@drunk-pulumi/azure-components 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +100 -1
- package/ResourceBuilder.d.ts +24 -15
- package/ResourceBuilder.js +23 -26
- package/aks/AzKubernetes.d.ts +5 -2
- package/aks/AzKubernetes.js +2 -4
- package/aks/ContainerRegistry.d.ts +6 -3
- package/aks/ContainerRegistry.js +2 -2
- package/app/AppCert.d.ts +6 -3
- package/app/AppCert.js +2 -2
- package/app/AppConfig.d.ts +6 -3
- package/app/AppConfig.js +3 -3
- package/app/AppService.d.ts +6 -3
- package/app/AppService.js +2 -2
- package/app/IoTHub.d.ts +4 -1
- package/app/LogicApp.d.ts +4 -1
- package/app/SignalR.d.ts +4 -1
- package/azAd/AppRegistration.d.ts +9 -6
- package/azAd/AppRegistration.js +32 -41
- package/azAd/AzRole.d.ts +5 -2
- package/azAd/AzRole.js +6 -6
- package/azAd/CustomRoles.d.ts +1 -1
- package/azAd/CustomRoles.js +6 -6
- package/azAd/GroupRole.d.ts +6 -8
- package/azAd/GroupRole.js +2 -13
- package/azAd/RoleAssignment.d.ts +4 -1
- package/azAd/RoleAssignment.js +2 -2
- package/azAd/UserAssignedIdentity.d.ts +6 -2
- package/azAd/UserAssignedIdentity.js +2 -2
- package/azAd/helpers/index.js +3 -4
- package/azAd/helpers/rolesBuiltIn.d.ts +43 -1
- package/azAd/helpers/rolesBuiltIn.js +7793 -1033
- package/azAd/helpers/rsRoleDefinition.js +8 -4
- package/base/BaseComponent.d.ts +37 -6
- package/base/BaseComponent.js +35 -5
- package/base/BaseResourceComponent.d.ts +26 -7
- package/base/BaseResourceComponent.js +21 -9
- package/common/PGPGenerator.d.ts +6 -1
- package/common/RandomString.d.ts +4 -2
- package/common/RandomString.js +2 -2
- package/common/ResourceLocker.js +2 -2
- package/common/RsGroup.d.ts +4 -1
- package/common/SshGenerator.d.ts +5 -1
- package/database/AzSql.d.ts +4 -1
- package/database/MySql.d.ts +4 -1
- package/database/Postgres.d.ts +4 -1
- package/database/Redis.d.ts +4 -1
- package/helpers/autoTags.d.ts +10 -0
- package/helpers/autoTags.js +51 -3
- package/helpers/azureEnv.d.ts +81 -0
- package/helpers/azureEnv.js +95 -1
- package/helpers/configHelper.d.ts +52 -0
- package/helpers/configHelper.js +53 -1
- package/helpers/rsHelpers.d.ts +55 -2
- package/helpers/rsHelpers.js +67 -6
- package/helpers/stackEnv.d.ts +25 -0
- package/helpers/stackEnv.js +37 -7
- package/logs/Logs.d.ts +16 -1
- package/package.json +7 -6
- package/services/Automation.d.ts +6 -3
- package/services/Automation.js +3 -3
- package/services/AzSearch.d.ts +4 -1
- package/services/ServiceBus.d.ts +4 -1
- package/storage/StorageAccount.d.ts +11 -4
- package/storage/StorageAccount.js +3 -3
- package/types.d.ts +3 -0
- package/vault/EncryptionKey.d.ts +8 -2
- package/vault/EncryptionKey.js +2 -2
- package/vault/KeyVault.d.ts +5 -3
- package/vault/KeyVault.js +1 -4
- package/vault/VaultSecret.d.ts +6 -2
- package/vault/VaultSecret.js +2 -2
- package/vault/VaultSecrets.d.ts +6 -2
- package/vault/VaultSecrets.js +2 -2
- package/vault/helpers.js +8 -7
- package/vm/DiskEncryptionSet.d.ts +4 -1
- package/vm/VirtualMachine.d.ts +5 -3
- package/vm/VirtualMachine.js +8 -8
- package/vnet/AzCdn.d.ts +5 -1
- package/vnet/Basion.d.ts +5 -2
- package/vnet/Basion.js +2 -2
- package/vnet/DnsZone.d.ts +5 -2
- package/vnet/DnsZone.js +2 -2
- package/vnet/Firewall.d.ts +11 -1
- package/vnet/FirewallPolicies/commonPolicies.d.ts +2 -1
- package/vnet/FirewallPolicies/commonPolicies.js +26 -7
- package/vnet/IpAddresses.d.ts +2 -2
- package/vnet/IpAddresses.js +4 -3
- package/vnet/PrivateDnsZone.d.ts +5 -2
- package/vnet/PrivateDnsZone.js +3 -3
- package/vnet/PrivateEndpoint.d.ts +11 -2
- package/vnet/PrivateEndpoint.js +2 -2
- package/vnet/RouteTable.d.ts +5 -2
- package/vnet/RouteTable.js +2 -2
- package/vnet/VirtualNetwork.d.ts +30 -1
- package/vnet/VirtualNetwork.js +2 -2
- package/vnet/VpnGateway.d.ts +5 -2
- package/vnet/VpnGateway.js +2 -2
package/azAd/AppRegistration.js
CHANGED
|
@@ -36,10 +36,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
36
36
|
exports.AppRegistration = exports.GroupMembershipClaimsTypes = void 0;
|
|
37
37
|
const azAd = __importStar(require("@pulumi/azuread"));
|
|
38
38
|
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
39
|
+
const BaseComponent_1 = require("../base/BaseComponent");
|
|
39
40
|
const helpers_1 = require("../base/helpers");
|
|
40
41
|
const vault_1 = require("../vault");
|
|
41
42
|
const RoleAssignment_1 = require("./RoleAssignment");
|
|
42
|
-
const BaseComponent_1 = require("../base/BaseComponent");
|
|
43
43
|
var GroupMembershipClaimsTypes;
|
|
44
44
|
(function (GroupMembershipClaimsTypes) {
|
|
45
45
|
GroupMembershipClaimsTypes["None"] = "None";
|
|
@@ -56,46 +56,13 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
56
56
|
//private readonly _app: azAd.Application;
|
|
57
57
|
constructor(name, args = { appType: 'native' }, opts) {
|
|
58
58
|
