v1beta2

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 20, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=serviceprincipals.azuread.upbound.io +versionName=v1beta2

Index

Constants

View Source 
const (
	CRDGroup   = "serviceprincipals.azuread.upbound.io"
	CRDVersion = "v1beta2"
)

Package type metadata.

Variables

View Source 
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	Principal_Kind             = "Principal"
	Principal_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Principal_Kind}.String()
	Principal_KindAPIVersion   = Principal_Kind + "." + CRDGroupVersion.String()
	Principal_GroupVersionKind = CRDGroupVersion.WithKind(Principal_Kind)
)

Repository type metadata.

Functions

This section is empty.

Types

type AppRolesInitParameters 

type AppRolesInitParameters struct {
}

func (*AppRolesInitParameters) DeepCopy 

func (in *AppRolesInitParameters) DeepCopy() *AppRolesInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppRolesInitParameters.

func (*AppRolesInitParameters) DeepCopyInto 

func (in *AppRolesInitParameters) DeepCopyInto(out *AppRolesInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AppRolesObservation 

type AppRolesObservation struct {

	// Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in a standalone scenario). Possible values are: User and Application, or both.
	AllowedMemberTypes []*string `json:"allowedMemberTypes,omitempty" tf:"allowed_member_types,omitempty"`

	// A description of the service principal provided for internal end-users.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// The display name of the application associated with this service principal.
	DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"`

	// Determines if the app role is enabled.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The unique identifier of the app_role.
	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The value that is used for the roles claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal.
	Value *string `json:"value,omitempty" tf:"value,omitempty"`
}

func (*AppRolesObservation) DeepCopy 

func (in *AppRolesObservation) DeepCopy() *AppRolesObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppRolesObservation.

func (*AppRolesObservation) DeepCopyInto 

func (in *AppRolesObservation) DeepCopyInto(out *AppRolesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AppRolesParameters 

type AppRolesParameters struct {
}

func (*AppRolesParameters) DeepCopy 

func (in *AppRolesParameters) DeepCopy() *AppRolesParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppRolesParameters.

func (*AppRolesParameters) DeepCopyInto 

func (in *AppRolesParameters) DeepCopyInto(out *AppRolesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FeatureTagsInitParameters 

type FeatureTagsInitParameters struct {

	// Whether this service principal represents a custom SAML application. Enabling this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication tag. Defaults to false.
	// Whether this service principal represents a custom SAML application
	CustomSingleSignOn *bool `json:"customSingleSignOn,omitempty" tf:"custom_single_sign_on,omitempty"`

	// Whether this service principal represents an Enterprise Application. Enabling this will assign the WindowsAzureActiveDirectoryIntegratedApp tag. Defaults to false.
	// Whether this service principal represents an Enterprise Application
	Enterprise *bool `json:"enterprise,omitempty" tf:"enterprise,omitempty"`

	// Whether this service principal represents a gallery application. Enabling this will assign the WindowsAzureActiveDirectoryGalleryApplicationNonPrimaryV1 tag. Defaults to false.
	// Whether this service principal represents a gallery application
	Gallery *bool `json:"gallery,omitempty" tf:"gallery,omitempty"`

	// Whether this app is invisible to users in My Apps and Office 365 Launcher. Enabling this will assign the HideApp tag. Defaults to false.
	// Whether this app is invisible to users in My Apps and Office 365 Launcher
	Hide *bool `json:"hide,omitempty" tf:"hide,omitempty"`
}

func (*FeatureTagsInitParameters) DeepCopy 

func (in *FeatureTagsInitParameters) DeepCopy() *FeatureTagsInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureTagsInitParameters.

func (*FeatureTagsInitParameters) DeepCopyInto 

func (in *FeatureTagsInitParameters) DeepCopyInto(out *FeatureTagsInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FeatureTagsObservation 

type FeatureTagsObservation struct {

	// Whether this service principal represents a custom SAML application. Enabling this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication tag. Defaults to false.
	// Whether this service principal represents a custom SAML application
	CustomSingleSignOn *bool `json:"customSingleSignOn,omitempty" tf:"custom_single_sign_on,omitempty"`

