Documentation ¶
Index ¶
- type Assignmentdeprecated
- func (*Assignment) ElementType() reflect.Type
- func (i *Assignment) ToAssignmentOutput() AssignmentOutput
- func (i *Assignment) ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput
- func (i *Assignment) ToAssignmentPtrOutput() AssignmentPtrOutput
- func (i *Assignment) ToAssignmentPtrOutputWithContext(ctx context.Context) AssignmentPtrOutput
- type AssignmentArgs
- type AssignmentArray
- type AssignmentArrayInput
- type AssignmentArrayOutput
- func (AssignmentArrayOutput) ElementType() reflect.Type
- func (o AssignmentArrayOutput) Index(i pulumi.IntInput) AssignmentOutput
- func (o AssignmentArrayOutput) ToAssignmentArrayOutput() AssignmentArrayOutput
- func (o AssignmentArrayOutput) ToAssignmentArrayOutputWithContext(ctx context.Context) AssignmentArrayOutput
- type AssignmentInput
- type AssignmentMap
- type AssignmentMapInput
- type AssignmentMapOutput
- func (AssignmentMapOutput) ElementType() reflect.Type
- func (o AssignmentMapOutput) MapIndex(k pulumi.StringInput) AssignmentOutput
- func (o AssignmentMapOutput) ToAssignmentMapOutput() AssignmentMapOutput
- func (o AssignmentMapOutput) ToAssignmentMapOutputWithContext(ctx context.Context) AssignmentMapOutput
- type AssignmentOutput
- func (AssignmentOutput) ElementType() reflect.Type
- func (o AssignmentOutput) ToAssignmentOutput() AssignmentOutput
- func (o AssignmentOutput) ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput
- func (o AssignmentOutput) ToAssignmentPtrOutput() AssignmentPtrOutput
- func (o AssignmentOutput) ToAssignmentPtrOutputWithContext(ctx context.Context) AssignmentPtrOutput
- type AssignmentPtrInput
- type AssignmentPtrOutput
- type AssignmentState
- type Definitiondeprecated
- func (*Definition) ElementType() reflect.Type
- func (i *Definition) ToDefinitionOutput() DefinitionOutput
- func (i *Definition) ToDefinitionOutputWithContext(ctx context.Context) DefinitionOutput
- func (i *Definition) ToDefinitionPtrOutput() DefinitionPtrOutput
- func (i *Definition) ToDefinitionPtrOutputWithContext(ctx context.Context) DefinitionPtrOutput
- type DefinitionArgs
- type DefinitionArray
- type DefinitionArrayInput
- type DefinitionArrayOutput
- func (DefinitionArrayOutput) ElementType() reflect.Type
- func (o DefinitionArrayOutput) Index(i pulumi.IntInput) DefinitionOutput
- func (o DefinitionArrayOutput) ToDefinitionArrayOutput() DefinitionArrayOutput
- func (o DefinitionArrayOutput) ToDefinitionArrayOutputWithContext(ctx context.Context) DefinitionArrayOutput
- type DefinitionInput
- type DefinitionMap
- type DefinitionMapInput
- type DefinitionMapOutput
- func (DefinitionMapOutput) ElementType() reflect.Type
- func (o DefinitionMapOutput) MapIndex(k pulumi.StringInput) DefinitionOutput
- func (o DefinitionMapOutput) ToDefinitionMapOutput() DefinitionMapOutput
- func (o DefinitionMapOutput) ToDefinitionMapOutputWithContext(ctx context.Context) DefinitionMapOutput
- type DefinitionOutput
- func (DefinitionOutput) ElementType() reflect.Type
- func (o DefinitionOutput) ToDefinitionOutput() DefinitionOutput
- func (o DefinitionOutput) ToDefinitionOutputWithContext(ctx context.Context) DefinitionOutput
- func (o DefinitionOutput) ToDefinitionPtrOutput() DefinitionPtrOutput
- func (o DefinitionOutput) ToDefinitionPtrOutputWithContext(ctx context.Context) DefinitionPtrOutput
- type DefinitionPermission
- type DefinitionPermissionArgs
- type DefinitionPermissionArray
- type DefinitionPermissionArrayInput
- type DefinitionPermissionArrayOutput
- func (DefinitionPermissionArrayOutput) ElementType() reflect.Type
- func (o DefinitionPermissionArrayOutput) Index(i pulumi.IntInput) DefinitionPermissionOutput
- func (o DefinitionPermissionArrayOutput) ToDefinitionPermissionArrayOutput() DefinitionPermissionArrayOutput
- func (o DefinitionPermissionArrayOutput) ToDefinitionPermissionArrayOutputWithContext(ctx context.Context) DefinitionPermissionArrayOutput
- type DefinitionPermissionInput
- type DefinitionPermissionOutput
- func (o DefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
- func (o DefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
- func (DefinitionPermissionOutput) ElementType() reflect.Type
- func (o DefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
- func (o DefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
- func (o DefinitionPermissionOutput) ToDefinitionPermissionOutput() DefinitionPermissionOutput
- func (o DefinitionPermissionOutput) ToDefinitionPermissionOutputWithContext(ctx context.Context) DefinitionPermissionOutput
- type DefinitionPtrInput
- type DefinitionPtrOutput
- type DefinitionState
- type GetRoleDefinitionArgs
- type GetRoleDefinitionPermission
- type GetRoleDefinitionPermissionArgs
- func (GetRoleDefinitionPermissionArgs) ElementType() reflect.Type
- func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
- func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
- type GetRoleDefinitionPermissionArray
- func (GetRoleDefinitionPermissionArray) ElementType() reflect.Type
- func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
- func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
- type GetRoleDefinitionPermissionArrayInput
- type GetRoleDefinitionPermissionArrayOutput
- func (GetRoleDefinitionPermissionArrayOutput) ElementType() reflect.Type