super((0, helpers_1.getComponentResourceType)('AppRegistration'), name, args, opts);
|
|
59
|
-
const ops = args.info ?? {
|
|
60
|
-
displayName: name,
|
|
61
|
-
description: name,
|
|
62
|
-
};
|
|
63
59
|
//Application
|
|
64
|
-
const app =
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
identifierUris: args.identifierUris,
|
|
71
|
-
requiredResourceAccesses: args.requiredResourceAccesses,
|
|
72
|
-
optionalClaims: args.optionalClaims,
|
|
73
|
-
groupMembershipClaims: args.groupMembershipClaims,
|
|
74
|
-
appRoles: args.appRoles,
|
|
75
|
-
//Expose the API
|
|
76
|
-
api: args.api,
|
|
77
|
-
owners: args.owners,
|
|
78
|
-
//Clients Apps
|
|
79
|
-
web: args.appType == 'web'
|
|
80
|
-
? {
|
|
81
|
-
redirectUris: args.redirectUris,
|
|
82
|
-
logoutUrl: args.logoutUrl,
|
|
83
|
-
implicitGrant: args.implicitGrant,
|
|
84
|
-
homepageUrl: args.homepageUrl,
|
|
85
|
-
}
|
|
86
|
-
: undefined,
|
|
87
|
-
singlePageApplication: args.appType == 'singlePageApplication' ? { redirectUris: args.redirectUris } : undefined,
|
|
88
|
-
}, { ...opts, parent: this });
|
|
89
|
-
this.addSecret('client-id', app.clientId);
|
|
90
|
-
if (args.enableClientSecret) {
|
|
91
|
-
const secret = this.createClientSecret(app);
|
|
92
|
-
this.clientSecret = secret.clientSecret;
|
|
93
|
-
}
|
|
94
|
-
if (args.servicePrincipal?.enabled) {
|
|
95
|
-
const sp = this.createServicePrincipal(app);
|
|
96
|
-
this.servicePrincipalId = sp.servicePrincipalId;
|
|
97
|
-
this.servicePrincipalPassword = sp.servicePrincipalPassword;
|
|
98
|
-
}
|
|
60
|
+
const app = this.createAppRegistration();
|
|
61
|
+
const secret = this.createClientSecret(app);
|
|
62
|
+
this.clientSecret = secret.clientSecret;
|
|
63
|
+
const sp = this.createServicePrincipal(app);
|
|
64
|
+
this.servicePrincipalId = sp.servicePrincipalId;
|
|
65
|
+
this.servicePrincipalPassword = sp.servicePrincipalPassword;
|
|
99
66
|
this.addMemberOf(app);
|
|
100
67
|
this.clientId = app.clientId;
|
|
101
68
|
this.registerOutputs(this.getOutputs());
|
|
@@ -108,6 +75,30 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
108
75
|
servicePrincipalPassword: this.servicePrincipalPassword,
|
|
109
76
|
};
|
|
110
77
|
}
|
|
78
|
+
createAppRegistration() {
|
|
79
|
+
const ops = this.args.info ?? {
|
|
80
|
+
displayName: this.name,
|
|
81
|
+
description: this.name,
|
|
82
|
+
};
|
|
83
|
+
const app = new azAd.Application(this.name, {
|
|
84
|
+
...this.args,
|
|
85
|
+
...ops,
|
|
86
|
+
preventDuplicateNames: true,
|
|
87
|
+
signInAudience: 'AzureADMyOrg',
|
|
88
|
+
//Clients Apps
|
|
89
|
+
web: this.args.appType == 'web'
|
|
90
|
+
? {
|
|
91
|
+
redirectUris: this.args.redirectUris,
|
|
92
|
+
logoutUrl: this.args.logoutUrl,
|
|
93
|
+
implicitGrant: this.args.implicitGrant,
|
|
94
|
+
homepageUrl: this.args.homepageUrl,
|
|
95
|
+
}
|
|
96
|
+
: undefined,
|
|
97
|
+
singlePageApplication: this.args.appType == 'singlePageApplication' ? { redirectUris: this.args.redirectUris } : undefined,
|
|
98
|
+
}, { ...this.opts, parent: this });
|
|
99
|
+
this.addSecret('client-id', app.clientId);
|
|
100
|
+
return app;
|
|
101
|
+
}
|
|
111
102
|
createServicePrincipal(app) {
|
|
112
103
|
//Service Principal
|
|
113
104
|
const sp = new azAd.ServicePrincipal(`${this.name}-sp`, {
|
|
@@ -162,4 +153,4 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
162
153
|
}
|
|
163
154
|
}
|
|
164
155
|
exports.AppRegistration = AppRegistration;
|
|
165
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
156
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXBwUmVnaXN0cmF0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvQXBwUmVnaXN0cmF0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUN4Qyx1REFBeUM7QUFDekMseURBQXNEO0FBQ3RELDZDQUEyRDtBQUUzRCxvQ0FBdUM7QUFDdkMscURBQXNFO0FBRXRFLElBQVksMEJBTVg7QUFORCxXQUFZLDBCQUEwQjtJQUNwQywyQ0FBYSxDQUFBO0lBQ2IsNkRBQStCLENBQUE7SUFDL0IsNkRBQStCLENBQUE7SUFDL0IsbUVBQXFDLENBQUE7SUFDckMseUNBQVcsQ0FBQTtBQUNiLENBQUMsRUFOVywwQkFBMEIsMENBQTFCLDBCQUEwQixRQU1yQztBQXlDRCxNQUFhLGVBQWdCLFNBQVEsNkJBQWtDO0lBQ3JELFFBQVEsQ0FBd0I7SUFDaEMsWUFBWSxDQUF5QjtJQUNyQyxrQkFBa0IsQ0FBeUI7SUFDM0Msd0JBQXdCLENBQXlCO0lBRWpFLDBDQUEwQztJQUUxQyxZQUFZLElBQVksRUFBRSxPQUE0QixFQUFFLE9BQU8sRUFBRSxRQUFRLEVBQUUsRUFBRSxJQUFzQztRQUNqSCxLQUFLLENBQUMsSUFBQSxrQ0FBd0IsRUFBQyxpQkFBaUIsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFckUsYUFBYTtRQUNiLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1FBQ3pDLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUM1QyxJQUFJLENBQUMsWUFBWSxHQUFHLE1BQU0sQ0FBQyxZQUFZLENBQUM7UUFFeEMsTUFBTSxFQUFFLEdBQUcsSUFBSSxDQUFDLHNCQUFzQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzVDLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxFQUFFLENBQUMsa0JBQWtCLENBQUM7UUFDaEQsSUFBSSxDQUFDLHdCQUF3QixHQUFHLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQztRQUU1RCxJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBRXRCLElBQUksQ0FBQyxRQUFRLEdBQUcsR0FBRyxDQUFDLFFBQVEsQ0FBQztRQUM3QixJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFTSxVQUFVO1FBQ2YsT0FBTztZQUNMLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7WUFDL0Isa0JBQWtCLEVBQUUsSUFBSSxDQUFDLGtCQUFrQjtZQUMzQyx3QkFBd0IsRUFBRSxJQUFJLENBQUMsd0JBQXdCO1NBQ3hELENBQUM7SUFDSixDQUFDO0lBRU8scUJBQXFCO1FBQzNCLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxJQUFJO1lBQzVCLFdBQVcsRUFBRSxJQUFJLENBQUMsSUFBSTtZQUN0QixXQUFXLEVBQUUsSUFBSSxDQUFDLElBQUk7U0FDdkIsQ0FBQztRQUVGLE1BQU0sR0FBRyxHQUFHLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FDOUIsSUFBSSxDQUFDLElBQUksRUFDVDtZQUNFLEdBQUcsSUFBSSxDQUFDLElBQUk7WUFDWixHQUFHLEdBQUc7WUFDTixxQkFBcUIsRUFBRSxJQUFJO1lBQzNCLGNBQWMsRUFBRSxjQUFjO1lBRTlCLGNBQWM7WUFDZCxHQUFHLEVBQ0QsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLElBQUksS0FBSztnQkFDeEIsQ0FBQyxDQUFDO29CQUNFLFlBQVksRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVk7b0JBQ3BDLFNBQVMsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVM7b0JBQzlCLGFBQWEsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWE7b0JBQ3RDLFdBQVcsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVc7aUJBQ25DO2dCQUNILENBQUMsQ0FBQyxTQUFTO1lBQ2YscUJBQXFCLEVBQ25CLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxJQUFJLHVCQUF1QixDQUFDLENBQUMsQ0FBQyxFQUFFLFlBQVksRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTO1NBQ3RHLEVBQ0QsRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUMvQixDQUFDO1FBRUYsSUFBSSxDQUFDLFNBQVMsQ0FBQyxXQUFXLEVBQUUsR0FBRyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQzFDLE9BQU8sR0FBRyxDQUFDO0lBQ2IsQ0FBQztJQUVPLHNCQUFzQixDQUFDLEdBQXFCO1FBQ2xELG1CQUFtQjtRQUNuQixNQUFNLEVBQUUsR0FBRyxJQUFJLElBQUksQ0FBQyxnQkFBZ0IsQ0FDbEMsR0FBRyxJQUFJLENBQUMsSUFBSSxLQUFLLEVBQ2pCO1lBQ0UsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQjtZQUM3QixXQUFXLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDdEIsUUFBUSxFQUFFLEdBQUcsQ0FBQyxRQUFRO1lBQ3RCLE1BQU0sRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU07U0FDekIsRUFDRCxFQUFFLFNBQVMsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNqQyxDQUFDO1FBRUYsSUFBSSxNQUFNLEdBQUcsSUFBSSxJQUFJLENBQUMsd0JBQXdCLENBQzVDLEdBQUcsSUFBSSxDQUFDLElBQUksVUFBVSxFQUN0QjtZQUNFLFdBQVcsRUFBRSxJQUFJLENBQUMsSUFBSTtZQUN0QixrQkFBa0IsRUFBRSxNQUFNLENBQUMsV0FBVyxDQUFBLHNCQUFzQixFQUFFLENBQUMsUUFBUSxFQUFFO1NBQzFFLEVBQ0QsRUFBRSxTQUFTLEVBQUUsRUFBRSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDaEMsQ0FBQztRQUVGLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUM1QixJQUFJLENBQUMsU0FBUyxDQUFDLFNBQVMsRUFBRSxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFeEMsT0FBTztZQUNMLGtCQUFrQixFQUFFLEVBQUUsQ0FBQyxFQUFFO1lBQ3pCLHdCQUF3QixFQUFFLE1BQU0sQ0FBQyxLQUFLO1NBQ3ZDLENBQUM7SUFDSixDQUFDO0lBRU8sa0JBQWtCLENBQUMsR0FBcUI7UUFDOUMsTUFBTSxZQUFZLEdBQUcsSUFBSSxJQUFJLENBQUMsbUJBQW1CLENBQy9DLEdBQUcsSUFBSSxDQUFDLElBQUksZ0JBQWdCLEVBQzVCO1lBQ0UsV0FBVyxFQUFFLElBQUksQ0FBQyxJQUFJO1lBQ3RCLGFBQWEsRUFBRSxHQUFHLENBQUMsRUFBRTtTQUN0QixFQUNELEVBQUUsU0FBUyxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2pDLENBQUM7UUFFRixJQUFJLENBQUMsU0FBUyxDQUFDLGVBQWUsRUFBRSxZQUFZLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFcEQsT0FBTztZQUNMLFlBQVksRUFBRSxZQUFZLENBQUMsS0FBSztTQUNqQyxDQUFDO0lBQ0osQ0FBQztJQUVPLGtCQUFrQixDQUFDLEVBQXlCO1FBQ2xELE1BQU0sRUFBRSxlQUFlLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBQ3RDLElBQUksQ0FBQyxlQUFlO1lBQUUsT0FBTztRQUU3QixPQUFPLGVBQWUsQ0FBQyxHQUFHLENBQ3hCLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FDUCxJQUFJLCtCQUFjLENBQ2hCLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxJQUFJLENBQUMsUUFBUSxFQUFFLEVBQy9CLEVBQUUsR0FBRyxJQUFJLEVBQUUsV0FBVyxFQUFFLEVBQUUsQ0FBQyxRQUFRLEVBQUUsYUFBYSxFQUFFLGtCQUFrQixFQUFFLEVBQ3hFLEVBQUUsU0FBUyxFQUFFLEVBQUUsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2hDLENBQ0osQ0FBQztJQUNKLENBQUM7SUFFTyxXQUFXLENBQUMsR0FBcUI7UUFDdkMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUTtZQUFFLE9BQU87UUFDaEMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FDL0IsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLENBQ3hCLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FDTCxJQUFJLElBQUksQ0FBQyxXQUFXLENBQ2xCLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxFQUFFLENBQUMsUUFBUSxFQUFFLEVBQzdCO1lBQ0UsYUFBYSxFQUFFLEVBQUUsQ0FBQyxRQUFRO1lBQzFCLGNBQWMsRUFBRSxHQUFHLENBQUMsUUFBUTtTQUM3QixFQUNELEVBQUUsU0FBUyxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2pDLENBQ0osQ0FDRixDQUFDO0lBQ0osQ0FBQztJQUVPLFNBQVMsQ0FBQyxJQUFZLEVBQUUsS0FBNEI7UUFDMUQsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUztZQUFFLE9BQU87UUFDakMsSUFBSSxtQkFBVyxDQUNiLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxJQUFJLEVBQUUsRUFDdEI7WUFDRSxTQUFTLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTO1lBQzlCLEtBQUssRUFBRSxLQUFLO1lBQ1osV0FBVyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxJQUFJLEVBQUU7U0FDcEMsRUFDRCxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFLFNBQVMsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2xELENBQUM7SUFDSixDQUFDO0NBQ0Y7QUFoS0QsMENBZ0tDIn0=
