Documentation ¶
Index ¶
- type Assignment
- type AssignmentArgs
- type AssignmentArray
- type AssignmentArrayInput
- type AssignmentArrayOutput
- func (AssignmentArrayOutput) ElementType() reflect.Type
- func (o AssignmentArrayOutput) Index(i pulumi.IntInput) AssignmentOutput
- func (o AssignmentArrayOutput) ToAssignmentArrayOutput() AssignmentArrayOutput
- func (o AssignmentArrayOutput) ToAssignmentArrayOutputWithContext(ctx context.Context) AssignmentArrayOutput
- type AssignmentInput
- type AssignmentMap
- type AssignmentMapInput
- type AssignmentMapOutput
- func (AssignmentMapOutput) ElementType() reflect.Type
- func (o AssignmentMapOutput) MapIndex(k pulumi.StringInput) AssignmentOutput
- func (o AssignmentMapOutput) ToAssignmentMapOutput() AssignmentMapOutput
- func (o AssignmentMapOutput) ToAssignmentMapOutputWithContext(ctx context.Context) AssignmentMapOutput
- type AssignmentOutput
- func (o AssignmentOutput) Condition() pulumi.StringPtrOutput
- func (o AssignmentOutput) ConditionVersion() pulumi.StringPtrOutput
- func (o AssignmentOutput) DelegatedManagedIdentityResourceId() pulumi.StringPtrOutput
- func (o AssignmentOutput) Description() pulumi.StringPtrOutput
- func (AssignmentOutput) ElementType() reflect.Type
- func (o AssignmentOutput) Name() pulumi.StringOutput
- func (o AssignmentOutput) PrincipalId() pulumi.StringOutput
- func (o AssignmentOutput) PrincipalType() pulumi.StringOutput
- func (o AssignmentOutput) RoleDefinitionId() pulumi.StringOutput
- func (o AssignmentOutput) RoleDefinitionName() pulumi.StringOutput
- func (o AssignmentOutput) Scope() pulumi.StringOutput
- func (o AssignmentOutput) SkipServicePrincipalAadCheck() pulumi.BoolOutput
- func (o AssignmentOutput) ToAssignmentOutput() AssignmentOutput
- func (o AssignmentOutput) ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput
- type AssignmentState
- type GetRoleDefinitionPermission
- type GetRoleDefinitionPermissionArgs
- func (GetRoleDefinitionPermissionArgs) ElementType() reflect.Type
- func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
- func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
- type GetRoleDefinitionPermissionArray
- func (GetRoleDefinitionPermissionArray) ElementType() reflect.Type
- func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
- func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
- type GetRoleDefinitionPermissionArrayInput
- type GetRoleDefinitionPermissionArrayOutput
- func (GetRoleDefinitionPermissionArrayOutput) ElementType() reflect.Type
- func (o GetRoleDefinitionPermissionArrayOutput) Index(i pulumi.IntInput) GetRoleDefinitionPermissionOutput
- func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
- func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
- type GetRoleDefinitionPermissionInput
- type GetRoleDefinitionPermissionOutput
- func (o GetRoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
- func (o GetRoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
- func (GetRoleDefinitionPermissionOutput) ElementType() reflect.Type
- func (o GetRoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
- func (o GetRoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
- func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
- func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
- type LookupRoleDefinitionArgs
- type LookupRoleDefinitionOutputArgs
- type LookupRoleDefinitionResult
- type LookupRoleDefinitionResultOutput
- func (o LookupRoleDefinitionResultOutput) AssignableScopes() pulumi.StringArrayOutput
- func (o LookupRoleDefinitionResultOutput) Description() pulumi.StringOutput
- func (LookupRoleDefinitionResultOutput) ElementType() reflect.Type
- func (o LookupRoleDefinitionResultOutput) Id() pulumi.StringOutput
- func (o LookupRoleDefinitionResultOutput) Name() pulumi.StringOutput
- func (o LookupRoleDefinitionResultOutput) Permissions() GetRoleDefinitionPermissionArrayOutput
- func (o LookupRoleDefinitionResultOutput) RoleDefinitionId() pulumi.StringOutput
- func (o LookupRoleDefinitionResultOutput) Scope() pulumi.StringPtrOutput
- func (o LookupRoleDefinitionResultOutput) ToLookupRoleDefinitionResultOutput() LookupRoleDefinitionResultOutput
- func (o LookupRoleDefinitionResultOutput) ToLookupRoleDefinitionResultOutputWithContext(ctx context.Context) LookupRoleDefinitionResultOutput
- func (o LookupRoleDefinitionResultOutput) Type() pulumi.StringOutput
- type LookupUserAssignedIdentityArgs
- type LookupUserAssignedIdentityOutputArgs
- type LookupUserAssignedIdentityResult
- type LookupUserAssignedIdentityResultOutput
- func (o LookupUserAssignedIdentityResultOutput) ClientId() pulumi.StringOutput
- func (LookupUserAssignedIdentityResultOutput) ElementType() reflect.Type
- func (o LookupUserAssignedIdentityResultOutput) Id() pulumi.StringOutput
- func (o LookupUserAssignedIdentityResultOutput) Location() pulumi.StringOutput
- func (o LookupUserAssignedIdentityResultOutput) Name() pulumi.StringOutput
- func (o LookupUserAssignedIdentityResultOutput) PrincipalId() pulumi.StringOutput
- func (o LookupUserAssignedIdentityResultOutput) ResourceGroupName() pulumi.StringOutput
- func (o LookupUserAssignedIdentityResultOutput) Tags() pulumi.StringMapOutput
- func (o LookupUserAssignedIdentityResultOutput) TenantId() pulumi.StringOutput
- func (o LookupUserAssignedIdentityResultOutput) ToLookupUserAssignedIdentityResultOutput() LookupUserAssignedIdentityResultOutput
- func (o LookupUserAssignedIdentityResultOutput) ToLookupUserAssignedIdentityResultOutputWithContext(ctx context.Context) LookupUserAssignedIdentityResultOutput
- type RoleDefinition
- type RoleDefinitionArgs
- type RoleDefinitionArray
- type RoleDefinitionArrayInput
- type RoleDefinitionArrayOutput
- func (RoleDefinitionArrayOutput) ElementType() reflect.Type
- func (o RoleDefinitionArrayOutput) Index(i pulumi.IntInput) RoleDefinitionOutput
- func (o RoleDefinitionArrayOutput) ToRoleDefinitionArrayOutput() RoleDefinitionArrayOutput
- func (o RoleDefinitionArrayOutput) ToRoleDefinitionArrayOutputWithContext(ctx context.Context) RoleDefinitionArrayOutput
- type RoleDefinitionInput
- type RoleDefinitionMap
- type RoleDefinitionMapInput
- type RoleDefinitionMapOutput
- func (RoleDefinitionMapOutput) ElementType() reflect.Type
- func (o RoleDefinitionMapOutput) MapIndex(k pulumi.StringInput) RoleDefinitionOutput
- func (o RoleDefinitionMapOutput) ToRoleDefinitionMapOutput() RoleDefinitionMapOutput
- func (o RoleDefinitionMapOutput) ToRoleDefinitionMapOutputWithContext(ctx context.Context) RoleDefinitionMapOutput
- type RoleDefinitionOutput
- func (o RoleDefinitionOutput) AssignableScopes() pulumi.StringArrayOutput
- func (o RoleDefinitionOutput) Description() pulumi.StringPtrOutput
- func (RoleDefinitionOutput) ElementType() reflect.Type
- func (o RoleDefinitionOutput) Name() pulumi.StringOutput
- func (o RoleDefinitionOutput) Permissions() RoleDefinitionPermissionArrayOutput
- func (o RoleDefinitionOutput) RoleDefinitionId() pulumi.StringOutput
- func (o RoleDefinitionOutput) RoleDefinitionResourceId() pulumi.StringOutput
- func (o RoleDefinitionOutput) Scope() pulumi.StringOutput
- func (o RoleDefinitionOutput) ToRoleDefinitionOutput() RoleDefinitionOutput
- func (o RoleDefinitionOutput) ToRoleDefinitionOutputWithContext(ctx context.Context) RoleDefinitionOutput
- type RoleDefinitionPermission
- type RoleDefinitionPermissionArgs
- func (RoleDefinitionPermissionArgs) ElementType() reflect.Type
- func (i RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput
- func (i RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutputWithContext(ctx context.Context) RoleDefinitionPermissionOutput
- type RoleDefinitionPermissionArray
- func (RoleDefinitionPermissionArray) ElementType() reflect.Type
- func (i RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput
- func (i RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) RoleDefinitionPermissionArrayOutput
- type RoleDefinitionPermissionArrayInput
- type RoleDefinitionPermissionArrayOutput
- func (RoleDefinitionPermissionArrayOutput) ElementType() reflect.Type
