@drunk-pulumi/azure-components 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +127 -1
- package/ResourceBuilder.d.ts +85 -46
- package/ResourceBuilder.js +147 -46
- package/aks/AzKubernetes.d.ts +17 -3
- package/aks/AzKubernetes.js +92 -43
- package/aks/ContainerRegistry.d.ts +4 -3
- package/aks/ContainerRegistry.js +22 -19
- package/apim/Apim.d.ts +51 -0
- package/apim/Apim.js +248 -0
- package/apim/ApimApi.d.ts +34 -0
- package/apim/ApimApi.js +193 -0
- package/apim/ApimApiSet.d.ts +27 -0
- package/apim/ApimApiSet.js +88 -0
- package/apim/ApimPolicyBuilder.d.ts +93 -0
- package/apim/ApimPolicyBuilder.js +294 -0
- package/apim/ApimProduct.d.ts +27 -0
- package/apim/ApimProduct.js +118 -0
- package/apim/index.d.ts +2 -0
- package/apim/index.js +19 -0
- package/apim/openAPI3Type.d.ts +85 -0
- package/apim/openAPI3Type.js +3 -0
- package/apim/openApiHelper.d.ts +1 -0
- package/apim/openApiHelper.js +36 -0
- package/app/SignalR.d.ts +3 -3
- package/app/SignalR.js +35 -20
- package/azAd/AppRegistration.d.ts +15 -11
- package/azAd/AppRegistration.js +67 -68
- package/azAd/AzRole.js +2 -2
- package/azAd/GroupRole.d.ts +7 -17
- package/azAd/GroupRole.js +7 -17
- package/azAd/RoleAssignment.d.ts +1 -1
- package/azAd/RoleAssignment.js +5 -5
- package/azAd/UserAssignedIdentity.d.ts +3 -0
- package/azAd/UserAssignedIdentity.js +23 -7
- package/azAd/helpers/index.d.ts +0 -2
- package/azAd/helpers/index.js +26 -22
- package/azAd/helpers/rolesBuiltIn.d.ts +10 -19
- package/azAd/helpers/rolesBuiltIn.js +25868 -18593
- package/azAd/helpers/rsRoleDefinition.d.ts +12 -6
- package/azAd/helpers/rsRoleDefinition.js +48 -32
- package/base/BaseComponent.d.ts +1 -15
- package/base/BaseComponent.js +3 -22
- package/base/BaseResourceComponent.d.ts +24 -17
- package/base/BaseResourceComponent.js +61 -45
- package/base/helpers.d.ts +0 -6
- package/base/helpers.js +1 -18
- package/common/RandomPassword.js +4 -4
- package/common/RandomString.d.ts +1 -1
- package/common/RandomString.js +3 -3
- package/common/ResourceLocker.js +2 -2
- package/common/RsGroup.js +2 -2
- package/database/AzSql.d.ts +5 -5
- package/database/AzSql.js +37 -24
- package/database/MySql.d.ts +1 -1
- package/database/MySql.js +45 -28
- package/database/Postgres.d.ts +2 -1
- package/database/Postgres.js +29 -17
- package/database/Redis.d.ts +25 -4
- package/database/Redis.js +88 -25
- package/helpers/autoTags.js +37 -3
- package/helpers/certHelpers.d.ts +20 -0
- package/helpers/certHelpers.js +85 -0
- package/helpers/rsHelpers.d.ts +19 -1
- package/helpers/rsHelpers.js +27 -4
- package/helpers/stackEnv.d.ts +2 -1
- package/helpers/stackEnv.js +10 -7
- package/index.d.ts +1 -0
- package/index.js +2 -1
- package/package.json +11 -7
- package/services/Automation.d.ts +3 -1
- package/services/Automation.js +8 -8
- package/services/ServiceBus.d.ts +3 -2
- package/services/ServiceBus.js +17 -19
- package/types.d.ts +44 -15
- package/vault/EncryptionKey.d.ts +1 -1
- package/vault/EncryptionKey.js +4 -4
- package/vault/KeyVault.d.ts +3 -8
- package/vault/KeyVault.js +4 -7
- package/vault/VaultSecret.d.ts +1 -1
- package/vault/VaultSecret.js +9 -9
- package/vault/VaultSecrets.d.ts +2 -4
- package/vault/VaultSecrets.js +4 -6
- package/vault/helpers.d.ts +17 -0
- package/vault/helpers.js +56 -3
- package/vm/DiskEncryptionSet.js +2 -2
- package/vm/VirtualMachine.d.ts +2 -1
- package/vm/VirtualMachine.js +37 -25
- package/vnet/Basion.d.ts +4 -3
- package/vnet/Basion.js +17 -4
- package/vnet/DnsZone.d.ts +1 -1
- package/vnet/DnsZone.js +2 -2
- package/vnet/IpAddresses.d.ts +6 -2
- package/vnet/IpAddresses.js +2 -2
- package/vnet/NetworkPeering.d.ts +1 -1
- package/vnet/NetworkPeering.js +1 -1
- package/vnet/PrivateDnsZone.d.ts +1 -1
- package/vnet/PrivateDnsZone.js +4 -4
- package/vnet/PrivateEndpoint.d.ts +7 -10
- package/vnet/PrivateEndpoint.js +11 -10
- package/vnet/RouteTable.d.ts +1 -1
- package/vnet/RouteTable.js +2 -2
- package/vnet/VirtualNetwork.d.ts +30 -43
- package/vnet/VirtualNetwork.js +77 -43
- package/vnet/VpnGateway.js +2 -2
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const getImportConfig: (specUrl: string, version: string) => Promise<string>;
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getImportConfig = void 0;
|
|
4
|
+
const removeVersion = (data, version) => {
|
|
5
|
+
if (!data?.paths) {
|
|
6
|
+
console.error(`APIM-removeVersion: There is no paths found in`, data);
|
|
7
|
+
return data;
|
|
8
|
+
}
|
|
9
|
+
const newPaths = {};
|
|
10
|
+
//Replace version from path
|
|
11
|
+
Object.keys(data.paths).forEach((k) => {
|
|
12
|
+
const newKey = k.replace(`/${version}`, '');
|
|
13
|
+
newPaths[newKey] = data.paths[k];
|
|
14
|
+
});
|
|
15
|
+
data.paths = newPaths;
|
|
16
|
+
return data;
|
|
17
|
+
};
|
|
18
|
+
const downloadSpecFile = async (fileUrl) => {
|
|
19
|
+
//Get specs json from URL
|
|
20
|
+
return await fetch(fileUrl, { method: 'GET' })
|
|
21
|
+
.then((rs) => rs.json())
|
|
22
|
+
.catch((error) => {
|
|
23
|
+
console.error(`Not able to get spec file from: ${fileUrl}`, error);
|
|
24
|
+
return undefined;
|
|
25
|
+
});
|
|
26
|
+
};
|
|
27
|
+
const getImportConfig = async (specUrl, version) => {
|
|
28
|
+
const spec = await downloadSpecFile(specUrl);
|
|
29
|
+
if (!spec)
|
|
30
|
+
return '';
|
|
31
|
+
//Remove Version
|
|
32
|
+
const data = removeVersion(spec, version);
|
|
33
|
+
return JSON.stringify(data);
|
|
34
|
+
};
|
|
35
|
+
exports.getImportConfig = getImportConfig;
|
|
36
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3BlbkFwaUhlbHBlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9hcGltL29wZW5BcGlIZWxwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBRUEsTUFBTSxhQUFhLEdBQUcsQ0FBQyxJQUFjLEVBQUUsT0FBZSxFQUFZLEVBQUU7SUFDbEUsSUFBSSxDQUFDLElBQUksRUFBRSxLQUFLLEVBQUUsQ0FBQztRQUNqQixPQUFPLENBQUMsS0FBSyxDQUFDLGdEQUFnRCxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQ3RFLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVELE1BQU0sUUFBUSxHQUFHLEVBQVMsQ0FBQztJQUUzQiwyQkFBMkI7SUFDM0IsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7UUFDcEMsTUFBTSxNQUFNLEdBQUcsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxJQUFJLE9BQU8sRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBQzVDLFFBQVEsQ0FBQyxNQUFNLENBQUMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ25DLENBQUMsQ0FBQyxDQUFDO0lBRUgsSUFBSSxDQUFDLEtBQUssR0FBRyxRQUFRLENBQUM7SUFDdEIsT0FBTyxJQUFJLENBQUM7QUFDZCxDQUFDLENBQUM7QUFFRixNQUFNLGdCQUFnQixHQUFHLEtBQUssRUFBRSxPQUFlLEVBQWlDLEVBQUU7SUFDaEYseUJBQXlCO0lBQ3pCLE9BQU8sTUFBTSxLQUFLLENBQUMsT0FBTyxFQUFFLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxDQUFDO1NBQzNDLElBQUksQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDLElBQUksRUFBeUIsQ0FBQztTQUM5QyxLQUFLLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRTtRQUNmLE9BQU8sQ0FBQyxLQUFLLENBQUMsbUNBQW1DLE9BQU8sRUFBRSxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQ25FLE9BQU8sU0FBUyxDQUFDO0lBQ25CLENBQUMsQ0FBQyxDQUFDO0FBQ1AsQ0FBQyxDQUFDO0FBRUssTUFBTSxlQUFlLEdBQUcsS0FBSyxFQUFFLE9BQWUsRUFBRSxPQUFlLEVBQW1CLEVBQUU7SUFDekYsTUFBTSxJQUFJLEdBQUcsTUFBTSxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUM3QyxJQUFJLENBQUMsSUFBSTtRQUFFLE9BQU8sRUFBRSxDQUFDO0lBRXJCLGdCQUFnQjtJQUNoQixNQUFNLElBQUksR0FBRyxhQUFhLENBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQzFDLE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUM5QixDQUFDLENBQUM7QUFQVyxRQUFBLGVBQWUsbUJBTzFCIn0=
|
package/app/SignalR.d.ts
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import * as ss from '@pulumi/azure-native/signalrservice';
|
|
2
1
|
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
-
import
|
|
2
|
+
import * as ss from '@pulumi/azure-native/signalrservice';
|
|
4
3
|
import * as types from '../types';
|
|
5
|
-
|
|
4
|
+
import { BaseResourceComponent, CommonBaseArgs } from '../base';
|
|
5
|
+
export interface SignalRArgs extends CommonBaseArgs, types.WithUserAssignedIdentity, Partial<Pick<ss.SignalRArgs, 'kind' | 'cors' | 'features' | 'tls' | 'identity'>> {
|
|
6
6
|
sku: {
|
|
7
7
|
/**
|
|
8
8
|
* Optional, integer. The unit count of the resource.
