@drunk-pulumi/azure 1.0.23 → 1.0.25

package/types.d.ts

@@ -1,90 +1,182 @@
 import { CustomResourceOptions, Input, Output, Resource } from '@pulumi/pulumi';
-import { EnvRoleKeyTypes } from './AzAd/EnvRoles';
 import { IEnvRoleBuilder } from './Builder';
-export declare namespace NodeJS {
-    interface ProcessEnv {
-        DPA_NAMING_DISABLE_PREFIX?: string;
-        DPA_NAMING_DISABLE_REGION?: string;
-        DPA_NAMING_DISABLE_SUFFIX?: string;
-    }
-}
 /** Omit all the key of OT from T */
 export type TypeOmit<T, OT> = Omit<T, keyof OT>;
 export type OmitOpts<T> = TypeOmit<T, OptsArgs>;
+/**
+ * Information about a resource group.
+ */
 export type ResourceGroupInfo = {
     resourceGroupName: string;
     location?: Input<string>;
 };
+/**
+ * Information about a resource group with an ID.
+ */
 export type ResourceGroupWithIdInfo = ResourceGroupInfo & {
     id: Input<string>;
 };
+/**
+ * Properties for lockable resources.
+ */
 export type WithLockable = {
     lock?: boolean;
 };
+/**
+ * Properties for resources with dependencies.
+ */
 export type WithDependsOn = {
     dependsOn?: Input<Input<Resource>[]> | Input<Resource>;
 };
+/**
+ * Options arguments for resources.
+ */
 export type OptsArgs = WithDependsOn & {
     importUri?: string;
     ignoreChanges?: string[];
 };
+/**
+ * Arguments for login credentials.
+ */
 export type LoginArgs = {
     adminLogin: Input<string>;
     password: Input<string>;
 };
+/**
+ * Properties for named types.
+ */
 export type WithNamedType = {
     name: string;
 };
+/**
+ * Properties for resources with an output ID.
+ */
 export type WithOutputId = {
     id: Output<string>;
 };
+/**
+ * Properties for resources with a subscription ID.
+ */
 export type WithSubId = {
     subscriptionId?: string;
 };
+/**
+ * Properties for resources with principal IDs.
+ */
 export type WithPrincipalId = {
     clientId: Input<string>;
     principalId: Input<string>;
 };
+/**
+ * Properties for resources with environment roles.
+ */
 export type WithEnvRoles = {
     envRoles?: IEnvRoleBuilder;
     envUIDInfo?: IdentityInfo;
 };
+/**
+ * Properties for resources with encryption.
+ */
 export type WithEncryption = {
     enableEncryption?: boolean;
 };
+/**
+ * Properties for resources with disk encryption.
+ */
 export type WithDiskEncryption = {
     diskEncryptionSetId?: Input<string>;
 };
+/**
+ * Properties for resources with vault information.
+ */
 export type WithVaultInfo = {
     vaultInfo?: KeyVaultInfo;
 };
+/**
+ * Properties for resources with resource group information.
+ */
 export type WithResourceGroupInfo = {
     group: ResourceGroupInfo;
 };
+/**
+ * Properties for resources with log information.
+ */
 export type WithLogInfo = {
     logInfo?: LogInfo;
 };
+/**
+ * Properties for resources with encryption information.
+ */
 export type WithEncryptionInfo = WithEnvRoles & WithVaultInfo & WithEncryption;
+/**
+ * Properties for resources with Pulumi options.
+ */
 export type WithPulumiOpts = {
     opts?: CustomResourceOptions;
 };
+/**
+ * Arguments for login credentials with environment roles.
+ */
 export type LoginWithEnvRolesArgs = LoginArgs & WithEnvRoles;
+/**
+ * Properties for named types with vault information.
+ */
 export type NamedWithVaultType = WithNamedType & WithVaultInfo;
+/**
+ * Basic arguments for named resources.
+ */
 export type NamedBasicArgs = WithNamedType & OptsArgs;
+/**
+ * Basic arguments for named resources with vault information.