- func (o RoleDefinitionPermissionArrayOutput) Index(i pulumi.IntInput) RoleDefinitionPermissionOutput
- func (o RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput
- func (o RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) RoleDefinitionPermissionArrayOutput
- type RoleDefinitionPermissionInput
- type RoleDefinitionPermissionOutput
- func (o RoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
- func (o RoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
- func (RoleDefinitionPermissionOutput) ElementType() reflect.Type
- func (o RoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
- func (o RoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
- func (o RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput
- func (o RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutputWithContext(ctx context.Context) RoleDefinitionPermissionOutput
- type RoleDefinitionState
- type UserAssignedIdentity
- type UserAssignedIdentityArgs
- type UserAssignedIdentityArray
- type UserAssignedIdentityArrayInput
- type UserAssignedIdentityArrayOutput
- func (UserAssignedIdentityArrayOutput) ElementType() reflect.Type
- func (o UserAssignedIdentityArrayOutput) Index(i pulumi.IntInput) UserAssignedIdentityOutput
- func (o UserAssignedIdentityArrayOutput) ToUserAssignedIdentityArrayOutput() UserAssignedIdentityArrayOutput
- func (o UserAssignedIdentityArrayOutput) ToUserAssignedIdentityArrayOutputWithContext(ctx context.Context) UserAssignedIdentityArrayOutput
- type UserAssignedIdentityInput
- type UserAssignedIdentityMap
- type UserAssignedIdentityMapInput
- type UserAssignedIdentityMapOutput
- func (UserAssignedIdentityMapOutput) ElementType() reflect.Type
- func (o UserAssignedIdentityMapOutput) MapIndex(k pulumi.StringInput) UserAssignedIdentityOutput
- func (o UserAssignedIdentityMapOutput) ToUserAssignedIdentityMapOutput() UserAssignedIdentityMapOutput
- func (o UserAssignedIdentityMapOutput) ToUserAssignedIdentityMapOutputWithContext(ctx context.Context) UserAssignedIdentityMapOutput
- type UserAssignedIdentityOutput
- func (o UserAssignedIdentityOutput) ClientId() pulumi.StringOutput
- func (UserAssignedIdentityOutput) ElementType() reflect.Type
- func (o UserAssignedIdentityOutput) Location() pulumi.StringOutput
- func (o UserAssignedIdentityOutput) Name() pulumi.StringOutput
- func (o UserAssignedIdentityOutput) PrincipalId() pulumi.StringOutput
- func (o UserAssignedIdentityOutput) ResourceGroupName() pulumi.StringOutput
- func (o UserAssignedIdentityOutput) Tags() pulumi.StringMapOutput
- func (o UserAssignedIdentityOutput) TenantId() pulumi.StringOutput
- func (o UserAssignedIdentityOutput) ToUserAssignedIdentityOutput() UserAssignedIdentityOutput
- func (o UserAssignedIdentityOutput) ToUserAssignedIdentityOutputWithContext(ctx context.Context) UserAssignedIdentityOutput
- type UserAssignedIdentityState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Assignment ¶
type Assignment struct { pulumi.CustomResourceState // The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created. Condition pulumi.StringPtrOutput `pulumi:"condition"` // The version of the condition. Possible values are `1.0` or `2.0`. Changing this forces a new resource to be created. ConditionVersion pulumi.StringPtrOutput `pulumi:"conditionVersion"` // The delegated Azure Resource Id which contains a Managed Identity. Changing this forces a new resource to be created. // // > **NOTE:** this field is only used in cross tenant scenario. DelegatedManagedIdentityResourceId pulumi.StringPtrOutput `pulumi:"delegatedManagedIdentityResourceId"` // The description for this Role Assignment. Changing this forces a new resource to be created. Description pulumi.StringPtrOutput `pulumi:"description"` // A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created. Name pulumi.StringOutput `pulumi:"name"` // The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created. // // > **NOTE:** The Principal ID is also known as the Object ID (ie not the "Application ID" for applications). PrincipalId pulumi.StringOutput `pulumi:"principalId"` // The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc. PrincipalType pulumi.StringOutput `pulumi:"principalType"` // The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`. RoleDefinitionId pulumi.StringOutput `pulumi:"roleDefinitionId"` // The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`. RoleDefinitionName pulumi.StringOutput `pulumi:"roleDefinitionName"` // The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created. Scope pulumi.StringOutput `pulumi:"scope"` // If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. Defaults to `false`. // // > **NOTE:** If it is not a `Service Principal` identity it will cause the role assignment to fail. SkipServicePrincipalAadCheck pulumi.BoolOutput `pulumi:"skipServicePrincipalAadCheck"` }
Assigns a given Principal (User or Group) to a given Role.
## Example Usage ### Using A Built-In Role)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Scope: *pulumi.String(primary.Id), RoleDefinitionName: pulumi.String("Reader"), PrincipalId: *pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
``` ### Custom Role & Service Principal)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } exampleRoleDefinition, err := authorization.NewRoleDefinition(ctx, "exampleRoleDefinition", &authorization.RoleDefinitionArgs{ RoleDefinitionId: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: *pulumi.String(primary.Id), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("Microsoft.Resources/subscriptions/resourceGroups/read"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ *pulumi.String(primary.Id), }, }) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Name: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: *pulumi.String(primary.Id), RoleDefinitionId: exampleRoleDefinition.RoleDefinitionResourceId, PrincipalId: *pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
``` ### Custom Role & User)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } exampleRoleDefinition, err := authorization.NewRoleDefinition(ctx, "exampleRoleDefinition", &authorization.RoleDefinitionArgs{ RoleDefinitionId: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: *pulumi.String(primary.Id), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("Microsoft.Resources/subscriptions/resourceGroups/read"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ *pulumi.String(primary.Id), }, }) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Name: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: *pulumi.String(primary.Id), RoleDefinitionId: exampleRoleDefinition.RoleDefinitionResourceId, PrincipalId: *pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
``` ### Custom Role & Management Group)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/management" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } exampleClientConfig, err := core.GetClientConfig(ctx, nil, nil) if err != nil { return err } _, err = management.LookupGroup(ctx, &management.LookupGroupArgs{ Name: pulumi.StringRef("00000000-0000-0000-0000-000000000000"), }, nil) if err != nil { return err } exampleRoleDefinition, err := authorization.NewRoleDefinition(ctx, "exampleRoleDefinition", &authorization.RoleDefinitionArgs{ RoleDefinitionId: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: *pulumi.String(primary.Id), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("Microsoft.Resources/subscriptions/resourceGroups/read"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ *pulumi.String(primary.Id), }, }) if err != nil { return err } _, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{ Name: pulumi.String("00000000-0000-0000-0000-000000000000"), Scope: pulumi.Any(data.Azurerm_management_group.Primary.Id), RoleDefinitionId: exampleRoleDefinition.RoleDefinitionResourceId, PrincipalId: *pulumi.String(exampleClientConfig.ObjectId), }) if err != nil { return err } return nil }) }
```
## Import
Role Assignments can be imported using the `resource id`, e.g.