|
package/app/SignalR.js
CHANGED
|
@@ -34,11 +34,11 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
36
|
exports.SignalR = void 0;
|
|
37
|
-
const ss = __importStar(require("@pulumi/azure-native/signalrservice"));
|
|
38
37
|
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
38
|
+
const ss = __importStar(require("@pulumi/azure-native/signalrservice"));
|
|
39
39
|
const base_1 = require("../base");
|
|
40
|
-
const
|
|
41
|
-
const
|
|
40
|
+
const VaultSecrets_1 = require("../vault/VaultSecrets");
|
|
41
|
+
const vnet_1 = require("../vnet");
|
|
42
42
|
class SignalR extends base_1.BaseResourceComponent {
|
|
43
43
|
id;
|
|
44
44
|
resourceName;
|
|
@@ -92,34 +92,49 @@ class SignalR extends base_1.BaseResourceComponent {
|
|
|
92
92
|
const { rsGroup, network } = this.args;
|
|
93
93
|
if (!network?.privateLink)
|
|
94
94
|
return;
|
|
95
|
-
return new
|
|
95
|
+
return new vnet_1.PrivateEndpoint(this.name, { ...network.privateLink, resourceInfo: service, rsGroup, type: 'signalR' }, { dependsOn: service, parent: this });
|
|
96
96
|
}
|
|
97
97
|
addSecretsToVault(service) {
|
|
98
|
-
const { rsGroup,
|
|
99
|
-
if (
|
|
98
|
+
const { rsGroup, defaultUAssignedId, vaultInfo } = this.args;
|
|
99
|
+
if (!vaultInfo)
|
|
100
100
|
return;
|
|
101
|
-
pulumi.output([service.name, rsGroup.resourceGroupName]).apply(async ([svName, rgName]) => {
|
|
101
|
+
return pulumi.output([service.name, rsGroup.resourceGroupName]).apply(async ([svName, rgName]) => {
|
|
102
102
|
if (!svName)
|
|
103
103
|
return;
|
|
104
104
|
const keys = await ss.listSignalRKeys({
|
|
105
105
|
resourceName: svName,
|
|
106
106
|
resourceGroupName: rgName,
|
|
107
107
|
});
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
value: keys.secondaryConnectionString,
|
|
117
|
-
contentType: `SignalR Secondary ConnectionString`,
|
|
118
|
-
},
|
|
108
|
+
const secrets = {
|
|
109
|
+
[`${this.name}-signalR-primary-conn`]: {
|
|
110
|
+
value: keys.primaryConnectionString,
|
|
111
|
+
contentType: `${this.name} SignalR`,
|
|
112
|
+
},
|
|
113
|
+
[`${this.name}-signalR-secondary-conn`]: {
|
|
114
|
+
value: keys.secondaryConnectionString,
|
|
115
|
+
contentType: `${this.name} SignalR`,
|
|
119
116
|
},
|
|
120
|
-
|
|
117
|
+
[`${this.name}-signalR-default-system-id`]: {
|
|
118
|
+
value: pulumi.interpolate `Endpoint=https://${service.name}.service.signalr.net;AuthType=azure.msi;Version=1.0;`,
|
|
119
|
+
contentType: `${this.name} SignalR`,
|
|
120
|
+
},
|
|
121
|
+
};
|
|
122
|
+
if (defaultUAssignedId) {
|
|
123
|
+
secrets[`${this.name}-signalR-default-user-assigned-id`] = {
|
|
124
|
+
value: pulumi.interpolate `Endpoint=https://${service.name}.service.signalr.net;AuthType=azure.msi;ClientId=${defaultUAssignedId.clientId};Version=1.0;`,
|
|
125
|
+
contentType: `${this.name} SignalR`,
|
|
126
|
+
};
|
|
127
|
+
}
|
|
128
|
+
// if (defaultAppIdentity) {
|
|
129
|
+
// secrets[`${this.name}-default-app-id`] =
|
|
130
|
+
// pulumi.interpolate`Endpoint=https://${service.name}.service.signalr.net;AuthType=azure.app;ClientId=${defaultAppIdentity.clientId};ClientSecret=789;TenantId=${azureEnv.tenantId};Version=1.0;`;
|
|
131
|
+
// }
|
|
132
|
+
return new VaultSecrets_1.VaultSecrets(`${this.name}-signalR`, {
|
|
133
|
+
vaultInfo,
|
|
134
|
+
secrets,
|
|
135
|
+
}, { dependsOn: service, deletedWith: service, parent: this });
|
|
121
136
|
});
|
|
122
137
|
}
|
|
123
138
|
}
|
|
124
139
|
exports.SignalR = SignalR;
|
|
125
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
140
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU2lnbmFsUi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9hcHAvU2lnbmFsUi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx1REFBeUM7QUFDekMsd0VBQTBEO0FBRzFELGtDQUFnRTtBQUNoRSx3REFBd0U7QUFFeEUsa0NBQTBDO0FBc0MxQyxNQUFhLE9BQVEsU0FBUSw0QkFBa0M7SUFDN0MsRUFBRSxDQUF3QjtJQUMxQixZQUFZLENBQXdCO0lBRXBELFlBQVksSUFBWSxFQUFFLElBQWlCLEVBQUUsSUFBc0M7UUFDakYsS0FBSyxDQUFDLFNBQVMsRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxDQUFDO1FBRW5DLE1BQU0sRUFBRSxPQUFPLEVBQUUsT0FBTyxFQUFFLEdBQUcsRUFBRSxHQUFHLEtBQUssRUFBRSxHQUFHLElBQUksQ0FBQztRQUNqRCxNQUFNLFVBQVUsR0FBRyxHQUFHLENBQUMsSUFBSSxLQUFLLFNBQVMsQ0FBQztRQUUxQyxNQUFNLE9BQU8sR0FBRyxJQUFJLEVBQUUsQ0FBQyxPQUFPLENBQzVCLElBQUksRUFDSjtZQUNFLEdBQUcsS0FBSztZQUNSLEdBQUcsT0FBTztZQUNWLEdBQUc7WUFDSCxtQkFBbUIsRUFBRSxPQUFPLEVBQUUsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsT0FBTyxFQUFFLFdBQVcsQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxTQUFTO1lBQzdHLFdBQVcsRUFBRSxVQUFVO2dCQUNyQixDQUFDLENBQUMsU0FBUztnQkFDWCxDQUFDLENBQUMsT0FBTyxFQUFFLFdBQVc7b0JBQ3BCLENBQUMsQ0FBQzt3QkFDRSxhQUFhLEVBQUUsRUFBRSxDQUFDLFNBQVMsQ0FBQyxLQUFLO3dCQUNqQyxhQUFhLEVBQUU7NEJBQ2IsS0FBSyxFQUFFLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLGdCQUFnQixDQUFDOzRCQUMvQyxJQUFJLEVBQUUsQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsZ0JBQWdCLEVBQUUsRUFBRSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQzt5QkFDOUU7d0JBQ0QsZ0JBQWdCLEVBQUU7NEJBQ2hCO2dDQUNFLElBQUksRUFBRSxFQUFFO2dDQUNSLEtBQUssRUFBRSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxnQkFBZ0IsRUFBRSxFQUFFLENBQUMsa0JBQWtCLENBQUMsZ0JBQWdCLENBQUM7Z0NBQ3ZGLElBQUksRUFBRSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxPQUFPLENBQUM7NkJBQ3RDO3lCQUNGO3FCQUNGO29CQUNILENBQUMsQ0FBQzt3QkFDRSxhQUFhLEVBQUUsRUFBRSxDQUFDLFNBQVMsQ0FBQyxLQUFLO3dCQUNqQyxhQUFhLEVBQUU7NEJBQ2IsS0FBSyxFQUFFLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLGdCQUFnQixFQUFFLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxnQkFBZ0IsQ0FBQzs0QkFDdkYsSUFBSSxFQUFFLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQzt5QkFDdEM7cUJBQ0Y7U0FDUixFQUNELEVBQUUsR0FBRyxJQUFJLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUMxQixDQUFDO1FBRUYsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ2hDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUVoQyxJQUFJLENBQUMsRUFBRSxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUM7UUFDckIsSUFBSSxDQUFDLFlBQVksR