- func (o GetRoleDefinitionPermissionArrayOutput) Index(i pulumi.IntInput) GetRoleDefinitionPermissionOutput
- func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
- func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
- type GetRoleDefinitionPermissionInput
- type GetRoleDefinitionPermissionOutput
- func (o GetRoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
- func (o GetRoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
- func (GetRoleDefinitionPermissionOutput) ElementType() reflect.Type
- func (o GetRoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
- func (o GetRoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
- func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
- func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
- type GetRoleDefinitionResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Assignment
deprecated
type Assignment struct { pulumi.CustomResourceState // The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created. Condition pulumi.StringPtrOutput `pulumi:"condition"` // The version of the condition. Possible values are `1.0` or `2.0`. Changing this forces a new resource to be created. ConditionVersion pulumi.StringPtrOutput `pulumi:"conditionVersion"` // The delegated Azure Resource Id which contains a Managed Identity. Changing this forces a new resource to be created. DelegatedManagedIdentityResourceId pulumi.StringPtrOutput `pulumi:"delegatedManagedIdentityResourceId"` // The description for this Role Assignment. Changing this forces a new resource to be created. Description pulumi.StringPtrOutput `pulumi:"description"` // A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created. Name pulumi.StringOutput `pulumi:"name"` // The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created. PrincipalId pulumi.StringOutput `pulumi:"principalId"` // The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc. PrincipalType pulumi.StringOutput `pulumi:"principalType"` // The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`. RoleDefinitionId pulumi.StringOutput `pulumi:"roleDefinitionId"` // The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`. RoleDefinitionName pulumi.StringOutput `pulumi:"roleDefinitionName"` // The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created. Scope pulumi.StringOutput `pulumi:"scope"` // If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`. SkipServicePrincipalAadCheck pulumi.BoolOutput `pulumi:"skipServicePrincipalAadCheck"` }
Assigns a given Principal (User or Group) to a given Role.
## Example Usage ### Using A Built-In Role)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Scope: pulumi.String(primary.Id), RoleDefinitionName: pulumi.String("Reader"), PrincipalId: pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
``` ### Custom Role & Service Principal)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } exampleRoleDefinition, err := authorization.NewRoleDefinition(ctx, "exampleRoleDefinition", &authorization.RoleDefinitionArgs{ RoleDefinitionId: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: pulumi.String(primary.Id), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("Microsoft.Resources/subscriptions/resourceGroups/read"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ pulumi.String(primary.Id), }, }) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Name: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: pulumi.String(primary.Id), RoleDefinitionId: exampleRoleDefinition.RoleDefinitionResourceId, PrincipalId: pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
``` ### Custom Role & User)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } exampleRoleDefinition, err := authorization.NewRoleDefinition(ctx, "exampleRoleDefinition", &authorization.RoleDefinitionArgs{ RoleDefinitionId: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: pulumi.String(primary.Id), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("Microsoft.Resources/subscriptions/resourceGroups/read"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ pulumi.String(primary.Id), }, }) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Name: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: pulumi.String(primary.Id), RoleDefinitionId: exampleRoleDefinition.RoleDefinitionResourceId, PrincipalId: pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
``` ### Custom Role & Management Group)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core" "github.com/pulumi/pulumi-azure/sdk/v4/go/azure/management" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } _, err = management.LookupGroup(ctx, nil, nil) if err != nil { return err } exampleRoleDefinition, err := authorization.NewRoleDefinition(ctx, "exampleRoleDefinition", &authorization.RoleDefinitionArgs{ RoleDefinitionId: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: pulumi.String(primary.Id), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("Microsoft.Resources/subscriptions/resourceGroups/read"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ pulumi.String(primary.Id), }, }) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Name: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: pulumi.Any(data.Azurerm_management_group.Primary.Id), RoleDefinitionId: exampleRoleDefinition.RoleDefinitionResourceId, PrincipalId: pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
```
## Import
Role Assignments can be imported using the `resource id`, e.g.
