None, service_management_reference=None, sign_in_audience=None, single_page_applications=None, support_url=None, tags=None, terms_of_service_url=None, webs=None): if apis and not isinstance(apis, list): raise TypeError("Expected argument 'apis' to be a list") pulumi.set(__self__, "apis", apis) @@ -98,6 +98,9 @@ def __init__(__self__, apis=None, app_role_ids=None, app_roles=None, application if required_resource_accesses and not isinstance(required_resource_accesses, list): raise TypeError("Expected argument 'required_resource_accesses' to be a list") pulumi.set(__self__, "required_resource_accesses", required_resource_accesses) + if service_management_reference and not isinstance(service_management_reference, str): + raise TypeError("Expected argument 'service_management_reference' to be a str") + pulumi.set(__self__, "service_management_reference", service_management_reference) if sign_in_audience and not isinstance(sign_in_audience, str): raise TypeError("Expected argument 'sign_in_audience' to be a str") pulumi.set(__self__, "sign_in_audience", sign_in_audience) @@ -317,6 +320,14 @@ def required_resource_accesses(self) -> Sequence['outputs.GetApplicationRequired """ return pulumi.get(self, "required_resource_accesses") + @property + @pulumi.getter(name="serviceManagementReference") + def service_management_reference(self) -> str: + """ + References application context information from a Service or Asset Management database. + """ + return pulumi.get(self, "service_management_reference") + @property @pulumi.getter(name="signInAudience") def sign_in_audience(self) -> str: @@ -397,6 +408,7 @@ def __await__(self): public_clients=self.public_clients, publisher_domain=self.publisher_domain, required_resource_accesses=self.required_resource_accesses, + service_management_reference=self.service_management_reference, sign_in_audience=self.sign_in_audience, single_page_applications=self.single_page_applications, support_url=self.support_url, @@ -468,6 +480,7 @@ def get_application(application_id: Optional[str] = None, public_clients=__ret__.public_clients, publisher_domain=__ret__.publisher_domain, required_resource_accesses=__ret__.required_resource_accesses, + service_management_reference=__ret__.service_management_reference, sign_in_audience=__ret__.sign_in_audience, single_page_applications=__ret__.single_page_applications, support_url=__ret__.support_url, diff --git a/sdk/python/pulumi_azuread/get_group.py b/sdk/python/pulumi_azuread/get_group.py index 06f0f5ab2..63a5a8e24 100644 --- a/sdk/python/pulumi_azuread/get_group.py +++ b/sdk/python/pulumi_azuread/get_group.py @@ -22,7 +22,7 @@ class GetGroupResult: """ A collection of values returned by getGroup. """ - def __init__(__self__, assignable_to_role=None, auto_subscribe_new_members=None, behaviors=None, description=None, display_name=None, dynamic_memberships=None, external_senders_allowed=None, hide_from_address_lists=None, hide_from_outlook_clients=None, id=None, mail=None, mail_enabled=None, mail_nickname=None, members=None, object_id=None, onpremises_domain_name=None, onpremises_netbios_name=None, onpremises_sam_account_name=None, onpremises_security_identifier=None, onpremises_sync_enabled=None, owners=None, preferred_language=None, provisioning_options=None, proxy_addresses=None, security_enabled=None, theme=None, types=None, visibility=None): + def __init__(__self__, assignable_to_role=None, auto_subscribe_new_members=None, behaviors=None, description=None, display_name=None, dynamic_memberships=None, external_senders_allowed=None, hide_from_address_lists=None, hide_from_outlook_clients=None, id=None, mail=None, mail_enabled=None, mail_nickname=None, members=None, object_id=None, onpremises_domain_name=None, onpremises_group_type=None, onpremises_netbios_name=None, onpremises_sam_account_name=None, onpremises_security_identifier=None, onpremises_sync_enabled=None, owners=None, preferred_language=None, provisioning_options=None, proxy_addresses=None, security_enabled=None, theme=None, types=None, visibility=None, writeback_enabled=None): if assignable_to_role and not isinstance(assignable_to_role, bool): raise TypeError("Expected argument 'assignable_to_role' to be a bool") pulumi.set(__self__, "assignable_to_role", assignable_to_role) @@ -71,6 +71,9 @@ def __init__(__self__, assignable_to_role=None, auto_subscribe_new_members=None, if onpremises_domain_name and not isinstance(onpremises_domain_name, str): raise TypeError("Expected argument 'onpremises_domain_name' to be a str") pulumi.set(__self__, "onpremises_domain_name", onpremises_domain_name) + if onpremises_group_type and not isinstance(onpremises_group_type, str): + raise TypeError("Expected argument 'onpremises_group_type' to be a str") + pulumi.set(__self__, "onpremises_group_type", onpremises_group_type) if onpremises_netbios_name and not isinstance(onpremises_netbios_name, str): raise TypeError("Expected argument 'onpremises_netbios_name' to be a str") pulumi.set(__self__, "onpremises_netbios_name", onpremises_netbios_name) @@ -107,6 +110,9 @@ def __init__(__self__, assignable_to_role=None, auto_subscribe_new_members=None, if visibility and not isinstance(visibility, str): raise TypeError("Expected argument 'visibility' to be a str") pulumi.set(__self__, "visibility", visibility) + if writeback_enabled and not isinstance(writeback_enabled, bool): + raise TypeError("Expected argument 'writeback_enabled' to be a bool") + pulumi.set(__self__, "writeback_enabled", writeback_enabled) @property @pulumi.getter(name="assignableToRole") @@ -236,6 +242,14 @@ def onpremises_domain_name(self) -> str: """ return pulumi.get(self, "onpremises_domain_name") + @property + @pulumi.getter(name="onpremisesGroupType") + def onpremises_group_type(self) -> str: + """ + The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + """ + return pulumi.get(self, "onpremises_group_type") + @property @pulumi.getter(name="onpremisesNetbiosName") def onpremises_netbios_name(self) -> str: @@ -332,6 +346,14 @@ def visibility(self) -> str: """ return pulumi.get(self, "visibility") + @property + @pulumi.getter(name="writebackEnabled") + def writeback_enabled(self) -> bool: + """ + Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + """ + return pulumi.get(self, "writeback_enabled") + class AwaitableGetGroupResult(GetGroupResult): # pylint: disable=using-constant-test @@ -355,6 +377,7 @@ def __await__(self): members=self.members, object_id=self.object_id, onpremises_domain_name=self.onpremises_domain_name, + onpremises_group_type=self.onpremises_group_type, onpremises_netbios_name=self.onpremises_netbios_name, onpremises_sam_account_name=self.onpremises_sam_account_name, onpremises_security_identifier=self.onpremises_security_identifier, @@ -366,7 +389,8 @@ def __await__(self): security_enabled=self.security_enabled, theme=self.theme, types=self.types, - visibility=self.visibility) + visibility=self.visibility, + writeback_enabled=self.writeback_enabled) def get_group(display_name: Optional[str] = None, @@ -427,6 +451,7 @@ def get_group(display_name: Optional[str] = None, members=__ret__.members, object_id=__ret__.object_id, onpremises_domain_name=__ret__.onpremises_domain_name, + onpremises_group_type=__ret__.onpremises_group_type, onpremises_netbios_name=__ret__.onpremises_netbios_name, onpremises_sam_account_name=__ret__.onpremises_sam_account_name, onpremises_security_identifier=__ret__.onpremises_security_identifier, @@ -438,7 +463,8 @@ def get_group(display_name: Optional[str] = None, security_enabled=__ret__.security_enabled, theme=__ret__.theme, types=__ret__.types, - visibility=__ret__.visibility) + visibility=__ret__.visibility, + writeback_enabled=__ret__.writeback_enabled) @_utilities.lift_output_func(get_group) diff --git a/sdk/python/pulumi_azuread/get_user.py b/sdk/python/pulumi_azuread/get_user.py index 01cd3aabc..9499e6314 100644 --- a/sdk/python/pulumi_azuread/get_user.py +++ b/sdk/python/pulumi_azuread/get_user.py @@ -560,7 +560,8 @@ def __await__(self): user_type=self.user_type) -def get_user(mail_nickname: Optional[str] = None, +def get_user(mail: Optional[str] = None, + mail_nickname: Optional[str] = None, object_id: Optional[str] = None, user_principal_name: Optional[str] = None, opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetUserResult: @@ -585,11 +586,13 @@ def get_user(mail_nickname: Optional[str] = None, ``` + :param str mail: The SMTP address for the user. :param str mail_nickname: The email alias of the user. :param str object_id: The object ID of the user. :param str user_principal_name: The user principal name (UPN) of the user. """ __args__ = dict() + __args__['mail'] = mail __args__['mailNickname'] = mail_nickname __args__['objectId'] = object_id __args__['userPrincipalName'] = user_principal_name @@ -644,7 +647,8 @@ def get_user(mail_nickname: Optional[str] = None, @_utilities.lift_output_func(get_user) -def get_user_output(mail_nickname: Optional[pulumi.Input[Optional[str]]] = None, +def get_user_output(mail: Optional[pulumi.Input[Optional[str]]] = None, + mail_nickname: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, user_principal_name: Optional[pulumi.Input[Optional[str]]] = None, opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetUserResult]: @@ -669,6 +673,7 @@ def get_user_output(mail_nickname: Optional[pulumi.Input[Optional[str]]] = None, ``` + :param str mail: The SMTP address for the user. :param str mail_nickname: The email alias of the user. :param str object_id: The object ID of the user. :param str user_principal_name: The user principal name (UPN) of the user. diff --git a/sdk/python/pulumi_azuread/group.py b/sdk/python/pulumi_azuread/group.py index e531812cb..785510a03 100644 --- a/sdk/python/pulumi_azuread/group.py +++ b/sdk/python/pulumi_azuread/group.py @@ -29,13 +29,15 @@ def __init__(__self__, *, mail_enabled: Optional[pulumi.Input[bool]] = None, mail_nickname: Optional[pulumi.Input[str]] = None, members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + onpremises_group_type: Optional[pulumi.Input[str]] = None, owners: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, prevent_duplicate_names: Optional[pulumi.Input[bool]] = None, provisioning_options: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, security_enabled: Optional[pulumi.Input[bool]] = None, theme: Optional[pulumi.Input[str]] = None, types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, - visibility: Optional[pulumi.Input[str]] = None): + visibility: Optional[pulumi.Input[str]] = None, + writeback_enabled: Optional[pulumi.Input[bool]] = None): """ The set of arguments for constructing a Group resource. :param pulumi.Input[str] display_name: The display name for the group. @@ -51,6 +53,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] mail_enabled: Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property). :param pulumi.Input[str] mail_nickname: The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created. :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamic_membership` block. + :param pulumi.Input[str] onpremises_group_type: The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. :param pulumi.Input[Sequence[pulumi.Input[str]]] owners: A set of owners who own this group. Supported object types are Users or Service Principals :param pulumi.Input[bool] prevent_duplicate_names: If `true`, will return an error if an existing group is found with the same name. Defaults to `false`. :param pulumi.Input[Sequence[pulumi.Input[str]]] provisioning_options: A set of provisioning options for a Microsoft 365 group. The only supported value is `Team`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for details. Changing this forces a new resource to be created. @@ -58,6 +61,7 @@ def __init__(__self__, *, :param pulumi.Input[str] theme: The colour theme for a Microsoft 365 group. Possible values are `Blue`, `Green`, `Orange`, `Pink`, `Purple`, `Red` or `Teal`. By default, no theme is set. :param pulumi.Input[Sequence[pulumi.Input[str]]] types: A set of group types to configure for the group. Supported values are `DynamicMembership`, which denotes a group with dynamic membership, and `Unified`, which specifies a Microsoft 365 group. Required when `mail_enabled` is true. Changing this forces a new resource to be created. :param pulumi.Input[str] visibility: The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. + :param pulumi.Input[bool] writeback_enabled: Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. """ pulumi.set(__self__, "display_name", display_name) if administrative_unit_ids is not None: @@ -84,6 +88,8 @@ def __init__(__self__, *, pulumi.set(__self__, "mail_nickname", mail_nickname) if members is not None: pulumi.set(__self__, "members", members) + if onpremises_group_type is not None: + pulumi.set(__self__, "onpremises_group_type", onpremises_group_type) if owners is not None: pulumi.set(__self__, "owners", owners) if prevent_duplicate_names is not None: @@ -98,6 +104,8 @@ def __init__(__self__, *, pulumi.set(__self__, "types", types) if visibility is not None: pulumi.set(__self__, "visibility", visibility) + if writeback_enabled is not None: + pulumi.set(__self__, "writeback_enabled", writeback_enabled) @property @pulumi.getter(name="displayName") @@ -255,6 +263,18 @@ def members(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def members(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "members", value) + @property + @pulumi.getter(name="onpremisesGroupType") + def onpremises_group_type(self) -> Optional[pulumi.Input[str]]: + """ + The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + """ + return pulumi.get(self, "onpremises_group_type") + + @onpremises_group_type.setter + def onpremises_group_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "onpremises_group_type", value) + @property @pulumi.getter def owners(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -339,6 +359,18 @@ def visibility(self) -> Optional[pulumi.Input[str]]: def visibility(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "visibility", value) + @property + @pulumi.getter(name="writebackEnabled") + def writeback_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + """ + return pulumi.get(self, "writeback_enabled") + + @writeback_enabled.setter + def writeback_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "writeback_enabled", value) + @pulumi.input_type class _GroupState: @@ -359,6 +391,7 @@ def __init__(__self__, *, members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, object_id: Optional[pulumi.Input[str]] = None, onpremises_domain_name: Optional[pulumi.Input[str]] = None, + onpremises_group_type: Optional[pulumi.Input[str]] = None, onpremises_netbios_name: Optional[pulumi.Input[str]] = None, onpremises_sam_account_name: Optional[pulumi.Input[str]] = None, onpremises_security_identifier: Optional[pulumi.Input[str]] = None, @@ -371,7 +404,8 @@ def __init__(__self__, *, security_enabled: Optional[pulumi.Input[bool]] = None, theme: Optional[pulumi.Input[str]] = None, types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, - visibility: Optional[pulumi.Input[str]] = None): + visibility: Optional[pulumi.Input[str]] = None, + writeback_enabled: Optional[pulumi.Input[bool]] = None): """ Input properties used for looking up and filtering Group resources. :param pulumi.Input[Sequence[pulumi.Input[str]]] administrative_unit_ids: The object IDs of administrative units in which the group is a member. If specified, new groups will be created in the scope of the first administrative unit and added to the others. If empty, new groups will be created at the tenant level. @@ -390,6 +424,7 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamic_membership` block. :param pulumi.Input[str] object_id: The object ID of the group. :param pulumi.Input[str] onpremises_domain_name: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. + :param pulumi.Input[str] onpremises_group_type: The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. :param pulumi.Input[str] onpremises_netbios_name: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. :param pulumi.Input[str] onpremises_sam_account_name: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used. :param pulumi.Input[str] onpremises_security_identifier: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used. @@ -403,6 +438,7 @@ def __init__(__self__, *, :param pulumi.Input[str] theme: The colour theme for a Microsoft 365 group. Possible values are `Blue`, `Green`, `Orange`, `Pink`, `Purple`, `Red` or `Teal`. By default, no theme is set. :param pulumi.Input[Sequence[pulumi.Input[str]]] types: A set of group types to configure for the group. Supported values are `DynamicMembership`, which denotes a group with dynamic membership, and `Unified`, which specifies a Microsoft 365 group. Required when `mail_enabled` is true. Changing this forces a new resource to be created. :param pulumi.Input[str] visibility: The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. + :param pulumi.Input[bool] writeback_enabled: Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. """ if administrative_unit_ids is not None: pulumi.set(__self__, "administrative_unit_ids", administrative_unit_ids) @@ -436,6 +472,8 @@ def __init__(__self__, *, pulumi.set(__self__, "object_id", object_id) if onpremises_domain_name is not None: pulumi.set(__self__, "onpremises_domain_name", onpremises_domain_name) + if onpremises_group_type is not None: + pulumi.set(__self__, "onpremises_group_type", onpremises_group_type) if onpremises_netbios_name is not None: pulumi.set(__self__, "onpremises_netbios_name", onpremises_netbios_name) if onpremises_sam_account_name is not None: @@ -462,6 +500,8 @@ def __init__(__self__, *, pulumi.set(__self__, "types", types) if visibility is not None: pulumi.set(__self__, "visibility", visibility) + if writeback_enabled is not None: + pulumi.set(__self__, "writeback_enabled", writeback_enabled) @property @pulumi.getter(name="administrativeUnitIds") @@ -655,6 +695,18 @@ def onpremises_domain_name(self) -> Optional[pulumi.Input[str]]: def onpremises_domain_name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "onpremises_domain_name", value) + @property + @pulumi.getter(name="onpremisesGroupType") + def onpremises_group_type(self) -> Optional[pulumi.Input[str]]: + """ + The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + """ + return pulumi.get(self, "onpremises_group_type") + + @onpremises_group_type.setter + def onpremises_group_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "onpremises_group_type", value) + @property @pulumi.getter(name="onpremisesNetbiosName") def onpremises_netbios_name(self) -> Optional[pulumi.Input[str]]: @@ -811,6 +863,18 @@ def visibility(self) -> Optional[pulumi.Input[str]]: def visibility(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "visibility", value) + @property + @pulumi.getter(name="writebackEnabled") + def writeback_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + """ + return pulumi.get(self, "writeback_enabled") + + @writeback_enabled.setter + def writeback_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "writeback_enabled", value) + class Group(pulumi.CustomResource): @overload @@ -830,6 +894,7 @@ def __init__(__self__, mail_enabled: Optional[pulumi.Input[bool]] = None, mail_nickname: Optional[pulumi.Input[str]] = None, members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + onpremises_group_type: Optional[pulumi.Input[str]] = None, owners: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, prevent_duplicate_names: Optional[pulumi.Input[bool]] = None, provisioning_options: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -837,6 +902,7 @@ def __init__(__self__, theme: Optional[pulumi.Input[str]] = None, types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, visibility: Optional[pulumi.Input[str]] = None, + writeback_enabled: Optional[pulumi.Input[bool]] = None, __props__=None): """ Manages a group within Azure Active Directory. @@ -845,7 +911,9 @@ def __init__(__self__, The following API permissions are required in order to use this resource. - When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + + Alternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`. If using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All` @@ -880,6 +948,7 @@ def __init__(__self__, :param pulumi.Input[bool] mail_enabled: Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property). :param pulumi.Input[str] mail_nickname: The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created. :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamic_membership` block. + :param pulumi.Input[str] onpremises_group_type: The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. :param pulumi.Input[Sequence[pulumi.Input[str]]] owners: A set of owners who own this group. Supported object types are Users or Service Principals :param pulumi.Input[bool] prevent_duplicate_names: If `true`, will return an error if an existing group is found with the same name. Defaults to `false`. :param pulumi.Input[Sequence[pulumi.Input[str]]] provisioning_options: A set of provisioning options for a Microsoft 365 group. The only supported value is `Team`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for details. Changing this forces a new resource to be created. @@ -887,6 +956,7 @@ def __init__(__self__, :param pulumi.Input[str] theme: The colour theme for a Microsoft 365 group. Possible values are `Blue`, `Green`, `Orange`, `Pink`, `Purple`, `Red` or `Teal`. By default, no theme is set. :param pulumi.Input[Sequence[pulumi.Input[str]]] types: A set of group types to configure for the group. Supported values are `DynamicMembership`, which denotes a group with dynamic membership, and `Unified`, which specifies a Microsoft 365 group. Required when `mail_enabled` is true. Changing this forces a new resource to be created. :param pulumi.Input[str] visibility: The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. + :param pulumi.Input[bool] writeback_enabled: Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. """ ... @overload @@ -901,7 +971,9 @@ def __init__(__self__, The following API permissions are required in order to use this resource. - When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + + Alternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`. If using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All` @@ -949,6 +1021,7 @@ def _internal_init(__self__, mail_enabled: Optional[pulumi.Input[bool]] = None, mail_nickname: Optional[pulumi.Input[str]] = None, members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + onpremises_group_type: Optional[pulumi.Input[str]] = None, owners: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, prevent_duplicate_names: Optional[pulumi.Input[bool]] = None, provisioning_options: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -956,6 +1029,7 @@ def _internal_init(__self__, theme: Optional[pulumi.Input[str]] = None, types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, visibility: Optional[pulumi.Input[str]] = None, + writeback_enabled: Optional[pulumi.Input[bool]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) if not isinstance(opts, pulumi.ResourceOptions): @@ -980,6 +1054,7 @@ def _internal_init(__self__, __props__.__dict__["mail_enabled"] = mail_enabled __props__.__dict__["mail_nickname"] = mail_nickname __props__.__dict__["members"] = members + __props__.__dict__["onpremises_group_type"] = onpremises_group_type __props__.__dict__["owners"] = owners __props__.__dict__["prevent_duplicate_names"] = prevent_duplicate_names __props__.__dict__["provisioning_options"] = provisioning_options @@ -987,6 +1062,7 @@ def _internal_init(__self__, __props__.__dict__["theme"] = theme __props__.__dict__["types"] = types __props__.__dict__["visibility"] = visibility + __props__.__dict__["writeback_enabled"] = writeback_enabled __props__.__dict__["mail"] = None __props__.__dict__["object_id"] = None __props__.