	// Whether this service principal represents an Enterprise Application. Enabling this will assign the WindowsAzureActiveDirectoryIntegratedApp tag. Defaults to false.
	// Whether this service principal represents an Enterprise Application
	Enterprise *bool `json:"enterprise,omitempty" tf:"enterprise,omitempty"`

	// Whether this service principal represents a gallery application. Enabling this will assign the WindowsAzureActiveDirectoryGalleryApplicationNonPrimaryV1 tag. Defaults to false.
	// Whether this service principal represents a gallery application
	Gallery *bool `json:"gallery,omitempty" tf:"gallery,omitempty"`

	// Whether this app is invisible to users in My Apps and Office 365 Launcher. Enabling this will assign the HideApp tag. Defaults to false.
	// Whether this app is invisible to users in My Apps and Office 365 Launcher
	Hide *bool `json:"hide,omitempty" tf:"hide,omitempty"`
}

func (*FeatureTagsObservation) DeepCopy 

func (in *FeatureTagsObservation) DeepCopy() *FeatureTagsObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureTagsObservation.

func (*FeatureTagsObservation) DeepCopyInto 

func (in *FeatureTagsObservation) DeepCopyInto(out *FeatureTagsObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FeatureTagsParameters 

type FeatureTagsParameters struct {

	// Whether this service principal represents a custom SAML application. Enabling this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication tag. Defaults to false.
	// Whether this service principal represents a custom SAML application
	// +kubebuilder:validation:Optional
	CustomSingleSignOn *bool `json:"customSingleSignOn,omitempty" tf:"custom_single_sign_on,omitempty"`

	// Whether this service principal represents an Enterprise Application. Enabling this will assign the WindowsAzureActiveDirectoryIntegratedApp tag. Defaults to false.
	// Whether this service principal represents an Enterprise Application
	// +kubebuilder:validation:Optional
	Enterprise *bool `json:"enterprise,omitempty" tf:"enterprise,omitempty"`

	// Whether this service principal represents a gallery application. Enabling this will assign the WindowsAzureActiveDirectoryGalleryApplicationNonPrimaryV1 tag. Defaults to false.
	// Whether this service principal represents a gallery application
	// +kubebuilder:validation:Optional
	Gallery *bool `json:"gallery,omitempty" tf:"gallery,omitempty"`

	// Whether this app is invisible to users in My Apps and Office 365 Launcher. Enabling this will assign the HideApp tag. Defaults to false.
	// Whether this app is invisible to users in My Apps and Office 365 Launcher
	// +kubebuilder:validation:Optional
	Hide *bool `json:"hide,omitempty" tf:"hide,omitempty"`
}

func (*FeatureTagsParameters) DeepCopy 

func (in *FeatureTagsParameters) DeepCopy() *FeatureTagsParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureTagsParameters.

func (*FeatureTagsParameters) DeepCopyInto 

func (in *FeatureTagsParameters) DeepCopyInto(out *FeatureTagsParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Oauth2PermissionScopesInitParameters 

type Oauth2PermissionScopesInitParameters struct {
}

func (*Oauth2PermissionScopesInitParameters) DeepCopy 

func (in *Oauth2PermissionScopesInitParameters) DeepCopy() *Oauth2PermissionScopesInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Oauth2PermissionScopesInitParameters.

func (*Oauth2PermissionScopesInitParameters) DeepCopyInto 

func (in *Oauth2PermissionScopesInitParameters) DeepCopyInto(out *Oauth2PermissionScopesInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Oauth2PermissionScopesObservation 

type Oauth2PermissionScopesObservation struct {

	// Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users.
	AdminConsentDescription *string `json:"adminConsentDescription,omitempty" tf:"admin_consent_description,omitempty"`