```sh
$ pulumi import azure:authorization/assignment:Assignment example /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000
```
- for scope `Subscription`, the id format is `/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000` * for scope `Resource Group`, the id format is `/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000` text /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000|00000000-0000-0000-0000-000000000000
func GetAssignment ¶
func GetAssignment(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AssignmentState, opts ...pulumi.ResourceOption) (*Assignment, error)
GetAssignment gets an existing Assignment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAssignment ¶
func NewAssignment(ctx *pulumi.Context, name string, args *AssignmentArgs, opts ...pulumi.ResourceOption) (*Assignment, error)
NewAssignment registers a new resource with the given unique name, arguments, and options.
func (*Assignment) ElementType ¶
func (*Assignment) ElementType() reflect.Type
func (*Assignment) ToAssignmentOutput ¶
func (i *Assignment) ToAssignmentOutput() AssignmentOutput
func (*Assignment) ToAssignmentOutputWithContext ¶
func (i *Assignment) ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput
type AssignmentArgs ¶
type AssignmentArgs struct { // The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created. Condition pulumi.StringPtrInput // The version of the condition. Possible values are `1.0` or `2.0`. Changing this forces a new resource to be created. ConditionVersion pulumi.StringPtrInput // The delegated Azure Resource Id which contains a Managed Identity. Changing this forces a new resource to be created. // // > **NOTE:** this field is only used in cross tenant scenario. DelegatedManagedIdentityResourceId pulumi.StringPtrInput // The description for this Role Assignment. Changing this forces a new resource to be created. Description pulumi.StringPtrInput // A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created. Name pulumi.StringPtrInput // The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created. // // > **NOTE:** The Principal ID is also known as the Object ID (ie not the "Application ID" for applications). PrincipalId pulumi.StringInput // The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`. RoleDefinitionId pulumi.StringPtrInput // The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`. RoleDefinitionName pulumi.StringPtrInput // The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created. Scope pulumi.StringInput // If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. Defaults to `false`. // // > **NOTE:** If it is not a `Service Principal` identity it will cause the role assignment to fail. SkipServicePrincipalAadCheck pulumi.BoolPtrInput }
The set of arguments for constructing a Assignment resource.
func (AssignmentArgs) ElementType ¶
func (AssignmentArgs) ElementType() reflect.Type
type AssignmentArray ¶
type AssignmentArray []AssignmentInput
func (AssignmentArray) ElementType ¶
func (AssignmentArray) ElementType() reflect.Type
func (AssignmentArray) ToAssignmentArrayOutput ¶
func (i AssignmentArray) ToAssignmentArrayOutput() AssignmentArrayOutput
func (AssignmentArray) ToAssignmentArrayOutputWithContext ¶
func (i AssignmentArray) ToAssignmentArrayOutputWithContext(ctx context.Context) AssignmentArrayOutput
type AssignmentArrayInput ¶
type AssignmentArrayInput interface { pulumi.Input ToAssignmentArrayOutput() AssignmentArrayOutput ToAssignmentArrayOutputWithContext(context.Context) AssignmentArrayOutput }
AssignmentArrayInput is an input type that accepts AssignmentArray and AssignmentArrayOutput values. You can construct a concrete instance of `AssignmentArrayInput` via:
AssignmentArray{ AssignmentArgs{...} }
type AssignmentArrayOutput ¶
type AssignmentArrayOutput struct{ *pulumi.OutputState }
func (AssignmentArrayOutput) ElementType ¶
func (AssignmentArrayOutput) ElementType() reflect.Type
func (AssignmentArrayOutput) Index ¶
func (o AssignmentArrayOutput) Index(i pulumi.IntInput) AssignmentOutput
func (AssignmentArrayOutput) ToAssignmentArrayOutput ¶
func (o AssignmentArrayOutput) ToAssignmentArrayOutput() AssignmentArrayOutput
func (AssignmentArrayOutput) ToAssignmentArrayOutputWithContext ¶
func (o AssignmentArrayOutput) ToAssignmentArrayOutputWithContext(ctx context.Context) AssignmentArrayOutput
type AssignmentInput ¶
type AssignmentInput interface { pulumi.Input ToAssignmentOutput() AssignmentOutput ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput }
type AssignmentMap ¶
type AssignmentMap map[string]AssignmentInput
func (AssignmentMap) ElementType ¶
func (AssignmentMap) ElementType() reflect.Type
func (AssignmentMap) ToAssignmentMapOutput ¶
func (i AssignmentMap) ToAssignmentMapOutput() AssignmentMapOutput
func (AssignmentMap) ToAssignmentMapOutputWithContext ¶
func (i AssignmentMap) ToAssignmentMapOutputWithContext(ctx context.Context) AssignmentMapOutput
type AssignmentMapInput ¶
type AssignmentMapInput interface { pulumi.Input ToAssignmentMapOutput() AssignmentMapOutput ToAssignmentMapOutputWithContext(context.Context) AssignmentMapOutput }
AssignmentMapInput is an input type that accepts AssignmentMap and AssignmentMapOutput values. You can construct a concrete instance of `AssignmentMapInput` via:
AssignmentMap{ "key": AssignmentArgs{...} }
type AssignmentMapOutput ¶
type AssignmentMapOutput struct{ *pulumi.OutputState }
func (AssignmentMapOutput) ElementType ¶
func (AssignmentMapOutput) ElementType() reflect.Type
func (AssignmentMapOutput) MapIndex ¶
func (o AssignmentMapOutput) MapIndex(k pulumi.StringInput) AssignmentOutput
func (AssignmentMapOutput) ToAssignmentMapOutput ¶
func (o AssignmentMapOutput) ToAssignmentMapOutput() AssignmentMapOutput
func (AssignmentMapOutput) ToAssignmentMapOutputWithContext ¶
func (o AssignmentMapOutput) ToAssignmentMapOutputWithContext(ctx context.Context) AssignmentMapOutput
type AssignmentOutput ¶
type AssignmentOutput struct{ *pulumi.OutputState }
func (AssignmentOutput) Condition ¶ added in v5.5.0
func (o AssignmentOutput) Condition() pulumi.StringPtrOutput
The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created.
func (AssignmentOutput) ConditionVersion ¶ added in v5.5.0
func (o AssignmentOutput) ConditionVersion() pulumi.StringPtrOutput
The version of the condition. Possible values are `1.0` or `2.0`. Changing this forces a new resource to be created.
func (AssignmentOutput) DelegatedManagedIdentityResourceId ¶ added in v5.5.0
func (o AssignmentOutput) DelegatedManagedIdentityResourceId() pulumi.StringPtrOutput
The delegated Azure Resource Id which contains a Managed Identity. Changing this forces a new resource to be created.
> **NOTE:** this field is only used in cross tenant scenario.
func (AssignmentOutput) Description ¶ added in v5.5.0
func (o AssignmentOutput) Description() pulumi.StringPtrOutput
The description for this Role Assignment. Changing this forces a new resource to be created.
func (AssignmentOutput) ElementType ¶
func (AssignmentOutput) ElementType() reflect.Type
func (AssignmentOutput) Name ¶ added in v5.5.0
func (o AssignmentOutput) Name() pulumi.StringOutput
A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created.
func (AssignmentOutput) PrincipalId ¶ added in v5.5.0
func (o AssignmentOutput) PrincipalId() pulumi.StringOutput
The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created.
> **NOTE:** The Principal ID is also known as the Object ID (ie not the "Application ID" for applications).
func (AssignmentOutput) PrincipalType ¶ added in v5.5.0
func (o AssignmentOutput) PrincipalType() pulumi.StringOutput
The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc.
func (AssignmentOutput) RoleDefinitionId ¶ added in v5.5.0
func (o AssignmentOutput) RoleDefinitionId() pulumi.StringOutput
The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`.
func (AssignmentOutput) RoleDefinitionName ¶ added in v5.5.0
func (o AssignmentOutput) RoleDefinitionName() pulumi.StringOutput
The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`.
func (AssignmentOutput) Scope ¶ added in v5.5.0
func (o AssignmentOutput) Scope() pulumi.StringOutput
The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created.
func (AssignmentOutput) SkipServicePrincipalAadCheck ¶ added in v5.5.0
func (o AssignmentOutput) SkipServicePrincipalAadCheck() pulumi.BoolOutput
If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. Defaults to `false`.