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDO1FBRWpDLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztJQUN6QixDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU87WUFDTCxFQUFFLEVBQUUsSUFBSSxDQUFDLEVBQUU7WUFDWCxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7U0FDaEMsQ0FBQztJQUNKLENBQUM7SUFFTyxpQkFBaUIsQ0FBQyxPQUFtQjtRQUMzQyxNQUFNLEVBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDdkMsSUFBSSxDQUFDLE9BQU8sRUFBRSxXQUFXO1lBQUUsT0FBTztRQUVsQyxPQUFPLElBQUksc0JBQWUsQ0FDeEIsSUFBSSxDQUFDLElBQUksRUFDVCxFQUFFLEdBQUcsT0FBTyxDQUFDLFdBQVcsRUFBRSxZQUFZLEVBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFLEVBQzNFLEVBQUUsU0FBUyxFQUFFLE9BQU8sRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ3JDLENBQUM7SUFDSixDQUFDO0lBRU8saUJBQWlCLENBQUMsT0FBbUI7UUFDM0MsTUFBTSxFQUFFLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxTQUFTLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBQzdELElBQUksQ0FBQyxTQUFTO1lBQUUsT0FBTztRQUN2QixPQUFPLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssRUFBRSxDQUFDLE1BQU0sRUFBRSxNQUFNLENBQUMsRUFBRSxFQUFFO1lBQy9GLElBQUksQ0FBQyxNQUFNO2dCQUFFLE9BQU87WUFFcEIsTUFBTSxJQUFJLEdBQUcsTUFBTSxFQUFFLENBQUMsZUFBZSxDQUFDO2dCQUNwQyxZQUFZLEVBQUUsTUFBTTtnQkFDcEIsaUJBQWlCLEVBQUUsTUFBTTthQUMxQixDQUFDLENBQUM7WUFFSCxNQUFNLE9BQU8sR0FBbUM7Z0JBQzlDLENBQUMsR0FBRyxJQUFJLENBQUMsSUFBSSx1QkFBdUIsQ0FBQyxFQUFFO29CQUNyQyxLQUFLLEVBQUUsSUFBSSxDQUFDLHVCQUF3QjtvQkFDcEMsV0FBVyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksVUFBVTtpQkFDcEM7Z0JBQ0QsQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLHlCQUF5QixDQUFDLEVBQUU7b0JBQ3ZDLEtBQUssRUFBRSxJQUFJLENBQUMseUJBQTBCO29CQUN0QyxXQUFXLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxVQUFVO2lCQUNwQztnQkFDRCxDQUFDLEdBQUcsSUFBSSxDQUFDLElBQUksNEJBQTRCLENBQUMsRUFBRTtvQkFDMUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxXQUFXLENBQUEsb0JBQW9CLE9BQU8sQ0FBQyxJQUFJLHNEQUFzRDtvQkFDL0csV0FBVyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksVUFBVTtpQkFDcEM7YUFDRixDQUFDO1lBRUYsSUFBSSxrQkFBa0IsRUFBRSxDQUFDO2dCQUN2QixPQUFPLENBQUMsR0FBRyxJQUFJLENBQUMsSUFBSSxtQ0FBbUMsQ0FBQyxHQUFHO29CQUN6RCxLQUFLLEVBQUUsTUFBTSxDQUFDLFdBQVcsQ0FBQSxvQkFBb0IsT0FBTyxDQUFDLElBQUksb0RBQW9ELGtCQUFrQixDQUFDLFFBQVEsZUFBZTtvQkFDdkosV0FBVyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksVUFBVTtpQkFDcEMsQ0FBQztZQUNKLENBQUM7WUFFRCw0QkFBNEI7WUFDNUIsNkNBQTZDO1lBQzdDLHVNQUF1TTtZQUN2TSxJQUFJO1lBRUosT0FBTyxJQUFJLDJCQUFZLENBQ3JCLEdBQUcsSUFBSSxDQUFDLElBQUksVUFBVSxFQUN0QjtnQkFDRSxTQUFTO2dCQUNULE9BQU87YUFDUixFQUNELEVBQUUsU0FBUyxFQUFFLE9BQU8sRUFBRSxXQUFXLEVBQUUsT0FBTyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDM0QsQ0FBQztRQUNKLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBeEhELDBCQXdIQyJ9
|
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
import * as azAd from '@pulumi/azuread';
|
|
2
2
|
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
-
import { BaseComponent } from '../base/BaseComponent';
|
|
4
|
-
import { WithMemberOfArgs, WithVaultInfo } from '../types';
|
|
5
3
|
import { RoleAssignmentArgs } from './RoleAssignment';
|
|
4
|
+
import { WithMemberOfArgs, WithVaultInfo } from '../types';
|
|
5
|
+
import { BaseComponent } from '../base/BaseComponent';
|
|
6
|
+
import { VaultSecrets } from '../vault';
|
|
6
7
|
export declare enum GroupMembershipClaimsTypes {
|
|
7
8
|
None = "None",
|
|
8
9
|
SecurityGroup = "SecurityGroup",
|
|
@@ -10,14 +11,11 @@ export declare enum GroupMembershipClaimsTypes {
|
|
|
10
11
|
ApplicationGroup = "ApplicationGroup",
|
|
11
12
|
All = "All"
|
|
12
13
|
}
|
|
13
|
-
export interface AppRegistrationArgs extends WithVaultInfo, WithMemberOfArgs, Pick<azAd.ApplicationArgs, 'identifierUris' | 'oauth2PostResponseRequired' | 'optionalClaims' | 'featureTags' | 'api' | 'appRoles' | 'owners' | 'requiredResourceAccesses'
|
|
14
|
+
export interface AppRegistrationArgs extends WithVaultInfo, WithMemberOfArgs, Partial<Pick<azAd.ApplicationArgs, 'identifierUris' | 'oauth2PostResponseRequired' | 'optionalClaims' | 'featureTags' | 'api' | 'appRoles' | 'owners' | 'requiredResourceAccesses'>> {
|
|
14
15
|
info?: Pick<azAd.ApplicationArgs, 'description' | 'displayName' | 'logoImage' | 'marketingUrl' | 'notes' | 'privacyStatementUrl'>;
|
|
15
16
|
groupMembershipClaims?: pulumi.Input<GroupMembershipClaimsTypes[]>;
|
|
16
17
|
identifierUris?: pulumi.Input<pulumi.Input<string>[]>;
|
|
17
|
-
|
|
18
|
-
servicePrincipal?: Pick<azAd.ServicePrincipalArgs, 'notificationEmailAddresses' | 'preferredSingleSignOnMode' | 'samlSingleSignOn' | 'appRoleAssignmentRequired'> & {
|
|
19
|
-
enabled: boolean;
|
|
20
|
-
};
|
|
18
|
+
servicePrincipal?: Pick<azAd.ServicePrincipalArgs, 'notificationEmailAddresses' | 'preferredSingleSignOnMode' | 'samlSingleSignOn' | 'appRoleAssignmentRequired'>;
|
|
21
19
|
appType?: 'web' | 'singlePageApplication' | 'native';
|
|
22
20
|
/** This is require when the appType is 'web' or 'singlePageApplication' */
|
|
23
21
|
redirectUris?: pulumi.Input<pulumi.Input<string>[]>;
|
|
@@ -37,16 +35,22 @@ export declare class AppRegistration extends BaseComponent<AppRegistrationArgs>
|
|
|
37
35
|
readonly clientSecret?: pulumi.Output<string>;
|
|
38
36
|
readonly servicePrincipalId?: pulumi.Output<string>;
|
|
39
37
|
readonly servicePrincipalPassword?: pulumi.Output<string>;
|
|
38
|
+
readonly vaultSecrets: {
|
|
39
|
+
[key: string]: ReturnType<VaultSecrets['getOutputs']>;
|
|
40
|
+
};
|
|
40
41
|
constructor(name: string, args?: AppRegistrationArgs, opts?: pulumi.ComponentResourceOptions);
|
|
41
42
|
getOutputs(): {
|
|
42
43
|
clientId: pulumi.Output<string>;
|
|
43
|
-
clientSecret: pulumi.Output<string> | undefined;
|
|
44
44
|
servicePrincipalId: pulumi.Output<string> | undefined;
|
|
45
|
-
|
|
45
|
+
vaultSecrets: {
|
|
46
|
+
[key: string]: {
|
|
47
|
+
[key: string]: import("../vault").VaultSecretResult;
|
|
48
|
+
};
|
|
49
|
+
};
|
|
46
50
|
};
|
|
51
|
+
private createAppRegistration;
|
|
47
52
|
private createServicePrincipal;
|
|
48
|
-
private createClientSecret;
