UNPKG

@pulumi/azuread

Version:

A Pulumi package for creating and managing Azure Active Directory (Azure AD) cloud resources.

145 lines 6.22 kB
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * Manages optional claims for an application registration. * * This resource is analogous to the `optionalClaims` block in the `azuread.Application` resource. When using these resources together, you should use the `ignoreChanges` lifecycle meta-argument (see example below). * * ## API Permissions * * The following API permissions are required in order to use this resource. * * When authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All` * * > When using the `Application.ReadWrite.OwnedBy` application role, the principal being used to run Terraform must be an owner of the application. * * When authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator` * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuread from "@pulumi/azuread"; * * const example = new azuread.ApplicationRegistration("example", {displayName: "example"}); * const exampleApplicationOptionalClaims = new azuread.ApplicationOptionalClaims("example", { * applicationId: example.id, * accessTokens: [ * { * name: "myclaim", * }, * { * name: "otherclaim", * }, * ], * idTokens: [{ * name: "userclaim", * source: "user", * essential: true, * additionalProperties: ["emit_as_roles"], * }], * saml2Tokens: [{ * name: "samlexample", * }], * }); * ``` * * ## Import * * Application Optional Claims can be imported using the object ID of the application, in the following format. * * ```sh * $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 * ``` */ export declare class ApplicationOptionalClaims extends pulumi.CustomResource { /** * Get an existing ApplicationOptionalClaims resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ApplicationOptionalClaimsState, opts?: pulumi.CustomResourceOptions): ApplicationOptionalClaims; /** * Returns true if the given object is an instance of ApplicationOptionalClaims. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ApplicationOptionalClaims; /** * One or more `accessToken` blocks as documented below. */ readonly accessTokens: pulumi.Output<outputs.ApplicationOptionalClaimsAccessToken[] | undefined>; /** * The resource ID of the application registration. Changing this forces a new resource to be created. */ readonly applicationId: pulumi.Output<string>; /** * One or more `idToken` blocks as documented below. */ readonly idTokens: pulumi.Output<outputs.ApplicationOptionalClaimsIdToken[] | undefined>; /** * One or more `saml2Token` blocks as documented below. * * > At least one of `accessToken`, `idToken` or `saml2Token` must be specified */ readonly saml2Tokens: pulumi.Output<outputs.ApplicationOptionalClaimsSaml2Token[] | undefined>; /** * Create a ApplicationOptionalClaims resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ApplicationOptionalClaimsArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ApplicationOptionalClaims resources. */ export interface ApplicationOptionalClaimsState { /** * One or more `accessToken` blocks as documented below. */ accessTokens?: pulumi.Input<pulumi.Input<inputs.ApplicationOptionalClaimsAccessToken>[] | undefined>; /** * The resource ID of the application registration. Changing this forces a new resource to be created. */ applicationId?: pulumi.Input<string | undefined>; /** * One or more `idToken` blocks as documented below. */ idTokens?: pulumi.Input<pulumi.Input<inputs.ApplicationOptionalClaimsIdToken>[] | undefined>; /** * One or more `saml2Token` blocks as documented below. * * > At least one of `accessToken`, `idToken` or `saml2Token` must be specified */ saml2Tokens?: pulumi.Input<pulumi.Input<inputs.ApplicationOptionalClaimsSaml2Token>[] | undefined>; } /** * The set of arguments for constructing a ApplicationOptionalClaims resource. */ export interface ApplicationOptionalClaimsArgs { /** * One or more `accessToken` blocks as documented below. */ accessTokens?: pulumi.Input<pulumi.Input<inputs.ApplicationOptionalClaimsAccessToken>[] | undefined>; /** * The resource ID of the application registration. Changing this forces a new resource to be created. */ applicationId: pulumi.Input<string>; /** * One or more `idToken` blocks as documented below. */ idTokens?: pulumi.Input<pulumi.Input<inputs.ApplicationOptionalClaimsIdToken>[] | undefined>; /** * One or more `saml2Token` blocks as documented below. * * > At least one of `accessToken`, `idToken` or `saml2Token` must be specified */ saml2Tokens?: pulumi.Input<pulumi.Input<inputs.ApplicationOptionalClaimsSaml2Token>[] | undefined>; } //# sourceMappingURL=applicationOptionalClaims.d.ts.map