	// Display name for the delegated permission, intended to be read by an administrator granting the permission on behalf of all users.
	AdminConsentDisplayName *string `json:"adminConsentDisplayName,omitempty" tf:"admin_consent_display_name,omitempty"`

	// Determines if the app role is enabled.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The unique identifier of the app_role.
	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// Identifies whether the service principal represents an application or a managed identity. Possible values include Application or ManagedIdentity.
	Type *string `json:"type,omitempty" tf:"type,omitempty"`

	// Delegated permission description that appears in the end user consent experience, intended to be read by a user consenting on their own behalf.
	UserConsentDescription *string `json:"userConsentDescription,omitempty" tf:"user_consent_description,omitempty"`

	// Display name for the delegated permission that appears in the end user consent experience.
	UserConsentDisplayName *string `json:"userConsentDisplayName,omitempty" tf:"user_consent_display_name,omitempty"`

	// The value that is used for the roles claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal.
	Value *string `json:"value,omitempty" tf:"value,omitempty"`
}

func (*Oauth2PermissionScopesObservation) DeepCopy 

func (in *Oauth2PermissionScopesObservation) DeepCopy() *Oauth2PermissionScopesObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Oauth2PermissionScopesObservation.

func (*Oauth2PermissionScopesObservation) DeepCopyInto 

func (in *Oauth2PermissionScopesObservation) DeepCopyInto(out *Oauth2PermissionScopesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Oauth2PermissionScopesParameters 

type Oauth2PermissionScopesParameters struct {
}

func (*Oauth2PermissionScopesParameters) DeepCopy 

func (in *Oauth2PermissionScopesParameters) DeepCopy() *Oauth2PermissionScopesParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Oauth2PermissionScopesParameters.

func (*Oauth2PermissionScopesParameters) DeepCopyInto 

func (in *Oauth2PermissionScopesParameters) DeepCopyInto(out *Oauth2PermissionScopesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Principal 

type Principal struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              PrincipalSpec   `json:"spec"`
	Status            PrincipalStatus `json:"status,omitempty"`
}

Principal is the Schema for the Principals API. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,azuread}

func (*Principal) DeepCopy 

func (in *Principal) DeepCopy() *Principal

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Principal.

func (*Principal) DeepCopyInto 

func (in *Principal) DeepCopyInto(out *Principal)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Principal) DeepCopyObject 

func (in *Principal) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Principal) GetCondition 

func (mg *Principal) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Principal.

func (*Principal) GetConnectionDetailsMapping 

func (tr *Principal) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Principal

func (*Principal) GetDeletionPolicy 

func (mg *Principal) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Principal.

func (*Principal) GetID 

func (tr *Principal) GetID() string

GetID returns ID of underlying Terraform resource of this Principal

func (*Principal) GetInitParameters 

func (tr *Principal) GetInitParameters() (map[string]any, error)

GetInitParameters of this Principal

func (*Principal) GetManagementPolicies 

func (mg *Principal) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Principal.

func (*Principal) GetMergedParameters 

func (tr *Principal) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Principal

func (*Principal) GetObservation 

func (tr *Principal) GetObservation() (map[string]any, error)

GetObservation of this Principal

func (*Principal) GetParameters 

func (tr *Principal) GetParameters() (map[string]any, error)

GetParameters of this Principal

func (*Principal) GetProviderConfigReference 

func (mg *Principal) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Principal.

func (*Principal) GetPublishConnectionDetailsTo 

func (mg *Principal) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Principal.

func (*Principal) GetTerraformResourceType 

func (mg *Principal) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Principal

func (*Principal) GetTerraformSchemaVersion 

func (tr *Principal) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Principal) GetWriteConnectionSecretToReference 

func (mg *Principal) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Principal.

func (*Principal) Hub 

func (tr *Principal) Hub()

Hub marks this type as a conversion hub.

func (*Principal) LateInitialize 

func (tr *Principal) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Principal using its observed tfState. returns True if there are any spec changes for the resource.