+ */
 export type NamedWithVaultBasicArgs = NamedWithVaultType & OptsArgs;
+/**
+ * Arguments for resources.
+ */
 export type ResourceArgs = WithNamedType & WithResourceGroupInfo;
+/**
+ * Arguments for resources with vault information.
+ */
 export type ResourceWithVaultArgs = ResourceArgs & NamedWithVaultType;
+/**
+ * Arguments for encrypted resources.
+ */
 export type EncryptResourceArgs = ResourceWithVaultArgs & WithEncryptionInfo;
+/**
+ * Basic arguments for resources with formattable names.
+ */
 export type BasicResourceArgs = WithFormattableName & ResourceArgs & OptsArgs;
+/**
+ * Basic arguments for resources with vault information.
+ */
 export type BasicResourceWithVaultArgs = WithVaultInfo & BasicResourceArgs;
+/**
+ * Basic arguments for encrypted resources.
+ */
 export type BasicEncryptResourceArgs = BasicResourceWithVaultArgs & WithEncryptionInfo & OptsArgs;
-/** Basic vs Info is Basic doesn't require of group info*/
+/**
+ * Basic resource information.
+ */
 export type BasicResourceInfo = WithNamedType & WithOutputId;
+/**
+ * Resource output information.
+ */
 export type ResourceInfo = BasicResourceInfo & ResourceArgs;
-/** Resource Info with Subscription ID */
+/**
+ * Resource information with subscription ID.
+ */
 export type ResourceInfoWithSub = ResourceInfo & WithSubId;
+/**
+ * Key vault information.
+ */
 export type KeyVaultInfo = ResourceInfo;
+/**
+ * Identity information.
+ */
 export type IdentityInfo = WithOutputId & WithPrincipalId;
+/**
+ * Active Directory identity information.
+ */
 export type AdIdentityInfo = WithNamedType & {
     objectId: Output<string>;
     clientId: Output<string>;
@@ -92,13 +184,22 @@ export type AdIdentityInfo = WithNamedType & {
     principalId: Output<string> | undefined;
     principalSecret: Output<string> | undefined;
 };
+/**
+ * Active Directory identity information with instance.
+ */
 export type AdIdentityInfoWithInstance<TInstance> = AdIdentityInfo & WithInstance<TInstance>;
+/**
+ * Storage connection information.
+ */
 export type StorageConnectionInfo = {
     primaryConnection?: Output<string>;
     secondaryConnection?: Output<string>;
     primaryKey?: Output<string>;
     secondaryKey?: Output<string>;
 };
+/**
+ * Storage information.
+ */
 export type StorageInfo = ResourceInfo & StorageConnectionInfo & {
     endpoints: {
         blob: string;
@@ -106,51 +207,91 @@ export type StorageInfo = ResourceInfo & StorageConnectionInfo & {
         table: string;
     };
 };
+/**
+ * Application Insights secrets information.
+ */
 export type AppInsightSecretsInfo = {
     instrumentationKey?: Output<string>;
 };
+/**
+ * Application Insights information.
+ */
 export type AppInsightInfo = ResourceInfo & AppInsightSecretsInfo;
+/**
+ * Log workspace secrets information.
+ */
 export type LogWorkspaceSecretsInfo = {
     primarySharedKey?: Output<string>;
     secondarySharedKey?: Output<string>;
     workspaceId?: Output<string>;
 };
+/**
+ * Log workspace information.
+ */
 export type LogWorkspaceInfo = ResourceInfo & LogWorkspaceSecretsInfo;
+/**
+ * Log information.
+ */
 export type LogInfo = {
     logWp: LogWorkspaceInfo;
     logStorage: StorageInfo;
     appInsight: AppInsightInfo;
 };
+/**
+ * Interface for identity information with instance.
+ */
 export interface IdentityInfoWithInstance<InstanceType> extends IdentityInfo, WithInstance<InstanceType> {
 }
+/**
+ * Interface for resources with instance.
+ */
 export interface WithInstance<InstanceType> {
     instance: InstanceType;
 }
-/** Basic vs Info is Basic doesn't required of group info*/
+/**
+ * Interface for basic resource information with instance.
