UNPKG

@pulumi/azure-native

Version:

[![Slack](http://www.pulumi.com/images/docs/badges/slack.svg)](https://slack.pulumi.com) [![NPM version](https://badge.fury.io/js/%40pulumi%2Fazure-native.svg)](https://npmjs.com/package/@pulumi/azure-native) [![Python version](https://badge.fury.io/py/pu

pulumi.com

pulumi/pulumi-azure-native

168 lines (167 loc) 7.23 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * A PIM (Privileged Identity Management) Role Eligibility Schedule. * * Role Eligibility Schedules are used to limit standing administrator access to privileged roles in Azure PIM. See * [here](https://learn.microsoft.com/en-us/rest/api/authorization/privileged-role-eligibility-rest-sample) for details. * * A Role Eligibility Schedule is uniquely defined by scope, principal, and role. At present, only one instance of this * resource can exist for a given scope|principal|role tuple. * * Note that this resource cannot be updated. Each change leads to a recreation. * * Internally, this resource uses the * [Role Eligibility Schedule Requests](https://learn.microsoft.com/en-us/rest/api/authorization/role-eligibility-schedule-requests?view=rest-authorization-2020-10-01) * API to create and delete the schedules. */ export declare class PimRoleEligibilitySchedule extends pulumi.CustomResource { /** * Get an existing PimRoleEligibilitySchedule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): PimRoleEligibilitySchedule; /** * Returns true if the given object is an instance of PimRoleEligibilitySchedule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is PimRoleEligibilitySchedule; /** * The approvalId of the role eligibility schedule request. */ readonly approvalId: pulumi.Output<string>; /** * The Azure API version of the resource. */ readonly azureApiVersion: pulumi.Output<string>; /** * The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container' */ readonly condition: pulumi.Output<string | undefined>; /** * Version of the condition. Currently accepted value is '2.0' */ readonly conditionVersion: pulumi.Output<string | undefined>; /** * DateTime when role eligibility schedule request was created */ readonly createdOn: pulumi.Output<string>; /** * Additional properties of principal, scope and role definition */ readonly expandedProperties: pulumi.Output<outputs.authorization.ExpandedPropertiesResponse>; /** * Justification for the role eligibility */ readonly justification: pulumi.Output<string | undefined>; /** * The role eligibility schedule request name. */ readonly name: pulumi.Output<string>; /** * The principal ID. */ readonly principalId: pulumi.Output<string>; /** * The principal type of the assigned principal ID. */ readonly principalType: pulumi.Output<string>; /** * The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc */ readonly requestType: pulumi.Output<string | undefined>; /** * Id of the user who created this request */ readonly requestorId: pulumi.Output<string>; /** * The role definition ID. */ readonly roleDefinitionId: pulumi.Output<string>; /** * Schedule info of the role eligibility schedule */ readonly scheduleInfo: pulumi.Output<outputs.authorization.RoleEligibilityScheduleRequestPropertiesResponseScheduleInfo | undefined>; /** * The role eligibility schedule request scope. */ readonly scope: pulumi.Output<string>; /** * The status of the role eligibility schedule request. */ readonly status: pulumi.Output<string>; /** * The resultant role eligibility schedule id or the role eligibility schedule id being updated */ readonly targetRoleEligibilityScheduleId: pulumi.Output<string | undefined>; /** * The role eligibility schedule instance id being updated */ readonly targetRoleEligibilityScheduleInstanceId: pulumi.Output<string | undefined>; /** * Ticket Info of the role eligibility */ readonly ticketInfo: pulumi.Output<outputs.authorization.RoleEligibilityScheduleRequestPropertiesResponseTicketInfo | undefined>; /** * The role eligibility schedule request type. */ readonly type: pulumi.Output<string>; /** * Create a PimRoleEligibilitySchedule resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: PimRoleEligibilityScheduleArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a PimRoleEligibilitySchedule resource. */ export interface PimRoleEligibilityScheduleArgs { /** * The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container' */ condition?: pulumi.Input<string>; /** * Version of the condition. Currently accepted value is '2.0' */ conditionVersion?: pulumi.Input<string>; /** * Justification for the role eligibility */ justification?: pulumi.Input<string>; /** * The principal ID. */ principalId: pulumi.Input<string>; /** * The role definition ID. */ roleDefinitionId: pulumi.Input<string>; /** * Schedule info of the role eligibility schedule */ scheduleInfo?: pulumi.Input<inputs.authorization.RoleEligibilityScheduleRequestPropertiesScheduleInfoArgs>; /** * The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource. */ scope: pulumi.Input<string>; /** * The resultant role eligibility schedule id or the role eligibility schedule id being updated */ targetRoleEligibilityScheduleId?: pulumi.Input<string>; /** * The role eligibility schedule instance id being updated */ targetRoleEligibilityScheduleInstanceId?: pulumi.Input<string>; /** * Ticket Info of the role eligibility */ ticketInfo?: pulumi.Input<inputs.authorization.RoleEligibilityScheduleRequestPropertiesTicketInfoArgs>; }