__dict__["onpremises_domain_name"] = None @@ -1022,6 +1098,7 @@ def get(resource_name: str, members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, object_id: Optional[pulumi.Input[str]] = None, onpremises_domain_name: Optional[pulumi.Input[str]] = None, + onpremises_group_type: Optional[pulumi.Input[str]] = None, onpremises_netbios_name: Optional[pulumi.Input[str]] = None, onpremises_sam_account_name: Optional[pulumi.Input[str]] = None, onpremises_security_identifier: Optional[pulumi.Input[str]] = None, @@ -1034,7 +1111,8 @@ def get(resource_name: str, security_enabled: Optional[pulumi.Input[bool]] = None, theme: Optional[pulumi.Input[str]] = None, types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, - visibility: Optional[pulumi.Input[str]] = None) -> 'Group': + visibility: Optional[pulumi.Input[str]] = None, + writeback_enabled: Optional[pulumi.Input[bool]] = None) -> 'Group': """ Get an existing Group resource's state with the given name, id, and optional extra properties used to qualify the lookup. @@ -1058,6 +1136,7 @@ def get(resource_name: str, :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamic_membership` block. :param pulumi.Input[str] object_id: The object ID of the group. :param pulumi.Input[str] onpremises_domain_name: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used. + :param pulumi.Input[str] onpremises_group_type: The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. :param pulumi.Input[str] onpremises_netbios_name: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used. :param pulumi.Input[str] onpremises_sam_account_name: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used. :param pulumi.Input[str] onpremises_security_identifier: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used. @@ -1071,6 +1150,7 @@ def get(resource_name: str, :param pulumi.Input[str] theme: The colour theme for a Microsoft 365 group. Possible values are `Blue`, `Green`, `Orange`, `Pink`, `Purple`, `Red` or `Teal`. By default, no theme is set. :param pulumi.Input[Sequence[pulumi.Input[str]]] types: A set of group types to configure for the group. Supported values are `DynamicMembership`, which denotes a group with dynamic membership, and `Unified`, which specifies a Microsoft 365 group. Required when `mail_enabled` is true. Changing this forces a new resource to be created. :param pulumi.Input[str] visibility: The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility and this value must be set when the group is created. By default, security groups will receive `Private` visibility and Microsoft 365 groups will receive `Public` visibility. + :param pulumi.Input[bool] writeback_enabled: Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -1092,6 +1172,7 @@ def get(resource_name: str, __props__.__dict__["members"] = members __props__.__dict__["object_id"] = object_id __props__.__dict__["onpremises_domain_name"] = onpremises_domain_name + __props__.__dict__["onpremises_group_type"] = onpremises_group_type __props__.__dict__["onpremises_netbios_name"] = onpremises_netbios_name __props__.__dict__["onpremises_sam_account_name"] = onpremises_sam_account_name __props__.__dict__["onpremises_security_identifier"] = onpremises_security_identifier @@ -1105,6 +1186,7 @@ def get(resource_name: str, __props__.__dict__["theme"] = theme __props__.__dict__["types"] = types __props__.__dict__["visibility"] = visibility + __props__.__dict__["writeback_enabled"] = writeback_enabled return Group(resource_name, opts=opts, __props__=__props__) @property @@ -1235,6 +1317,14 @@ def onpremises_domain_name(self) -> pulumi.Output[str]: """ return pulumi.get(self, "onpremises_domain_name") + @property + @pulumi.getter(name="onpremisesGroupType") + def onpremises_group_type(self) -> pulumi.Output[str]: + """ + The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`. + """ + return pulumi.get(self, "onpremises_group_type") + @property @pulumi.getter(name="onpremisesNetbiosName") def onpremises_netbios_name(self) -> pulumi.Output[str]: @@ -1339,3 +1429,11 @@ def visibility(self) -> pulumi.Output[str]: """ return pulumi.get(self, "visibility") + @property + @pulumi.getter(name="writebackEnabled") + def writeback_enabled(self) -> pulumi.Output[Optional[bool]]: + """ + Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + """ + return pulumi.get(self, "writeback_enabled") + diff --git a/sdk/python/pulumi_azuread/group_member.py b/sdk/python/pulumi_azuread/group_member.py index 463cddb8e..e4fb25983 100644 --- a/sdk/python/pulumi_azuread/group_member.py +++ b/sdk/python/pulumi_azuread/group_member.py @@ -106,7 +106,9 @@ def __init__(__self__, The following API permissions are required in order to use this resource. - When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + + However, if the authenticated service principal is an owner of the group being managed, an application role is not required. When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator` @@ -155,7 +157,9 @@ def __init__(__self__, The following API permissions are required in order to use this resource. - When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All` + When authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`. + + However, if the authenticated service principal is an owner of the group being managed, an application role is not required. When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator` diff --git a/sdk/python/pulumi_azuread/outputs.py b/sdk/python/pulumi_azuread/outputs.py index cf50b1636..fddd5cac8 100644 --- a/sdk/python/pulumi_azuread/outputs.py +++ b/sdk/python/pulumi_azuread/outputs.py @@ -11,6 +11,20 @@ from . import outputs __all__ = [ + 'AccessPackageAssignmentPolicyApprovalSettings', + 'AccessPackageAssignmentPolicyApprovalSettingsApprovalStage', + 'AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover', + 'AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover', + 'AccessPackageAssignmentPolicyAssignmentReviewSettings', + 'AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer', + 'AccessPackageAssignmentPolicyQuestion', + 'AccessPackageAssignmentPolicyQuestionChoice', + 'AccessPackageAssignmentPolicyQuestionChoiceDisplayValue', + 'AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText', + 'AccessPackageAssignmentPolicyQuestionText', + 'AccessPackageAssignmentPolicyQuestionTextLocalizedText', + 'AccessPackageAssignmentPolicyRequestorSettings', + 'AccessPackageAssignmentPolicyRequestorSettingsRequestor', 'ApplicationApi', 'ApplicationApiOauth2PermissionScope', 'ApplicationAppRole', @@ -72,6 +86,931 @@ 'GetUsersUserResult', ] +@pulumi.output_type +class AccessPackageAssignmentPolicyApprovalSettings(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "approvalRequired": + suggest = "approval_required" + elif key == "approvalRequiredForExtension": + suggest = "approval_required_for_extension" + elif key == "approvalStages": + suggest = "approval_stages" + elif key == "requestorJustificationRequired": + suggest = "requestor_justification_required" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyApprovalSettings. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyApprovalSettings.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyApprovalSettings.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + approval_required: Optional[bool] = None, + approval_required_for_extension: Optional[bool] = None, + approval_stages: Optional[Sequence['outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStage']] = None, + requestor_justification_required: Optional[bool] = None): + """ + :param bool approval_required: Whether an approval is required. + :param bool approval_required_for_extension: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + :param Sequence['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs'] approval_stages: An `approval_stage` block specifying the process to obtain an approval, as documented below. + :param bool requestor_justification_required: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + """ + if approval_required is not None: + pulumi.set(__self__, "approval_required", approval_required) + if approval_required_for_extension is not None: + pulumi.set(__self__, "approval_required_for_extension", approval_required_for_extension) + if approval_stages is not None: + pulumi.set(__self__, "approval_stages", approval_stages) + if requestor_justification_required is not None: + pulumi.set(__self__, "requestor_justification_required", requestor_justification_required) + + @property + @pulumi.getter(name="approvalRequired") + def approval_required(self) -> Optional[bool]: + """ + Whether an approval is required. + """ + return pulumi.get(self, "approval_required") + + @property + @pulumi.getter(name="approvalRequiredForExtension") + def approval_required_for_extension(self) -> Optional[bool]: + """ + Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply. + """ + return pulumi.get(self, "approval_required_for_extension") + + @property + @pulumi.getter(name="approvalStages") + def approval_stages(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStage']]: + """ + An `approval_stage` block specifying the process to obtain an approval, as documented below. + """ + return pulumi.get(self, "approval_stages") + + @property + @pulumi.getter(name="requestorJustificationRequired") + def requestor_justification_required(self) -> Optional[bool]: + """ + Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor. + """ + return pulumi.get(self, "requestor_justification_required") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyApprovalSettingsApprovalStage(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "approvalTimeoutInDays": + suggest = "approval_timeout_in_days" + elif key == "alternativeApprovalEnabled": + suggest = "alternative_approval_enabled" + elif key == "alternativeApprovers": + suggest = "alternative_approvers" + elif key == "approverJustificationRequired": + suggest = "approver_justification_required" + elif key == "enableAlternativeApprovalInDays": + suggest = "enable_alternative_approval_in_days" + elif key == "primaryApprovers": + suggest = "primary_approvers" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyApprovalSettingsApprovalStage. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyApprovalSettingsApprovalStage.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + approval_timeout_in_days: int, + alternative_approval_enabled: Optional[bool] = None, + alternative_approvers: Optional[Sequence['outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover']] = None, + approver_justification_required: Optional[bool] = None, + enable_alternative_approval_in_days: Optional[int] = None, + primary_approvers: Optional[Sequence['outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover']] = None): + """ + :param int approval_timeout_in_days: Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + :param bool alternative_approval_enabled: Whether alternative approvers are enabled. + :param Sequence['AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs'] alternative_approvers: A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + :param bool approver_justification_required: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + :param int enable_alternative_approval_in_days: Number of days before the request is forwarded to alternative approvers. + :param Sequence['AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs'] primary_approvers: A block specifying the users who will be asked to approve requests, as documented below. + """ + pulumi.set(__self__, "approval_timeout_in_days", approval_timeout_in_days) + if alternative_approval_enabled is not None: + pulumi.set(__self__, "alternative_approval_enabled", alternative_approval_enabled) + if alternative_approvers is not None: + pulumi.set(__self__, "alternative_approvers", alternative_approvers) + if approver_justification_required is not None: + pulumi.set(__self__, "approver_justification_required", approver_justification_required) + if enable_alternative_approval_in_days is not None: + pulumi.set(__self__, "enable_alternative_approval_in_days", enable_alternative_approval_in_days) + if primary_approvers is not None: + pulumi.set(__self__, "primary_approvers", primary_approvers) + + @property + @pulumi.getter(name="approvalTimeoutInDays") + def approval_timeout_in_days(self) -> int: + """ + Maximum number of days within which a request must be approved. If a request is not approved within this time period after it is made, it will be automatically rejected. + """ + return pulumi.get(self, "approval_timeout_in_days") + + @property + @pulumi.getter(name="alternativeApprovalEnabled") + def alternative_approval_enabled(self) -> Optional[bool]: + """ + Whether alternative approvers are enabled. + """ + return pulumi.get(self, "alternative_approval_enabled") + + @property + @pulumi.getter(name="alternativeApprovers") + def alternative_approvers(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover']]: + """ + A block specifying alternative approvers when escalation is enabled and the primary approvers do not respond before the escalation time, as documented below. + """ + return pulumi.get(self, "alternative_approvers") + + @property + @pulumi.getter(name="approverJustificationRequired") + def approver_justification_required(self) -> Optional[bool]: + """ + Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor. + """ + return pulumi.get(self, "approver_justification_required") + + @property + @pulumi.getter(name="enableAlternativeApprovalInDays") + def enable_alternative_approval_in_days(self) -> Optional[int]: + """ + Number of days before the request is forwarded to alternative approvers. + """ + return pulumi.get(self, "enable_alternative_approval_in_days") + + @property + @pulumi.getter(name="primaryApprovers") + def primary_approvers(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover']]: + """ + A block specifying the users who will be asked to approve requests, as documented below. + """ + return pulumi.get(self, "primary_approvers") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "subjectType": + suggest = "subject_type" + elif key == "objectId": + suggest = "object_id" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + subject_type: str, + backup: Optional[bool] = None, + object_id: Optional[str] = None): + """ + :param str subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param bool backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param str object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> str: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @property + @pulumi.getter + def backup(self) -> Optional[bool]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[str]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "subjectType": + suggest = "subject_type" + elif key == "objectId": + suggest = "object_id" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + subject_type: str, + backup: Optional[bool] = None, + object_id: Optional[str] = None): + """ + :param str subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param bool backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param str object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> str: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @property + @pulumi.getter + def backup(self) -> Optional[bool]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[str]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyAssignmentReviewSettings(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "accessRecommendationEnabled": + suggest = "access_recommendation_enabled" + elif key == "accessReviewTimeoutBehavior": + suggest = "access_review_timeout_behavior" + elif key == "approverJustificationRequired": + suggest = "approver_justification_required" + elif key == "durationInDays": + suggest = "duration_in_days" + elif key == "reviewFrequency": + suggest = "review_frequency" + elif key == "reviewType": + suggest = "review_type" + elif key == "startingOn": + suggest = "starting_on" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyAssignmentReviewSettings. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyAssignmentReviewSettings.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyAssignmentReviewSettings.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + access_recommendation_enabled: Optional[bool] = None, + access_review_timeout_behavior: Optional[str] = None, + approver_justification_required: Optional[bool] = None, + duration_in_days: Optional[int] = None, + enabled: Optional[bool] = None, + review_frequency: Optional[str] = None, + review_type: Optional[str] = None, + reviewers: Optional[Sequence['outputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer']] = None, + starting_on: Optional[str] = None): + """ + :param bool access_recommendation_enabled: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + :param str access_review_timeout_behavior: Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + :param bool approver_justification_required: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + :param int duration_in_days: How many days each occurrence of the access review series will run. + :param bool enabled: Whether to enable assignment review. + :param str review_frequency: This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + :param str review_type: Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + :param Sequence['AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs'] reviewers: One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + :param str starting_on: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + """ + if access_recommendation_enabled is not None: + pulumi.set(__self__, "access_recommendation_enabled", access_recommendation_enabled) + if access_review_timeout_behavior is not None: + pulumi.set(__self__, "access_review_timeout_behavior", access_review_timeout_behavior) + if approver_justification_required is not None: + pulumi.set(__self__, "approver_justification_required", approver_justification_required) + if duration_in_days is not None: + pulumi.set(__self__, "duration_in_days", duration_in_days) + if enabled is not None: + pulumi.set(__self__, "enabled", enabled) + if review_frequency is not None: + pulumi.set(__self__, "review_frequency", review_frequency) + if review_type is not None: + pulumi.set(__self__, "review_type", review_type) + if reviewers is not None: + pulumi.set(__self__, "reviewers", reviewers) + if starting_on is not None: + pulumi.set(__self__, "starting_on", starting_on) + + @property + @pulumi.getter(name="accessRecommendationEnabled") + def access_recommendation_enabled(self) -> Optional[bool]: + """ + Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days. + """ + return pulumi.get(self, "access_recommendation_enabled") + + @property + @pulumi.getter(name="accessReviewTimeoutBehavior") + def access_review_timeout_behavior(self) -> Optional[str]: + """ + Specifies the actions the system takes if reviewers don't respond in time. Valid values are `keepAccess`, `removeAccess`, or `acceptAccessRecommendation`. + """ + return pulumi.get(self, "access_review_timeout_behavior") + + @property + @pulumi.getter(name="approverJustificationRequired") + def approver_justification_required(self) -> Optional[bool]: + """ + Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor. + """ + return pulumi.get(self, "approver_justification_required") + + @property + @pulumi.getter(name="durationInDays") + def duration_in_days(self) -> Optional[int]: + """ + How many days each occurrence of the access review series will run. + """ + return pulumi.get(self, "duration_in_days") + + @property + @pulumi.getter + def enabled(self) -> Optional[bool]: + """ + Whether to enable assignment review. + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter(name="reviewFrequency") + def review_frequency(self) -> Optional[str]: + """ + This will determine how often the access review campaign runs, valid values are `weekly`, `monthly`, `quarterly`, `halfyearly`, or `annual`. + """ + return pulumi.get(self, "review_frequency") + + @property + @pulumi.getter(name="reviewType") + def review_type(self) -> Optional[str]: + """ + Self review or specific reviewers. Valid values are `Self`, or `Reviewers`. + """ + return pulumi.get(self, "review_type") + + @property + @pulumi.getter + def reviewers(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer']]: + """ + One or more `reviewer` blocks to specify the users who will be reviewers (when `review_type` is `Reviewers`), as documented below. + """ + return pulumi.get(self, "reviewers") + + @property + @pulumi.getter(name="startingOn") + def starting_on(self) -> Optional[str]: + """ + This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date + """ + return pulumi.get(self, "starting_on") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "subjectType": + suggest = "subject_type" + elif key == "objectId": + suggest = "object_id" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + subject_type: str, + backup: Optional[bool] = None, + object_id: Optional[str] = None): + """ + :param str subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param bool backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param str object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> str: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @property + @pulumi.getter + def backup(self) -> Optional[bool]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[str]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyQuestion(dict): + def __init__(__self__, *, + text: 'outputs.AccessPackageAssignmentPolicyQuestionText', + choices: Optional[Sequence['outputs.AccessPackageAssignmentPolicyQuestionChoice']] = None, + required: Optional[bool] = None, + sequence: Optional[int] = None): + """ + :param 'AccessPackageAssignmentPolicyQuestionTextArgs' text: A block describing the content of this question, as documented below. + :param Sequence['AccessPackageAssignmentPolicyQuestionChoiceArgs'] choices: One or more blocks configuring a choice to the question, as documented below. + :param bool required: Whether this question is required. + :param int sequence: The sequence number of this question. + """ + pulumi.set(__self__, "text", text) + if choices is not None: + pulumi.set(__self__, "choices", choices) + if required is not None: + pulumi.set(__self__, "required", required) + if sequence is not None: + pulumi.set(__self__, "sequence", sequence) + + @property + @pulumi.getter + def text(self) -> 'outputs.AccessPackageAssignmentPolicyQuestionText': + """ + A block describing the content of this question, as documented below. + """ + return pulumi.get(self, "text") + + @property + @pulumi.getter + def choices(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyQuestionChoice']]: + """ + One or more blocks configuring a choice to the question, as documented below. + """ + return pulumi.get(self, "choices") + + @property + @pulumi.getter + def required(self) -> Optional[bool]: + """ + Whether this question is required. + """ + return pulumi.get(self, "required") + + @property + @pulumi.getter + def sequence(self) -> Optional[int]: + """ + The sequence number of this question. + """ + return pulumi.get(self, "sequence") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyQuestionChoice(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "actualValue": + suggest = "actual_value" + elif key == "displayValue": + suggest = "display_value" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyQuestionChoice. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyQuestionChoice.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyQuestionChoice.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + actual_value: str, + display_value: 'outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValue'): + """ + :param str actual_value: The actual value of this choice. + :param 'AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs' display_value: A block describing the display text of this choice, as documented below. + """ + pulumi.set(__self__, "actual_value", actual_value) + pulumi.set(__self__, "display_value", display_value) + + @property + @pulumi.getter(name="actualValue") + def actual_value(self) -> str: + """ + The actual value of this choice. + """ + return pulumi.get(self, "actual_value") + + @property + @pulumi.getter(name="displayValue") + def display_value(self) -> 'outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValue': + """ + A block describing the display text of this choice, as documented below. + """ + return pulumi.get(self, "display_value") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyQuestionChoiceDisplayValue(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "defaultText": + suggest = "default_text" + elif key == "localizedTexts": + suggest = "localized_texts" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyQuestionChoiceDisplayValue. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyQuestionChoiceDisplayValue.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + default_text: str, + localized_texts: Optional[Sequence['outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText']] = None): + """ + :param str default_text: The default text of this question. + :param Sequence['AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs'] localized_texts: One or more blocks describing localized text of this question, as documented below. + """ + pulumi.set(__self__, "default_text", default_text) + if localized_texts is not None: + pulumi.set(__self__, "localized_texts", localized_texts) + + @property + @pulumi.getter(name="defaultText") + def default_text(self) -> str: + """ + The default text of this question. + """ + return pulumi.get(self, "default_text") + + @property + @pulumi.getter(name="localizedTexts") + def localized_texts(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText']]: + """ + One or more blocks describing localized text of this question, as documented below. + """ + return pulumi.get(self, "localized_texts") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "languageCode": + suggest = "language_code" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + content: str, + language_code: str): + """ + :param str content: The localized content of this question. + :param str language_code: The ISO 639 language code for this question content. + """ + pulumi.set(__self__, "content", content) + pulumi.set(__self__, "language_code", language_code) + + @property + @pulumi.getter + def content(self) -> str: + """ + The localized content of this question. + """ + return pulumi.get(self, "content") + + @property + @pulumi.getter(name="languageCode") + def language_code(self) -> str: + """ + The ISO 639 language code for this question content. + """ + return pulumi.get(self, "language_code") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyQuestionText(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "defaultText": + suggest = "default_text" + elif key == "localizedTexts": + suggest = "localized_texts" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyQuestionText. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyQuestionText.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyQuestionText.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + default_text: str, + localized_texts: Optional[Sequence['outputs.AccessPackageAssignmentPolicyQuestionTextLocalizedText']] = None): + """ + :param str default_text: The default text of this question. + :param Sequence['AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs'] localized_texts: One or more blocks describing localized text of this question, as documented below. + """ + pulumi.set(__self__, "default_text", default_text) + if localized_texts is not None: + pulumi.set(__self__, "localized_texts", localized_texts) + + @property + @pulumi.getter(name="defaultText") + def default_text(self) -> str: + """ + The default text of this question. + """ + return pulumi.get(self, "default_text") + + @property + @pulumi.getter(name="localizedTexts") + def localized_texts(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyQuestionTextLocalizedText']]: + """ + One or more blocks describing localized text of this question, as documented below. + """ + return pulumi.get(self, "localized_texts") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyQuestionTextLocalizedText(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "languageCode": + suggest = "language_code" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyQuestionTextLocalizedText. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyQuestionTextLocalizedText.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyQuestionTextLocalizedText.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + content: str, + language_code: str): + """ + :param str content: The localized content of this question. + :param str language_code: The ISO 639 language code for this question content. + """ + pulumi.set(__self__, "content", content) + pulumi.set(__self__, "language_code", language_code) + + @property + @pulumi.getter + def content(self) -> str: + """ + The localized content of this question. + """ + return pulumi.get(self, "content") + + @property + @pulumi.getter(name="languageCode") + def language_code(self) -> str: + """ + The ISO 639 language code for this question content. + """ + return pulumi.get(self, "language_code") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyRequestorSettings(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "requestsAccepted": + suggest = "requests_accepted" + elif key == "scopeType": + suggest = "scope_type" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyRequestorSettings. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyRequestorSettings.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyRequestorSettings.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + requestors: Optional[Sequence['outputs.AccessPackageAssignmentPolicyRequestorSettingsRequestor']] = None, + requests_accepted: Optional[bool] = None, + scope_type: Optional[str] = None): + """ + :param Sequence['AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs'] requestors: A block specifying the users who are allowed to request on this policy, as documented below. + :param bool requests_accepted: Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + :param str scope_type: Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + """ + if requestors is not None: + pulumi.set(__self__, "requestors", requestors) + if requests_accepted is not None: + pulumi.set(__self__, "requests_accepted", requests_accepted) + if scope_type is not None: + pulumi.set(__self__, "scope_type", scope_type) + + @property + @pulumi.getter + def requestors(self) -> Optional[Sequence['outputs.AccessPackageAssignmentPolicyRequestorSettingsRequestor']]: + """ + A block specifying the users who are allowed to request on this policy, as documented below. + """ + return pulumi.get(self, "requestors") + + @property + @pulumi.getter(name="requestsAccepted") + def requests_accepted(self) -> Optional[bool]: + """ + Whether to accept requests using this policy. When `false`, no new requests can be made using this policy. + """ + return pulumi.get(self, "requests_accepted") + + @property + @pulumi.getter(name="scopeType") + def scope_type(self) -> Optional[str]: + """ + Specifies the scopes of the requestors. Valid values are `AllConfiguredConnectedOrganizationSubjects`, `AllExistingConnectedOrganizationSubjects`, `AllExistingDirectoryMemberUsers`, `AllExistingDirectorySubjects`, `AllExternalSubjects`, `NoSubjects`, `SpecificConnectedOrganizationSubjects`, or `SpecificDirectorySubjects`. + """ + return pulumi.get(self, "scope_type") + + +@pulumi.output_type +class AccessPackageAssignmentPolicyRequestorSettingsRequestor(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "subjectType": + suggest = "subject_type" + elif key == "objectId": + suggest = "object_id" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in AccessPackageAssignmentPolicyRequestorSettingsRequestor. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + AccessPackageAssignmentPolicyRequestorSettingsRequestor.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + AccessPackageAssignmentPolicyRequestorSettingsRequestor.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + subject_type: str, + backup: Optional[bool] = None, + object_id: Optional[str] = None): + """ + :param str subject_type: Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + :param bool backup: For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + :param str object_id: The ID of the subject. + """ + pulumi.set(__self__, "subject_type", subject_type) + if backup is not None: + pulumi.set(__self__, "backup", backup) + if object_id is not None: + pulumi.set(__self__, "object_id", object_id) + + @property + @pulumi.getter(name="subjectType") + def subject_type(self) -> str: + """ + Specifies the type of users. Valid values are `singleUser`, `groupMembers`, `connectedOrganizationMembers`, `requestorManager`, `internalSponsors`, or `externalSponsors`. + """ + return pulumi.get(self, "subject_type") + + @property + @pulumi.getter + def backup(self) -> Optional[bool]: + """ + For a user in an approval stage, this property indicates whether the user is a backup fallback approver. + """ + return pulumi.get(self, "backup") + + @property + @pulumi.getter(name="objectId") + def object_id(self) -> Optional[str]: + """ + The ID of the subject. + """ + return pulumi.get(self, "object_id") + + @pulumi.output_type class ApplicationApi(dict): @staticmethod diff --git a/sdk/python/pulumi_azuread/user_flow_attribute.py b/sdk/python/pulumi_azuread/user_flow_attribute.py new file mode 100644 index 000000000..78121727b --- /dev/null +++ b/sdk/python/pulumi_azuread/user_flow_attribute.py @@ -0,0 +1,330 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['UserFlowAttributeArgs', 'UserFlowAttribute'] + +@pulumi.input_type +class UserFlowAttributeArgs: + def __init__(__self__, *, + data_type: pulumi.Input[str], + description: pulumi.Input[str], + display_name: pulumi.Input[str]): + """ + The set of arguments for constructing a UserFlowAttribute resource. + :param pulumi.Input[str] data_type: The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + :param pulumi.Input[str] description: The description of the user flow attribute that is shown to the user at the time of sign-up. + :param pulumi.Input[str] display_name: The display name of the user flow attribute. Changing this forces a new resource to be created. + """ + pulumi.set(__self__, "data_type", data_type) + pulumi.set(__self__, "description", description) + pulumi.set(__self__, "display_name", display_name) + + @property + @pulumi.getter(name="dataType") + def data_type(self) -> pulumi.Input[str]: + """ + The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "data_type") + + @data_type.setter + def data_type(self, value: pulumi.Input[str]): + pulumi.set(self, "data_type", value) + + @property + @pulumi.getter + def description(self) -> pulumi.Input[str]: + """ + The description of the user flow attribute that is shown to the user at the time of sign-up. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: pulumi.Input[str]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Input[str]: + """ + The display name of the user flow attribute. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: pulumi.Input[str]): + pulumi.set(self, "display_name", value) + + +@pulumi.input_type +class _UserFlowAttributeState: + def __init__(__self__, *, + attribute_type: Optional[pulumi.Input[str]] = None, + data_type: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering UserFlowAttribute resources. + :param pulumi.Input[str] attribute_type: The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + :param pulumi.Input[str] data_type: The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + :param pulumi.Input[str] description: The description of the user flow attribute that is shown to the user at the time of sign-up. + :param pulumi.Input[str] display_name: The display name of the user flow attribute. Changing this forces a new resource to be created. + """ + if attribute_type is not None: + pulumi.set(__self__, "attribute_type", attribute_type) + if data_type is not None: + pulumi.set(__self__, "data_type", data_type) + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + + @property + @pulumi.getter(name="attributeType") + def attribute_type(self) -> Optional[pulumi.Input[str]]: + """ + The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + """ + return pulumi.get(self, "attribute_type") + + @attribute_type.setter + def attribute_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "attribute_type", value) + + @property + @pulumi.getter(name="dataType") + def data_type(self) -> Optional[pulumi.Input[str]]: + """ + The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "data_type") + + @data_type.setter + def data_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "data_type", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + The description of the user flow attribute that is shown to the user at the time of sign-up. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + The display name of the user flow attribute. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + +class UserFlowAttribute(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + data_type: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Manages user flow attributes in an Azure Active Directory (Azure AD) tenant. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All` + + ## Example Usage + + *Basic example* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.UserFlowAttribute("example", + data_type="string", + description="Your hobby", + display_name="Hobby") + ``` + + ## Import + + User flow attributes can be imported using the `id`, e.g. + + ```sh + $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + ``` + + -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] data_type: The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + :param pulumi.Input[str] description: The description of the user flow attribute that is shown to the user at the time of sign-up. + :param pulumi.Input[str] display_name: The display name of the user flow attribute. Changing this forces a new resource to be created. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: UserFlowAttributeArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages user flow attributes in an Azure Active Directory (Azure AD) tenant. + + ## API Permissions + + The following API permissions are required in order to use this resource. + + When authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All` + + ## Example Usage + + *Basic example* + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.UserFlowAttribute("example", + data_type="string", + description="Your hobby", + display_name="Hobby") + ``` + + ## Import + + User flow attributes can be imported using the `id`, e.g. + + ```sh + $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + ``` + + -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). + + :param str resource_name: The name of the resource. + :param UserFlowAttributeArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(UserFlowAttributeArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + data_type: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = UserFlowAttributeArgs.__new__(UserFlowAttributeArgs) + + if data_type is None and not opts.urn: + raise TypeError("Missing required property 'data_type'") + __props__.__dict__["data_type"] = data_type + if description is None and not opts.urn: + raise TypeError("Missing required property 'description'") + __props__.__dict__["description"] = description + if display_name is None and not opts.urn: + raise TypeError("Missing required property 'display_name'") + __props__.__dict__["display_name"] = display_name + __props__.__dict__["attribute_type"] = None + super(UserFlowAttribute, __self__).__init__( + 'azuread:index/userFlowAttribute:UserFlowAttribute', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + attribute_type: Optional[pulumi.Input[str]] = None, + data_type: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None) -> 'UserFlowAttribute': + """ + Get an existing UserFlowAttribute resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] attribute_type: The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + :param pulumi.Input[str] data_type: The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + :param pulumi.Input[str] description: The description of the user flow attribute that is shown to the user at the time of sign-up. + :param pulumi.Input[str] display_name: The display name of the user flow attribute. Changing this forces a new resource to be created. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _UserFlowAttributeState.__new__(_UserFlowAttributeState) + + __props__.__dict__["attribute_type"] = attribute_type + __props__.__dict__["data_type"] = data_type + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + return UserFlowAttribute(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="attributeType") + def attribute_type(self) -> pulumi.Output[str]: + """ + The type of the user flow attribute. Values include `builtIn`, `custom` or `required`. + """ + return pulumi.get(self, "attribute_type") + + @property + @pulumi.getter(name="dataType") + def data_type(self) -> pulumi.Output[str]: + """ + The data type of the user flow attribute. Possible values are `boolean`, `dateTime`, `int64`, `string` or `stringCollection`. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "data_type") + + @property + @pulumi.getter + def description(self) -> pulumi.Output[str]: + """ + The description of the user flow attribute that is shown to the user at the time of sign-up. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Output[str]: + """ + The display name of the user flow attribute. Changing this forces a new resource to be created. + """ + return pulumi.get(self, "display_name") +