authorization

package
v1.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 6, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Assignment 

type Assignment struct {
	pulumi.CustomResourceState

	// A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the Principal (User, Group, Service Principal, or Application) to assign the Role Definition to. Changing this forces a new resource to be created.
	PrincipalId pulumi.StringOutput `pulumi:"principalId"`
	// The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc.
	PrincipalType pulumi.StringOutput `pulumi:"principalType"`
	// The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`.
	RoleDefinitionId pulumi.StringOutput `pulumi:"roleDefinitionId"`
	// The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`.
	RoleDefinitionName pulumi.StringOutput `pulumi:"roleDefinitionName"`
	// The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created.
	Scope pulumi.StringOutput `pulumi:"scope"`
	// If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`.
	SkipServicePrincipalAadCheck pulumi.BoolOutput `pulumi:"skipServicePrincipalAadCheck"`
}

Assigns a given Principal (User or Application) to a given Role.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/role_assignment.html.markdown.

func GetAssignment 

func GetAssignment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AssignmentState, opts ...pulumi.ResourceOption) (*Assignment, error)

GetAssignment gets an existing Assignment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAssignment 

func NewAssignment(ctx *pulumi.Context,
	name string, args *AssignmentArgs, opts ...pulumi.ResourceOption) (*Assignment, error)

NewAssignment registers a new resource with the given unique name, arguments, and options.

type AssignmentArgs 

type AssignmentArgs struct {
	// A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created.
	Name pulumi.StringPtrInput
	// The ID of the Principal (User, Group, Service Principal, or Application) to assign the Role Definition to. Changing this forces a new resource to be created.
	PrincipalId pulumi.StringInput
	// The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`.
	RoleDefinitionId pulumi.StringPtrInput
	// The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`.
	RoleDefinitionName pulumi.StringPtrInput
	// The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created.
	Scope pulumi.StringInput
	// If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`.
	SkipServicePrincipalAadCheck pulumi.BoolPtrInput
}

The set of arguments for constructing a Assignment resource.

func (AssignmentArgs) ElementType added in v1.12.0 

func (AssignmentArgs) ElementType() reflect.Type

type AssignmentState 

type AssignmentState struct {
	// A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created.
	Name pulumi.StringPtrInput
	// The ID of the Principal (User, Group, Service Principal, or Application) to assign the Role Definition to. Changing this forces a new resource to be created.
	PrincipalId pulumi.StringPtrInput
	// The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc.
	PrincipalType pulumi.StringPtrInput
	// The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`.
	RoleDefinitionId pulumi.StringPtrInput
	// The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`.
	RoleDefinitionName pulumi.StringPtrInput
	// The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created.
	Scope pulumi.StringPtrInput
	// If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`.
	SkipServicePrincipalAadCheck pulumi.BoolPtrInput
}

func (AssignmentState) ElementType added in v1.12.0 

func (AssignmentState) ElementType() reflect.Type

type GetBuiltinRoleDefinitionArgs 

type GetBuiltinRoleDefinitionArgs struct {
	// Specifies the name of the built-in Role Definition. Possible values are: `Contributor`, `Owner`, `Reader` and `VirtualMachineContributor`.
	Name string `pulumi:"name"`
}

A collection of arguments for invoking getBuiltinRoleDefinition.

type GetBuiltinRoleDefinitionPermission added in v1.12.0 

type GetBuiltinRoleDefinitionPermission struct {
	// a list of actions supported by this role
	Actions []string `pulumi:"actions"`
	// a list of data actions supported by this role
	DataActions []string `pulumi:"dataActions"`
	// a list of actions which are denied by this role
	NotActions []string `pulumi:"notActions"`
	// a list of data actions which are denied by this role
	NotDataActions []string `pulumi:"notDataActions"`
}