|
|
49
53
|
private addRoleAssignments;
|
|
50
54
|
private addMemberOf;
|
|
51
|
-
private
|
|
55
|
+
private addSecrets;
|
|
52
56
|
}
|
package/azAd/AppRegistration.js
CHANGED
|
@@ -36,10 +36,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
36
36
|
exports.AppRegistration = exports.GroupMembershipClaimsTypes = void 0;
|
|
37
37
|
const azAd = __importStar(require("@pulumi/azuread"));
|
|
38
38
|
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
39
|
+
const RoleAssignment_1 = require("./RoleAssignment");
|
|
39
40
|
const BaseComponent_1 = require("../base/BaseComponent");
|
|
40
|
-
const helpers_1 = require("../base/helpers");
|
|
41
41
|
const vault_1 = require("../vault");
|
|
42
|
-
const
|
|
42
|
+
const helpers_1 = require("../base/helpers");
|
|
43
|
+
const helpers_2 = require("../helpers");
|
|
43
44
|
var GroupMembershipClaimsTypes;
|
|
44
45
|
(function (GroupMembershipClaimsTypes) {
|
|
45
46
|
GroupMembershipClaimsTypes["None"] = "None";
|
|
@@ -53,61 +54,56 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
53
54
|
clientSecret;
|
|
54
55
|
servicePrincipalId;
|
|
55
56
|
servicePrincipalPassword;
|
|
56
|
-
|
|
57
|
+
vaultSecrets = {};
|
|
57
58
|
constructor(name, args = { appType: 'native' }, opts) {
|
|
58
59
|
super((0, helpers_1.getComponentResourceType)('AppRegistration'), name, args, opts);
|
|
59
|
-
const ops = args.info ?? {
|
|
60
|
-
displayName: name,
|
|
61
|
-
description: name,
|
|
62
|
-
};
|
|
63
60
|
//Application
|
|
64
|
-
const app =
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
featureTags: args.featureTags,
|
|
69
|
-
oauth2PostResponseRequired: args.oauth2PostResponseRequired,
|
|
70
|
-
identifierUris: args.identifierUris,
|
|
71
|
-
requiredResourceAccesses: args.requiredResourceAccesses,
|
|
72
|
-
optionalClaims: args.optionalClaims,
|
|
73
|
-
groupMembershipClaims: args.groupMembershipClaims,
|
|
74
|
-
appRoles: args.appRoles,
|
|
75
|
-
//Expose the API
|
|
76
|
-
api: args.api,
|
|
77
|
-
owners: args.owners,
|
|
78
|
-
//Clients Apps
|
|
79
|
-
web: args.appType == 'web'
|
|
80
|
-
? {
|
|
81
|
-
redirectUris: args.redirectUris,
|
|
82
|
-
logoutUrl: args.logoutUrl,
|
|
83
|
-
implicitGrant: args.implicitGrant,
|
|
84
|
-
homepageUrl: args.homepageUrl,
|
|
85
|
-
}
|
|
86
|
-
: undefined,
|
|
87
|
-
singlePageApplication: args.appType == 'singlePageApplication' ? { redirectUris: args.redirectUris } : undefined,
|
|
88
|
-
}, { ...opts, parent: this });
|
|
89
|
-
this.addSecret('client-id', app.clientId);
|
|
90
|
-
if (args.enableClientSecret) {
|
|
91
|
-
const secret = this.createClientSecret(app);
|
|
92
|
-
this.clientSecret = secret.clientSecret;
|
|
93
|
-
}
|
|
94
|
-
if (args.servicePrincipal?.enabled) {
|
|
95
|
-
const sp = this.createServicePrincipal(app);
|
|
96
|
-
this.servicePrincipalId = sp.servicePrincipalId;
|
|
97
|
-
this.servicePrincipalPassword = sp.servicePrincipalPassword;
|
|
98
|
-
}
|
|
99
|
-
this.addMemberOf(app);
|
|
61
|
+
const { app, clientSecret } = this.createAppRegistration();
|
|
62
|
+
const sp = this.createServicePrincipal(app);
|
|
63
|
+
this.servicePrincipalId = sp.servicePrincipalId;
|
|
64
|
+
this.servicePrincipalPassword = sp.servicePrincipalPassword;
|
|
100
65
|
this.clientId = app.clientId;
|
|
101
|
-
this.
|
|
66
|
+
this.addSecrets({
|
|
67
|
+
clientId: app.clientId,
|
|
68
|
+
clientSecret: clientSecret,
|
|
69
|
+
servicePrincipalId: sp.servicePrincipalId,
|
|
70
|
+
servicePrincipalPass: sp.servicePrincipalPassword,
|
|
71
|
+
});
|
|
72
|
+
this.registerOutputs();
|
|
102
73
|
}
|
|
103
74
|
getOutputs() {
|
|
104
75
|
return {
|
|
105
76
|
clientId: this.clientId,
|
|
106
|
-
clientSecret: this.clientSecret,
|
|
107
77
|
servicePrincipalId: this.servicePrincipalId,
|
|
108
|
-
|
|
78
|
+
vaultSecrets: this.vaultSecrets,
|
|
109
79
|
};
|
|
110
80
|
}
|
|
81
|
+
createAppRegistration() {
|
|
82
|
+
const { info } = this.args;
|
|
83
|
+
const app = new azAd.Application(`${helpers_2.stackInfo.stack}-${this.name}`, {
|
|
84
|
+
...this.args,
|
|
85
|
+
...info,
|
|
86
|
+
displayName: info?.displayName ?? `${helpers_2.stackInfo.stack}-${this.name}`,
|
|
87
|
+
description: info?.description ?? `${helpers_2.stackInfo.stack}-${this.name}`,
|
|
88
|
+
preventDuplicateNames: true,
|
|
89
|
+
signInAudience: 'AzureADMyOrg',
|
|
90
|
+
//Clients Apps
|
|
91
|
+
web: this.args.appType == 'web'
|
|
92
|
+
? {
|
|
93
|
+
redirectUris: this.args.redirectUris,
|
|
94
|
+
logoutUrl: this.args.logoutUrl,
|
|
95
|
+
implicitGrant: this.args.implicitGrant,
|
|
96
|
+
homepageUrl: this.args.homepageUrl,
|
|
97
|
+
}
|
|
98
|
+
: undefined,
|
|
99
|
+
singlePageApplication: this.args.appType == 'singlePageApplication' ? { redirectUris: this.args.redirectUris } : undefined,
|
|
100
|
+
}, { ...this.opts, parent: this });
|
|
101
|
+
const clientSecret = new azAd.ApplicationPassword(`${this.name}-client-secret`, {
|
|
102
|
+
displayName: this.name,
|
|
103
|
+
applicationId: app.id,
|
|
104
|
+
}, { dependsOn: app, parent: this });
|
|
105
|
+
return { app, clientSecret: clientSecret.value };
|
|
106
|
+
}
|
|
111
107
|
createServicePrincipal(app) {
|
|
112
108
|
//Service Principal
|
|
113
109
|
const sp = new azAd.ServicePrincipal(`${this.name}-sp`, {
|
|
@@ -115,51 +111,54 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
115
111
|
description: this.name,
|
|
116
112
|
clientId: app.clientId,
|
|
117
113
|
owners: this.args.owners,
|
|
118
|
-
}, { dependsOn: app, parent: this });
|
|
114
|
+
}, { dependsOn: app, deletedWith: app, parent: this });
|
|
119
115
|
var spPass = new azAd.ServicePrincipalPassword(`${this.name}-sp-pass`, {
|
|
120
116
|
displayName: this.name,
|
|
121
117
|
servicePrincipalId: pulumi.interpolate `/servicePrincipals/${sp.objectId}`,
|
|
122
|
-
}, { dependsOn: sp, parent: this });
|
|
118
|
+
}, { dependsOn: sp, deletedWith: app, parent: this });
|
|
123
119
|
this.addRoleAssignments(sp);
|
|
124
|
-
this.