```sh
$ pulumi import azure:role/assignment:Assignment example /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000
```
- for scope `Subscription`, the id format is `/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000` - for scope `Resource Group`, the id format is `/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000` /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000|00000000-0000-0000-0000-000000000000
Deprecated: azure.role.Assignment has been deprecated in favor of azure.authorization.Assignment
func GetAssignment ¶
func GetAssignment(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AssignmentState, opts ...pulumi.ResourceOption) (*Assignment, error)
GetAssignment gets an existing Assignment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAssignment ¶
func NewAssignment(ctx *pulumi.Context, name string, args *AssignmentArgs, opts ...pulumi.ResourceOption) (*Assignment, error)
NewAssignment registers a new resource with the given unique name, arguments, and options.
func (*Assignment) ElementType ¶
func (*Assignment) ElementType() reflect.Type
func (*Assignment) ToAssignmentOutput ¶
func (i *Assignment) ToAssignmentOutput() AssignmentOutput
func (*Assignment) ToAssignmentOutputWithContext ¶
func (i *Assignment) ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput
func (*Assignment) ToAssignmentPtrOutput ¶
func (i *Assignment) ToAssignmentPtrOutput() AssignmentPtrOutput
func (*Assignment) ToAssignmentPtrOutputWithContext ¶
func (i *Assignment) ToAssignmentPtrOutputWithContext(ctx context.Context) AssignmentPtrOutput
type AssignmentArgs ¶
type AssignmentArgs struct { // The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created. Condition pulumi.StringPtrInput // The version of the condition. Possible values are `1.0` or `2.0`. Changing this forces a new resource to be created. ConditionVersion pulumi.StringPtrInput // The delegated Azure Resource Id which contains a Managed Identity. Changing this forces a new resource to be created. DelegatedManagedIdentityResourceId pulumi.StringPtrInput // The description for this Role Assignment. Changing this forces a new resource to be created. Description pulumi.StringPtrInput // A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created. Name pulumi.StringPtrInput // The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created. PrincipalId pulumi.StringInput // The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`. RoleDefinitionId pulumi.StringPtrInput // The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`. RoleDefinitionName pulumi.StringPtrInput // The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created. Scope pulumi.StringInput // If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`. SkipServicePrincipalAadCheck pulumi.BoolPtrInput }
The set of arguments for constructing a Assignment resource.
func (AssignmentArgs) ElementType ¶
func (AssignmentArgs) ElementType() reflect.Type
type AssignmentArray ¶
type AssignmentArray []AssignmentInput
func (AssignmentArray) ElementType ¶
func (AssignmentArray) ElementType() reflect.Type
func (AssignmentArray) ToAssignmentArrayOutput ¶
func (i AssignmentArray) ToAssignmentArrayOutput() AssignmentArrayOutput
func (AssignmentArray) ToAssignmentArrayOutputWithContext ¶
func (i AssignmentArray) ToAssignmentArrayOutputWithContext(ctx context.Context) AssignmentArrayOutput
type AssignmentArrayInput ¶
type AssignmentArrayInput interface { pulumi.Input ToAssignmentArrayOutput() AssignmentArrayOutput ToAssignmentArrayOutputWithContext(context.Context) AssignmentArrayOutput }
AssignmentArrayInput is an input type that accepts AssignmentArray and AssignmentArrayOutput values. You can construct a concrete instance of `AssignmentArrayInput` via:
AssignmentArray{ AssignmentArgs{...} }
type AssignmentArrayOutput ¶
type AssignmentArrayOutput struct{ *pulumi.OutputState }
func (AssignmentArrayOutput) ElementType ¶
func (AssignmentArrayOutput) ElementType() reflect.Type
func (AssignmentArrayOutput) Index ¶
func (o AssignmentArrayOutput) Index(i pulumi.IntInput) AssignmentOutput
func (AssignmentArrayOutput) ToAssignmentArrayOutput ¶
func (o AssignmentArrayOutput) ToAssignmentArrayOutput() AssignmentArrayOutput
func (AssignmentArrayOutput) ToAssignmentArrayOutputWithContext ¶
func (o AssignmentArrayOutput) ToAssignmentArrayOutputWithContext(ctx context.Context) AssignmentArrayOutput
type AssignmentInput ¶
type AssignmentInput interface { pulumi.Input ToAssignmentOutput() AssignmentOutput ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput }
type AssignmentMap ¶
type AssignmentMap map[string]AssignmentInput
func (AssignmentMap) ElementType ¶
func (AssignmentMap) ElementType() reflect.Type
func (AssignmentMap) ToAssignmentMapOutput ¶
func (i AssignmentMap) ToAssignmentMapOutput() AssignmentMapOutput
func (AssignmentMap) ToAssignmentMapOutputWithContext ¶
func (i AssignmentMap) ToAssignmentMapOutputWithContext(ctx context.Context) AssignmentMapOutput
type AssignmentMapInput ¶
type AssignmentMapInput interface { pulumi.Input ToAssignmentMapOutput() AssignmentMapOutput ToAssignmentMapOutputWithContext(context.Context) AssignmentMapOutput }
AssignmentMapInput is an input type that accepts AssignmentMap and AssignmentMapOutput values. You can construct a concrete instance of `AssignmentMapInput` via:
AssignmentMap{ "key": AssignmentArgs{...} }
type AssignmentMapOutput ¶
type AssignmentMapOutput struct{ *pulumi.OutputState }
func (AssignmentMapOutput) ElementType ¶
func (AssignmentMapOutput) ElementType() reflect.Type
func (AssignmentMapOutput) MapIndex ¶
func (o AssignmentMapOutput) MapIndex(k pulumi.StringInput) AssignmentOutput
func (AssignmentMapOutput) ToAssignmentMapOutput ¶
func (o AssignmentMapOutput) ToAssignmentMapOutput() AssignmentMapOutput
func (AssignmentMapOutput) ToAssignmentMapOutputWithContext ¶
func (o AssignmentMapOutput) ToAssignmentMapOutputWithContext(ctx context.Context) AssignmentMapOutput
type AssignmentOutput ¶
type AssignmentOutput struct {
*pulumi.OutputState
}
func (AssignmentOutput) ElementType ¶
func (AssignmentOutput) ElementType() reflect.Type
func (AssignmentOutput) ToAssignmentOutput ¶
func (o AssignmentOutput) ToAssignmentOutput() AssignmentOutput
func (AssignmentOutput) ToAssignmentOutputWithContext ¶
func (o AssignmentOutput) ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput
func (AssignmentOutput) ToAssignmentPtrOutput ¶
func (o AssignmentOutput) ToAssignmentPtrOutput() AssignmentPtrOutput
func (AssignmentOutput) ToAssignmentPtrOutputWithContext ¶
func (o AssignmentOutput) ToAssignmentPtrOutputWithContext(ctx context.Context) AssignmentPtrOutput
type AssignmentPtrInput ¶
type AssignmentPtrInput interface { pulumi.Input ToAssignmentPtrOutput() AssignmentPtrOutput ToAssignmentPtrOutputWithContext(ctx context.Context) AssignmentPtrOutput }
type AssignmentPtrOutput ¶
type AssignmentPtrOutput struct {
*pulumi.OutputState
}
func (AssignmentPtrOutput) ElementType ¶
func (AssignmentPtrOutput) ElementType() reflect.Type
func (AssignmentPtrOutput) ToAssignmentPtrOutput ¶
func (o AssignmentPtrOutput) ToAssignmentPtrOutput() AssignmentPtrOutput
func (AssignmentPtrOutput) ToAssignmentPtrOutputWithContext ¶
func (o AssignmentPtrOutput) ToAssignmentPtrOutputWithContext(ctx context.Context) AssignmentPtrOutput
type AssignmentState ¶
type AssignmentState struct { // The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created. Condition pulumi.StringPtrInput // The version of the condition. Possible values are `1.0` or `2.0`. Changing this forces a new resource to be created. ConditionVersion pulumi.StringPtrInput // The delegated Azure Resource Id which contains a Managed Identity. Changing this forces a new resource to be created. DelegatedManagedIdentityResourceId pulumi.StringPtrInput // The description for this Role Assignment. Changing this forces a new resource to be created. Description pulumi.StringPtrInput // A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created. Name pulumi.StringPtrInput // The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created. PrincipalId pulumi.StringPtrInput // The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc. PrincipalType pulumi.StringPtrInput // The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`. RoleDefinitionId pulumi.StringPtrInput // The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`. RoleDefinitionName pulumi.StringPtrInput // The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created. Scope pulumi.StringPtrInput // If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`. SkipServicePrincipalAadCheck pulumi.BoolPtrInput }
func (AssignmentState) ElementType ¶
func (AssignmentState) ElementType() reflect.Type
type Definition
deprecated
type Definition struct { pulumi.CustomResourceState // One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. AssignableScopes pulumi.StringArrayOutput `pulumi:"assignableScopes"` // A description of the Role Definition. Description pulumi.StringPtrOutput `pulumi:"description"` // The name of the Role Definition. Changing this forces a new resource to be created. Name pulumi.StringOutput `pulumi:"name"` // A `permissions` block as defined below. Permissions DefinitionPermissionArrayOutput `pulumi:"permissions"` // A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created. RoleDefinitionId pulumi.StringOutput `pulumi:"roleDefinitionId"` // The Azure Resource Manager ID for the resource. RoleDefinitionResourceId pulumi.StringOutput `pulumi:"roleDefinitionResourceId"` // The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. It is recommended to use the first entry of the `assignableScopes`. Changing this forces a new resource to be created. Scope pulumi.StringOutput `pulumi:"scope"` }
Manages a custom Role Definition, used to assign Roles to Users/Principals. See ['Understand role definitions'](https://docs.microsoft.com/en-us/azure/role-based-access-control/role-definitions) in the Azure documentation for more details.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } _, err = authorization.NewRoleDefinition(ctx, "example", &authorization.RoleDefinitionArgs{ Scope: pulumi.String(primary.Id), Description: pulumi.String("This is a custom role created"), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("*"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ pulumi.String(primary.Id), }, }) if err != nil { return err } return nil }) }
```
## Import
Role Definitions can be imported using the `resource id`, e.g.