func (*Principal) ResolveReferences 

func (mg *Principal) ResolveReferences(
	ctx context.Context, c client.Reader) error

func (*Principal) SetConditions 

func (mg *Principal) SetConditions(c ...xpv1.Condition)

SetConditions of this Principal.

func (*Principal) SetDeletionPolicy 

func (mg *Principal) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Principal.

func (*Principal) SetManagementPolicies 

func (mg *Principal) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Principal.

func (*Principal) SetObservation 

func (tr *Principal) SetObservation(obs map[string]any) error

SetObservation for this Principal

func (*Principal) SetParameters 

func (tr *Principal) SetParameters(params map[string]any) error

SetParameters for this Principal

func (*Principal) SetProviderConfigReference 

func (mg *Principal) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Principal.

func (*Principal) SetPublishConnectionDetailsTo 

func (mg *Principal) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Principal.

func (*Principal) SetWriteConnectionSecretToReference 

func (mg *Principal) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Principal.

type PrincipalInitParameters 

type PrincipalInitParameters struct {

	// Whether or not the service principal account is enabled. Defaults to true.
	// Whether or not the service principal account is enabled
	AccountEnabled *bool `json:"accountEnabled,omitempty" tf:"account_enabled,omitempty"`

	// A set of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities.
	// A list of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities
	// +listType=set
	AlternativeNames []*string `json:"alternativeNames,omitempty" tf:"alternative_names,omitempty"`

	// Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. Defaults to false.
	// Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application
	AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty" tf:"app_role_assignment_required,omitempty"`

	// The unique identifier of the app_role.
	// The application ID (client ID) of the application for which to create a service principal
	// +crossplane:generate:reference:type=github.com/upbound/provider-azuread/apis/applications/v1beta2.Application
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("application_id",true)
	ApplicationID *string `json:"applicationId,omitempty" tf:"application_id,omitempty"`

	// Reference to a Application in applications to populate applicationId.
	// +kubebuilder:validation:Optional
	ApplicationIDRef *v1.Reference `json:"applicationIdRef,omitempty" tf:"-"`

	// Selector for a Application in applications to populate applicationId.
	// +kubebuilder:validation:Optional
	ApplicationIDSelector *v1.Selector `json:"applicationIdSelector,omitempty" tf:"-"`

	// The client ID of the application for which to create a service principal.
	// The client ID of the application for which to create a service principal
	// +crossplane:generate:reference:type=github.com/upbound/provider-azuread/apis/applications/v1beta2.Application
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("client_id",true)
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Application in applications to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Application in applications to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// A description of the service principal provided for internal end-users.
	// Description of the service principal provided for internal end-users
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A feature_tags block as described below. Cannot be used together with the tags property.
	// Block of features to configure for this service principal using tags
	FeatureTags []FeatureTagsInitParameters `json:"featureTags,omitempty" tf:"feature_tags,omitempty"`

	// The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on.
	// The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on
	LoginURL *string `json:"loginUrl,omitempty" tf:"login_url,omitempty"`

	// A free text field to capture information about the service principal, typically used for operational purposes.
	// Free text field to capture information about the service principal, typically used for operational purposes
	Notes *string `json:"notes,omitempty" tf:"notes,omitempty"`

	// A set of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications.
	// List of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications
	// +listType=set
	NotificationEmailAddresses []*string `json:"notificationEmailAddresses,omitempty" tf:"notification_email_addresses,omitempty"`

	// A set of object IDs of principals that will be granted ownership of the service principal. Supported object types are users or service principals. By default, no owners are assigned.
	// A list of object IDs of principals that will be granted ownership of the service principal
	// +listType=set
	Owners []*string `json:"owners,omitempty" tf:"owners,omitempty"`

	// The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps. Supported values are oidc, password, saml or notSupported. Omit this property or specify a blank string to unset.
	// The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps
	PreferredSingleSignOnMode *string `json:"preferredSingleSignOnMode,omitempty" tf:"preferred_single_sign_on_mode,omitempty"`