|
package/azAd/AzRole.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import * as pulumi from '@pulumi/pulumi';
|
|
2
1
|
import * as azAd from '@pulumi/azuread';
|
|
2
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
3
3
|
import { BaseComponent } from '../base/BaseComponent';
|
|
4
4
|
export interface AzRoleArgs extends Pick<azAd.GroupArgs, 'members' | 'owners' | 'preventDuplicateNames'> {
|
|
5
5
|
}
|
|
@@ -7,5 +7,8 @@ export declare class AzRole extends BaseComponent<AzRoleArgs> {
|
|
|
7
7
|
readonly objectId: pulumi.Output<string>;
|
|
8
8
|
readonly displayName: pulumi.Output<string>;
|
|
9
9
|
constructor(name: string, args?: AzRoleArgs, opts?: pulumi.ComponentResourceOptions);
|
|
10
|
-
getOutputs():
|
|
10
|
+
getOutputs(): {
|
|
11
|
+
objectId: pulumi.Output<string>;
|
|
12
|
+
displayName: pulumi.Output<string>;
|
|
13
|
+
};
|
|
11
14
|
}
|
package/azAd/AzRole.js
CHANGED
|
@@ -35,18 +35,18 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
36
|
exports.AzRole = void 0;
|
|
37
37
|
const azAd = __importStar(require("@pulumi/azuread"));
|
|
38
|
-
const helpers_1 = require("../helpers");
|
|
39
|
-
const helpers_2 = require("../base/helpers");
|
|
40
38
|
const BaseComponent_1 = require("../base/BaseComponent");
|
|
39
|
+
const helpers_1 = require("../base/helpers");
|
|
40
|
+
const helpers_2 = require("../helpers");
|
|
41
41
|
class AzRole extends BaseComponent_1.BaseComponent {
|
|
42
42
|
objectId;
|
|
43
43
|
displayName;
|
|
44
44
|
constructor(name, args = {}, opts) {
|
|
45
45
|
const n = `rol-${name.toLowerCase().replace(/\s+/g, '-')}`;
|
|
46
|
-
super((0,
|
|
47
|
-
const roleName = name.includes(
|
|
46
|
+
super((0, helpers_1.getComponentResourceType)('AzRole'), n, args, opts);
|
|
47
|
+
const roleName = name.includes(helpers_2.stackInfo.stack)
|
|
48
48
|
? `ROL ${name}`.toUpperCase()
|
|
49
|
-
: `ROL ${
|
|
49
|
+
: `ROL ${helpers_2.stackInfo.stack} ${name}`.toUpperCase();
|
|
50
50
|
const role = new azAd.Group(n, {
|
|
51
51
|
displayName: roleName,
|
|
52
52
|
description: roleName,
|
|
@@ -69,4 +69,4 @@ class AzRole extends BaseComponent_1.BaseComponent {
|
|
|
69
69
|
}
|
|
70
70
|
}
|
|
71
71
|
exports.AzRole = AzRole;
|
|
72
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
72
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXpSb2xlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvQXpSb2xlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUV4Qyx5REFBc0Q7QUFDdEQsNkNBQTJEO0FBQzNELHdDQUF1QztBQUl2QyxNQUFhLE1BQU8sU0FBUSw2QkFBeUI7SUFDbkMsUUFBUSxDQUF3QjtJQUNoQyxXQUFXLENBQXdCO0lBRW5ELFlBQVksSUFBWSxFQUFFLE9BQW1CLEVBQUUsRUFBRSxJQUFzQztRQUNyRixNQUFNLENBQUMsR0FBRyxPQUFPLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLEdBQUcsQ0FBQyxFQUFFLENBQUM7UUFDM0QsS0FBSyxDQUFDLElBQUEsa0NBQXdCLEVBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUV6RCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLG1CQUFTLENBQUMsS0FBSyxDQUFDO1lBQzdDLENBQUMsQ0FBQyxPQUFPLElBQUksRUFBRSxDQUFDLFdBQVcsRUFBRTtZQUM3QixDQUFDLENBQUMsT0FBTyxtQkFBUyxDQUFDLEtBQUssSUFBSSxJQUFJLEVBQUUsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUVuRCxNQUFNLElBQUksR0FBRyxJQUFJLElBQUksQ0FBQyxLQUFLLENBQ3pCLENBQUMsRUFDRDtZQUNFLFdBQVcsRUFBRSxRQUFRO1lBQ3JCLFdBQVcsRUFBRSxRQUFRO1lBQ3JCLE9BQU8sRUFBRSxJQUFJLENBQUMsT0FBTztZQUNyQixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07WUFFbkIsZUFBZSxFQUFFLElBQUk7WUFDckIsV0FBVyxFQUFFLEtBQUs7WUFDbEIscUJBQXFCLEVBQUUsSUFBSSxDQUFDLHFCQUFxQjtZQUNqRCxnQkFBZ0IsRUFBRSxLQUFLO1NBQ3hCLEVBQ0QsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2pCLENBQUM7UUFFRixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUM7UUFDOUIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDO1FBRXBDLElBQUksQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVNLFVBQVU7UUFDZixPQUFPO1lBQ0wsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO1lBQ3ZCLFdBQVcsRUFBRSxJQUFJLENBQUMsV0FBVztTQUM5QixDQUFDO0lBQ0osQ0FBQztDQUNGO0FBeENELHdCQXdDQyJ9
|
package/azAd/CustomRoles.d.ts
CHANGED
|
@@ -5,6 +5,6 @@ export interface CustomRoleArgs {
|
|
|
5
5
|
}
|
|
6
6
|
export declare class CustomRoles extends BaseComponent<CustomRoleArgs> {
|
|
7
7
|
constructor(name: string, args: CustomRoleArgs, opts?: pulumi.ComponentResourceOptions);
|
|
8
|
-
getOutputs():
|
|
8
|
+
getOutputs(): {};
|
|
9
9
|
private createJustInTimeRemoteRole;
|
|
10
10
|
}
|
package/azAd/CustomRoles.js
CHANGED
|
@@ -34,13 +34,13 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
36
|
exports.CustomRoles = void 0;
|
|
37
|
-
const helpers_1 = require("../helpers");
|
|
38
|
-
const helpers_2 = require("../base/helpers");