|
|
120
|
+
this.addMemberOf(sp);
|
|
125
121
|
return {
|
|
126
122
|
servicePrincipalId: sp.id,
|
|
127
123
|
servicePrincipalPassword: spPass.value,
|
|
128
124
|
};
|
|
129
125
|
}
|
|
130
|
-
createClientSecret(app) {
|
|
131
|
-
const clientSecret = new azAd.ApplicationPassword(`${this.name}-client-secret`, {
|
|
132
|
-
displayName: this.name,
|
|
133
|
-
applicationId: app.id,
|
|
134
|
-
}, { dependsOn: app, parent: this });
|
|
135
|
-
this.addSecret('client-secret', clientSecret.value);
|
|
136
|
-
return {
|
|
137
|
-
clientSecret: clientSecret.value,
|
|
138
|
-
};
|
|
139
|
-
}
|
|
140
126
|
addRoleAssignments(sv) {
|
|
141
127
|
const { roleAssignments } = this.args;
|
|
142
128
|
if (!roleAssignments)
|
|
143
129
|
return;
|
|
144
|
-
return roleAssignments.map((role) => new RoleAssignment_1.RoleAssignment(`${this.name}-${role.roleName}`, { ...role, principalId: sv.objectId, principalType: 'ServicePrincipal' }, { dependsOn: sv, parent: this }));
|
|
130
|
+
return roleAssignments.map((role) => new RoleAssignment_1.RoleAssignment(`${this.name}-${role.roleName}`, { ...role, principalId: sv.objectId, principalType: 'ServicePrincipal' }, { dependsOn: sv, deletedWith: sv, parent: this }));
|
|
145
131
|
}
|
|
146
|
-
addMemberOf(
|
|
132
|
+
addMemberOf(sv) {
|
|
147
133
|
if (!this.args.memberof)
|
|
148
134
|
return;
|
|
149
135
|
this.args.memberof.map((group) => pulumi.output(group).apply((id) => new azAd.GroupMember(`${this.name}-${id.objectId}`, {
|
|
150
136
|
groupObjectId: id.objectId,
|
|
151
|
-
memberObjectId:
|
|
152
|
-
}, { dependsOn:
|
|
137
|
+
memberObjectId: sv.objectId,
|
|
138
|
+
}, { dependsOn: sv, deletedWith: sv, parent: this })));
|
|
153
139
|
}
|
|
154
|
-
|
|
140
|
+
addSecrets({ clientId, clientSecret, servicePrincipalId, servicePrincipalPass, }) {
|
|
155
141
|
if (!this.args.vaultInfo)
|
|
156
142
|
return;
|
|
157
|
-
|
|
143
|
+
const n = `${this.name}-secrets`;
|
|
144
|
+
const secret = new vault_1.VaultSecrets(n, {
|
|
158
145
|
vaultInfo: this.args.vaultInfo,
|
|
159
|
-
|
|
160
|
-
|
|
146
|
+
secrets: {
|
|
147
|
+
[`${this.name}-app-client-id`]: { value: clientId, contentType: `AppRegistration:${this.name} ` },
|
|
148
|
+
[`${this.name}-app-client-secret`]: { value: clientSecret, contentType: `AppRegistration:${this.name} ` },
|
|
149
|
+
[`${this.name}-service-principal-id`]: {
|
|
150
|
+
value: servicePrincipalId,
|
|
151
|
+
contentType: `AppRegistration:${this.name} `,
|
|
152
|
+
},
|
|
153
|
+
[`${this.name}-service-principal-pass`]: {
|
|
154
|
+
value: servicePrincipalPass,
|
|
155
|
+
contentType: `AppRegistration:${this.name} `,
|
|
156
|
+
},
|
|
157
|
+
},
|
|
161
158
|
}, { dependsOn: this.opts?.dependsOn, parent: this });
|
|
159
|
+
this.vaultSecrets[n] = secret.getOutputs();
|
|
160
|
+
return secret;
|
|
162
161
|
}
|
|
163
162
|
}
|
|
164
163
|
exports.AppRegistration = AppRegistration;
|
|
165
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
164
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXBwUmVnaXN0cmF0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvQXBwUmVnaXN0cmF0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUN4Qyx1REFBeUM7QUFFekMscURBQXNFO0FBR3RFLHlEQUFzRDtBQUN0RCxvQ0FBd0M7QUFDeEMsNkNBQTJEO0FBQzNELHdDQUF1QztBQUV2QyxJQUFZLDBCQU1YO0FBTkQsV0FBWSwwQkFBMEI7SUFDcEMsMkNBQWEsQ0FBQTtJQUNiLDZEQUErQixDQUFBO0lBQy9CLDZEQUErQixDQUFBO0lBQy9CLG1FQUFxQyxDQUFBO0lBQ3JDLHlDQUFXLENBQUE7QUFDYixDQUFDLEVBTlcsMEJBQTBCLDBDQUExQiwwQkFBMEIsUUFNckM7QUEyQ0QsTUFBYSxlQUFnQixTQUFRLDZCQUFrQztJQUNyRCxRQUFRLENBQXdCO0lBQ2hDLFlBQVksQ0FBeUI7SUFDckMsa0JBQWtCLENBQXlCO0lBQzNDLHdCQUF3QixDQUF5QjtJQUNqRCxZQUFZLEdBQThELEVBQUUsQ0FBQztJQUU3RixZQUFZLElBQVksRUFBRSxPQUE0QixFQUFFLE9BQU8sRUFBRSxRQUFRLEVBQUUsRUFBRSxJQUFzQztRQUNqSCxLQUFLLENBQUMsSUFBQSxrQ0FBd0IsRUFBQyxpQkFBaUIsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFckUsYUFBYTtRQUNiLE1BQU0sRUFBRSxHQUFHLEVBQUUsWUFBWSxFQUFFLEdBQUcsSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7UUFDM0QsTUFBTSxFQUFFLEdBQUcsSUFBSSxDQUFDLHNCQUFzQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzVDLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxFQUFFLENBQUMsa0JBQWtCLENBQUM7UUFDaEQsSUFBSSxDQUFDLHdCQUF3QixHQUFHLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQztRQUU1RCxJQUFJLENBQUMsUUFBUSxHQUFHLEdBQUcsQ0FBQyxRQUFRLENBQUM7UUFDN0IsSUFBSSxDQUFDLFVBQVUsQ0FBQztZQUNkLFFBQVEsRUFBRSxHQUFHLENBQUMsUUFBUTtZQUN0QixZQUFZLEVBQUUsWUFBWTtZQUMxQixrQkFBa0IsRUFBRSxFQUFFLENBQUMsa0JBQWtCO1lBQ3pDLG9CQUFvQixFQUFFLEVBQUUsQ0FBQyx3QkFBd0I7U0FDbEQsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO0lBQ3pCLENBQUM7SUFFTSxVQUFVO1FBQ2YsT0FBTztZQUNMLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixrQkFBa0IsRUFBRSxJQUFJLENBQUMsa0JBQWtCO1lBQzNDLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBWTtTQUNoQyxDQUFDO0lBQ0osQ0FBQztJQUVPLHFCQUFxQjtRQUMzQixNQUFNLEVBQUUsSUFBSSxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUUzQixNQUFNLEdBQUcsR0FBRyxJQUFJLElBQUksQ0FBQyxXQUFXLENBQzlCLEdBQUcsbUJBQVMsQ0FBQyxLQUFLLElBQUksSUFBSSxDQUFDLElBQUksRUFBRSxFQUNqQztZQUNFLEdBQUcsSUFBSSxDQUFDLElBQUk7WUFDWixHQUFHLElBQUk7WUFDUCxXQUFXLEVBQUUsSUFBSSxFQUFFLFdBQVcsSUFBSSxHQUFHLG1CQUFTLENBQUMsS0FBSyxJQUFJLElBQUksQ0FBQyxJQUFJLEVBQUU7WUFDbkUsV0FBVyxFQUFFLElBQUksRUFBRSxXQUFXLElBQUksR0FBRyxtQkFBUyxDQUFDLEtBQUssSUFBSSxJQUFJLENBQUMsSUFBSSxFQUFFO1lBQ25FLHFCQUFxQixFQUFFLElBQUk7WUFDM0IsY0FBYyxFQUFFLGNBQWM7WUFFOUIsY0FBYztZQUNkLEdBQUcsRUFDRCxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sSUFBSSxLQUFLO2dCQUN4QixDQUFDLENBQUM7b0JBQ0UsWUFBWSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWTtvQkFDcEMsU0FBUyxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUztvQkFDOUIsYUFBYSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsYUFBYTtvQkFDdEMsV0FBVyxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsV0FBVztpQkFDbkM7Z0JBQ0gsQ0FBQyxDQUFDLFNBQVM7WUFDZixxQkFBcUIsRUFDbkIsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLElBQUksdUJBQXVCLENBQUMsQ0FBQyxDQUFDLEVBQUUsWUFBWSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVM7U0FDdEcsRUFDRCxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQy9CLENBQUM7UUFFRixNQUFNLFlBQVksR0FBRyxJQUFJLElBQUksQ0FBQyxtQkFBbUIsQ0FDL0MsR0FBRyxJQUFJLENBQUMsSUFBSSxnQkFBZ0IsRUFDNUI7WUFDRSxXQUFXLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDdEIsYUFBYSxFQUFFLEdBQUcsQ0FBQyxFQUFFO1NBQ3RCLEVBQ0QsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDakMsQ0FBQztRQUVGLE9BQU8sRUFBRSxHQUFHLEVBQUUsWUFBWSxFQUFFLFlBQVksQ0FBQyxLQUFLLEVBQUUsQ0FBQztJQUNuRCxDQUFDO0lBRU8sc0JBQXNCLENBQUMsR0FBcUI7UUFDbEQsbUJBQW1CO1FBQ25CLE1BQU0sRUFBRSxHQUFHLElBQUksSUFBSSxDQUFDLGdCQUFnQixDQUNsQyxHQUFHLElBQUksQ0FBQyxJQUFJLEtBQUssRUFDakI7WUFDRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsZ0JBQWdCO1lBQzdCLFdBQVcsRUFBRSxJQUFJLENBQUMsSUFBSTtZQUN0QixRQUFRLEVBQUUsR0FBRyxDQUFDLFFBQVE7WUFDdEIsTUFBTSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTTtTQUN6QixFQUNELEVBQUUsU0FBUyxFQUFFLEdBQUcsRUFBRSxXQUFXLEVBQUUsR0FBRyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDbkQsQ0FBQztRQUVGLElBQUksTUFBTSxHQUFHLElBQUksSUFBSSxDQUFDLHdCQUF3QixDQUM1QyxHQUFHLElBQUksQ0FBQyxJQUFJLFVBQVUsRUFDdEI7WUFDRSxXQUFXLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDdEIsa0JBQWtCLEVBQUUsTUFBTSxDQUFDLFdBQVcsQ0FBQSxzQkFBc0IsRUFBRSxDQUFDLFFBQVEsRUFBRTtTQUMxRSxFQUNELEVBQUUsU0FBUyxFQUFFLEVBQUUsRUFBRSxXQUFXLEVBQUUsR0FBRyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDbEQsQ0FBQztRQUVGLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUM1QixJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBRXJCLE9BQU87WUFDTCxrQkFBa0IsRUFBRSxFQUFFLENBQUMsRUFBRTtZQUN6Qix3QkFBd0IsRUFBRSxNQUFNLENBQUMsS0FBSztTQUN2QyxDQUFDO0lBQ0osQ0FBQztJQUVPLGtCQUFrQixDQUFDLEVBQXlCO1FBQ2xELE1BQU0sRUFBRSxlQUFlLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBQ3RDLElBQUksQ0FBQyxlQUFlO1lBQUUsT0FBTztRQUU3QixPQUFPLGVBQWUsQ0FBQyxHQUFHLENBQ3hCLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FDUCxJQUFJLCtCQUFjLENBQ2hCLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxJQUFJLENBQUMsUUFBUSxFQUFFLEVBQy9CLEVBQUUsR0FBRyxJQUFJLEVBQUUsV0FBVyxFQUFFLEVBQUUsQ0FBQyxRQUFRLEVBQUUsYUFBYSxFQUFFLGtCQUFrQixFQUFFLEVBQ3hFLEVBQUUsU0FBUyxFQUFFLEVBQUUsRUFBRSxXQUFXLEVBQUUsRUFBRSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDakQsQ0FDSixDQUFDO0lBQ0osQ0FBQztJQUVPLFdBQVcsQ0FBQyxFQUF5QjtRQUMzQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRO1lBQUUsT0FBTztRQUNoQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUMvQixNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLEtBQUssQ0FDeEIsQ0FBQyxFQUFFLEVBQUUsRUFBRSxDQUNMLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FDbEIsR0FBRyxJQUFJLENBQUMsSUFBSSxJQUFJLEVBQUUsQ0FBQyxRQUFRLEVBQUUsRUFDN0I7WUFDRSxhQUFhLEVBQUUsRUFBRSxDQUFDLFFBQVE7WUFDMUIsY0FBYyxFQUFFLEVBQUUsQ0FBQyxRQUFRO1NBQzVCLEVBQ0QsRUFBRSxTQUFTLEVBQUUsRUFBRSxFQUFFLFdBQVcsRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNqRCxDQUNKLENBQ0YsQ0FBQztJQUNKLENBQUM7SUFFTyxVQUFVLENBQUMsRUFDakIsUUFBUSxFQUNSLFlBQVksRUFDWixrQkFBa0IsRUFDbEIsb0JBQW9CLEdBTXJCO1FBQ0MsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUztZQUFFLE9BQU87UUFDakMsTUFBTSxDQUFDLEdBQUcsR0FBRyxJQUFJLENBQUMsSUFBSSxVQUFVLENBQUM7UUFDakMsTUFBTSxNQUFNLEdBQUcsSUFBSSxvQkFBWSxDQUM3QixDQUFDLEVBQ0Q7WUFDRSxTQUFTLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTO1lBQzlCLE9BQU8sRUFBRTtnQkFDUCxDQUFDLEdBQUcsSUFBSSxDQUFDLElBQUksZ0JBQWdCLENBQUMsRUFBRSxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUUsV0FBVyxFQUFFLG1CQUFtQixJQUFJLENBQUMsSUFBSSxHQUFHLEVBQUU7Z0JBQ2pHLENBQUMsR0FBRyxJQUFJLENBQUMsSUFBSSxvQkFBb0IsQ0FBQyxFQUFFLEVBQUUsS0FBSyxFQUFFLFlBQVksRUFBRSxXQUFXLEVBQUUsbUJBQW1CLElBQUksQ0FBQyxJQUFJLEdBQUcsRUFBRTtnQkFDekcsQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLHVCQUF1QixDQUFDLEVBQUU7b0JBQ3JDLEtBQUssRUFBRSxrQkFBa0I7b0JBQ3pCLFdBQVcsRUFBRSxtQkFBbUIsSUFBSSxDQUFDLElBQUksR0FBRztpQkFDN0M7Z0JBQ0QsQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLHlCQUF5QixDQUFDLEVBQUU7b0JBQ3ZDLEtBQUssRUFBRSxvQkFBb0I7b0JBQzNCLFdBQVcsRUFBRSxtQkFBbUIsSUFBSSxDQUFDLElBQUksR0FBRztpQkFDN0M7YUFDRjtTQUNGLEVBQ0QsRUFBRSxTQUFTLEVBQUUsSUFBSSxDQUFDLElBQUksRUFBRSxTQUFTLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNsRCxDQUFDO1FBQ0YsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsR0FBRyxNQUFNLENBQUMsVUFBVSxFQUFFLENBQUM7UUFDM0MsT0FBTyxNQUFNLENBQUM7SUFDaEIsQ0FBQztDQUNGO0FBN0tELDBDQTZLQyJ9
|
package/azAd/AzRole.js
CHANGED
|
@@ -59,7 +59,7 @@ class AzRole extends BaseComponent_1.BaseComponent {
|
|
|
59
59
|
}, { parent: this });
|
|
60
60
|
this.objectId = role.objectId;
|
|
61
61
|
this.displayName = role.displayName;
|
|
62
|
-
this.registerOutputs(
|
|
62
|
+
this.registerOutputs();
|
|
63
63
|
}
|
|
64
64
|
getOutputs() {
|
|
65
65
|
return {
|
|
@@ -69,4 +69,4 @@ class AzRole extends BaseComponent_1.BaseComponent {
|
|
|
69
69
|
}
|
|
70
70
|
}
|
|
71
71
|
exports.AzRole = AzRole;
|
|
72
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
72
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXpSb2xlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvQXpSb2xlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUd4Qyx5REFBc0Q7QUFDdEQsNkNBQTJEO0FBQzNELHdDQUF1QztBQUl2QyxNQUFhLE1BQU8sU0FBUSw2QkFBeUI7SUFDbkMsUUFBUSxDQUF3QjtJQUNoQyxXQUFXLENBQXdCO0lBRW5ELFlBQVksSUFBWSxFQUFFLE9BQW1CLEVBQUUsRUFBRSxJQUFzQztRQUNyRixNQUFNLENBQUMsR0FBRyxPQUFPLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLEdBQUcsQ0FBQyxFQUFFLENBQUM7UUFDM0QsS0FBSyxDQUFDLElBQUEsa0NBQXdCLEVBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUV6RCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLG1CQUFTLENBQUMsS0FBSyxDQUFDO1lBQzdDLENBQUMsQ0FBQyxPQUFPLElBQUksRUFBRSxDQUFDLFdBQVcsRUFBRTtZQUM3QixDQUFDLENBQUMsT0FBTyxtQkFBUyxDQUFDLEtBQUssSUFBSSxJQUFJLEVBQUUsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUVuRCxNQUFNLElBQUksR0FBRyxJQUFJLElBQUksQ0FBQyxLQUFLLENBQ3pCLENBQUMsRUFDRDtZQUNFLFdBQVcsRUFBRSxRQUFRO1lBQ3JCLFdBQVcsRUFBRSxRQUFRO1lBQ3JCLE9BQU8sRUFBRSxJQUFJLENBQUMsT0FBTztZQUNyQixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07WUFFbkIsZUFBZSxFQUFFLElBQUk7WUFDckIsV0FBVyxFQUFFLEtBQUs7WUFDbEIscUJBQXFCLEVBQUUsSUFBSSxDQUFDLHFCQUFxQjtZQUNqRCxnQkFBZ0IsRUFBRSxLQUFLO1NBQ3hCLEVBQ0QsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2pCLENBQUM7UUFFRixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUM7UUFDOUIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDO1FBRXBDLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztJQUN6QixDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU87WUFDTCxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDdkIsV0FBVyxFQUFFLElBQUksQ0FBQyxXQUFXO1NBQzlCLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUF4Q0Qsd0JBd0NDIn0=