	// A saml_single_sign_on block as documented below.
	// Settings related to SAML single sign-on
	SAMLSingleSignOn *SAMLSingleSignOnInitParameters `json:"samlSingleSignOn,omitempty" tf:"saml_single_sign_on,omitempty"`

	// A set of tags to apply to the service principal for configuring specific behaviours of the service principal. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block.
	// A set of tags to apply to the service principal
	// +listType=set
	Tags []*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// When true, any existing service principal linked to the same application will be automatically imported. When false, an import error will be raised for any pre-existing service principal.
	// When true, the resource will return an existing service principal instead of failing with an error
	UseExisting *bool `json:"useExisting,omitempty" tf:"use_existing,omitempty"`
}

func (*PrincipalInitParameters) DeepCopy 

func (in *PrincipalInitParameters) DeepCopy() *PrincipalInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalInitParameters.

func (*PrincipalInitParameters) DeepCopyInto 

func (in *PrincipalInitParameters) DeepCopyInto(out *PrincipalInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PrincipalList 

type PrincipalList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Principal `json:"items"`
}

PrincipalList contains a list of Principals

func (*PrincipalList) DeepCopy 

func (in *PrincipalList) DeepCopy() *PrincipalList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalList.

func (*PrincipalList) DeepCopyInto 

func (in *PrincipalList) DeepCopyInto(out *PrincipalList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PrincipalList) DeepCopyObject 

func (in *PrincipalList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PrincipalList) GetItems 

func (l *PrincipalList) GetItems() []resource.Managed

GetItems of this PrincipalList.

type PrincipalObservation 

type PrincipalObservation struct {

	// Whether or not the service principal account is enabled. Defaults to true.
	// Whether or not the service principal account is enabled
	AccountEnabled *bool `json:"accountEnabled,omitempty" tf:"account_enabled,omitempty"`

	// A set of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities.
	// A list of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities
	// +listType=set
	AlternativeNames []*string `json:"alternativeNames,omitempty" tf:"alternative_names,omitempty"`

	// Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. Defaults to false.
	// Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application
	AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty" tf:"app_role_assignment_required,omitempty"`

	// A mapping of app role values to app role IDs, as published by the associated application, intended to be useful when referencing app roles in other resources in your configuration.
	// Mapping of app role names to UUIDs
	// +mapType=granular
	AppRoleIds map[string]*string `json:"appRoleIds,omitempty" tf:"app_role_ids,omitempty"`

	// A list of app roles published by the associated application, as documented below. For more information official documentation.
	AppRoles []AppRolesObservation `json:"appRoles,omitempty" tf:"app_roles,omitempty"`

	// The unique identifier of the app_role.
	// The application ID (client ID) of the application for which to create a service principal
	ApplicationID *string `json:"applicationId,omitempty" tf:"application_id,omitempty"`

	// The tenant ID where the associated application is registered.
	// The tenant ID where the associated application is registered
	ApplicationTenantID *string `json:"applicationTenantId,omitempty" tf:"application_tenant_id,omitempty"`

	// The client ID of the application for which to create a service principal.
	// The client ID of the application for which to create a service principal
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// A description of the service principal provided for internal end-users.
	// Description of the service principal provided for internal end-users
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// The display name of the application associated with this service principal.
	// The display name of the application associated with this service principal
	DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"`

	// A feature_tags block as described below. Cannot be used together with the tags property.
	// Block of features to configure for this service principal using tags
	FeatureTags []FeatureTagsObservation `json:"featureTags,omitempty" tf:"feature_tags,omitempty"`

	// Home page or landing page of the associated application.
	// Home page or landing page of the application
	HomepageURL *string `json:"homepageUrl,omitempty" tf:"homepage_url,omitempty"`

	// The unique identifier of the app_role.
	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on.
	// The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on
	LoginURL *string `json:"loginUrl,omitempty" tf:"login_url,omitempty"`