```sh
$ pulumi import azure:role/definition:Definition example "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/00000000-0000-0000-0000-000000000000|/subscriptions/00000000-0000-0000-0000-000000000000"
```
Deprecated: azure.role.Definition has been deprecated in favor of azure.authorization.RoleDefinition
func GetDefinition ¶
func GetDefinition(ctx *pulumi.Context, name string, id pulumi.IDInput, state *DefinitionState, opts ...pulumi.ResourceOption) (*Definition, error)
GetDefinition gets an existing Definition resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewDefinition ¶
func NewDefinition(ctx *pulumi.Context, name string, args *DefinitionArgs, opts ...pulumi.ResourceOption) (*Definition, error)
NewDefinition registers a new resource with the given unique name, arguments, and options.
func (*Definition) ElementType ¶
func (*Definition) ElementType() reflect.Type
func (*Definition) ToDefinitionOutput ¶
func (i *Definition) ToDefinitionOutput() DefinitionOutput
func (*Definition) ToDefinitionOutputWithContext ¶
func (i *Definition) ToDefinitionOutputWithContext(ctx context.Context) DefinitionOutput
func (*Definition) ToDefinitionPtrOutput ¶
func (i *Definition) ToDefinitionPtrOutput() DefinitionPtrOutput
func (*Definition) ToDefinitionPtrOutputWithContext ¶
func (i *Definition) ToDefinitionPtrOutputWithContext(ctx context.Context) DefinitionPtrOutput
type DefinitionArgs ¶
type DefinitionArgs struct { // One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. AssignableScopes pulumi.StringArrayInput // A description of the Role Definition. Description pulumi.StringPtrInput // The name of the Role Definition. Changing this forces a new resource to be created. Name pulumi.StringPtrInput // A `permissions` block as defined below. Permissions DefinitionPermissionArrayInput // A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created. RoleDefinitionId pulumi.StringPtrInput // The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. It is recommended to use the first entry of the `assignableScopes`. Changing this forces a new resource to be created. Scope pulumi.StringInput }
The set of arguments for constructing a Definition resource.
func (DefinitionArgs) ElementType ¶
func (DefinitionArgs) ElementType() reflect.Type
type DefinitionArray ¶
type DefinitionArray []DefinitionInput
func (DefinitionArray) ElementType ¶
func (DefinitionArray) ElementType() reflect.Type
func (DefinitionArray) ToDefinitionArrayOutput ¶
func (i DefinitionArray) ToDefinitionArrayOutput() DefinitionArrayOutput
func (DefinitionArray) ToDefinitionArrayOutputWithContext ¶
func (i DefinitionArray) ToDefinitionArrayOutputWithContext(ctx context.Context) DefinitionArrayOutput
type DefinitionArrayInput ¶
type DefinitionArrayInput interface { pulumi.Input ToDefinitionArrayOutput() DefinitionArrayOutput ToDefinitionArrayOutputWithContext(context.Context) DefinitionArrayOutput }
DefinitionArrayInput is an input type that accepts DefinitionArray and DefinitionArrayOutput values. You can construct a concrete instance of `DefinitionArrayInput` via:
DefinitionArray{ DefinitionArgs{...} }
type DefinitionArrayOutput ¶
type DefinitionArrayOutput struct{ *pulumi.OutputState }
func (DefinitionArrayOutput) ElementType ¶
func (DefinitionArrayOutput) ElementType() reflect.Type
func (DefinitionArrayOutput) Index ¶
func (o DefinitionArrayOutput) Index(i pulumi.IntInput) DefinitionOutput
func (DefinitionArrayOutput) ToDefinitionArrayOutput ¶
func (o DefinitionArrayOutput) ToDefinitionArrayOutput() DefinitionArrayOutput
func (DefinitionArrayOutput) ToDefinitionArrayOutputWithContext ¶
func (o DefinitionArrayOutput) ToDefinitionArrayOutputWithContext(ctx context.Context) DefinitionArrayOutput
type DefinitionInput ¶
type DefinitionInput interface { pulumi.Input ToDefinitionOutput() DefinitionOutput ToDefinitionOutputWithContext(ctx context.Context) DefinitionOutput }
type DefinitionMap ¶
type DefinitionMap map[string]DefinitionInput
func (DefinitionMap) ElementType ¶
func (DefinitionMap) ElementType() reflect.Type
func (DefinitionMap) ToDefinitionMapOutput ¶
func (i DefinitionMap) ToDefinitionMapOutput() DefinitionMapOutput
func (DefinitionMap) ToDefinitionMapOutputWithContext ¶
func (i DefinitionMap) ToDefinitionMapOutputWithContext(ctx context.Context) DefinitionMapOutput
type DefinitionMapInput ¶
