@pulumi/azuread
Version:
A Pulumi package for creating and managing Azure Active Directory (Azure AD) cloud resources.
243 lines (242 loc) • 8.79 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as outputs from "./types/output";
/**
* Gets information about an Azure Active Directory group.
*
* ## API Permissions
*
* The following API permissions are required in order to use this data source.
*
* When authenticated with a service principal, this data source requires one of the following application roles: `Group.Read.All` or `Directory.Read.All`
*
* When authenticated with a user principal, this data source does not require any additional roles.
*
* ## Example Usage
*
* ### By Group Display Name)
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azuread from "@pulumi/azuread";
*
* const example = azuread.getGroup({
* displayName: "MyGroupName",
* securityEnabled: true,
* });
* ```
*/
export declare function getGroup(args?: GetGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetGroupResult>;
/**
* A collection of arguments for invoking getGroup.
*/
export interface GetGroupArgs {
/**
* The display name for the group.
*/
displayName?: string;
/**
* Whether to include transitive members (a flat list of all nested members). Defaults to `false`.
*/
includeTransitiveMembers?: boolean;
/**
* Whether the group is mail-enabled.
*/
mailEnabled?: boolean;
/**
* The mail alias for the group, unique in the organisation.
*/
mailNickname?: string;
/**
* Specifies the object ID of the group.
*/
objectId?: string;
/**
* Whether the group is a security group.
*
* > One of `displayName`, `objectId` or `mailNickname` must be specified.
*/
securityEnabled?: boolean;
}
/**
* A collection of values returned by getGroup.
*/
export interface GetGroupResult {
/**
* Indicates whether this group can be assigned to an Azure Active Directory role.
*/
readonly assignableToRole: boolean;
/**
* Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
*/
readonly autoSubscribeNewMembers: boolean;
/**
* A list of behaviors for a Microsoft 365 group, such as `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details.
*/
readonly behaviors: string[];
/**
* The optional description of the group.
*/
readonly description: string;
/**
* The display name for the group.
*/
readonly displayName: string;
/**
* A `dynamicMembership` block as documented below.
*/
readonly dynamicMemberships: outputs.GetGroupDynamicMembership[];
/**
* Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
*/
readonly externalSendersAllowed: boolean;
/**
* Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
*/
readonly hideFromAddressLists: boolean;
/**
* Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
*/
readonly hideFromOutlookClients: boolean;
/**
* The provider-assigned unique ID for this managed resource.
*/
readonly id: string;
readonly includeTransitiveMembers?: boolean;
/**
* The SMTP address for the group.
*/
readonly mail: string;
/**
* Whether the group is mail-enabled.
*/
readonly mailEnabled: boolean;
/**
* The mail alias for the group, unique in the organisation.
*/
readonly mailNickname: string;
/**
* List of object IDs of the group members. When `includeTransitiveMembers` is `true`, contains a list of object IDs of all transitive group members.
*/
readonly members: string[];
/**
* The object ID of the group.
*/
readonly objectId: string;
/**
* The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
*/
readonly onpremisesDomainName: string;
/**
* The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are `UniversalDistributionGroup`, `UniversalMailEnabledSecurityGroup`, or `UniversalSecurityGroup`.
*/
readonly onpremisesGroupType: string;
/**
* The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.
*/
readonly onpremisesNetbiosName: string;
/**
* The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used.
*/
readonly onpremisesSamAccountName: string;
/**
* The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
*/
readonly onpremisesSecurityIdentifier: string;
/**
* Whether this group is synchronised from an on-premises directory (`true`), no longer synchronised (`false`), or has never been synchronised (`null`).
*/
readonly onpremisesSyncEnabled: boolean;
/**
* List of object IDs of the group owners.
*/
readonly owners: string[];
/**
* The preferred language for a Microsoft 365 group, in ISO 639-1 notation.
*/
readonly preferredLanguage: string;
/**
* A list of provisioning options for a Microsoft 365 group, such as `Team`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for details.
*/
readonly provisioningOptions: string[];
/**
* List of email addresses for the group that direct to the same group mailbox.
*/
readonly proxyAddresses: string[];
/**
* Whether the group is a security group.
*/
readonly securityEnabled: boolean;
/**
* The colour theme for a Microsoft 365 group. Possible values are `Blue`, `Green`, `Orange`, `Pink`, `Purple`, `Red` or `Teal`. When no theme is set, the value is `null`.
*/
readonly theme: string;
/**
* A list of group types configured for the group. Supported values are `DynamicMembership`, which denotes a group with dynamic membership, and `Unified`, which specifies a Microsoft 365 group.
*/
readonly types: string[];
/**
* The group join policy and group content visibility. Possible values are `Private`, `Public`, or `Hiddenmembership`. Only Microsoft 365 groups can have `Hiddenmembership` visibility.
*/
readonly visibility: string;
/**
* Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used.
*/
readonly writebackEnabled: boolean;
}
/**
* Gets information about an Azure Active Directory group.
*
* ## API Permissions
*
* The following API permissions are required in order to use this data source.
*
* When authenticated with a service principal, this data source requires one of the following application roles: `Group.Read.All` or `Directory.Read.All`
*
* When authenticated with a user principal, this data source does not require any additional roles.
*
* ## Example Usage
*
* ### By Group Display Name)
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azuread from "@pulumi/azuread";
*
* const example = azuread.getGroup({
* displayName: "MyGroupName",
* securityEnabled: true,
* });
* ```
*/
export declare function getGroupOutput(args?: GetGroupOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetGroupResult>;
/**
* A collection of arguments for invoking getGroup.
*/
export interface GetGroupOutputArgs {
/**
* The display name for the group.
*/
displayName?: pulumi.Input<string>;
/**
* Whether to include transitive members (a flat list of all nested members). Defaults to `false`.
*/
includeTransitiveMembers?: pulumi.Input<boolean>;
/**
* Whether the group is mail-enabled.
*/
mailEnabled?: pulumi.Input<boolean>;
/**
* The mail alias for the group, unique in the organisation.
*/
mailNickname?: pulumi.Input<string>;
/**
* Specifies the object ID of the group.
*/
objectId?: pulumi.Input<string>;
/**
* Whether the group is a security group.
*
* > One of `displayName`, `objectId` or `mailNickname` must be specified.
*/
securityEnabled?: pulumi.Input<boolean>;
}