> **NOTE:** If it is not a `Service Principal` identity it will cause the role assignment to fail.
func (AssignmentOutput) ToAssignmentOutput ¶
func (o AssignmentOutput) ToAssignmentOutput() AssignmentOutput
func (AssignmentOutput) ToAssignmentOutputWithContext ¶
func (o AssignmentOutput) ToAssignmentOutputWithContext(ctx context.Context) AssignmentOutput
type AssignmentState ¶
type AssignmentState struct { // The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created. Condition pulumi.StringPtrInput // The version of the condition. Possible values are `1.0` or `2.0`. Changing this forces a new resource to be created. ConditionVersion pulumi.StringPtrInput // The delegated Azure Resource Id which contains a Managed Identity. Changing this forces a new resource to be created. // // > **NOTE:** this field is only used in cross tenant scenario. DelegatedManagedIdentityResourceId pulumi.StringPtrInput // The description for this Role Assignment. Changing this forces a new resource to be created. Description pulumi.StringPtrInput // A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created. Name pulumi.StringPtrInput // The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created. // // > **NOTE:** The Principal ID is also known as the Object ID (ie not the "Application ID" for applications). PrincipalId pulumi.StringPtrInput // The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc. PrincipalType pulumi.StringPtrInput // The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`. RoleDefinitionId pulumi.StringPtrInput // The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`. RoleDefinitionName pulumi.StringPtrInput // The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created. Scope pulumi.StringPtrInput // If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. Defaults to `false`. // // > **NOTE:** If it is not a `Service Principal` identity it will cause the role assignment to fail. SkipServicePrincipalAadCheck pulumi.BoolPtrInput }
func (AssignmentState) ElementType ¶
func (AssignmentState) ElementType() reflect.Type
type GetRoleDefinitionPermission ¶
type GetRoleDefinitionPermission struct { // a list of actions supported by this role Actions []string `pulumi:"actions"` DataActions []string `pulumi:"dataActions"` // a list of actions which are denied by this role NotActions []string `pulumi:"notActions"` NotDataActions []string `pulumi:"notDataActions"` }
type GetRoleDefinitionPermissionArgs ¶
type GetRoleDefinitionPermissionArgs struct { // a list of actions supported by this role Actions pulumi.StringArrayInput `pulumi:"actions"` DataActions pulumi.StringArrayInput `pulumi:"dataActions"` // a list of actions which are denied by this role NotActions pulumi.StringArrayInput `pulumi:"notActions"` NotDataActions pulumi.StringArrayInput `pulumi:"notDataActions"` }
func (GetRoleDefinitionPermissionArgs) ElementType ¶
func (GetRoleDefinitionPermissionArgs) ElementType() reflect.Type
func (GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput ¶
func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
func (GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext ¶
func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
type GetRoleDefinitionPermissionArray ¶
type GetRoleDefinitionPermissionArray []GetRoleDefinitionPermissionInput
func (GetRoleDefinitionPermissionArray) ElementType ¶
func (GetRoleDefinitionPermissionArray) ElementType() reflect.Type
func (GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput ¶
func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
func (GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext ¶
func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
type GetRoleDefinitionPermissionArrayInput ¶
type GetRoleDefinitionPermissionArrayInput interface { pulumi.Input ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput ToGetRoleDefinitionPermissionArrayOutputWithContext(context.Context) GetRoleDefinitionPermissionArrayOutput }
GetRoleDefinitionPermissionArrayInput is an input type that accepts GetRoleDefinitionPermissionArray and GetRoleDefinitionPermissionArrayOutput values. You can construct a concrete instance of `GetRoleDefinitionPermissionArrayInput` via:
GetRoleDefinitionPermissionArray{ GetRoleDefinitionPermissionArgs{...} }
type GetRoleDefinitionPermissionArrayOutput ¶
type GetRoleDefinitionPermissionArrayOutput struct{ *pulumi.OutputState }
func (GetRoleDefinitionPermissionArrayOutput) ElementType ¶
func (GetRoleDefinitionPermissionArrayOutput) ElementType() reflect.Type
func (GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput ¶
func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
func (GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext ¶
func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput
type GetRoleDefinitionPermissionInput ¶
type GetRoleDefinitionPermissionInput interface { pulumi.Input ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput ToGetRoleDefinitionPermissionOutputWithContext(context.Context) GetRoleDefinitionPermissionOutput }
GetRoleDefinitionPermissionInput is an input type that accepts GetRoleDefinitionPermissionArgs and GetRoleDefinitionPermissionOutput values. You can construct a concrete instance of `GetRoleDefinitionPermissionInput` via:
GetRoleDefinitionPermissionArgs{...}
type GetRoleDefinitionPermissionOutput ¶
type GetRoleDefinitionPermissionOutput struct{ *pulumi.OutputState }
func (GetRoleDefinitionPermissionOutput) Actions ¶
func (o GetRoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
a list of actions supported by this role
func (GetRoleDefinitionPermissionOutput) DataActions ¶
func (o GetRoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
func (GetRoleDefinitionPermissionOutput) ElementType ¶
func (GetRoleDefinitionPermissionOutput) ElementType() reflect.Type
func (GetRoleDefinitionPermissionOutput) NotActions ¶
func (o GetRoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
a list of actions which are denied by this role
func (GetRoleDefinitionPermissionOutput) NotDataActions ¶
func (o GetRoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
func (GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput ¶
func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
func (GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext ¶
func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput
type LookupRoleDefinitionArgs ¶
type LookupRoleDefinitionArgs struct { // Specifies the Name of either a built-in or custom Role Definition. // // > You can also use this for built-in roles such as `Contributor`, `Owner`, `Reader` and `Virtual Machine Contributor` Name *string `pulumi:"name"` // Specifies the ID of the Role Definition as a UUID/GUID. RoleDefinitionId *string `pulumi:"roleDefinitionId"` // Specifies the Scope at which the Custom Role Definition exists. // // > **Note:** One of `name` or `roleDefinitionId` must be specified. Scope *string `pulumi:"scope"` }
A collection of arguments for invoking getRoleDefinition.
type LookupRoleDefinitionOutputArgs ¶
type LookupRoleDefinitionOutputArgs struct { // Specifies the Name of either a built-in or custom Role Definition. // // > You can also use this for built-in roles such as `Contributor`, `Owner`, `Reader` and `Virtual Machine Contributor` Name pulumi.StringPtrInput `pulumi:"name"` // Specifies the ID of the Role Definition as a UUID/GUID. RoleDefinitionId pulumi.StringPtrInput `pulumi:"roleDefinitionId"` // Specifies the Scope at which the Custom Role Definition exists. // // > **Note:** One of `name` or `roleDefinitionId` must be specified. Scope pulumi.StringPtrInput `pulumi:"scope"` }
A collection of arguments for invoking getRoleDefinition.
func (LookupRoleDefinitionOutputArgs) ElementType ¶
func (LookupRoleDefinitionOutputArgs) ElementType() reflect.Type
type LookupRoleDefinitionResult ¶
type LookupRoleDefinitionResult struct { // One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. AssignableScopes []string `pulumi:"assignableScopes"` // the Description of the built-in Role. Description string `pulumi:"description"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Name string `pulumi:"name"` // a `permissions` block as documented below. Permissions []GetRoleDefinitionPermission `pulumi:"permissions"` RoleDefinitionId string `pulumi:"roleDefinitionId"` Scope *string `pulumi:"scope"` // the Type of the Role. Type string `pulumi:"type"` }
A collection of values returned by getRoleDefinition.
func LookupRoleDefinition ¶
func LookupRoleDefinition(ctx *pulumi.Context, args *LookupRoleDefinitionArgs, opts ...pulumi.InvokeOption) (*LookupRoleDefinitionResult, error)
Use this data source to access information about an existing Role Definition.
type LookupRoleDefinitionResultOutput ¶
type LookupRoleDefinitionResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getRoleDefinition.
func LookupRoleDefinitionOutput ¶
func LookupRoleDefinitionOutput(ctx *pulumi.Context, args LookupRoleDefinitionOutputArgs, opts ...pulumi.InvokeOption) LookupRoleDefinitionResultOutput
func (LookupRoleDefinitionResultOutput) AssignableScopes ¶
func (o LookupRoleDefinitionResultOutput) AssignableScopes() pulumi.StringArrayOutput
One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
func (LookupRoleDefinitionResultOutput) Description ¶
func (o LookupRoleDefinitionResultOutput) Description() pulumi.StringOutput
the Description of the built-in Role.
func (LookupRoleDefinitionResultOutput) ElementType ¶
func (LookupRoleDefinitionResultOutput) ElementType() reflect.Type
func (LookupRoleDefinitionResultOutput) Id ¶
func (o LookupRoleDefinitionResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupRoleDefinitionResultOutput) Name ¶
func (o LookupRoleDefinitionResultOutput) Name() pulumi.StringOutput
func (LookupRoleDefinitionResultOutput) Permissions ¶
func (o LookupRoleDefinitionResultOutput) Permissions() GetRoleDefinitionPermissionArrayOutput
a `permissions` block as documented below.
