UNPKG

@pulumi/azuread

Version:

A Pulumi package for creating and managing Azure Active Directory (Azure AD) cloud resources.

pulumi.io

pulumi/pulumi-azuread

103 lines (102 loc) 3.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
import * as pulumi from "@pulumi/pulumi"; /** * Use this data source to retrieve a role policy for an Azure AD group. * * ## API Permissions * * The following API permissions are required in order to use this resource. * * When authenticated with a service principal, this resource requires the `RoleManagementPolicy.Read.AzureADGroup` Microsoft Graph API permissions. * * When authenticated with a user principal, this resource requires `Global Administrator` directory role, or the `Privileged Role Administrator` role in Identity Governance. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuread from "@pulumi/azuread"; * * const example = new azuread.Group("example", { * displayName: "group-name", * securityEnabled: true, * }); * const ownersPolicy = azuread.getGroupRoleManagementPolicyOutput({ * groupId: example.id, * roleId: "owner", * }); * ``` */ export declare function getGroupRoleManagementPolicy(args: GetGroupRoleManagementPolicyArgs, opts?: pulumi.InvokeOptions): Promise<GetGroupRoleManagementPolicyResult>; /** * A collection of arguments for invoking getGroupRoleManagementPolicy. */ export interface GetGroupRoleManagementPolicyArgs { /** * The ID of the Azure AD group for which the policy applies. */ groupId: string; /** * The type of assignment this policy coveres. Can be either `member` or `owner`. */ roleId: string; } /** * A collection of values returned by getGroupRoleManagementPolicy. */ export interface GetGroupRoleManagementPolicyResult { /** * (String) The description of this policy. */ readonly description: string; /** * (String) The display name of this policy. */ readonly displayName: string; readonly groupId: string; /** * The provider-assigned unique ID for this managed resource. */ readonly id: string; readonly roleId: string; } /** * Use this data source to retrieve a role policy for an Azure AD group. * * ## API Permissions * * The following API permissions are required in order to use this resource. * * When authenticated with a service principal, this resource requires the `RoleManagementPolicy.Read.AzureADGroup` Microsoft Graph API permissions. * * When authenticated with a user principal, this resource requires `Global Administrator` directory role, or the `Privileged Role Administrator` role in Identity Governance. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuread from "@pulumi/azuread"; * * const example = new azuread.Group("example", { * displayName: "group-name", * securityEnabled: true, * }); * const ownersPolicy = azuread.getGroupRoleManagementPolicyOutput({ * groupId: example.id, * roleId: "owner", * }); * ``` */ export declare function getGroupRoleManagementPolicyOutput(args: GetGroupRoleManagementPolicyOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetGroupRoleManagementPolicyResult>; /** * A collection of arguments for invoking getGroupRoleManagementPolicy. */ export interface GetGroupRoleManagementPolicyOutputArgs { /** * The ID of the Azure AD group for which the policy applies. */ groupId: pulumi.Input<string>; /** * The type of assignment this policy coveres. Can be either `member` or `owner`. */ roleId: pulumi.Input<string>; }