role

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 7, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Overview

nolint: lll Package role exports types, functions, subpackages for provisioning role resources.

> This provider is a derived work of the [Terraform Provider](https://github.com/terraform-providers/terraform-provider-azurerm) > distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature, > first check the [`pulumi/pulumi-azure` repo](https://github.com/pulumi/pulumi-azure/issues); however, if that doesn't turn up anything, > please consult the source [`terraform-providers/terraform-provider-azurerm` repo](https://github.com/terraform-providers/terraform-provider-azurerm/issues).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Assignment added in v0.16.0 

type Assignment struct {
	// contains filtered or unexported fields
}

Assigns a given Principal (User or Application) to a given Role.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/role_assignment_legacy.html.markdown.

func GetAssignment added in v0.16.0 

func GetAssignment(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AssignmentState, opts ...pulumi.ResourceOpt) (*Assignment, error)

GetAssignment gets an existing Assignment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAssignment added in v0.16.0 

func NewAssignment(ctx *pulumi.Context,
	name string, args *AssignmentArgs, opts ...pulumi.ResourceOpt) (*Assignment, error)

NewAssignment registers a new resource with the given unique name, arguments, and options.

func (*Assignment) ID added in v0.16.0 

func (r *Assignment) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Assignment) Name added in v0.16.0 

func (r *Assignment) Name() *pulumi.StringOutput

A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created.

func (*Assignment) PrincipalId added in v0.16.0 

func (r *Assignment) PrincipalId() *pulumi.StringOutput

The ID of the Principal (User, Group, Service Principal, or Application) to assign the Role Definition to. Changing this forces a new resource to be created.

func (*Assignment) PrincipalType added in v1.1.0 

func (r *Assignment) PrincipalType() *pulumi.StringOutput

The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc.

func (*Assignment) RoleDefinitionId added in v0.16.0 

func (r *Assignment) RoleDefinitionId() *pulumi.StringOutput

The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`.

func (*Assignment) RoleDefinitionName added in v0.16.0 

func (r *Assignment) RoleDefinitionName() *pulumi.StringOutput

The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`.

func (*Assignment) Scope added in v0.16.0 

func (r *Assignment) Scope() *pulumi.StringOutput

The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created.

func (*Assignment) SkipServicePrincipalAadCheck added in v1.1.0 

func (r *Assignment) SkipServicePrincipalAadCheck() *pulumi.BoolOutput

If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`.

func (*Assignment) URN added in v0.16.0 

func (r *Assignment) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AssignmentArgs added in v0.16.0 

type AssignmentArgs struct {
	// A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created.
	Name interface{}
	// The ID of the Principal (User, Group, Service Principal, or Application) to assign the Role Definition to. Changing this forces a new resource to be created.
	PrincipalId interface{}
	// The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`.
	RoleDefinitionId interface{}
	// The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`.
	RoleDefinitionName interface{}
	// The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created.
	Scope interface{}
	// If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`.
	SkipServicePrincipalAadCheck interface{}
}

The set of arguments for constructing a Assignment resource.

type AssignmentState added in v0.16.0 

type AssignmentState struct {
	// A unique UUID/GUID for this Role Assignment - one will be generated if not specified. Changing this forces a new resource to be created.
	Name interface{}
	// The ID of the Principal (User, Group, Service Principal, or Application) to assign the Role Definition to. Changing this forces a new resource to be created.
	PrincipalId interface{}
	// The type of the `principalId`, e.g. User, Group, Service Principal, Application, etc.
	PrincipalType interface{}
	// The Scoped-ID of the Role Definition. Changing this forces a new resource to be created. Conflicts with `roleDefinitionName`.
	RoleDefinitionId interface{}
	// The name of a built-in Role. Changing this forces a new resource to be created. Conflicts with `roleDefinitionId`.
	RoleDefinitionName interface{}
	// The scope at which the Role Assignment applies to, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`, or `/providers/Microsoft.Management/managementGroups/myMG`. Changing this forces a new resource to be created.
	Scope interface{}
	// If the `principalId` is a newly provisioned `Service Principal` set this value to `true` to skip the `Azure Active Directory` check which may fail due to replication lag. This argument is only valid if the `principalId` is a `Service Principal` identity. If it is not a `Service Principal` identity it will cause the role assignment to fail. Defaults to `false`.
	SkipServicePrincipalAadCheck interface{}
}

Input properties used for looking up and filtering Assignment resources.

type Definition 

type Definition struct {
	// contains filtered or unexported fields
}

Manages a custom Role Definition, used to assign Roles to Users/Principals. See ['Understand role definitions'](https://docs.microsoft.com/en-us/azure/role-based-access-control/role-definitions) in the Azure documentation for more details.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/role_definition_legacy.html.markdown.