type GetBuiltinRoleDefinitionPermissionArgs added in v1.12.0 

type GetBuiltinRoleDefinitionPermissionArgs struct {
	// a list of actions supported by this role
	Actions pulumi.StringArrayInput `pulumi:"actions"`
	// a list of data actions supported by this role
	DataActions pulumi.StringArrayInput `pulumi:"dataActions"`
	// a list of actions which are denied by this role
	NotActions pulumi.StringArrayInput `pulumi:"notActions"`
	// a list of data actions which are denied by this role
	NotDataActions pulumi.StringArrayInput `pulumi:"notDataActions"`
}

func (GetBuiltinRoleDefinitionPermissionArgs) ElementType added in v1.12.0 

func (GetBuiltinRoleDefinitionPermissionArgs) ElementType() reflect.Type

func (GetBuiltinRoleDefinitionPermissionArgs) ToGetBuiltinRoleDefinitionPermissionOutput added in v1.12.0 

func (i GetBuiltinRoleDefinitionPermissionArgs) ToGetBuiltinRoleDefinitionPermissionOutput() GetBuiltinRoleDefinitionPermissionOutput

func (GetBuiltinRoleDefinitionPermissionArgs) ToGetBuiltinRoleDefinitionPermissionOutputWithContext added in v1.12.0 

func (i GetBuiltinRoleDefinitionPermissionArgs) ToGetBuiltinRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetBuiltinRoleDefinitionPermissionOutput

type GetBuiltinRoleDefinitionPermissionArray added in v1.12.0 

type GetBuiltinRoleDefinitionPermissionArray []GetBuiltinRoleDefinitionPermissionInput

func (GetBuiltinRoleDefinitionPermissionArray) ElementType added in v1.12.0 

func (GetBuiltinRoleDefinitionPermissionArray) ElementType() reflect.Type

func (GetBuiltinRoleDefinitionPermissionArray) ToGetBuiltinRoleDefinitionPermissionArrayOutput added in v1.12.0 

func (i GetBuiltinRoleDefinitionPermissionArray) ToGetBuiltinRoleDefinitionPermissionArrayOutput() GetBuiltinRoleDefinitionPermissionArrayOutput

func (GetBuiltinRoleDefinitionPermissionArray) ToGetBuiltinRoleDefinitionPermissionArrayOutputWithContext added in v1.12.0 

func (i GetBuiltinRoleDefinitionPermissionArray) ToGetBuiltinRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetBuiltinRoleDefinitionPermissionArrayOutput

type GetBuiltinRoleDefinitionPermissionArrayInput added in v1.12.0 

type GetBuiltinRoleDefinitionPermissionArrayInput interface {
	pulumi.Input

	ToGetBuiltinRoleDefinitionPermissionArrayOutput() GetBuiltinRoleDefinitionPermissionArrayOutput
	ToGetBuiltinRoleDefinitionPermissionArrayOutputWithContext(context.Context) GetBuiltinRoleDefinitionPermissionArrayOutput
}

type GetBuiltinRoleDefinitionPermissionArrayOutput added in v1.12.0 

type GetBuiltinRoleDefinitionPermissionArrayOutput struct{ *pulumi.OutputState }

func (GetBuiltinRoleDefinitionPermissionArrayOutput) ElementType added in v1.12.0 

func (GetBuiltinRoleDefinitionPermissionArrayOutput) ElementType() reflect.Type

func (GetBuiltinRoleDefinitionPermissionArrayOutput) Index added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionArrayOutput) Index(i pulumi.IntInput) GetBuiltinRoleDefinitionPermissionOutput

func (GetBuiltinRoleDefinitionPermissionArrayOutput) ToGetBuiltinRoleDefinitionPermissionArrayOutput added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionArrayOutput) ToGetBuiltinRoleDefinitionPermissionArrayOutput() GetBuiltinRoleDefinitionPermissionArrayOutput

func (GetBuiltinRoleDefinitionPermissionArrayOutput) ToGetBuiltinRoleDefinitionPermissionArrayOutputWithContext added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionArrayOutput) ToGetBuiltinRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetBuiltinRoleDefinitionPermissionArrayOutput