type DefinitionMapInput interface { pulumi.Input ToDefinitionMapOutput() DefinitionMapOutput ToDefinitionMapOutputWithContext(context.Context) DefinitionMapOutput }
DefinitionMapInput is an input type that accepts DefinitionMap and DefinitionMapOutput values. You can construct a concrete instance of `DefinitionMapInput` via:
DefinitionMap{ "key": DefinitionArgs{...} }
type DefinitionMapOutput ¶
type DefinitionMapOutput struct{ *pulumi.OutputState }
func (DefinitionMapOutput) ElementType ¶
func (DefinitionMapOutput) ElementType() reflect.Type
func (DefinitionMapOutput) MapIndex ¶
func (o DefinitionMapOutput) MapIndex(k pulumi.StringInput) DefinitionOutput
func (DefinitionMapOutput) ToDefinitionMapOutput ¶
func (o DefinitionMapOutput) ToDefinitionMapOutput() DefinitionMapOutput
func (DefinitionMapOutput) ToDefinitionMapOutputWithContext ¶
func (o DefinitionMapOutput) ToDefinitionMapOutputWithContext(ctx context.Context) DefinitionMapOutput
type DefinitionOutput ¶
type DefinitionOutput struct {
*pulumi.OutputState
}
func (DefinitionOutput) ElementType ¶
func (DefinitionOutput) ElementType() reflect.Type
func (DefinitionOutput) ToDefinitionOutput ¶
func (o DefinitionOutput) ToDefinitionOutput() DefinitionOutput
func (DefinitionOutput) ToDefinitionOutputWithContext ¶
func (o DefinitionOutput) ToDefinitionOutputWithContext(ctx context.Context) DefinitionOutput
func (DefinitionOutput) ToDefinitionPtrOutput ¶
func (o DefinitionOutput) ToDefinitionPtrOutput() DefinitionPtrOutput
func (DefinitionOutput) ToDefinitionPtrOutputWithContext ¶
func (o DefinitionOutput) ToDefinitionPtrOutputWithContext(ctx context.Context) DefinitionPtrOutput
type DefinitionPermission ¶
type DefinitionPermission struct { // One or more Allowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. Actions []string `pulumi:"actions"` // One or more Allowed Data Actions, such as `*`, `Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. DataActions []string `pulumi:"dataActions"` // One or more Disallowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. NotActions []string `pulumi:"notActions"` // One or more Disallowed Data Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. NotDataActions []string `pulumi:"notDataActions"` }
type DefinitionPermissionArgs ¶
type DefinitionPermissionArgs struct { // One or more Allowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. Actions pulumi.StringArrayInput `pulumi:"actions"` // One or more Allowed Data Actions, such as `*`, `Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. DataActions pulumi.StringArrayInput `pulumi:"dataActions"` // One or more Disallowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. NotActions pulumi.StringArrayInput `pulumi:"notActions"` // One or more Disallowed Data Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details. NotDataActions pulumi.StringArrayInput `pulumi:"notDataActions"` }
func (DefinitionPermissionArgs) ElementType ¶
func (DefinitionPermissionArgs) ElementType() reflect.Type
func (DefinitionPermissionArgs) ToDefinitionPermissionOutput ¶
func (i DefinitionPermissionArgs) ToDefinitionPermissionOutput() DefinitionPermissionOutput
func (DefinitionPermissionArgs) ToDefinitionPermissionOutputWithContext ¶
func (i DefinitionPermissionArgs) ToDefinitionPermissionOutputWithContext(ctx context.Context) DefinitionPermissionOutput
type DefinitionPermissionArray ¶
type DefinitionPermissionArray []DefinitionPermissionInput
func (DefinitionPermissionArray) ElementType ¶
func (DefinitionPermissionArray) ElementType() reflect.Type
func (DefinitionPermissionArray) ToDefinitionPermissionArrayOutput ¶
func (i DefinitionPermissionArray) ToDefinitionPermissionArrayOutput() DefinitionPermissionArrayOutput
func (DefinitionPermissionArray) ToDefinitionPermissionArrayOutputWithContext ¶
func (i DefinitionPermissionArray) ToDefinitionPermissionArrayOutputWithContext(ctx context.Context) DefinitionPermissionArrayOutput
type DefinitionPermissionArrayInput ¶
type DefinitionPermissionArrayInput interface { pulumi.Input ToDefinitionPermissionArrayOutput() DefinitionPermissionArrayOutput ToDefinitionPermissionArrayOutputWithContext(context.Context) DefinitionPermissionArrayOutput }
DefinitionPermissionArrayInput is an input type that accepts DefinitionPermissionArray and DefinitionPermissionArrayOutput values. You can construct a concrete instance of `DefinitionPermissionArrayInput` via:
DefinitionPermissionArray{ DefinitionPermissionArgs{...} }
type DefinitionPermissionArrayOutput ¶