func (LookupRoleDefinitionResultOutput) RoleDefinitionId ¶
func (o LookupRoleDefinitionResultOutput) RoleDefinitionId() pulumi.StringOutput
func (LookupRoleDefinitionResultOutput) Scope ¶
func (o LookupRoleDefinitionResultOutput) Scope() pulumi.StringPtrOutput
func (LookupRoleDefinitionResultOutput) ToLookupRoleDefinitionResultOutput ¶
func (o LookupRoleDefinitionResultOutput) ToLookupRoleDefinitionResultOutput() LookupRoleDefinitionResultOutput
func (LookupRoleDefinitionResultOutput) ToLookupRoleDefinitionResultOutputWithContext ¶
func (o LookupRoleDefinitionResultOutput) ToLookupRoleDefinitionResultOutputWithContext(ctx context.Context) LookupRoleDefinitionResultOutput
func (LookupRoleDefinitionResultOutput) Type ¶
func (o LookupRoleDefinitionResultOutput) Type() pulumi.StringOutput
the Type of the Role.
type LookupUserAssignedIdentityArgs ¶
type LookupUserAssignedIdentityArgs struct { // The name of the User Assigned Identity. Name string `pulumi:"name"` // The name of the Resource Group in which the User Assigned Identity exists. ResourceGroupName string `pulumi:"resourceGroupName"` }
A collection of arguments for invoking getUserAssignedIdentity.
type LookupUserAssignedIdentityOutputArgs ¶
type LookupUserAssignedIdentityOutputArgs struct { // The name of the User Assigned Identity. Name pulumi.StringInput `pulumi:"name"` // The name of the Resource Group in which the User Assigned Identity exists. ResourceGroupName pulumi.StringInput `pulumi:"resourceGroupName"` }
A collection of arguments for invoking getUserAssignedIdentity.
func (LookupUserAssignedIdentityOutputArgs) ElementType ¶
func (LookupUserAssignedIdentityOutputArgs) ElementType() reflect.Type
type LookupUserAssignedIdentityResult ¶
type LookupUserAssignedIdentityResult struct { // The Client ID of the User Assigned Identity. ClientId string `pulumi:"clientId"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The Azure location where the User Assigned Identity exists. Location string `pulumi:"location"` Name string `pulumi:"name"` // The Service Principal ID of the User Assigned Identity. PrincipalId string `pulumi:"principalId"` ResourceGroupName string `pulumi:"resourceGroupName"` // A mapping of tags assigned to the User Assigned Identity. Tags map[string]string `pulumi:"tags"` // The Tenant ID of the User Assigned Identity. TenantId string `pulumi:"tenantId"` }
A collection of values returned by getUserAssignedIdentity.
func LookupUserAssignedIdentity ¶
func LookupUserAssignedIdentity(ctx *pulumi.Context, args *LookupUserAssignedIdentityArgs, opts ...pulumi.InvokeOption) (*LookupUserAssignedIdentityResult, error)
Use this data source to access information about an existing User Assigned Identity.
## Example Usage ### Reference An Existing)
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { example, err := authorization.LookupUserAssignedIdentity(ctx, &authorization.LookupUserAssignedIdentityArgs{ Name: "name_of_user_assigned_identity", ResourceGroupName: "name_of_resource_group", }, nil) if err != nil { return err } ctx.Export("uaiClientId", example.ClientId) ctx.Export("uaiPrincipalId", example.PrincipalId) ctx.Export("uaiTenantId", example.TenantId) return nil }) }
```
type LookupUserAssignedIdentityResultOutput ¶
type LookupUserAssignedIdentityResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getUserAssignedIdentity.
func LookupUserAssignedIdentityOutput ¶
func LookupUserAssignedIdentityOutput(ctx *pulumi.Context, args LookupUserAssignedIdentityOutputArgs, opts ...pulumi.InvokeOption) LookupUserAssignedIdentityResultOutput
func (LookupUserAssignedIdentityResultOutput) ClientId ¶
func (o LookupUserAssignedIdentityResultOutput) ClientId() pulumi.StringOutput
The Client ID of the User Assigned Identity.
func (LookupUserAssignedIdentityResultOutput) ElementType ¶
func (LookupUserAssignedIdentityResultOutput) ElementType() reflect.Type
func (LookupUserAssignedIdentityResultOutput) Id ¶
func (o LookupUserAssignedIdentityResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupUserAssignedIdentityResultOutput) Location ¶
func (o LookupUserAssignedIdentityResultOutput) Location() pulumi.StringOutput
The Azure location where the User Assigned Identity exists.
func (LookupUserAssignedIdentityResultOutput) Name ¶
func (o LookupUserAssignedIdentityResultOutput) Name() pulumi.StringOutput
func (LookupUserAssignedIdentityResultOutput) PrincipalId ¶
func (o LookupUserAssignedIdentityResultOutput) PrincipalId() pulumi.StringOutput
The Service Principal ID of the User Assigned Identity.
func (LookupUserAssignedIdentityResultOutput) ResourceGroupName ¶
func (o LookupUserAssignedIdentityResultOutput) ResourceGroupName() pulumi.StringOutput
func (LookupUserAssignedIdentityResultOutput) Tags ¶
func (o LookupUserAssignedIdentityResultOutput) Tags() pulumi.StringMapOutput
A mapping of tags assigned to the User Assigned Identity.
func (LookupUserAssignedIdentityResultOutput) TenantId ¶
func (o LookupUserAssignedIdentityResultOutput) TenantId() pulumi.StringOutput
The Tenant ID of the User Assigned Identity.
func (LookupUserAssignedIdentityResultOutput) ToLookupUserAssignedIdentityResultOutput ¶
func (o LookupUserAssignedIdentityResultOutput) ToLookupUserAssignedIdentityResultOutput() LookupUserAssignedIdentityResultOutput
func (LookupUserAssignedIdentityResultOutput) ToLookupUserAssignedIdentityResultOutputWithContext ¶
func (o LookupUserAssignedIdentityResultOutput) ToLookupUserAssignedIdentityResultOutputWithContext(ctx context.Context) LookupUserAssignedIdentityResultOutput
type RoleDefinition ¶
type RoleDefinition struct { pulumi.CustomResourceState // One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. // // > **NOTE:** The value for `scope` is automatically included in this list if no other values supplied. AssignableScopes pulumi.StringArrayOutput `pulumi:"assignableScopes"` // A description of the Role Definition. Description pulumi.StringPtrOutput `pulumi:"description"` // The name of the Role Definition. Name pulumi.StringOutput `pulumi:"name"` // A `permissions` block as defined below. Permissions RoleDefinitionPermissionArrayOutput `pulumi:"permissions"` // A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created. RoleDefinitionId pulumi.StringOutput `pulumi:"roleDefinitionId"` // The Azure Resource Manager ID for the resource. RoleDefinitionResourceId pulumi.StringOutput `pulumi:"roleDefinitionResourceId"` // The scope at which the Role Definition applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. It is recommended to use the first entry of the `assignableScopes`. Changing this forces a new resource to be created. Scope pulumi.StringOutput `pulumi:"scope"` }
Manages a custom Role Definition, used to assign Roles to Users/Principals. See ['Understand role definitions'](https://docs.microsoft.com/azure/role-based-access-control/role-definitions) in the Azure documentation for more details.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization" "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { primary, err := core.LookupSubscription(ctx, nil, nil) if err != nil { return err } _, err = authorization.NewRoleDefinition(ctx, "example", &authorization.RoleDefinitionArgs{ Scope: *pulumi.String(primary.Id), Description: pulumi.String("This is a custom role created"), Permissions: authorization.RoleDefinitionPermissionArray{ &authorization.RoleDefinitionPermissionArgs{ Actions: pulumi.StringArray{ pulumi.String("*"), }, NotActions: pulumi.StringArray{}, }, }, AssignableScopes: pulumi.StringArray{ *pulumi.String(primary.Id), }, }) if err != nil { return err } return nil }) }
```
## Import
Role Definitions can be imported using the `resource id`, e.g.