type GetBuiltinRoleDefinitionPermissionInput added in v1.12.0 

type GetBuiltinRoleDefinitionPermissionInput interface {
	pulumi.Input

	ToGetBuiltinRoleDefinitionPermissionOutput() GetBuiltinRoleDefinitionPermissionOutput
	ToGetBuiltinRoleDefinitionPermissionOutputWithContext(context.Context) GetBuiltinRoleDefinitionPermissionOutput
}

type GetBuiltinRoleDefinitionPermissionOutput added in v1.12.0 

type GetBuiltinRoleDefinitionPermissionOutput struct{ *pulumi.OutputState }

func (GetBuiltinRoleDefinitionPermissionOutput) Actions added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput

a list of actions supported by this role

func (GetBuiltinRoleDefinitionPermissionOutput) DataActions added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput

a list of data actions supported by this role

func (GetBuiltinRoleDefinitionPermissionOutput) ElementType added in v1.12.0 

func (GetBuiltinRoleDefinitionPermissionOutput) ElementType() reflect.Type

func (GetBuiltinRoleDefinitionPermissionOutput) NotActions added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput

a list of actions which are denied by this role

func (GetBuiltinRoleDefinitionPermissionOutput) NotDataActions added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput

a list of data actions which are denied by this role

func (GetBuiltinRoleDefinitionPermissionOutput) ToGetBuiltinRoleDefinitionPermissionOutput added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionOutput) ToGetBuiltinRoleDefinitionPermissionOutput() GetBuiltinRoleDefinitionPermissionOutput

func (GetBuiltinRoleDefinitionPermissionOutput) ToGetBuiltinRoleDefinitionPermissionOutputWithContext added in v1.12.0 

func (o GetBuiltinRoleDefinitionPermissionOutput) ToGetBuiltinRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetBuiltinRoleDefinitionPermissionOutput

type GetBuiltinRoleDefinitionResult 

type GetBuiltinRoleDefinitionResult struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes []string `pulumi:"assignableScopes"`
	// the Description of the built-in Role.
	Description string `pulumi:"description"`
	// id is the provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// a `permissions` block as documented below.
	Permissions []GetBuiltinRoleDefinitionPermission `pulumi:"permissions"`
	// the Type of the Role.
	Type string `pulumi:"type"`
}

A collection of values returned by getBuiltinRoleDefinition.

func GetBuiltinRoleDefinition added in v1.12.0 

func GetBuiltinRoleDefinition(ctx *pulumi.Context, args *GetBuiltinRoleDefinitionArgs, opts ...pulumi.InvokeOption) (*GetBuiltinRoleDefinitionResult, error)

Use this data source to access information about a built-in Role Definition. To access information about a custom Role Definition, please see the `authorization.RoleDefinition` data source instead.

> **Note:** The this datasource has been deprecated in favour of `authorization.RoleDefinition` that now can look up role definitions by name. As such this data source will be removed in version 2.0 of the AzureRM Provider.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/builtin_role_definition.html.markdown.

type GetRoleDefinitionPermission added in v1.12.0 

type GetRoleDefinitionPermission struct {
	// a list of actions supported by this role
	Actions     []string `pulumi:"actions"`
	DataActions []string `pulumi:"dataActions"`
	// a list of actions which are denied by this role
	NotActions     []string `pulumi:"notActions"`
	NotDataActions []string `pulumi:"notDataActions"`
}

type GetRoleDefinitionPermissionArgs added in v1.12.0 

type GetRoleDefinitionPermissionArgs struct {
	// a list of actions supported by this role
	Actions     pulumi.StringArrayInput `pulumi:"actions"`
	DataActions pulumi.StringArrayInput `pulumi:"dataActions"`
	// a list of actions which are denied by this role
	NotActions     pulumi.StringArrayInput `pulumi:"notActions"`
	NotDataActions pulumi.StringArrayInput `pulumi:"notDataActions"`
}

func (GetRoleDefinitionPermissionArgs) ElementType added in v1.12.0 

func (GetRoleDefinitionPermissionArgs) ElementType() reflect.Type

func (GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput added in v1.12.0 

func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput

func (GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext added in v1.12.0 

func (i GetRoleDefinitionPermissionArgs) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput

type GetRoleDefinitionPermissionArray added in v1.12.0 

type GetRoleDefinitionPermissionArray []GetRoleDefinitionPermissionInput

func (GetRoleDefinitionPermissionArray) ElementType added in v1.12.0 

func (GetRoleDefinitionPermissionArray) ElementType() reflect.Type

func (GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput added in v1.12.0 

func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput

func (GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext added in v1.12.0 

func (i GetRoleDefinitionPermissionArray) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput

type GetRoleDefinitionPermissionArrayInput added in v1.12.0 

type GetRoleDefinitionPermissionArrayInput interface {
	pulumi.Input

	ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput
	ToGetRoleDefinitionPermissionArrayOutputWithContext(context.Context) GetRoleDefinitionPermissionArrayOutput
}

type GetRoleDefinitionPermissionArrayOutput added in v1.12.0 

type GetRoleDefinitionPermissionArrayOutput struct{ *pulumi.OutputState }

func (GetRoleDefinitionPermissionArrayOutput) ElementType added in v1.12.0 

func (GetRoleDefinitionPermissionArrayOutput) ElementType() reflect.Type

func (GetRoleDefinitionPermissionArrayOutput) Index added in v1.12.0 

func (o GetRoleDefinitionPermissionArrayOutput) Index(i pulumi.IntInput) GetRoleDefinitionPermissionOutput

func (GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput added in v1.12.0 

func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutput() GetRoleDefinitionPermissionArrayOutput

func (GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext added in v1.12.0 

func (o GetRoleDefinitionPermissionArrayOutput) ToGetRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionArrayOutput

type GetRoleDefinitionPermissionInput added in v1.12.0 

type GetRoleDefinitionPermissionInput interface {
	pulumi.Input

	ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput
	ToGetRoleDefinitionPermissionOutputWithContext(context.Context) GetRoleDefinitionPermissionOutput
}

type GetRoleDefinitionPermissionOutput added in v1.12.0 

type GetRoleDefinitionPermissionOutput struct{ *pulumi.OutputState }

func (GetRoleDefinitionPermissionOutput) Actions added in v1.12.0 

func (o GetRoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput

a list of actions supported by this role

func (GetRoleDefinitionPermissionOutput) DataActions added in v1.12.0 

func (o GetRoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput

func (GetRoleDefinitionPermissionOutput) ElementType added in v1.12.0 

func (GetRoleDefinitionPermissionOutput) ElementType() reflect.Type

func (GetRoleDefinitionPermissionOutput) NotActions added in v1.12.0 

func (o GetRoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput

a list of actions which are denied by this role

func (GetRoleDefinitionPermissionOutput) NotDataActions added in v1.12.0 

func (o GetRoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput

func (GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput added in v1.12.0 

func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutput() GetRoleDefinitionPermissionOutput

func (GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext added in v1.12.0 

func (o GetRoleDefinitionPermissionOutput) ToGetRoleDefinitionPermissionOutputWithContext(ctx context.Context) GetRoleDefinitionPermissionOutput

type LookupRoleDefinitionArgs added in v1.12.0 

type LookupRoleDefinitionArgs struct {
	// Specifies the Name of either a built-in or custom Role Definition.
	Name *string `pulumi:"name"`
	// Specifies the ID of the Role Definition as a UUID/GUID.
	RoleDefinitionId *string `pulumi:"roleDefinitionId"`
	// Specifies the Scope at which the Custom Role Definition exists.
	Scope *string `pulumi:"scope"`
}

A collection of arguments for invoking getRoleDefinition.

type LookupRoleDefinitionResult added in v1.12.0 

type LookupRoleDefinitionResult struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes []string `pulumi:"assignableScopes"`
	// the Description of the built-in Role.
	Description string `pulumi:"description"`
	// id is the provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// a `permissions` block as documented below.
	Permissions      []GetRoleDefinitionPermission `pulumi:"permissions"`
	RoleDefinitionId string                        `pulumi:"roleDefinitionId"`
	Scope            *string                       `pulumi:"scope"`
	// the Type of the Role.
	Type string `pulumi:"type"`
}