+ */
 export interface BasicResourceInfoWithInstance<InstanceType> extends WithInstance<InstanceType>, BasicResourceInfo {
 }
+/**
+ * Interface for resource information with instance.
+ */
 export interface ResourceInfoWithInstance<InstanceType> extends WithInstance<InstanceType>, ResourceInfo {
 }
+/**
+ * Properties for private link.
+ */
 export type PrivateLinkPropsType = {
     privateIpAddress?: Input<string>;
     /** The Subnet that private links will be created.*/
     subnetIds: Input<string>[];
     /** The extra Vnet that Private DNS Zone will be linked.*/
     extraVnetIds?: Input<string>[];
-    type?: string;
 };
+/**
+ * Properties for network.
+ */
 export type NetworkPropsType = {
     subnetId?: Input<string>;
     ipAddresses?: Input<string>[];
     privateLink?: PrivateLinkPropsType;
 };
+/**
+ * Properties for identity role assignment.
+ */
 export type IdentityRoleAssignment = WithVaultInfo & {
     role?: EnvRoleKeyTypes;
 };
+/**
+ * Interface for replace pattern.
+ */
 export interface ReplacePattern {
     from: string | RegExp;
     to: string;
 }
+/**
+ * Properties for naming conventions.
+ */
 export type ConventionProps = {
     prefix?: string;
     suffix?: string;
@@ -165,13 +306,44 @@ export type ConventionProps = {
     /**The regex to replace specials characters from the name*/
     replaces?: ReplacePattern[];
 };
+export type EnvRoleKeyTypes = 'readOnly' | 'contributor' | 'admin';
+export type RoleEnableItem = boolean | {
+    [k in EnvRoleKeyTypes]?: boolean;
+};
+export type EnvRoleInfoType = {
+    objectId: string;
+    displayName: string;
+};
+export type EnvRolesInfo = Record<EnvRoleKeyTypes, Output<EnvRoleInfoType> | EnvRoleInfoType>;
+export type RoleEnableTypes = {
+    enableRGRoles?: RoleEnableItem;
+    enableAksRoles?: RoleEnableItem;
+    enableStorageRoles?: RoleEnableItem;
+    enableIotRoles?: RoleEnableItem;
+    enableVaultRoles?: RoleEnableItem;
+    /** Container Registry Roles */
+    enableACRRoles?: RoleEnableItem;
+    enableAppConfig?: RoleEnableItem;
+    enableServiceBus?: RoleEnableItem;
+    enableSignalR?: RoleEnableItem;
+};
+export type ListRoleType = Record<EnvRoleKeyTypes, Set<string>>;
+/**
+ * Type for naming.
+ */
 export type NamingType = string | {
     val: string;
     rule: ConventionProps;
 };
+/**
+ * Properties for formattable names.
+ */
 export type WithFormattableName = {
     name: NamingType;
 };
+/**
+ * Properties for diagnostic settings.