```sh
$ pulumi import azure:authorization/roleDefinition:RoleDefinition example "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/00000000-0000-0000-0000-000000000000|/subscriptions/00000000-0000-0000-0000-000000000000"
```
func GetRoleDefinition ¶
func GetRoleDefinition(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RoleDefinitionState, opts ...pulumi.ResourceOption) (*RoleDefinition, error)
GetRoleDefinition gets an existing RoleDefinition resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRoleDefinition ¶
func NewRoleDefinition(ctx *pulumi.Context, name string, args *RoleDefinitionArgs, opts ...pulumi.ResourceOption) (*RoleDefinition, error)
NewRoleDefinition registers a new resource with the given unique name, arguments, and options.
func (*RoleDefinition) ElementType ¶
func (*RoleDefinition) ElementType() reflect.Type
func (*RoleDefinition) ToRoleDefinitionOutput ¶
func (i *RoleDefinition) ToRoleDefinitionOutput() RoleDefinitionOutput
func (*RoleDefinition) ToRoleDefinitionOutputWithContext ¶
func (i *RoleDefinition) ToRoleDefinitionOutputWithContext(ctx context.Context) RoleDefinitionOutput
type RoleDefinitionArgs ¶
type RoleDefinitionArgs struct { // One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. // // > **NOTE:** The value for `scope` is automatically included in this list if no other values supplied. AssignableScopes pulumi.StringArrayInput // A description of the Role Definition. Description pulumi.StringPtrInput // The name of the Role Definition. Name pulumi.StringPtrInput // A `permissions` block as defined below. Permissions RoleDefinitionPermissionArrayInput // A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created. RoleDefinitionId pulumi.StringPtrInput // The scope at which the Role Definition applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. It is recommended to use the first entry of the `assignableScopes`. Changing this forces a new resource to be created. Scope pulumi.StringInput }
The set of arguments for constructing a RoleDefinition resource.
func (RoleDefinitionArgs) ElementType ¶
func (RoleDefinitionArgs) ElementType() reflect.Type
type RoleDefinitionArray ¶
type RoleDefinitionArray []RoleDefinitionInput
func (RoleDefinitionArray) ElementType ¶
func (RoleDefinitionArray) ElementType() reflect.Type
func (RoleDefinitionArray) ToRoleDefinitionArrayOutput ¶
func (i RoleDefinitionArray) ToRoleDefinitionArrayOutput() RoleDefinitionArrayOutput
func (RoleDefinitionArray) ToRoleDefinitionArrayOutputWithContext ¶
func (i RoleDefinitionArray) ToRoleDefinitionArrayOutputWithContext(ctx context.Context) RoleDefinitionArrayOutput
type RoleDefinitionArrayInput ¶
type RoleDefinitionArrayInput interface { pulumi.Input ToRoleDefinitionArrayOutput() RoleDefinitionArrayOutput ToRoleDefinitionArrayOutputWithContext(context.Context) RoleDefinitionArrayOutput }
RoleDefinitionArrayInput is an input type that accepts RoleDefinitionArray and RoleDefinitionArrayOutput values. You can construct a concrete instance of `RoleDefinitionArrayInput` via:
RoleDefinitionArray{ RoleDefinitionArgs{...} }
type RoleDefinitionArrayOutput ¶
type RoleDefinitionArrayOutput struct{ *pulumi.OutputState }
func (RoleDefinitionArrayOutput) ElementType ¶
func (RoleDefinitionArrayOutput) ElementType() reflect.Type
func (RoleDefinitionArrayOutput) Index ¶
func (o RoleDefinitionArrayOutput) Index(i pulumi.IntInput) RoleDefinitionOutput
func (RoleDefinitionArrayOutput) ToRoleDefinitionArrayOutput ¶
func (o RoleDefinitionArrayOutput) ToRoleDefinitionArrayOutput() RoleDefinitionArrayOutput
func (RoleDefinitionArrayOutput) ToRoleDefinitionArrayOutputWithContext ¶
func (o RoleDefinitionArrayOutput) ToRoleDefinitionArrayOutputWithContext(ctx context.Context) RoleDefinitionArrayOutput
type RoleDefinitionInput ¶
type RoleDefinitionInput interface { pulumi.Input ToRoleDefinitionOutput() RoleDefinitionOutput ToRoleDefinitionOutputWithContext(ctx context.Context) RoleDefinitionOutput }
type RoleDefinitionMap ¶
type RoleDefinitionMap map[string]RoleDefinitionInput
func (RoleDefinitionMap) ElementType ¶
func (RoleDefinitionMap) ElementType() reflect.Type
func (RoleDefinitionMap) ToRoleDefinitionMapOutput ¶
func (i RoleDefinitionMap) ToRoleDefinitionMapOutput() RoleDefinitionMapOutput
func (RoleDefinitionMap) ToRoleDefinitionMapOutputWithContext ¶
func (i RoleDefinitionMap) ToRoleDefinitionMapOutputWithContext(ctx context.Context) RoleDefinitionMapOutput
type RoleDefinitionMapInput ¶
type RoleDefinitionMapInput interface { pulumi.Input ToRoleDefinitionMapOutput() RoleDefinitionMapOutput ToRoleDefinitionMapOutputWithContext(context.Context) RoleDefinitionMapOutput }
RoleDefinitionMapInput is an input type that accepts RoleDefinitionMap and RoleDefinitionMapOutput values. You can construct a concrete instance of `RoleDefinitionMapInput` via:
RoleDefinitionMap{ "key": RoleDefinitionArgs{...} }
type RoleDefinitionMapOutput ¶
type RoleDefinitionMapOutput struct{ *pulumi.OutputState }
func (RoleDefinitionMapOutput) ElementType ¶
func (RoleDefinitionMapOutput) ElementType() reflect.Type
func (RoleDefinitionMapOutput) MapIndex ¶
func (o RoleDefinitionMapOutput) MapIndex(k pulumi.StringInput) RoleDefinitionOutput
func (RoleDefinitionMapOutput) ToRoleDefinitionMapOutput ¶
func (o RoleDefinitionMapOutput) ToRoleDefinitionMapOutput() RoleDefinitionMapOutput
func (RoleDefinitionMapOutput) ToRoleDefinitionMapOutputWithContext ¶
func (o RoleDefinitionMapOutput) ToRoleDefinitionMapOutputWithContext(ctx context.Context) RoleDefinitionMapOutput
type RoleDefinitionOutput ¶
type RoleDefinitionOutput struct{ *pulumi.OutputState }
func (RoleDefinitionOutput) AssignableScopes ¶ added in v5.5.0
func (o RoleDefinitionOutput) AssignableScopes() pulumi.StringArrayOutput
One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
> **NOTE:** The value for `scope` is automatically included in this list if no other values supplied.
func (RoleDefinitionOutput) Description ¶ added in v5.5.0
func (o RoleDefinitionOutput) Description() pulumi.StringPtrOutput
A description of the Role Definition.
func (RoleDefinitionOutput) ElementType ¶
func (RoleDefinitionOutput) ElementType() reflect.Type
func (RoleDefinitionOutput) Name ¶ added in v5.5.0
func (o RoleDefinitionOutput) Name() pulumi.StringOutput
The name of the Role Definition.
func (RoleDefinitionOutput) Permissions ¶ added in v5.5.0
func (o RoleDefinitionOutput) Permissions() RoleDefinitionPermissionArrayOutput
A `permissions` block as defined below.
func (RoleDefinitionOutput) RoleDefinitionId ¶ added in v5.5.0
func (o RoleDefinitionOutput) RoleDefinitionId() pulumi.StringOutput
A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.
func (RoleDefinitionOutput) RoleDefinitionResourceId ¶ added in v5.5.0
func (o RoleDefinitionOutput) RoleDefinitionResourceId() pulumi.StringOutput
The Azure Resource Manager ID for the resource.
func (RoleDefinitionOutput) Scope ¶ added in v5.5.0
func (o RoleDefinitionOutput) Scope() pulumi.StringOutput
The scope at which the Role Definition applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. It is recommended to use the first entry of the `assignableScopes`. Changing this forces a new resource to be created.