A collection of values returned by getRoleDefinition.

func LookupRoleDefinition 

func LookupRoleDefinition(ctx *pulumi.Context, args *LookupRoleDefinitionArgs, opts ...pulumi.InvokeOption) (*LookupRoleDefinitionResult, error)

Use this data source to access information about an existing Role Definition.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/role_definition.html.markdown.

type LookupUserAssignedIdentityArgs added in v1.12.0 

type LookupUserAssignedIdentityArgs struct {
	// The name of the User Assigned Identity.
	Name string `pulumi:"name"`
	// The name of the Resource Group in which the User Assigned Identity exists.
	ResourceGroupName string `pulumi:"resourceGroupName"`
}

A collection of arguments for invoking getUserAssignedIdentity.

type LookupUserAssignedIdentityResult added in v1.12.0 

type LookupUserAssignedIdentityResult struct {
	// The Client ID of the User Assigned Identity.
	ClientId string `pulumi:"clientId"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The Azure location where the User Assigned Identity exists.
	Location string `pulumi:"location"`
	Name     string `pulumi:"name"`
	// The Service Principal ID of the User Assigned Identity.
	PrincipalId       string `pulumi:"principalId"`
	ResourceGroupName string `pulumi:"resourceGroupName"`
	// A mapping of tags assigned to the User Assigned Identity.
	Tags map[string]string `pulumi:"tags"`
}

A collection of values returned by getUserAssignedIdentity.

func LookupUserAssignedIdentity 

func LookupUserAssignedIdentity(ctx *pulumi.Context, args *LookupUserAssignedIdentityArgs, opts ...pulumi.InvokeOption) (*LookupUserAssignedIdentityResult, error)

Use this data source to access information about an existing User Assigned Identity.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/user_assigned_identity.html.markdown.

type RoleDefinition 

type RoleDefinition struct {
	pulumi.CustomResourceState

	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes pulumi.StringArrayOutput `pulumi:"assignableScopes"`
	// A description of the Role Definition.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the Role Definition. Changing this forces a new resource to be created.
	Name pulumi.StringOutput `pulumi:"name"`
	// A `permissions` block as defined below.
	Permissions RoleDefinitionPermissionArrayOutput `pulumi:"permissions"`
	// A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.
	RoleDefinitionId pulumi.StringOutput `pulumi:"roleDefinitionId"`
	// The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. Changing this forces a new resource to be created.
	Scope pulumi.StringOutput `pulumi:"scope"`
}

Manages a custom Role Definition, used to assign Roles to Users/Principals. See ['Understand role definitions'](https://docs.microsoft.com/en-us/azure/role-based-access-control/role-definitions) in the Azure documentation for more details.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/role_definition.html.markdown.

func GetRoleDefinition 

func GetRoleDefinition(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RoleDefinitionState, opts ...pulumi.ResourceOption) (*RoleDefinition, error)

GetRoleDefinition gets an existing RoleDefinition resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRoleDefinition 

func NewRoleDefinition(ctx *pulumi.Context,
	name string, args *RoleDefinitionArgs, opts ...pulumi.ResourceOption) (*RoleDefinition, error)

NewRoleDefinition registers a new resource with the given unique name, arguments, and options.

type RoleDefinitionArgs 

type RoleDefinitionArgs struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes pulumi.StringArrayInput
	// A description of the Role Definition.
	Description pulumi.StringPtrInput
	// The name of the Role Definition. Changing this forces a new resource to be created.
	Name pulumi.StringPtrInput
	// A `permissions` block as defined below.
	Permissions RoleDefinitionPermissionArrayInput
	// A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.
	RoleDefinitionId pulumi.StringPtrInput
	// The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. Changing this forces a new resource to be created.
	Scope pulumi.StringInput
}

The set of arguments for constructing a RoleDefinition resource.