+ */
 export type DiagnosticProps = WithNamedType & WithDependsOn & {
     logInfo: Partial<Omit<LogInfo, 'appInsight'>>;
     targetResourceId: Input<string>;

package/AzAd/ConditionalPolicies/index.js

@@ -1,2 +0,0 @@
-"use strict";
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvQXpBZC9Db25kaXRpb25hbFBvbGljaWVzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiIifQ==

package/AzAd/EnvRoles.Consts.d.ts

@@ -1,22 +0,0 @@
-import { EnvRoleKeyTypes, EnvRolesInfo } from './EnvRoles';
-import { RoleAssignmentProps } from './RoleAssignment';
-export type ListRoleType = Record<EnvRoleKeyTypes, Set<string>>;
-export declare const grantEnvRolesAccess: ({ name, envRoles, scope, dependsOn, ...others }: RoleEnableTypes & Omit<RoleAssignmentProps, "roleName" | "principalType" | "principalId"> & {
-    envRoles: EnvRolesInfo;
-}) => void;
-export type RoleEnableItem = boolean | {
-    [k in EnvRoleKeyTypes]?: boolean;
-};
-export type RoleEnableTypes = {
-    enableRGRoles?: RoleEnableItem;
-    enableAksRoles?: RoleEnableItem;
-    enableStorageRoles?: RoleEnableItem;
-    enableIotRoles?: RoleEnableItem;
-    enableVaultRoles?: RoleEnableItem;
-    /** Container Registry Roles */
-    enableACRRoles?: RoleEnableItem;
-    enableAppConfig?: RoleEnableItem;
-    enableServiceBus?: RoleEnableItem;
-    enableSignalR?: RoleEnableItem;
-};
-export declare const getRoleNames: ({ enableRGRoles, enableIotRoles, enableVaultRoles, enableAksRoles, enableStorageRoles, enableACRRoles, enableAppConfig, enableServiceBus, enableSignalR, }: RoleEnableTypes) => Record<EnvRoleKeyTypes, string[]>;

package/AzAd/EnvRoles.Consts.js

@@ -1,173 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getRoleNames = exports.grantEnvRolesAccess = void 0;
-const RoleAssignment_1 = require("./RoleAssignment");
-const getRoleFor = (roleType, roleCollection, results) => {
-    if (!roleType)
-        return results;
-    const allows = {
-        readOnly: typeof roleType === 'boolean' ? roleType : roleType.readOnly,
-        contributor: typeof roleType === 'boolean' ? roleType : roleType.contributor,
-        admin: typeof roleType === 'boolean' ? roleType : roleType.admin,
-    };
-    if (allows.readOnly) {
-        roleCollection.readOnly.forEach((r) => results.readOnly.add(r));
-    }
-    if (allows.contributor) {
-        roleCollection.contributor.forEach((r) => results.contributor.add(r));
-    }
-    if (allows.admin) {
-        roleCollection.admin.forEach((r) => results.admin.add(r));
-    }
-    return results;
-};
-const grantEnvRolesAccess = ({ name, envRoles, scope, dependsOn, ...others }) => {
-    const roles = (0, exports.getRoleNames)(others);
-    Object.keys(envRoles).forEach((k) => {
-        const type = k;
-        const objectId = envRoles[type].objectId;
-        if (!objectId) {
-            console.warn(`The Env role '${type}' was ignored as the objectId was NULL.`);
-            return;
-        }
-        const n = `${name}-${type}`;
-        roles[type].forEach((r) => (0, RoleAssignment_1.roleAssignment)({
-            name: n,
-            roleName: r,
-            principalId: objectId,
-            principalType: 'Group',
-            scope,
-            dependsOn,
-        }));
-    });
-};
-exports.grantEnvRolesAccess = grantEnvRolesAccess;
-//Resource Group Role
-const RGRoleNames = {
-    readOnly: ['Reader'],
-    contributor: ['Contributor'],
-    admin: ['Owner'],
-};
-//AKS Roles
-const AksRoleNames = {
-    readOnly: [
-        'Azure Kubernetes Service RBAC Reader',
-        'Azure Kubernetes Service Cluster User Role',
-    ],
-    contributor: [
-        'Azure Kubernetes Service RBAC Writer',
-        'Azure Kubernetes Service Cluster User Role',
-    ],
-    admin: [
-        'Azure Kubernetes Service RBAC Cluster Admin',
-        'Azure Kubernetes Service RBAC Cluster Admin',
-    ],
-};
-//IOT Roles
-const IOTHubRoleNames = {
-    readOnly: ['IoT Hub Data Reader'],