func (RoleDefinitionOutput) ToRoleDefinitionOutput ¶
func (o RoleDefinitionOutput) ToRoleDefinitionOutput() RoleDefinitionOutput
func (RoleDefinitionOutput) ToRoleDefinitionOutputWithContext ¶
func (o RoleDefinitionOutput) ToRoleDefinitionOutputWithContext(ctx context.Context) RoleDefinitionOutput
type RoleDefinitionPermission ¶
type RoleDefinitionPermission struct { // One or more Allowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. Actions []string `pulumi:"actions"` // One or more Allowed Data Actions, such as `*`, `Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. DataActions []string `pulumi:"dataActions"` // One or more Disallowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. NotActions []string `pulumi:"notActions"` // One or more Disallowed Data Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. NotDataActions []string `pulumi:"notDataActions"` }
type RoleDefinitionPermissionArgs ¶
type RoleDefinitionPermissionArgs struct { // One or more Allowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. Actions pulumi.StringArrayInput `pulumi:"actions"` // One or more Allowed Data Actions, such as `*`, `Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. DataActions pulumi.StringArrayInput `pulumi:"dataActions"` // One or more Disallowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. NotActions pulumi.StringArrayInput `pulumi:"notActions"` // One or more Disallowed Data Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details. NotDataActions pulumi.StringArrayInput `pulumi:"notDataActions"` }
func (RoleDefinitionPermissionArgs) ElementType ¶
func (RoleDefinitionPermissionArgs) ElementType() reflect.Type
func (RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutput ¶
func (i RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput
func (RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutputWithContext ¶
func (i RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutputWithContext(ctx context.Context) RoleDefinitionPermissionOutput
type RoleDefinitionPermissionArray ¶
type RoleDefinitionPermissionArray []RoleDefinitionPermissionInput
func (RoleDefinitionPermissionArray) ElementType ¶
func (RoleDefinitionPermissionArray) ElementType() reflect.Type
func (RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutput ¶
func (i RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput
func (RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutputWithContext ¶
func (i RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) RoleDefinitionPermissionArrayOutput
type RoleDefinitionPermissionArrayInput ¶
type RoleDefinitionPermissionArrayInput interface { pulumi.Input ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput ToRoleDefinitionPermissionArrayOutputWithContext(context.Context) RoleDefinitionPermissionArrayOutput }
RoleDefinitionPermissionArrayInput is an input type that accepts RoleDefinitionPermissionArray and RoleDefinitionPermissionArrayOutput values. You can construct a concrete instance of `RoleDefinitionPermissionArrayInput` via:
RoleDefinitionPermissionArray{ RoleDefinitionPermissionArgs{...} }
type RoleDefinitionPermissionArrayOutput ¶
type RoleDefinitionPermissionArrayOutput struct{ *pulumi.OutputState }
func (RoleDefinitionPermissionArrayOutput) ElementType ¶
func (RoleDefinitionPermissionArrayOutput) ElementType() reflect.Type
func (RoleDefinitionPermissionArrayOutput) Index ¶
func (o RoleDefinitionPermissionArrayOutput) Index(i pulumi.IntInput) RoleDefinitionPermissionOutput
func (RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutput ¶
func (o RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput
func (RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutputWithContext ¶
func (o RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) RoleDefinitionPermissionArrayOutput
type RoleDefinitionPermissionInput ¶
type RoleDefinitionPermissionInput interface { pulumi.Input ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput ToRoleDefinitionPermissionOutputWithContext(context.Context) RoleDefinitionPermissionOutput }
RoleDefinitionPermissionInput is an input type that accepts RoleDefinitionPermissionArgs and RoleDefinitionPermissionOutput values. You can construct a concrete instance of `RoleDefinitionPermissionInput` via:
RoleDefinitionPermissionArgs{...}
type RoleDefinitionPermissionOutput ¶
type RoleDefinitionPermissionOutput struct{ *pulumi.OutputState }
func (RoleDefinitionPermissionOutput) Actions ¶
func (o RoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput
One or more Allowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details.
func (RoleDefinitionPermissionOutput) DataActions ¶
func (o RoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput
One or more Allowed Data Actions, such as `*`, `Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details.
func (RoleDefinitionPermissionOutput) ElementType ¶
func (RoleDefinitionPermissionOutput) ElementType() reflect.Type
func (RoleDefinitionPermissionOutput) NotActions ¶
func (o RoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput
One or more Disallowed Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details.
func (RoleDefinitionPermissionOutput) NotDataActions ¶
func (o RoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput
One or more Disallowed Data Actions, such as `*`, `Microsoft.Resources/subscriptions/resourceGroups/read`. See ['Azure Resource Manager resource provider operations'](https://docs.microsoft.com/azure/role-based-access-control/resource-provider-operations) for details.
func (RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutput ¶
func (o RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput
func (RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutputWithContext ¶
func (o RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutputWithContext(ctx context.Context) RoleDefinitionPermissionOutput
type RoleDefinitionState ¶
type RoleDefinitionState struct { // One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. // // > **NOTE:** The value for `scope` is automatically included in this list if no other values supplied. AssignableScopes pulumi.StringArrayInput // A description of the Role Definition. Description pulumi.StringPtrInput // The name of the Role Definition. Name pulumi.StringPtrInput // A `permissions` block as defined below. Permissions RoleDefinitionPermissionArrayInput // A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created. RoleDefinitionId pulumi.StringPtrInput // The Azure Resource Manager ID for the resource. RoleDefinitionResourceId pulumi.StringPtrInput // The scope at which the Role Definition applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. It is recommended to use the first entry of the `assignableScopes`. Changing this forces a new resource to be created. Scope pulumi.StringPtrInput }
func (RoleDefinitionState) ElementType ¶
func (RoleDefinitionState) ElementType() reflect.Type
type UserAssignedIdentity ¶
type UserAssignedIdentity struct { pulumi.CustomResourceState // The ID of the app associated with the Identity. ClientId pulumi.StringOutput `pulumi:"clientId"` // The Azure Region where the User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created. Location pulumi.StringOutput `pulumi:"location"` // Specifies the name of this User Assigned Identity. Changing this forces a new User Assigned Identity to be created. Name pulumi.StringOutput `pulumi:"name"` // The ID of the Service Principal object associated with the created Identity. PrincipalId pulumi.StringOutput `pulumi:"principalId"` // Specifies the name of the Resource Group within which this User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created. ResourceGroupName pulumi.StringOutput `pulumi:"resourceGroupName"` // A mapping of tags which should be assigned to the User Assigned Identity. Tags pulumi.StringMapOutput `pulumi:"tags"` // The ID of the Tenant which the Identity belongs to. TenantId pulumi.StringOutput `pulumi:"tenantId"` }
<!-- Note: This documentation is generated. Any manual changes will be overwritten -->
Manages a User Assigned Identity.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := authorization.NewUserAssignedIdentity(ctx, "example", &authorization.UserAssignedIdentityArgs{ Location: pulumi.Any(azurerm_resource_group.Example.Location), ResourceGroupName: pulumi.Any(azurerm_resource_group.Example.Name), }) if err != nil { return err } return nil }) }
```
## Import
An existing User Assigned Identity can be imported into Terraform using the `resource id`, e.g.
```sh
$ pulumi import azure:authorization/userAssignedIdentity:UserAssignedIdentity example /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{userAssignedIdentityName}
```
- Where `{subscriptionId}` is the ID of the Azure Subscription where the User Assigned Identity exists. For example `12345678-1234-9876-4563-123456789012`. * Where `{resourceGroupName}` is the name of Resource Group where this User Assigned Identity exists. For example `example-resource-group`. * Where `{userAssignedIdentityName}` is the name of the User Assigned Identity. For example `userAssignedIdentityValue`.
func GetUserAssignedIdentity ¶
func GetUserAssignedIdentity(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserAssignedIdentityState, opts ...pulumi.ResourceOption) (*UserAssignedIdentity, error)
GetUserAssignedIdentity gets an existing UserAssignedIdentity resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserAssignedIdentity ¶
func NewUserAssignedIdentity(ctx *pulumi.Context, name string, args *UserAssignedIdentityArgs, opts ...pulumi.ResourceOption) (*UserAssignedIdentity, error)
NewUserAssignedIdentity registers a new resource with the given unique name, arguments, and options.
func (*UserAssignedIdentity) ElementType ¶
func (*UserAssignedIdentity) ElementType() reflect.Type
func (*UserAssignedIdentity) ToUserAssignedIdentityOutput ¶
func (i *UserAssignedIdentity) ToUserAssignedIdentityOutput() UserAssignedIdentityOutput
func (*UserAssignedIdentity) ToUserAssignedIdentityOutputWithContext ¶
func (i *UserAssignedIdentity) ToUserAssignedIdentityOutputWithContext(ctx context.Context) UserAssignedIdentityOutput
type UserAssignedIdentityArgs ¶
type UserAssignedIdentityArgs struct { // The Azure Region where the User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created. Location pulumi.StringPtrInput // Specifies the name of this User Assigned Identity. Changing this forces a new User Assigned Identity to be created. Name pulumi.StringPtrInput // Specifies the name of the Resource Group within which this User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created. ResourceGroupName pulumi.StringInput // A mapping of tags which should be assigned to the User Assigned Identity. Tags pulumi.StringMapInput }
The set of arguments for constructing a UserAssignedIdentity resource.