	// The URL that will be used by Microsoft's authorization service to log out an user using OpenId Connect front-channel, back-channel or SAML logout protocols, taken from the associated application.
	// The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols
	LogoutURL *string `json:"logoutUrl,omitempty" tf:"logout_url,omitempty"`

	// A free text field to capture information about the service principal, typically used for operational purposes.
	// Free text field to capture information about the service principal, typically used for operational purposes
	Notes *string `json:"notes,omitempty" tf:"notes,omitempty"`

	// A set of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications.
	// List of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications
	// +listType=set
	NotificationEmailAddresses []*string `json:"notificationEmailAddresses,omitempty" tf:"notification_email_addresses,omitempty"`

	// A mapping of OAuth2.0 permission scope values to scope IDs, as exposed by the associated application, intended to be useful when referencing permission scopes in other resources in your configuration.
	// Mapping of OAuth2.0 permission scope names to UUIDs
	// +mapType=granular
	Oauth2PermissionScopeIds map[string]*string `json:"oauth2PermissionScopeIds,omitempty" tf:"oauth2_permission_scope_ids,omitempty"`

	// A list of OAuth 2.0 delegated permission scopes exposed by the associated application, as documented below.
	Oauth2PermissionScopes []Oauth2PermissionScopesObservation `json:"oauth2PermissionScopes,omitempty" tf:"oauth2_permission_scopes,omitempty"`

	// The object ID of the service principal.
	// The object ID of the service principal
	ObjectID *string `json:"objectId,omitempty" tf:"object_id,omitempty"`

	// A set of object IDs of principals that will be granted ownership of the service principal. Supported object types are users or service principals. By default, no owners are assigned.
	// A list of object IDs of principals that will be granted ownership of the service principal
	// +listType=set
	Owners []*string `json:"owners,omitempty" tf:"owners,omitempty"`

	// The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps. Supported values are oidc, password, saml or notSupported. Omit this property or specify a blank string to unset.
	// The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps
	PreferredSingleSignOnMode *string `json:"preferredSingleSignOnMode,omitempty" tf:"preferred_single_sign_on_mode,omitempty"`

	// A list of URLs where user tokens are sent for sign-in with the associated application, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent for the associated application.
	// The URLs where user tokens are sent for sign-in with the associated application, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent for the associated application
	RedirectUris []*string `json:"redirectUris,omitempty" tf:"redirect_uris,omitempty"`

	// The URL where the service exposes SAML metadata for federation.
	// The URL where the service exposes SAML metadata for federation
	SAMLMetadataURL *string `json:"samlMetadataUrl,omitempty" tf:"saml_metadata_url,omitempty"`

	// A saml_single_sign_on block as documented below.
	// Settings related to SAML single sign-on
	SAMLSingleSignOn *SAMLSingleSignOnObservation `json:"samlSingleSignOn,omitempty" tf:"saml_single_sign_on,omitempty"`

	// A list of identifier URI(s), copied over from the associated application.
	// A list of identifier URI(s), copied over from the associated application
	ServicePrincipalNames []*string `json:"servicePrincipalNames,omitempty" tf:"service_principal_names,omitempty"`

	// The Microsoft account types that are supported for the associated application. Possible values include AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount.
	// The Microsoft account types that are supported for the associated application
	SignInAudience *string `json:"signInAudience,omitempty" tf:"sign_in_audience,omitempty"`

	// A set of tags to apply to the service principal for configuring specific behaviours of the service principal. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block.
	// A set of tags to apply to the service principal
	// +listType=set
	Tags []*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// Identifies whether the service principal represents an application or a managed identity. Possible values include Application or ManagedIdentity.
	// Identifies whether the service principal represents an application or a managed identity
	Type *string `json:"type,omitempty" tf:"type,omitempty"`

	// When true, any existing service principal linked to the same application will be automatically imported. When false, an import error will be raised for any pre-existing service principal.
	// When true, the resource will return an existing service principal instead of failing with an error
	UseExisting *bool `json:"useExisting,omitempty" tf:"use_existing,omitempty"`
}

func (*PrincipalObservation) DeepCopy 

func (in *PrincipalObservation) DeepCopy() *PrincipalObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalObservation.