|
package/azAd/GroupRole.d.ts
CHANGED
|
@@ -1,29 +1,19 @@
|
|
|
1
1
|
import * as pulumi from '@pulumi/pulumi';
|
|
2
|
-
import { BaseComponent } from '../base
|
|
2
|
+
import { BaseComponent } from '../base';
|
|
3
3
|
import * as types from '../types';
|
|
4
4
|
import { AzRoleArgs } from './AzRole';
|
|
5
5
|
export interface GroupRoleArgs extends Pick<AzRoleArgs, 'owners' | 'preventDuplicateNames'>, Partial<Record<types.GroupRoleTypes, Pick<AzRoleArgs, 'members'>>> {
|
|
6
6
|
preventDuplicateNames?: pulumi.Input<boolean>;
|
|
7
7
|
}
|
|
8
|
-
export interface GroupRoleOutput {
|
|
9
|
-
objectId: string;
|
|
10
|
-
displayName: string;
|
|
11
|
-
}
|
|
12
8
|
export declare class GroupRole extends BaseComponent<GroupRoleArgs> {
|
|
13
|
-
readonly admin: pulumi.Output<GroupRoleOutput>;
|
|
14
|
-
readonly contributor: pulumi.Output<GroupRoleOutput>;
|
|
15
|
-
readonly readOnly: pulumi.Output<GroupRoleOutput>;
|
|
9
|
+
readonly admin: pulumi.Output<types.GroupRoleOutput>;
|
|
10
|
+
readonly contributor: pulumi.Output<types.GroupRoleOutput>;
|
|
11
|
+
readonly readOnly: pulumi.Output<types.GroupRoleOutput>;
|
|
16
12
|
constructor(name?: string, args?: GroupRoleArgs, opts?: pulumi.ComponentResourceOptions);
|
|
17
13
|
getOutputs(): {
|
|
18
|
-
admin: pulumi.Output<GroupRoleOutput>;
|
|
19
|
-
contributor: pulumi.Output<GroupRoleOutput>;
|
|
20
|
-
readOnly: pulumi.Output<GroupRoleOutput>;
|
|
14
|
+
admin: pulumi.Output<types.GroupRoleOutput>;
|
|
15
|
+
contributor: pulumi.Output<types.GroupRoleOutput>;
|
|
16
|
+
readOnly: pulumi.Output<types.GroupRoleOutput>;
|
|
21
17
|
};
|
|
22
18
|
private configHierarchyRoles;
|
|
23
|
-
/**
|
|
24
|
-
* Selectively picks properties from the component instance
|
|
25
|
-
* @param keys - Array of property keys to pick from the component
|
|
26
|
-
* @returns Object containing only the selected properties
|
|
27
|
-
*/
|
|
28
|
-
PickOutputs<K extends keyof this>(...keys: K[]): Pick<this, K>;
|
|
29
19
|
}
|
package/azAd/GroupRole.js
CHANGED
|
@@ -36,11 +36,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
36
36
|
exports.GroupRole = void 0;
|
|
37
37
|
const azAd = __importStar(require("@pulumi/azuread"));
|
|
38
38
|
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
39
|
-
const
|
|
39
|
+
const base_1 = require("../base");
|
|
40
40
|
const helpers_1 = require("../base/helpers");
|
|
41
41
|
const helpers_2 = require("../helpers");
|
|
42
42
|
const AzRole_1 = require("./AzRole");
|
|
43
|
-
class GroupRole extends
|
|
43
|
+
class GroupRole extends base_1.BaseComponent {
|
|
44
44
|
admin;
|
|
45
45
|
contributor;
|
|
46
46
|
readOnly;
|
|
@@ -68,7 +68,7 @@ class GroupRole extends BaseComponent_1.BaseComponent {
|
|
|
68
68
|
displayName: roleInstances.readOnly.displayName,
|
|
69
69
|
});
|
|
70
70
|
this.configHierarchyRoles(roleInstances);
|
|
71
|
-
this.registerOutputs(
|
|
71
|
+
this.registerOutputs();
|
|
72
72
|
}
|
|
73
73
|
getOutputs() {
|
|
74
74
|
return {
|
|
@@ -78,30 +78,20 @@ class GroupRole extends BaseComponent_1.BaseComponent {
|
|
|
78
78
|
};
|
|
79
79
|
}
|
|
80
80
|
configHierarchyRoles(roles) {
|
|
81
|
+
const deps = Object.values(roles);
|
|
81
82
|
if (this.admin && this.contributor) {
|
|
82
83
|
new azAd.GroupMember(`${this.name}-admin2contributor`, {
|
|
83
84
|
groupObjectId: this.contributor.objectId,
|
|
84
85
|
memberObjectId: this.admin.objectId,
|
|
85
|
-
}, { dependsOn:
|
|
86
|
+
}, { dependsOn: deps, parent: this, retainOnDelete: true });
|
|
86
87
|
}
|
|
87
88
|
if (this.contributor && this.readOnly) {
|
|
88
89
|
new azAd.GroupMember(`${this.name}-contributor2readOnly`, {
|
|
89
90
|
groupObjectId: this.readOnly.objectId,
|
|
90
91
|
memberObjectId: this.contributor.objectId,
|
|
91
|
-
}, { dependsOn:
|
|
92
|
+
}, { dependsOn: deps, parent: this, retainOnDelete: true });
|
|
92
93
|
}
|
|
93
94
|
}
|
|
94
|
-
/**
|
|
95
|
-
* Selectively picks properties from the component instance
|
|
96
|
-
* @param keys - Array of property keys to pick from the component
|
|
97
|
-
* @returns Object containing only the selected properties
|
|
98
|
-
*/
|
|
99
|
-
PickOutputs(...keys) {
|
|
100
|
-
return keys.reduce((acc, key) => {
|
|
101
|
-
acc[key] = this[key];
|
|
102
|
-
return acc;
|
|
103
|
-
}, {});
|
|
104
|
-
}
|
|
105
95
|
}
|
|
106
96
|
exports.GroupRole = GroupRole;
|
|
107
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
97
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiR3JvdXBSb2xlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvR3JvdXBSb2xlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUN4Qyx1REFBeUM7QUFDekMsa0NBQXdDO0FBQ3hDLDZDQUEyRDtBQUMzRCx3Q0FBdUM7QUFFdkMscUNBQThDO0FBUTlDLE1BQWEsU0FBVSxTQUFRLG9CQUE0QjtJQUN6QyxLQUFLLENBQXVDO0lBQzVDLFdBQVcsQ0FBdUM7SUFDbEQsUUFBUSxDQUF1QztJQUUvRCxZQUFZLE9BQWUsbUJBQVMsQ0FBQyxLQUFLLEVBQUUsT0FBc0IsRUFBRSxFQUFFLElBQXNDO1FBQzFHLEtBQUssQ0FBQyxJQUFBLGtDQUF3QixFQUFDLFdBQVcsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFL0QsTUFBTSxLQUFLLEdBQUcsQ0FBQyxPQUFPLEVBQUUsYUFBYSxFQUFFLFVBQVUsQ0FBVSxDQUFDO1FBRTVELE1BQU0sYUFBYSxHQUFHLE1BQU0sQ0FBQyxXQUFXLENBQ3RDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDO1lBQ2xCLElBQUk7WUFDSixJQUFJLGVBQU0sQ0FDUixHQUFHLElBQUksSUFBSSxJQUFJLEVBQUUsRUFDakI7Z0JBQ0UsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2dCQUNuQixPQUFPLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU87Z0JBQzVCLHFCQUFxQixFQUFFLElBQUksQ0FBQyxxQkFBcUI7YUFDbEQsRUFDRCxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDakI7U0FDRixDQUFDLENBQ0gsQ0FBQztRQUVGLElBQUksQ0FBQyxLQUFLLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQztZQUN6QixRQUFRLEVBQUUsYUFBYSxDQUFDLEtBQUssQ0FBQyxRQUFRO1lBQ3RDLFdBQVcsRUFBRSxhQUFhLENBQUMsS0FBSyxDQUFDLFdBQVc7U0FDN0MsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFdBQVcsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO1lBQy9CLFFBQVEsRUFBRSxhQUFhLENBQUMsV0FBVyxDQUFDLFFBQVE7WUFDNUMsV0FBVyxFQUFFLGFBQWEsQ0FBQyxXQUFXLENBQUMsV0FBVztTQUNuRCxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsUUFBUSxHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUM7WUFDNUIsUUFBUSxFQUFFLGFBQWEsQ0FBQyxRQUFRLENBQUMsUUFBUTtZQUN6QyxXQUFXLEVBQUUsYUFBYSxDQUFDLFFBQVEsQ0FBQyxXQUFXO1NBQ2hELENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUV6QyxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVNLFVBQVU7UUFDZixPQUFPO1lBQ0wsS0FBSyxFQUFFLElBQUksQ0FBQyxLQUFLO1lBQ2pCLFdBQVcsRUFBRSxJQUFJLENBQUMsV0FBVztZQUM3QixRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7U0FDeEIsQ0FBQztJQUNKLENBQUM7SUFFTyxvQkFBb0IsQ0FBQyxLQUE4QjtRQUN6RCxNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ2xDLElBQUksSUFBSSxDQUFDLEtBQUssSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDbkMsSUFBSSxJQUFJLENBQUMsV0FBVyxDQUNsQixHQUFHLElBQUksQ0FBQyxJQUFJLG9CQUFvQixFQUNoQztnQkFDRSxhQUFhLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxRQUFRO2dCQUN4QyxjQUFjLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxRQUFRO2FBQ3BDLEVBQ0QsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsY0FBYyxFQUFFLElBQUksRUFBRSxDQUN4RCxDQUFDO1FBQ0osQ0FBQztRQUVELElBQUksSUFBSSxDQUFDLFdBQVcsSUFBSSxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDdEMsSUFBSSxJQUFJLENBQUMsV0FBVyxDQUNsQixHQUFHLElBQUksQ0FBQyxJQUFJLHVCQUF1QixFQUNuQztnQkFDRSxhQUFhLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxRQUFRO2dCQUNyQyxjQUFjLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxRQUFRO2FBQzFDLEVBQ0QsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsY0FBYyxFQUFFLElBQUksRUFBRSxDQUN4RCxDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7Q0FDRjtBQTdFRCw4QkE2RUMifQ==
|
package/azAd/RoleAssignment.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import * as auth from '@pulumi/azure-native/authorization';
|
|
2
2
|
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
-
import { BaseComponent } from '../base
|
|
3
|
+
import { BaseComponent } from '../base';
|
|
4
4
|
export interface RoleAssignmentArgs extends Omit<auth.RoleAssignmentArgs, 'roleDefinitionId'> {
|
|
5
5
|
roleName: 'Owner' | 'Contributor' | 'Reader' | string;
|
|
6
6
|
}
|
package/azAd/RoleAssignment.js
CHANGED
|
@@ -35,9 +35,9 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
36
|
exports.RoleAssignment = void 0;
|
|
37
37
|
const auth = __importStar(require("@pulumi/azure-native/authorization"));
|
|
38
|
-
const
|
|
38
|
+
const base_1 = require("../base");
|
|
39
39
|
const rolesBuiltIn_1 = require("./helpers/rolesBuiltIn");
|
|
40
|
-
class RoleAssignment extends
|
|
40
|
+
class RoleAssignment extends base_1.BaseComponent {
|
|
41
41
|
id;
|
|
42
42
|
resourceName;
|
|
43
43
|
constructor(name, args, opts) {
|
|
@@ -47,10 +47,10 @@ class RoleAssignment extends BaseComponent_1.BaseComponent {
|
|
|
47
47
|
const assignment = new auth.RoleAssignment(name, {
|
|
48
48
|
...props,
|
|
49
49
|
roleDefinitionId: role.id,
|
|
50
|
-
}, { ...opts, parent: this });
|
|
50
|
+
}, { ...opts, deletedWith: this, parent: this });
|
|
51
51
|
this.id = assignment.id;
|
|
52
52
|
this.resourceName = assignment.name;
|
|
53
|
-
this.registerOutputs(
|
|
53
|
+
this.registerOutputs();
|
|
54
54
|
}
|
|
55
55
|
getOutputs() {
|
|
56
56
|
return {
|
|
@@ -60,4 +60,4 @@ class RoleAssignment extends BaseComponent_1.BaseComponent {
|
|
|
60
60
|
}
|
|
61
61
|
}
|
|
62
62
|
exports.RoleAssignment = RoleAssignment;
|
|
63
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
63
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUm9sZUFzc2lnbm1lbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXpBZC9Sb2xlQXNzaWdubWVudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx5RUFBMkQ7QUFHM0Qsa0NBQXdDO0FBQ3hDLHlEQUFpRTtBQU1qRSxNQUFhLGNBQWUsU0FBUSxvQkFBaUM7SUFDbkQsRUFBRSxDQUF3QjtJQUMxQixZQUFZLENBQXdCO0lBRXBELFlBQVksSUFBWSxFQUFFLElBQXdCLEVBQUUsSUFBc0M7UUFDeEYsS0FBSyxDQUFDLGdCQUFnQixFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFMUMsTUFBTSxFQUFFLFFBQVEsRUFBRSxHQUFHLEtBQUssRUFBRSxHQUFHLElBQUksQ0FBQztRQUNwQyxNQUFNLElBQUksR0FBRyxJQUFBLHNDQUF1QixFQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRS9DLE1BQU0sVUFBVSxHQUFHLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FDeEMsSUFBSSxFQUNKO1lBQ0UsR0FBRyxLQUFLO1lBQ1IsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLEVBQUU7U0FDMUIsRUFDRCxFQUFFLEdBQUcsSUFBSSxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUM3QyxDQUFDO1FBRUYsSUFBSSxDQUFDLEVBQUUsR0FBRyxVQUFVLENBQUMsRUFBRSxDQUFDO1FBQ3hCLElBQUksQ0FBQyxZQUFZLEdBQUcsVUFBVSxDQUFDLElBQUksQ0FBQztRQUNwQyxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVNLFVBQVU7UUFDZixPQUFPO1lBQ0wsRUFBRSxFQUFFLElBQUksQ0FBQyxFQUFFO1lBQ1gsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZO1NBQ2hDLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUE5QkQsd0NBOEJDIn0=
|
|
@@ -1,7 +1,9 @@
|
|
|
1
|
+
import * as mid from '@pulumi/azure-native/managedidentity';
|
|
1
2
|
import * as pulumi from '@pulumi/pulumi';
|
|
2
3
|
import { BaseArgs, BaseResourceComponent } from '../base';
|
|
3
4
|
import { WithMemberOfArgs, WithResourceGroupInputs } from '../types';
|
|
4
5
|
export interface UserAssignedIdentityArgs extends Omit<BaseArgs, 'groupRoles'>, WithMemberOfArgs, WithResourceGroupInputs {
|
|
6
|
+
federations?: Record<string, Partial<Pick<mid.FederatedIdentityCredentialArgs, 'issuer'>> & Pick<mid.FederatedIdentityCredentialArgs, 'subject'>>;
|
|
5
7
|
}
|
|
6
8
|
export declare class UserAssignedIdentity extends BaseResourceComponent<UserAssignedIdentityArgs> {
|
|
7
9
|
readonly id: pulumi.Output<string>;
|
|
@@ -13,5 +15,6 @@ export declare class UserAssignedIdentity extends BaseResourceComponent<UserAssi
|
|
|
13
15
|
clientId: pulumi.Output<string>;
|
|
14
16
|
principalId: pulumi.Output<string>;
|
|
15
17
|
};
|
|
18
|
+
private createFederations;
|
|
16
19
|
private addMemberOf;
|
|
17
20
|
}
|