func (UserAssignedIdentityArgs) ElementType ¶
func (UserAssignedIdentityArgs) ElementType() reflect.Type
type UserAssignedIdentityArray ¶
type UserAssignedIdentityArray []UserAssignedIdentityInput
func (UserAssignedIdentityArray) ElementType ¶
func (UserAssignedIdentityArray) ElementType() reflect.Type
func (UserAssignedIdentityArray) ToUserAssignedIdentityArrayOutput ¶
func (i UserAssignedIdentityArray) ToUserAssignedIdentityArrayOutput() UserAssignedIdentityArrayOutput
func (UserAssignedIdentityArray) ToUserAssignedIdentityArrayOutputWithContext ¶
func (i UserAssignedIdentityArray) ToUserAssignedIdentityArrayOutputWithContext(ctx context.Context) UserAssignedIdentityArrayOutput
type UserAssignedIdentityArrayInput ¶
type UserAssignedIdentityArrayInput interface { pulumi.Input ToUserAssignedIdentityArrayOutput() UserAssignedIdentityArrayOutput ToUserAssignedIdentityArrayOutputWithContext(context.Context) UserAssignedIdentityArrayOutput }
UserAssignedIdentityArrayInput is an input type that accepts UserAssignedIdentityArray and UserAssignedIdentityArrayOutput values. You can construct a concrete instance of `UserAssignedIdentityArrayInput` via:
UserAssignedIdentityArray{ UserAssignedIdentityArgs{...} }
type UserAssignedIdentityArrayOutput ¶
type UserAssignedIdentityArrayOutput struct{ *pulumi.OutputState }
func (UserAssignedIdentityArrayOutput) ElementType ¶
func (UserAssignedIdentityArrayOutput) ElementType() reflect.Type
func (UserAssignedIdentityArrayOutput) Index ¶
func (o UserAssignedIdentityArrayOutput) Index(i pulumi.IntInput) UserAssignedIdentityOutput
func (UserAssignedIdentityArrayOutput) ToUserAssignedIdentityArrayOutput ¶
func (o UserAssignedIdentityArrayOutput) ToUserAssignedIdentityArrayOutput() UserAssignedIdentityArrayOutput
func (UserAssignedIdentityArrayOutput) ToUserAssignedIdentityArrayOutputWithContext ¶
func (o UserAssignedIdentityArrayOutput) ToUserAssignedIdentityArrayOutputWithContext(ctx context.Context) UserAssignedIdentityArrayOutput
type UserAssignedIdentityInput ¶
type UserAssignedIdentityInput interface { pulumi.Input ToUserAssignedIdentityOutput() UserAssignedIdentityOutput ToUserAssignedIdentityOutputWithContext(ctx context.Context) UserAssignedIdentityOutput }
type UserAssignedIdentityMap ¶
type UserAssignedIdentityMap map[string]UserAssignedIdentityInput
func (UserAssignedIdentityMap) ElementType ¶
func (UserAssignedIdentityMap) ElementType() reflect.Type
func (UserAssignedIdentityMap) ToUserAssignedIdentityMapOutput ¶
func (i UserAssignedIdentityMap) ToUserAssignedIdentityMapOutput() UserAssignedIdentityMapOutput
func (UserAssignedIdentityMap) ToUserAssignedIdentityMapOutputWithContext ¶
func (i UserAssignedIdentityMap) ToUserAssignedIdentityMapOutputWithContext(ctx context.Context) UserAssignedIdentityMapOutput
type UserAssignedIdentityMapInput ¶
type UserAssignedIdentityMapInput interface { pulumi.Input ToUserAssignedIdentityMapOutput() UserAssignedIdentityMapOutput ToUserAssignedIdentityMapOutputWithContext(context.Context) UserAssignedIdentityMapOutput }
UserAssignedIdentityMapInput is an input type that accepts UserAssignedIdentityMap and UserAssignedIdentityMapOutput values. You can construct a concrete instance of `UserAssignedIdentityMapInput` via:
UserAssignedIdentityMap{ "key": UserAssignedIdentityArgs{...} }
type UserAssignedIdentityMapOutput ¶
type UserAssignedIdentityMapOutput struct{ *pulumi.OutputState }
func (UserAssignedIdentityMapOutput) ElementType ¶
func (UserAssignedIdentityMapOutput) ElementType() reflect.Type
func (UserAssignedIdentityMapOutput) MapIndex ¶
func (o UserAssignedIdentityMapOutput) MapIndex(k pulumi.StringInput) UserAssignedIdentityOutput
func (UserAssignedIdentityMapOutput) ToUserAssignedIdentityMapOutput ¶
func (o UserAssignedIdentityMapOutput) ToUserAssignedIdentityMapOutput() UserAssignedIdentityMapOutput
func (UserAssignedIdentityMapOutput) ToUserAssignedIdentityMapOutputWithContext ¶
func (o UserAssignedIdentityMapOutput) ToUserAssignedIdentityMapOutputWithContext(ctx context.Context) UserAssignedIdentityMapOutput
type UserAssignedIdentityOutput ¶
type UserAssignedIdentityOutput struct{ *pulumi.OutputState }
func (UserAssignedIdentityOutput) ClientId ¶ added in v5.5.0
func (o UserAssignedIdentityOutput) ClientId() pulumi.StringOutput
The ID of the app associated with the Identity.
func (UserAssignedIdentityOutput) ElementType ¶
func (UserAssignedIdentityOutput) ElementType() reflect.Type
func (UserAssignedIdentityOutput) Location ¶ added in v5.5.0
func (o UserAssignedIdentityOutput) Location() pulumi.StringOutput
The Azure Region where the User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created.
func (UserAssignedIdentityOutput) Name ¶ added in v5.5.0
func (o UserAssignedIdentityOutput) Name() pulumi.StringOutput
Specifies the name of this User Assigned Identity. Changing this forces a new User Assigned Identity to be created.
func (UserAssignedIdentityOutput) PrincipalId ¶ added in v5.5.0
func (o UserAssignedIdentityOutput) PrincipalId() pulumi.StringOutput
The ID of the Service Principal object associated with the created Identity.
func (UserAssignedIdentityOutput) ResourceGroupName ¶ added in v5.5.0
func (o UserAssignedIdentityOutput) ResourceGroupName() pulumi.StringOutput
Specifies the name of the Resource Group within which this User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created.
func (UserAssignedIdentityOutput) Tags ¶ added in v5.5.0
func (o UserAssignedIdentityOutput) Tags() pulumi.StringMapOutput
A mapping of tags which should be assigned to the User Assigned Identity.
func (UserAssignedIdentityOutput) TenantId ¶ added in v5.5.0
func (o UserAssignedIdentityOutput) TenantId() pulumi.StringOutput
The ID of the Tenant which the Identity belongs to.
func (UserAssignedIdentityOutput) ToUserAssignedIdentityOutput ¶
func (o UserAssignedIdentityOutput) ToUserAssignedIdentityOutput() UserAssignedIdentityOutput
func (UserAssignedIdentityOutput) ToUserAssignedIdentityOutputWithContext ¶
func (o UserAssignedIdentityOutput) ToUserAssignedIdentityOutputWithContext(ctx context.Context) UserAssignedIdentityOutput
type UserAssignedIdentityState ¶
type UserAssignedIdentityState struct { // The ID of the app associated with the Identity. ClientId pulumi.StringPtrInput // The Azure Region where the User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created. Location pulumi.StringPtrInput // Specifies the name of this User Assigned Identity. Changing this forces a new User Assigned Identity to be created. Name pulumi.StringPtrInput // The ID of the Service Principal object associated with the created Identity. PrincipalId pulumi.StringPtrInput // Specifies the name of the Resource Group within which this User Assigned Identity should exist. Changing this forces a new User Assigned Identity to be created. ResourceGroupName pulumi.StringPtrInput // A mapping of tags which should be assigned to the User Assigned Identity. Tags pulumi.StringMapInput // The ID of the Tenant which the Identity belongs to. TenantId pulumi.StringPtrInput }
func (UserAssignedIdentityState) ElementType ¶
func (UserAssignedIdentityState) ElementType() reflect.Type