|
|
39
37
|
const auth = __importStar(require("@pulumi/azure-native/authorization"));
|
|
40
38
|
const BaseComponent_1 = require("../base/BaseComponent");
|
|
39
|
+
const helpers_1 = require("../base/helpers");
|
|
40
|
+
const helpers_2 = require("../helpers");
|
|
41
41
|
class CustomRoles extends BaseComponent_1.BaseComponent {
|
|
42
42
|
constructor(name, args, opts) {
|
|
43
|
-
super((0,
|
|
43
|
+
super((0, helpers_1.getComponentResourceType)('CustomRoles'), name, args, opts);
|
|
44
44
|
if (args.enableJustInTimeRemoteRole) {
|
|
45
45
|
this.createJustInTimeRemoteRole();
|
|
46
46
|
}
|
|
@@ -52,7 +52,7 @@ class CustomRoles extends BaseComponent_1.BaseComponent {
|
|
|
52
52
|
return new auth.RoleDefinition('JustInTime-User-Remote-Request', {
|
|
53
53
|
roleName: 'Just-In-Time-User-Remote-Request-Role',
|
|
54
54
|
description: 'Just-in-time virtual machine user remote request role',
|
|
55
|
-
scope:
|
|
55
|
+
scope: helpers_2.azureEnv.defaultSubScope,
|
|
56
56
|
permissions: [
|
|
57
57
|
{
|
|
58
58
|
actions: [
|
|
@@ -65,9 +65,9 @@ class CustomRoles extends BaseComponent_1.BaseComponent {
|
|
|
65
65
|
notActions: [],
|
|
66
66
|
},
|
|
67
67
|
],
|
|
68
|
-
assignableScopes: [
|
|
68
|
+
assignableScopes: [helpers_2.azureEnv.defaultSubScope],
|
|
69
69
|
});
|
|
70
70
|
}
|
|
71
71
|
}
|
|
72
72
|
exports.CustomRoles = CustomRoles;
|
|
73
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
73
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ3VzdG9tUm9sZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXpBZC9DdXN0b21Sb2xlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx5RUFBMkQ7QUFFM0QseURBQXNEO0FBQ3RELDZDQUEyRDtBQUMzRCx3Q0FBc0M7QUFNdEMsTUFBYSxXQUFZLFNBQVEsNkJBQTZCO0lBQzVELFlBQVksSUFBWSxFQUFFLElBQW9CLEVBQUUsSUFBc0M7UUFDcEYsS0FBSyxDQUFDLElBQUEsa0NBQXdCLEVBQUMsYUFBYSxDQUFDLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUVqRSxJQUFJLElBQUksQ0FBQywwQkFBMEIsRUFBRSxDQUFDO1lBQ3BDLElBQUksQ0FBQywwQkFBMEIsRUFBRSxDQUFDO1FBQ3BDLENBQUM7SUFDSCxDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU8sRUFBRSxDQUFDO0lBQ1osQ0FBQztJQUVPLDBCQUEwQjtRQUNoQyxPQUFPLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FBQyxnQ0FBZ0MsRUFBRTtZQUMvRCxRQUFRLEVBQUUsdUNBQXVDO1lBQ2pELFdBQVcsRUFBRSx1REFBdUQ7WUFDcEUsS0FBSyxFQUFFLGtCQUFRLENBQUMsZUFBZTtZQUMvQixXQUFXLEVBQUU7Z0JBQ1g7b0JBQ0UsT0FBTyxFQUFFO3dCQUNQLHVFQUF1RTt3QkFDdkUsOERBQThEO3dCQUM5RCxrQ0FBa0M7d0JBQ2xDLHdDQUF3Qzt3QkFDeEMsNENBQTRDO3FCQUM3QztvQkFDRCxVQUFVLEVBQUUsRUFBRTtpQkFDZjthQUNGO1lBQ0QsZ0JBQWdCLEVBQUUsQ0FBQyxrQkFBUSxDQUFDLGVBQWUsQ0FBQztTQUM3QyxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFqQ0Qsa0NBaUNDIn0=
|
package/azAd/GroupRole.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as pulumi from '@pulumi/pulumi';
|
|
2
|
+
import { BaseComponent } from '../base/BaseComponent';
|
|
2
3
|
import * as types from '../types';
|
|
3
4
|
import { AzRoleArgs } from './AzRole';
|
|
4
|
-
import { BaseComponent } from '../base/BaseComponent';
|
|
5
5
|
export interface GroupRoleArgs extends Pick<AzRoleArgs, 'owners' | 'preventDuplicateNames'>, Partial<Record<types.GroupRoleTypes, Pick<AzRoleArgs, 'members'>>> {
|
|
6
6
|
preventDuplicateNames?: pulumi.Input<boolean>;
|
|
7
7
|
}
|
|
@@ -14,12 +14,10 @@ export declare class GroupRole extends BaseComponent<GroupRoleArgs> {
|
|
|
14
14
|
readonly contributor: pulumi.Output<GroupRoleOutput>;
|
|
15
15
|
readonly readOnly: pulumi.Output<GroupRoleOutput>;
|
|
16
16
|
constructor(name?: string, args?: GroupRoleArgs, opts?: pulumi.ComponentResourceOptions);
|
|
17
|
-
getOutputs():
|
|
17
|
+
getOutputs(): {
|
|
18
|
+
admin: pulumi.Output<GroupRoleOutput>;
|
|
19
|
+
contributor: pulumi.Output<GroupRoleOutput>;
|
|
20
|
+
readOnly: pulumi.Output<GroupRoleOutput>;
|
|
21
|
+
};
|
|
18
22
|
private configHierarchyRoles;
|
|
19
|
-
/**
|
|
20
|
-
* Selectively picks properties from the component instance
|
|
21
|
-
* @param keys - Array of property keys to pick from the component
|
|
22
|
-
* @returns Object containing only the selected properties
|
|
23
|
-
*/
|
|
24
|
-
PickOutputs<K extends keyof this>(...keys: K[]): Pick<this, K>;
|
|
25
23
|
}
|
package/azAd/GroupRole.js
CHANGED
|
@@ -36,10 +36,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
36
36
|
exports.GroupRole = void 0;
|
|
37
37
|
const azAd = __importStar(require("@pulumi/azuread"));
|
|
38
38
|
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
39
|
+
const BaseComponent_1 = require("../base/BaseComponent");
|
|
39
40
|
const helpers_1 = require("../base/helpers");
|
|
40
41
|
const helpers_2 = require("../helpers");
|
|
41
42
|
const AzRole_1 = require("./AzRole");
|
|
42
|
-
const BaseComponent_1 = require("../base/BaseComponent");
|
|
43
43
|
class GroupRole extends BaseComponent_1.BaseComponent {
|
|
44
44
|
admin;