func (RoleDefinitionArgs) ElementType added in v1.12.0 

func (RoleDefinitionArgs) ElementType() reflect.Type

type RoleDefinitionPermission added in v1.12.0 

type RoleDefinitionPermission struct {
	Actions        []string `pulumi:"actions"`
	DataActions    []string `pulumi:"dataActions"`
	NotActions     []string `pulumi:"notActions"`
	NotDataActions []string `pulumi:"notDataActions"`
}

type RoleDefinitionPermissionArgs added in v1.12.0 

type RoleDefinitionPermissionArgs struct {
	Actions        pulumi.StringArrayInput `pulumi:"actions"`
	DataActions    pulumi.StringArrayInput `pulumi:"dataActions"`
	NotActions     pulumi.StringArrayInput `pulumi:"notActions"`
	NotDataActions pulumi.StringArrayInput `pulumi:"notDataActions"`
}

func (RoleDefinitionPermissionArgs) ElementType added in v1.12.0 

func (RoleDefinitionPermissionArgs) ElementType() reflect.Type

func (RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutput added in v1.12.0 

func (i RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput

func (RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutputWithContext added in v1.12.0 

func (i RoleDefinitionPermissionArgs) ToRoleDefinitionPermissionOutputWithContext(ctx context.Context) RoleDefinitionPermissionOutput

type RoleDefinitionPermissionArray added in v1.12.0 

type RoleDefinitionPermissionArray []RoleDefinitionPermissionInput

func (RoleDefinitionPermissionArray) ElementType added in v1.12.0 

func (RoleDefinitionPermissionArray) ElementType() reflect.Type

func (RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutput added in v1.12.0 

func (i RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput

func (RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutputWithContext added in v1.12.0 

func (i RoleDefinitionPermissionArray) ToRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) RoleDefinitionPermissionArrayOutput

type RoleDefinitionPermissionArrayInput added in v1.12.0 

type RoleDefinitionPermissionArrayInput interface {
	pulumi.Input

	ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput
	ToRoleDefinitionPermissionArrayOutputWithContext(context.Context) RoleDefinitionPermissionArrayOutput
}

type RoleDefinitionPermissionArrayOutput added in v1.12.0 

type RoleDefinitionPermissionArrayOutput struct{ *pulumi.OutputState }

func (RoleDefinitionPermissionArrayOutput) ElementType added in v1.12.0 

func (RoleDefinitionPermissionArrayOutput) ElementType() reflect.Type

func (RoleDefinitionPermissionArrayOutput) Index added in v1.12.0 

func (o RoleDefinitionPermissionArrayOutput) Index(i pulumi.IntInput) RoleDefinitionPermissionOutput

func (RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutput added in v1.12.0 

func (o RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutput() RoleDefinitionPermissionArrayOutput

func (RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutputWithContext added in v1.12.0 

func (o RoleDefinitionPermissionArrayOutput) ToRoleDefinitionPermissionArrayOutputWithContext(ctx context.Context) RoleDefinitionPermissionArrayOutput

type RoleDefinitionPermissionInput added in v1.12.0 

type RoleDefinitionPermissionInput interface {
	pulumi.Input

	ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput
	ToRoleDefinitionPermissionOutputWithContext(context.Context) RoleDefinitionPermissionOutput
}

type RoleDefinitionPermissionOutput added in v1.12.0 

type RoleDefinitionPermissionOutput struct{ *pulumi.OutputState }

func (RoleDefinitionPermissionOutput) Actions added in v1.12.0 

func (o RoleDefinitionPermissionOutput) Actions() pulumi.StringArrayOutput

func (RoleDefinitionPermissionOutput) DataActions added in v1.12.0 

func (o RoleDefinitionPermissionOutput) DataActions() pulumi.StringArrayOutput

func (RoleDefinitionPermissionOutput) ElementType added in v1.12.0 

func (RoleDefinitionPermissionOutput) ElementType() reflect.Type

func (RoleDefinitionPermissionOutput) NotActions added in v1.12.0 

func (o RoleDefinitionPermissionOutput) NotActions() pulumi.StringArrayOutput

func (RoleDefinitionPermissionOutput) NotDataActions added in v1.12.0 

func (o RoleDefinitionPermissionOutput) NotDataActions() pulumi.StringArrayOutput