func (*PrincipalObservation) DeepCopyInto 

func (in *PrincipalObservation) DeepCopyInto(out *PrincipalObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PrincipalParameters 

type PrincipalParameters struct {

	// Whether or not the service principal account is enabled. Defaults to true.
	// Whether or not the service principal account is enabled
	// +kubebuilder:validation:Optional
	AccountEnabled *bool `json:"accountEnabled,omitempty" tf:"account_enabled,omitempty"`

	// A set of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities.
	// A list of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities
	// +kubebuilder:validation:Optional
	// +listType=set
	AlternativeNames []*string `json:"alternativeNames,omitempty" tf:"alternative_names,omitempty"`

	// Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. Defaults to false.
	// Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application
	// +kubebuilder:validation:Optional
	AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty" tf:"app_role_assignment_required,omitempty"`

	// The unique identifier of the app_role.
	// The application ID (client ID) of the application for which to create a service principal
	// +crossplane:generate:reference:type=github.com/upbound/provider-azuread/apis/applications/v1beta2.Application
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("application_id",true)
	// +kubebuilder:validation:Optional
	ApplicationID *string `json:"applicationId,omitempty" tf:"application_id,omitempty"`

	// Reference to a Application in applications to populate applicationId.
	// +kubebuilder:validation:Optional
	ApplicationIDRef *v1.Reference `json:"applicationIdRef,omitempty" tf:"-"`

	// Selector for a Application in applications to populate applicationId.
	// +kubebuilder:validation:Optional
	ApplicationIDSelector *v1.Selector `json:"applicationIdSelector,omitempty" tf:"-"`

	// The client ID of the application for which to create a service principal.
	// The client ID of the application for which to create a service principal
	// +crossplane:generate:reference:type=github.com/upbound/provider-azuread/apis/applications/v1beta2.Application
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("client_id",true)
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Application in applications to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Application in applications to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// A description of the service principal provided for internal end-users.
	// Description of the service principal provided for internal end-users
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A feature_tags block as described below. Cannot be used together with the tags property.
	// Block of features to configure for this service principal using tags
	// +kubebuilder:validation:Optional
	FeatureTags []FeatureTagsParameters `json:"featureTags,omitempty" tf:"feature_tags,omitempty"`

	// The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on.
	// The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on
	// +kubebuilder:validation:Optional
	LoginURL *string `json:"loginUrl,omitempty" tf:"login_url,omitempty"`

	// A free text field to capture information about the service principal, typically used for operational purposes.
	// Free text field to capture information about the service principal, typically used for operational purposes
	// +kubebuilder:validation:Optional
	Notes *string `json:"notes,omitempty" tf:"notes,omitempty"`

	// A set of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications.
	// List of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications
	// +kubebuilder:validation:Optional
	// +listType=set
	NotificationEmailAddresses []*string `json:"notificationEmailAddresses,omitempty" tf:"notification_email_addresses,omitempty"`

	// A set of object IDs of principals that will be granted ownership of the service principal. Supported object types are users or service principals. By default, no owners are assigned.
	// A list of object IDs of principals that will be granted ownership of the service principal
	// +kubebuilder:validation:Optional
	// +listType=set
	Owners []*string `json:"owners,omitempty" tf:"owners,omitempty"`

	// The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps. Supported values are oidc, password, saml or notSupported. Omit this property or specify a blank string to unset.
	// The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps
	// +kubebuilder:validation:Optional
	PreferredSingleSignOnMode *string `json:"preferredSingleSignOnMode,omitempty" tf:"preferred_single_sign_on_mode,omitempty"`

	// A saml_single_sign_on block as documented below.
	// Settings related to SAML single sign-on
	// +kubebuilder:validation:Optional
	SAMLSingleSignOn *SAMLSingleSignOnParameters `json:"samlSingleSignOn,omitempty" tf:"saml_single_sign_on,omitempty"`