|
|
45
45
|
contributor;
|
|
@@ -91,17 +91,6 @@ class GroupRole extends BaseComponent_1.BaseComponent {
|
|
|
91
91
|
}, { dependsOn: Object.values(roles), parent: this });
|
|
92
92
|
}
|
|
93
93
|
}
|
|
94
|
-
/**
|
|
95
|
-
* Selectively picks properties from the component instance
|
|
96
|
-
* @param keys - Array of property keys to pick from the component
|
|
97
|
-
* @returns Object containing only the selected properties
|
|
98
|
-
*/
|
|
99
|
-
PickOutputs(...keys) {
|
|
100
|
-
return keys.reduce((acc, key) => {
|
|
101
|
-
acc[key] = this[key];
|
|
102
|
-
return acc;
|
|
103
|
-
}, {});
|
|
104
|
-
}
|
|
105
94
|
}
|
|
106
95
|
exports.GroupRole = GroupRole;
|
|
107
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
96
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiR3JvdXBSb2xlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvR3JvdXBSb2xlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUN4Qyx1REFBeUM7QUFDekMseURBQXNEO0FBQ3RELDZDQUEyRDtBQUMzRCx3Q0FBdUM7QUFFdkMscUNBQThDO0FBYTlDLE1BQWEsU0FBVSxTQUFRLDZCQUE0QjtJQUN6QyxLQUFLLENBQWlDO0lBQ3RDLFdBQVcsQ0FBaUM7SUFDNUMsUUFBUSxDQUFpQztJQUV6RCxZQUFZLE9BQWUsbUJBQVMsQ0FBQyxLQUFLLEVBQUUsT0FBc0IsRUFBRSxFQUFFLElBQXNDO1FBQzFHLEtBQUssQ0FBQyxJQUFBLGtDQUF3QixFQUFDLFdBQVcsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFL0QsTUFBTSxLQUFLLEdBQUcsQ0FBQyxPQUFPLEVBQUUsYUFBYSxFQUFFLFVBQVUsQ0FBVSxDQUFDO1FBRTVELE1BQU0sYUFBYSxHQUFHLE1BQU0sQ0FBQyxXQUFXLENBQ3RDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDO1lBQ2xCLElBQUk7WUFDSixJQUFJLGVBQU0sQ0FDUixHQUFHLElBQUksSUFBSSxJQUFJLEVBQUUsRUFDakI7Z0JBQ0UsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2dCQUNuQixPQUFPLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU87Z0JBQzVCLHFCQUFxQixFQUFFLElBQUksQ0FBQyxxQkFBcUI7YUFDbEQsRUFDRCxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDakI7U0FDRixDQUFDLENBQ0gsQ0FBQztRQUVGLElBQUksQ0FBQyxLQUFLLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQztZQUN6QixRQUFRLEVBQUUsYUFBYSxDQUFDLEtBQUssQ0FBQyxRQUFRO1lBQ3RDLFdBQVcsRUFBRSxhQUFhLENBQUMsS0FBSyxDQUFDLFdBQVc7U0FDN0MsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFdBQVcsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO1lBQy9CLFFBQVEsRUFBRSxhQUFhLENBQUMsV0FBVyxDQUFDLFFBQVE7WUFDNUMsV0FBVyxFQUFFLGFBQWEsQ0FBQyxXQUFXLENBQUMsV0FBVztTQUNuRCxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsUUFBUSxHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUM7WUFDNUIsUUFBUSxFQUFFLGFBQWEsQ0FBQyxRQUFRLENBQUMsUUFBUTtZQUN6QyxXQUFXLEVBQUUsYUFBYSxDQUFDLFFBQVEsQ0FBQyxXQUFXO1NBQ2hELENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUV6QyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFTSxVQUFVO1FBQ2YsT0FBTztZQUNMLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSztZQUNqQixXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDN0IsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO1NBQ3hCLENBQUM7SUFDSixDQUFDO0lBRU8sb0JBQW9CLENBQUMsS0FBOEI7UUFDekQsSUFBSSxJQUFJLENBQUMsS0FBSyxJQUFJLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNuQyxJQUFJLElBQUksQ0FBQyxXQUFXLENBQ2xCLEdBQUcsSUFBSSxDQUFDLElBQUksb0JBQW9CLEVBQ2hDO2dCQUNFLGFBQWEsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLFFBQVE7Z0JBQ3hDLGNBQWMsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVE7YUFDcEMsRUFDRCxFQUFFLFNBQVMsRUFBRSxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDbEQsQ0FBQztRQUNKLENBQUM7UUFFRCxJQUFJLElBQUksQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ3RDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FDbEIsR0FBRyxJQUFJLENBQUMsSUFBSSx1QkFBdUIsRUFDbkM7Z0JBQ0UsYUFBYSxFQUFFLElBQUksQ0FBQyxRQUFRLENBQUMsUUFBUTtnQkFDckMsY0FBYyxFQUFFLElBQUksQ0FBQyxXQUFXLENBQUMsUUFBUTthQUMxQyxFQUNELEVBQUUsU0FBUyxFQUFFLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNsRCxDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7Q0FDRjtBQTVFRCw4QkE0RUMifQ==
|
package/azAd/RoleAssignment.d.ts
CHANGED
|
@@ -8,5 +8,8 @@ export declare class RoleAssignment extends BaseComponent<RoleAssignmentArgs> {
|
|
|
8
8
|
readonly id: pulumi.Output<string>;
|
|
9
9
|
readonly resourceName: pulumi.Output<string>;
|
|
10
10
|
constructor(name: string, args: RoleAssignmentArgs, opts?: pulumi.ComponentResourceOptions);
|
|
11
|
-
getOutputs():
|
|
11
|
+
getOutputs(): {
|
|
12
|
+
id: pulumi.Output<string>;
|
|
13
|
+
resourceName: pulumi.Output<string>;
|
|
14
|
+
};
|
|
12
15
|
}
|
package/azAd/RoleAssignment.js
CHANGED
|
@@ -35,8 +35,8 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
36
|
exports.RoleAssignment = void 0;
|
|
37
37
|
const auth = __importStar(require("@pulumi/azure-native/authorization"));
|
|
38
|
-
const rolesBuiltIn_1 = require("./helpers/rolesBuiltIn");
|
|
39
38
|
const BaseComponent_1 = require("../base/BaseComponent");
|
|
39
|
+
const rolesBuiltIn_1 = require("./helpers/rolesBuiltIn");
|
|
40
40
|
class RoleAssignment extends BaseComponent_1.BaseComponent {