func (RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutput added in v1.12.0 

func (o RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutput() RoleDefinitionPermissionOutput

func (RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutputWithContext added in v1.12.0 

func (o RoleDefinitionPermissionOutput) ToRoleDefinitionPermissionOutputWithContext(ctx context.Context) RoleDefinitionPermissionOutput

type RoleDefinitionState 

type RoleDefinitionState struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes pulumi.StringArrayInput
	// A description of the Role Definition.
	Description pulumi.StringPtrInput
	// The name of the Role Definition. Changing this forces a new resource to be created.
	Name pulumi.StringPtrInput
	// A `permissions` block as defined below.
	Permissions RoleDefinitionPermissionArrayInput
	// A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.
	RoleDefinitionId pulumi.StringPtrInput
	// The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. Changing this forces a new resource to be created.
	Scope pulumi.StringPtrInput
}

func (RoleDefinitionState) ElementType added in v1.12.0 

func (RoleDefinitionState) ElementType() reflect.Type

type UserAssignedIdentity 

type UserAssignedIdentity struct {
	pulumi.CustomResourceState

	// Client ID associated with the user assigned identity.
	ClientId pulumi.StringOutput `pulumi:"clientId"`
	// The location/region where the user assigned identity is
	// created.
	Location pulumi.StringOutput `pulumi:"location"`
	// The name of the user assigned identity. Changing this forces a
	// new identity to be created.
	Name pulumi.StringOutput `pulumi:"name"`
	// Service Principal ID associated with the user assigned identity.
	PrincipalId pulumi.StringOutput `pulumi:"principalId"`
	// The name of the resource group in which to
	// create the user assigned identity.
	ResourceGroupName pulumi.StringOutput `pulumi:"resourceGroupName"`
	// A mapping of tags to assign to the resource.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
}

Manages a user assigned identity.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/user_assigned_identity.html.markdown.

func GetUserAssignedIdentity 

func GetUserAssignedIdentity(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserAssignedIdentityState, opts ...pulumi.ResourceOption) (*UserAssignedIdentity, error)

GetUserAssignedIdentity gets an existing UserAssignedIdentity resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserAssignedIdentity 

func NewUserAssignedIdentity(ctx *pulumi.Context,
	name string, args *UserAssignedIdentityArgs, opts ...pulumi.ResourceOption) (*UserAssignedIdentity, error)

NewUserAssignedIdentity registers a new resource with the given unique name, arguments, and options.

type UserAssignedIdentityArgs 

type UserAssignedIdentityArgs struct {
	// The location/region where the user assigned identity is
	// created.
	Location pulumi.StringPtrInput
	// The name of the user assigned identity. Changing this forces a
	// new identity to be created.
	Name pulumi.StringPtrInput
	// The name of the resource group in which to
	// create the user assigned identity.
	ResourceGroupName pulumi.StringInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a UserAssignedIdentity resource.

func (UserAssignedIdentityArgs) ElementType added in v1.12.0 

func (UserAssignedIdentityArgs) ElementType() reflect.Type

type UserAssignedIdentityState 

type UserAssignedIdentityState struct {
	// Client ID associated with the user assigned identity.
	ClientId pulumi.StringPtrInput
	// The location/region where the user assigned identity is
	// created.
	Location pulumi.StringPtrInput
	// The name of the user assigned identity. Changing this forces a
	// new identity to be created.
	Name pulumi.StringPtrInput
	// Service Principal ID associated with the user assigned identity.
	PrincipalId pulumi.StringPtrInput
	// The name of the resource group in which to
	// create the user assigned identity.
	ResourceGroupName pulumi.StringPtrInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.StringMapInput
}

func (UserAssignedIdentityState) ElementType added in v1.12.0 

func (UserAssignedIdentityState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.