func GetDefinition 

func GetDefinition(ctx *pulumi.Context,
	name string, id pulumi.ID, state *DefinitionState, opts ...pulumi.ResourceOpt) (*Definition, error)

GetDefinition gets an existing Definition resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDefinition 

func NewDefinition(ctx *pulumi.Context,
	name string, args *DefinitionArgs, opts ...pulumi.ResourceOpt) (*Definition, error)

NewDefinition registers a new resource with the given unique name, arguments, and options.

func (*Definition) AssignableScopes 

func (r *Definition) AssignableScopes() *pulumi.ArrayOutput

One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.

func (*Definition) Description 

func (r *Definition) Description() *pulumi.StringOutput

A description of the Role Definition.

func (*Definition) ID 

func (r *Definition) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Definition) Name 

func (r *Definition) Name() *pulumi.StringOutput

The name of the Role Definition. Changing this forces a new resource to be created.

func (*Definition) Permissions 

func (r *Definition) Permissions() *pulumi.ArrayOutput

A `permissions` block as defined below.

func (*Definition) RoleDefinitionId 

func (r *Definition) RoleDefinitionId() *pulumi.StringOutput

A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.

func (*Definition) Scope 

func (r *Definition) Scope() *pulumi.StringOutput

The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. Changing this forces a new resource to be created.

func (*Definition) URN 

func (r *Definition) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type DefinitionArgs 

type DefinitionArgs struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes interface{}
	// A description of the Role Definition.
	Description interface{}
	// The name of the Role Definition. Changing this forces a new resource to be created.
	Name interface{}
	// A `permissions` block as defined below.
	Permissions interface{}
	// A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.
	RoleDefinitionId interface{}
	// The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. Changing this forces a new resource to be created.
	Scope interface{}
}

The set of arguments for constructing a Definition resource.

type DefinitionState 

type DefinitionState struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes interface{}
	// A description of the Role Definition.
	Description interface{}
	// The name of the Role Definition. Changing this forces a new resource to be created.
	Name interface{}
	// A `permissions` block as defined below.
	Permissions interface{}
	// A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.
	RoleDefinitionId interface{}
	// The scope at which the Role Definition applies too, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`. Changing this forces a new resource to be created.
	Scope interface{}
}

Input properties used for looking up and filtering Definition resources.

type GetBuiltinRoleDefinitionArgs 

type GetBuiltinRoleDefinitionArgs struct {
	// Specifies the name of the built-in Role Definition. Possible values are: `Contributor`, `Owner`, `Reader` and `VirtualMachineContributor`.
	Name interface{}
}

A collection of arguments for invoking getBuiltinRoleDefinition.

type GetBuiltinRoleDefinitionResult 

type GetBuiltinRoleDefinitionResult struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes interface{}
	// the Description of the built-in Role.
	Description interface{}
	Name        interface{}
	// a `permissions` block as documented below.
	Permissions interface{}
	// the Type of the Role.
	Type interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getBuiltinRoleDefinition.

func LookupBuiltinRoleDefinition 

func LookupBuiltinRoleDefinition(ctx *pulumi.Context, args *GetBuiltinRoleDefinitionArgs) (*GetBuiltinRoleDefinitionResult, error)

Use this data source to access information about a built-in Role Definition. To access information about a custom Role Definition, please see the `authorization.RoleDefinition` data source instead.

> **NOTE:** The this datasource has been deprecated in favour of `authorization.RoleDefinition` that now can look up role definitions by name. As such this data source will be removed in version 2.0 of the AzureRM Provider.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/builtin_role_definition_legacy.html.markdown.

type GetRoleDefinitionArgs 

type GetRoleDefinitionArgs struct {
	// Specifies the Name of either a built-in or custom Role Definition.
	Name interface{}
	// Specifies the ID of the Role Definition as a UUID/GUID.
	RoleDefinitionId interface{}
	// Specifies the Scope at which the Custom Role Definition exists.
	Scope interface{}
}

A collection of arguments for invoking getRoleDefinition.

type GetRoleDefinitionResult 

type GetRoleDefinitionResult struct {
	// One or more assignable scopes for this Role Definition, such as `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333`, `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup`, or `/subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM`.
	AssignableScopes interface{}
	// the Description of the built-in Role.
	Description interface{}
	Name        interface{}
	// a `permissions` block as documented below.
	Permissions      interface{}
	RoleDefinitionId interface{}
	Scope            interface{}
	// the Type of the Role.
	Type interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getRoleDefinition.

func LookupRoleDefinition 

func LookupRoleDefinition(ctx *pulumi.Context, args *GetRoleDefinitionArgs) (*GetRoleDefinitionResult, error)

Use this data source to access information about an existing Role Definition.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/role_definition_legacy.html.markdown.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.