type DefinitionPermissionArrayOutput struct{ *pulumi.OutputState }
func (DefinitionPermissionArrayOutput) ElementType ¶
func (DefinitionPermissionArrayOutput) ElementType() reflect.Type
func (DefinitionPermissionArrayOutput) Index ¶
func (o DefinitionPermissionArrayOutput) Index(i pulumi.IntInput) DefinitionPermissionOutput
func (DefinitionPermissionArrayOutput) ToDefinitionPermissionArrayOutput ¶
func (o DefinitionPermissionArrayOutput) ToDefinitionPermissionArrayOutput() DefinitionPermissionArrayOutput
func (DefinitionPermissionArrayOutput) ToDefinitionPermissionArrayOutputWithContext ¶
func (o DefinitionPermissionArrayOutput) ToDefinitionPermissionArrayOutputWithContext(ctx context.Context) DefinitionPermissionArrayOutput
type DefinitionPermissionInput ¶
type DefinitionPermissionInput interface { pulumi.Input ToDefinitionPermissionOutput() DefinitionPermissionOutput ToDefinitionPermissionOutputWithContext(context.Context) DefinitionPermissionOutput }
DefinitionPermissionInput is an input type that accepts DefinitionPermissionArgs and DefinitionPermissionOutput values. You can construct a concrete instance of `DefinitionPermissionInput` via:
DefinitionPermissionArgs{...}
type DefinitionPermissionOutput ¶
type DefinitionPermissionOutput struct{ *pulumi.OutputState }
func (DefinitionPermissionOutput) Actions ¶
func (o DefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
One or more Allowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details.
func (DefinitionPermissionOutput) DataActions ¶
func (o DefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
One or more Allowed Data Actions, such as `*`, `Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details.
func (DefinitionPermissionOutput) ElementType ¶
func (DefinitionPermissionOutput) ElementType() reflect.Type
func (DefinitionPermissionOutput) NotActions ¶
func (o DefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
One or more Disallowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details.
func (DefinitionPermissionOutput) NotDataActions ¶
func (o DefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
One or more Disallowed Data Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations) for details.
func (DefinitionPermissionOutput) ToDefinitionPermissionOutput ¶
func (o DefinitionPermissionOutput) ToDefinitionPermissionOutput() DefinitionPermissionOutput
func (DefinitionPermissionOutput) ToDefinitionPermissionOutputWithContext ¶
func (o DefinitionPermissionOutput) ToDefinitionPermissionOutputWithContext(ctx context.Context) DefinitionPermissionOutput
type DefinitionPtrInput ¶
type DefinitionPtrInput interface { pulumi.Input ToDefinitionPtrOutput() DefinitionPtrOutput ToDefinitionPtrOutputWithContext(ctx context.Context) DefinitionPtrOutput }
type DefinitionPtrOutput ¶
type DefinitionPtrOutput struct {
*pulumi.OutputState
}
func (DefinitionPtrOutput) ElementType ¶
func (DefinitionPtrOutput) ElementType() reflect.Type
func (DefinitionPtrOutput) ToDefinitionPtrOutput ¶
func (o DefinitionPtrOutput) ToDefinitionPtrOutput() DefinitionPtrOutput
func (DefinitionPtrOutput) ToDefinitionPtrOutputWithContext ¶
func (o DefinitionPtrOutput) ToDefinitionPtrOutputWithContext(ctx context.Context) DefinitionPtrOutput
type DefinitionState ¶
type DefinitionState struct { // One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. AssignableScopes pulumi.StringArrayInput // A description of the Role Definition. Description pulumi.StringPtrInput // The name of the Role Definition. Changing this forces a new resource to be created. Name pulumi.StringPtrInput // A `permissions` block as defined below. Permissions DefinitionPermissionArrayInput // A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created. RoleDefinitionId pulumi.StringPtrInput // The Azure Resource Manager ID for the resource. RoleDefinitionResourceId pulumi.StringPtrInput // The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. It is recommended to use the first entry of the `assignableScopes`. Changing this forces a new resource to be created. Scope pulumi.StringPtrInput }
func (DefinitionState) ElementType ¶
func (DefinitionState) ElementType() reflect.Type
type GetRoleDefinitionArgs ¶
type GetRoleDefinitionArgs struct { Name *string `pulumi:"name"` RoleDefinitionId *string `pulumi:"roleDefinitionId"` Scope *string `pulumi:"scope"` }
A collection of arguments for invoking getRoleDefinition.