	// A set of tags to apply to the service principal for configuring specific behaviours of the service principal. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block.
	// A set of tags to apply to the service principal
	// +kubebuilder:validation:Optional
	// +listType=set
	Tags []*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// When true, any existing service principal linked to the same application will be automatically imported. When false, an import error will be raised for any pre-existing service principal.
	// When true, the resource will return an existing service principal instead of failing with an error
	// +kubebuilder:validation:Optional
	UseExisting *bool `json:"useExisting,omitempty" tf:"use_existing,omitempty"`
}

func (*PrincipalParameters) DeepCopy 

func (in *PrincipalParameters) DeepCopy() *PrincipalParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalParameters.

func (*PrincipalParameters) DeepCopyInto 

func (in *PrincipalParameters) DeepCopyInto(out *PrincipalParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PrincipalSpec 

type PrincipalSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     PrincipalParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider PrincipalInitParameters `json:"initProvider,omitempty"`
}

PrincipalSpec defines the desired state of Principal

func (*PrincipalSpec) DeepCopy 

func (in *PrincipalSpec) DeepCopy() *PrincipalSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalSpec.

func (*PrincipalSpec) DeepCopyInto 

func (in *PrincipalSpec) DeepCopyInto(out *PrincipalSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PrincipalStatus 

type PrincipalStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        PrincipalObservation `json:"atProvider,omitempty"`
}

PrincipalStatus defines the observed state of Principal.

func (*PrincipalStatus) DeepCopy 

func (in *PrincipalStatus) DeepCopy() *PrincipalStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalStatus.

func (*PrincipalStatus) DeepCopyInto 

func (in *PrincipalStatus) DeepCopyInto(out *PrincipalStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SAMLSingleSignOnInitParameters 

type SAMLSingleSignOnInitParameters struct {

	// The relative URI the service provider would redirect to after completion of the single sign-on flow.
	// The relative URI the service provider would redirect to after completion of the single sign-on flow
	RelayState *string `json:"relayState,omitempty" tf:"relay_state,omitempty"`
}

func (*SAMLSingleSignOnInitParameters) DeepCopy 

func (in *SAMLSingleSignOnInitParameters) DeepCopy() *SAMLSingleSignOnInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLSingleSignOnInitParameters.

func (*SAMLSingleSignOnInitParameters) DeepCopyInto 

func (in *SAMLSingleSignOnInitParameters) DeepCopyInto(out *SAMLSingleSignOnInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SAMLSingleSignOnObservation 

type SAMLSingleSignOnObservation struct {

	// The relative URI the service provider would redirect to after completion of the single sign-on flow.
	// The relative URI the service provider would redirect to after completion of the single sign-on flow
	RelayState *string `json:"relayState,omitempty" tf:"relay_state,omitempty"`
}

func (*SAMLSingleSignOnObservation) DeepCopy 

func (in *SAMLSingleSignOnObservation) DeepCopy() *SAMLSingleSignOnObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLSingleSignOnObservation.

func (*SAMLSingleSignOnObservation) DeepCopyInto 

func (in *SAMLSingleSignOnObservation) DeepCopyInto(out *SAMLSingleSignOnObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SAMLSingleSignOnParameters 

type SAMLSingleSignOnParameters struct {

	// The relative URI the service provider would redirect to after completion of the single sign-on flow.
	// The relative URI the service provider would redirect to after completion of the single sign-on flow
	// +kubebuilder:validation:Optional
	RelayState *string `json:"relayState,omitempty" tf:"relay_state,omitempty"`
}

func (*SAMLSingleSignOnParameters) DeepCopy 

func (in *SAMLSingleSignOnParameters) DeepCopy() *SAMLSingleSignOnParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLSingleSignOnParameters.

func (*SAMLSingleSignOnParameters) DeepCopyInto 

func (in *SAMLSingleSignOnParameters) DeepCopyInto(out *SAMLSingleSignOnParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.