UNPKG

@pulumi/azuread

Version:

A Pulumi package for creating and managing Azure Active Directory (Azure AD) cloud resources.

154 lines 7.51 kB
"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.ApplicationPermissionScope = void 0; const pulumi = __importStar(require("@pulumi/pulumi")); const utilities = __importStar(require("./utilities")); /** * Manages a permission scope for an application registration. * * This resource is analogous to the `oauth2PermissionScope` block in the `api` block of the `azuread.Application` resource. When using these resources together, you should use the `ignoreChanges` lifecycle meta-argument (see example below). * * ## API Permissions * * The following API permissions are required in order to use this resource. * * When authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All` * * > When using the `Application.ReadWrite.OwnedBy` application role, the principal being used to run Terraform must be an owner of the application. * * When authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator` * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuread from "@pulumi/azuread"; * import * as random from "@pulumi/random"; * * const example = new azuread.ApplicationRegistration("example", {displayName: "example"}); * const exampleAdminister = new random.index.Uuid("example_administer", {}); * const exampleApplicationPermissionScope = new azuread.ApplicationPermissionScope("example", { * applicationId: test.id, * scopeId: exampleAdminister.id, * value: "administer", * adminConsentDescription: "Administer the application", * adminConsentDisplayName: "Administer", * }); * ``` * * > **Tip** For managing more permissions scopes, create additional instances of this resource * * *Usage with azuread.Application resource* * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuread from "@pulumi/azuread"; * * const example = new azuread.Application("example", {displayName: "example"}); * const exampleApplicationPermissionScope = new azuread.ApplicationPermissionScope("example", {applicationId: example.id}); * ``` * * ## Import * * Application App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format. * * ```sh * $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 * ``` */ class ApplicationPermissionScope extends pulumi.CustomResource { /** * Get an existing ApplicationPermissionScope resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name, id, state, opts) { return new ApplicationPermissionScope(name, state, { ...opts, id: id }); } /** @internal */ static __pulumiType = 'azuread:index/applicationPermissionScope:ApplicationPermissionScope'; /** * Returns true if the given object is an instance of ApplicationPermissionScope. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj) { if (obj === undefined || obj === null) { return false; } return obj['__pulumiType'] === ApplicationPermissionScope.__pulumiType; } constructor(name, argsOrState, opts) { let resourceInputs = {}; opts = opts || {}; if (opts.id) { const state = argsOrState; resourceInputs["adminConsentDescription"] = state?.adminConsentDescription; resourceInputs["adminConsentDisplayName"] = state?.adminConsentDisplayName; resourceInputs["applicationId"] = state?.applicationId; resourceInputs["scopeId"] = state?.scopeId; resourceInputs["type"] = state?.type; resourceInputs["userConsentDescription"] = state?.userConsentDescription; resourceInputs["userConsentDisplayName"] = state?.userConsentDisplayName; resourceInputs["value"] = state?.value; } else { const args = argsOrState; if (args?.adminConsentDescription === undefined && !opts.urn) { throw new Error("Missing required property 'adminConsentDescription'"); } if (args?.adminConsentDisplayName === undefined && !opts.urn) { throw new Error("Missing required property 'adminConsentDisplayName'"); } if (args?.applicationId === undefined && !opts.urn) { throw new Error("Missing required property 'applicationId'"); } if (args?.scopeId === undefined && !opts.urn) { throw new Error("Missing required property 'scopeId'"); } if (args?.value === undefined && !opts.urn) { throw new Error("Missing required property 'value'"); } resourceInputs["adminConsentDescription"] = args?.adminConsentDescription; resourceInputs["adminConsentDisplayName"] = args?.adminConsentDisplayName; resourceInputs["applicationId"] = args?.applicationId; resourceInputs["scopeId"] = args?.scopeId; resourceInputs["type"] = args?.type; resourceInputs["userConsentDescription"] = args?.userConsentDescription; resourceInputs["userConsentDisplayName"] = args?.userConsentDisplayName; resourceInputs["value"] = args?.value; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); super(ApplicationPermissionScope.__pulumiType, name, resourceInputs, opts); } } exports.ApplicationPermissionScope = ApplicationPermissionScope; //# sourceMappingURL=applicationPermissionScope.js.map