|
|
41
41
|
id;
|
|
42
42
|
resourceName;
|
|
@@ -60,4 +60,4 @@ class RoleAssignment extends BaseComponent_1.BaseComponent {
|
|
|
60
60
|
}
|
|
61
61
|
}
|
|
62
62
|
exports.RoleAssignment = RoleAssignment;
|
|
63
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
63
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUm9sZUFzc2lnbm1lbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXpBZC9Sb2xlQXNzaWdubWVudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx5RUFBMkQ7QUFFM0QseURBQXNEO0FBQ3RELHlEQUFpRTtBQU1qRSxNQUFhLGNBQWUsU0FBUSw2QkFBaUM7SUFDbkQsRUFBRSxDQUF3QjtJQUMxQixZQUFZLENBQXdCO0lBRXBELFlBQVksSUFBWSxFQUFFLElBQXdCLEVBQUUsSUFBc0M7UUFDeEYsS0FBSyxDQUFDLGdCQUFnQixFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFMUMsTUFBTSxFQUFFLFFBQVEsRUFBRSxHQUFHLEtBQUssRUFBRSxHQUFHLElBQUksQ0FBQztRQUNwQyxNQUFNLElBQUksR0FBRyxJQUFBLHNDQUF1QixFQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRS9DLE1BQU0sVUFBVSxHQUFHLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FDeEMsSUFBSSxFQUNKO1lBQ0UsR0FBRyxLQUFLO1lBQ1IsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLEVBQUU7U0FDMUIsRUFDRCxFQUFFLEdBQUcsSUFBSSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDMUIsQ0FBQztRQUVGLElBQUksQ0FBQyxFQUFFLEdBQUcsVUFBVSxDQUFDLEVBQUUsQ0FBQztRQUN4QixJQUFJLENBQUMsWUFBWSxHQUFHLFVBQVUsQ0FBQyxJQUFJLENBQUM7UUFDcEMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUMsQ0FBQztJQUMxQyxDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU87WUFDTCxFQUFFLEVBQUUsSUFBSSxDQUFDLEVBQUU7WUFDWCxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7U0FDaEMsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQTlCRCx3Q0E4QkMifQ==
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import * as pulumi from '@pulumi/pulumi';
|
|
2
2
|
import { BaseArgs, BaseResourceComponent } from '../base';
|
|
3
|
-
import {
|
|
3
|
+
import { WithMemberOfArgs, WithResourceGroupInputs } from '../types';
|
|
4
4
|
export interface UserAssignedIdentityArgs extends Omit<BaseArgs, 'groupRoles'>, WithMemberOfArgs, WithResourceGroupInputs {
|
|
5
5
|
}
|
|
6
6
|
export declare class UserAssignedIdentity extends BaseResourceComponent<UserAssignedIdentityArgs> {
|
|
@@ -8,6 +8,10 @@ export declare class UserAssignedIdentity extends BaseResourceComponent<UserAssi
|
|
|
8
8
|
readonly clientId: pulumi.Output<string>;
|
|
9
9
|
readonly principalId: pulumi.Output<string>;
|
|
10
10
|
constructor(name: string, args: UserAssignedIdentityArgs, opts?: pulumi.ComponentResourceOptions);
|
|
11
|
-
getOutputs():
|
|
11
|
+
getOutputs(): {
|
|
12
|
+
id: pulumi.Output<string>;
|
|
13
|
+
clientId: pulumi.Output<string>;
|
|
14
|
+
principalId: pulumi.Output<string>;
|
|
15
|
+
};
|
|
12
16
|
private addMemberOf;
|
|
13
17
|
}
|
|
@@ -34,9 +34,9 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
36
|
exports.UserAssignedIdentity = void 0;
|
|
37
|
-
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
38
37
|
const mid = __importStar(require("@pulumi/azure-native/managedidentity"));
|
|
39
38
|
const azAd = __importStar(require("@pulumi/azuread"));
|
|
39
|
+
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
40
40
|
const base_1 = require("../base");
|
|
41
41
|
class UserAssignedIdentity extends base_1.BaseResourceComponent {
|
|
42
42
|
id;
|
|
@@ -73,4 +73,4 @@ class UserAssignedIdentity extends base_1.BaseResourceComponent {
|
|
|
73
73
|
}
|
|
74
74
|
}
|
|
75
75
|
exports.UserAssignedIdentity = UserAssignedIdentity;
|
|
76
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
76
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVXNlckFzc2lnbmVkSWRlbnRpdHkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXpBZC9Vc2VyQXNzaWduZWRJZGVudGl0eS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSwwRUFBNEQ7QUFDNUQsc0RBQXdDO0FBQ3hDLHVEQUF5QztBQUN6QyxrQ0FBMEQ7QUFRMUQsTUFBYSxvQkFBcUIsU0FBUSw0QkFBK0M7SUFDdkUsRUFBRSxDQUF3QjtJQUMxQixRQUFRLENBQXdCO0lBQ2hDLFdBQVcsQ0FBd0I7SUFFbkQsWUFBWSxJQUFZLEVBQUUsSUFBOEIsRUFBRSxJQUFzQztRQUM5RixLQUFLLENBQUMsc0JBQXNCLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUVoRCxNQUFNLGVBQWUsR0FBRyxJQUFJLEdBQUcsQ0FBQyxvQkFBb0IsQ0FBQyxJQUFJLEVBQUUsRUFBRSxHQUFHLElBQUksQ0FBQyxPQUFPLEVBQUUsRUFBRSxFQUFFLEdBQUcsSUFBSSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRTNHLElBQUksQ0FBQyxVQUFVLENBQUM7WUFDZCxFQUFFLEVBQUUsZUFBZSxDQUFDLEVBQUU7WUFDdEIsUUFBUSxFQUFFLGVBQWUsQ0FBQyxRQUFRO1lBQ2xDLFdBQVcsRUFBRSxlQUFlLENBQUMsV0FBVztTQUN6QyxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsRUFBRSxHQUFHLGVBQWUsQ0FBQyxFQUFFLENBQUM7UUFDN0IsSUFBSSxDQUFDLFFBQVEsR0FBRyxlQUFlLENBQUMsUUFBUSxDQUFDO1FBQ3pDLElBQUksQ0FBQyxXQUFXLEdBQUcsZUFBZSxDQUFDLFdBQVcsQ0FBQztRQUUvQyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7UUFFbkIsSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO0lBQ3pCLENBQUM7SUFFTSxVQUFVO1FBQ2YsT0FBTztZQUNMLEVBQUUsRUFBRSxJQUFJLENBQUMsRUFBRTtZQUNYLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7U0FDOUIsQ0FBQztJQUNKLENBQUM7SUFFTyxXQUFXO1FBQ2pCLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVE7WUFBRSxPQUFPO1FBQ2hDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQy9CLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsS0FBSyxDQUN4QixDQUFDLEVBQUUsRUFBRSxFQUFFLENBQ0wsSUFBSSxJQUFJLENBQUMsV0FBVyxDQUNsQixHQUFHLElBQUksQ0FBQyxJQUFJLElBQUksRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUM3QjtZQUNFLGFBQWEsRUFBRSxFQUFFLENBQUMsUUFBUTtZQUMxQixjQUFjLEVBQUUsSUFBSSxDQUFDLFdBQVc7U0FDakMsRUFDRCxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDakIsQ0FDSixDQUNGLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUFqREQsb0RBaURDIn0=
|
package/azAd/helpers/index.js
CHANGED
|
@@ -16,15 +16,14 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
exports.createAzureDevOpsAppRegistration = void 0;
|
|
18
18
|
__exportStar(require("./rsRoleDefinition"), exports);
|
|
19
|
+
const helpers_1 = require("../../helpers");
|
|
19
20
|
const AppRegistration_1 = require("../AppRegistration");
|
|
20
|
-
const graphBuiltIn_1 = require("./graphBuiltIn");
|
|
21
21
|
const RoleAssignment_1 = require("../RoleAssignment");
|
|
22
|
-
const
|
|
22
|
+
const graphBuiltIn_1 = require("./graphBuiltIn");
|
|
23
23
|
const createAzureDevOpsAppRegistration = (name, vaultInfo) => {
|
|
24
24
|
const graphAccess = (0, graphBuiltIn_1.getGraphPermissions)({ name: 'User.Read', type: 'Scope' });
|
|
25
25
|
const identity = new AppRegistration_1.AppRegistration(name, {
|
|
26
26
|
appType: 'native',
|
|
27
|
-
servicePrincipal: { enabled: true },
|
|
28
27
|
requiredResourceAccesses: [graphAccess],
|
|
29
28
|
vaultInfo,
|
|
30
29
|
});
|
|
@@ -36,4 +35,4 @@ const createAzureDevOpsAppRegistration = (name, vaultInfo) => {
|
|
|
36
35
|
}, { dependsOn: identity, parent: this });
|
|
37
36
|
};
|
|
38
37
|
exports.createAzureDevOpsAppRegistration = createAzureDevOpsAppRegistration;
|
|
39
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
38
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYXpBZC9oZWxwZXJzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEscURBQW1DO0FBRW5DLDJDQUF5QztBQUV6Qyx3REFBcUQ7QUFDckQsc0RBQW1EO0FBQ25ELGlEQUFxRDtBQUU5QyxNQUFNLGdDQUFnQyxHQUFHLENBQUMsSUFBWSxFQUFFLFNBQXlCLEVBQUUsRUFBRTtJQUMxRixNQUFNLFdBQVcsR0FBRyxJQUFBLGtDQUFtQixFQUFDLEVBQUUsSUFBSSxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLENBQUMsQ0FBQztJQUU5RSxNQUFNLFFBQVEsR0FBRyxJQUFJLGlDQUFlLENBQUMsSUFBSSxFQUFFO1FBQ3pDLE9BQU8sRUFBRSxRQUFRO1FBQ2pCLHdCQUF3QixFQUFFLENBQUMsV0FBVyxDQUFDO1FBQ3ZDLFNBQVM7S0FDVixDQUFDLENBQUM7SUFFSCxJQUFJLCtCQUFjLENBQ2hCLElBQUksRUFDSjtRQUNFLFdBQVcsRUFBRSxRQUFRLENBQUMsa0JBQW1CO1FBQ3pDLGFBQWEsRUFBRSxrQkFBa0I7UUFDakMsUUFBUSxFQUFFLE9BQU87UUFDakIsS0FBSyxFQUFFLGtCQUFRLENBQUMsZUFBZTtLQUNoQyxFQUNELEVBQUUsU0FBUyxFQUFFLFFBQVEsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ3RDLENBQUM7QUFDSixDQUFDLENBQUM7QUFuQlcsUUFBQSxnQ0FBZ0Msb0NBbUIzQyJ9
|
|
@@ -64,11 +64,31 @@ export declare function getRoleDefinitionByName(name: string): {
|
|
|
64
64
|
type: string;
|
|
65
65
|
description: string;
|
|
66
66
|
assignableScopes: string[];
|
|
67
|
-
permissions:
|
|
67
|
+
permissions: {
|
|
68
68
|
actions: string[];
|
|
69
69
|
notActions: never[];
|
|
70
70
|
dataActions: never[];
|
|
71
71
|
notDataActions: never[];
|
|
72
|
+
}[];
|
|
73
|
+
createdOn: string;
|
|
74
|
+
updatedOn: string;
|
|
75
|
+
createdBy: string;
|
|
76
|
+
updatedBy: string;
|
|
77
|
+
};
|
|
78
|
+
id: string;
|
|
79
|
+
type: string;
|
|
80
|
+
name: string;
|
|
81
|
+
} | {
|
|
82
|
+
properties: {
|
|
83
|
+
roleName: string;
|
|
84
|
+
type: string;
|
|
85
|
+
description: string;
|
|
86
|
+
assignableScopes: string[];
|
|
87
|
+
permissions: ({
|
|
88
|
+
actions: string[];
|
|
89
|
+
notActions: string[];
|
|
90
|
+
dataActions: never[];
|
|
91
|
+
notDataActions: never[];
|
|
72
92
|
conditionVersion?: undefined;
|
|
73
93
|
condition?: undefined;
|
|
74
94
|
} | {
|
|
@@ -87,4 +107,26 @@ export declare function getRoleDefinitionByName(name: string): {
|
|
|
87
107
|
id: string;
|
|
88
108
|
type: string;
|
|
89
109
|
name: string;
|
|
110
|
+
} | {
|
|
111
|
+
properties: {
|
|
112
|
+
roleName: string;
|
|
113
|
+
type: string;
|
|
114
|
+
description: string;
|
|
115
|
+
assignableScopes: string[];
|
|
116
|
+
permissions: {
|
|
117
|
+
actions: string[];
|
|
118
|
+
notActions: never[];
|
|
119
|
+
dataActions: string[];
|
|
120
|
+
notDataActions: never[];
|
|
121
|
+
conditionVersion: string;
|
|
122
|
+
condition: string;
|
|
123
|
+
}[];
|
|
124
|
+
createdOn: string;
|
|
125
|
+
updatedOn: string;
|
|
126
|
+
createdBy: null;
|
|
127
|
+
updatedBy: null;
|
|
128
|
+
};
|
|
129
|
+
id: string;
|
|
130
|
+
type: string;
|
|
131
|
+
name: string;
|
|
90
132
|
};
|