type GetRoleDefinitionPermissionArgs ¶
type GetRoleDefinitionPermissionArgs struct { Actions pulumi.StringArrayInput `pulumi:"actions"` DataActions pulumi.StringArrayInput `pulumi:"dataActions"` NotActions pulumi.StringArrayInput `pulumi:"notActions"` NotDataActions pulumi.StringArrayInput `pulumi:"notDataActions"` }
func (GetRoleDefinitionPermissionArgs) ElementType ¶
func (GetRoleDefinitionPermissionArgs) ElementType() reflect.Type
func (GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput ¶
func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
func (GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext ¶
func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
type GetRoleDefinitionPermissionArray ¶
type GetRoleDefinitionPermissionArray []GetRoleDefinitionPermissionInput
func (GetRoleDefinitionPermissionArray) ElementType ¶
func (GetRoleDefinitionPermissionArray) ElementType() reflect.Type
func (GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput ¶
func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
func (GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext ¶
func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
type GetRoleDefinitionPermissionArrayInput ¶
type GetRoleDefinitionPermissionArrayInput interface { pulumi.Input ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput ToGetRoleDefinitionPermissionArrayOutputWithContext(context.Context) GetRoleDefinitionPermissionArrayOutput }
GetRoleDefinitionPermissionArrayInput is an input type that accepts GetRoleDefinitionPermissionArray and GetRoleDefinitionPermissionArrayOutput values. You can construct a concrete instance of `GetRoleDefinitionPermissionArrayInput` via:
GetRoleDefinitionPermissionArray{ GetRoleDefinitionPermissionArgs{...} }
type GetRoleDefinitionPermissionArrayOutput ¶
type GetRoleDefinitionPermissionArrayOutput struct{ *pulumi.OutputState }
func (GetRoleDefinitionPermissionArrayOutput) ElementType ¶
func (GetRoleDefinitionPermissionArrayOutput) ElementType() reflect.Type
func (GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput ¶
func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
func (GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext ¶
func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
type GetRoleDefinitionPermissionInput ¶
type GetRoleDefinitionPermissionInput interface { pulumi.Input ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput ToGetRoleDefinitionPermissionOutputWithContext(context.Context) GetRoleDefinitionPermissionOutput }
GetRoleDefinitionPermissionInput is an input type that accepts GetRoleDefinitionPermissionArgs and GetRoleDefinitionPermissionOutput values. You can construct a concrete instance of `GetRoleDefinitionPermissionInput` via:
GetRoleDefinitionPermissionArgs{...}
type GetRoleDefinitionPermissionOutput ¶
type GetRoleDefinitionPermissionOutput struct{ *pulumi.OutputState }
func (GetRoleDefinitionPermissionOutput) Actions ¶
func (o GetRoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
func (GetRoleDefinitionPermissionOutput) DataActions ¶
func (o GetRoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
func (GetRoleDefinitionPermissionOutput) ElementType ¶
func (GetRoleDefinitionPermissionOutput) ElementType() reflect.Type
func (GetRoleDefinitionPermissionOutput) NotActions ¶
func (o GetRoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
func (GetRoleDefinitionPermissionOutput) NotDataActions ¶
func (o GetRoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
func (GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput ¶
func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
func (GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext ¶
func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
type GetRoleDefinitionResult ¶
type GetRoleDefinitionResult struct { AssignableScopes []string `pulumi:"assignableScopes"` Description string `pulumi:"description"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Name string `pulumi:"name"` Permissions []GetRoleDefinitionPermission `pulumi:"permissions"` RoleDefinitionId string `pulumi:"roleDefinitionId"` Scope *string `pulumi:"scope"` Type string `pulumi:"type"` }
A collection of values returned by getRoleDefinition.
func GetRoleDefinition
deprecated
func GetRoleDefinition(ctx *pulumi.Context, args *GetRoleDefinitionArgs, opts ...pulumi.InvokeOption) (*GetRoleDefinitionResult, error)
Deprecated: azure.role.getRoleDefinition has been deprecated in favor of azure.authorization.getRoleDefinition