-    contributor: ['IoT Hub Data Contributor'],
-    admin: ['IoT Hub Registry Contributor', 'IoT Hub Twin Contributor'],
-};
-//Key Vault Roles
-const KeyVaultRoleNames = {
-    readOnly: [
-        'Key Vault Crypto Service Encryption User',
-        'Key Vault Crypto Service Release User',
-        'Key Vault Secrets User',
-        'Key Vault Crypto User',
-        'Key Vault Certificate User',
-        'Key Vault Reader',
-    ],
-    contributor: [
-        'Key Vault Certificates Officer',
-        'Key Vault Crypto Officer',
-        'Key Vault Secrets Officer',
-        'Key Vault Contributor',
-    ],
-    admin: ['Key Vault Administrator', 'Key Vault Data Access Administrator'],
-};
-//Storage Roles
-const StorageRoleNames = {
-    readOnly: [
-        'Storage Blob Data Reader',
-        'Storage File Data SMB Share Reader',
-        'Storage Queue Data Reader',
-        'Storage Table Data Reader',
-    ],
-    contributor: [
-        'Storage Account Backup Contributor',
-        'Storage Account Contributor',
-        'Storage Account Encryption Scope Contributor Role',
-        'Storage Blob Data Contributor',
-        'Storage File Data Privileged Reader',
-        'Storage File Data SMB Share Contributor',
-        'Storage File Data SMB Share Elevated Contributor',
-        'Storage Queue Data Contributor',
-        'Storage Queue Data Message Processor',
-        'Storage Queue Data Message Sender',
-        'Storage Table Data Contributor',
-    ],
-    admin: [
-        'Storage Account Key Operator Service Role',
-        'Storage Blob Data Owner',
-        'Storage File Data Privileged Contributor',
-    ],
-};
-//Container Registry Roles
-const ContainerRegistry = {
-    readOnly: [
-        //'ACR Registry Catalog Lister',
-        'ACR Repository Reader',
-        'AcrQuarantineReader',
-        //'AcrPull',
-    ],
-    contributor: [
-        'AcrImageSigner',
-        'AcrPull',
-        'AcrPush',
-        //'ACR Repository Contributor',
-        //'ACR Repository Writer',
-        //'AcrQuarantineWriter',
-    ],
-    admin: ['AcrDelete'],
-};
-//AppConfig Roles
-const AppConfigRoleNames = {
-    readOnly: ['App Configuration Data Reader'],
-    contributor: ['App Configuration Data Owner'],
-    admin: [],
-};
-const ServiceBusRoles = {
-    readOnly: ['Azure Service Bus Data Receiver'],
-    contributor: ['Azure Service Bus Data Sender'],
-    admin: ['Azure Service Bus Data Owner'],
-};
-const SignalRRoles = {
-    readOnly: ['SignalR REST API Reader'],
-    contributor: ['SignalR App Server'],
-    admin: ['SignalR REST API Owner'],
-};
-const getRoleNames = ({ enableRGRoles, enableIotRoles, enableVaultRoles, enableAksRoles, enableStorageRoles, enableACRRoles, enableAppConfig, enableServiceBus, enableSignalR, }) => {
-    const rs = {
-        readOnly: new Set(),
-        admin: new Set(),
-        contributor: new Set(),
-    };
-    getRoleFor(enableIotRoles, IOTHubRoleNames, rs);
-    getRoleFor(enableRGRoles, RGRoleNames, rs);
-    getRoleFor(enableVaultRoles, KeyVaultRoleNames, rs);
-    getRoleFor(enableAksRoles, AksRoleNames, rs);
-    getRoleFor(enableStorageRoles, StorageRoleNames, rs);
-    getRoleFor(enableACRRoles, ContainerRegistry, rs);
-    getRoleFor(enableAppConfig, AppConfigRoleNames, rs);
-    getRoleFor(enableServiceBus, ServiceBusRoles, rs);
-    getRoleFor(enableSignalR, SignalRRoles, rs);
-    return {
-        readOnly: Array.from(rs.readOnly).sort(),
-        admin: Array.from(rs.admin).sort(),
-        contributor: Array.from(rs.contributor).sort(),
-    };
-};
-exports.getRoleNames = getRoleNames;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRW52Um9sZXMuQ29uc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL0F6QWQvRW52Um9sZXMuQ29uc3RzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHFEQUF1RTtBQUl2RSxNQUFNLFVBQVUsR0FBRyxDQUNqQixRQUFvQyxFQUNwQyxjQUFpRCxFQUNqRCxPQUFxQixFQUNyQixFQUFFO0lBQ0YsSUFBSSxDQUFDLFFBQVE7UUFBRSxPQUFPLE9BQU8sQ0FBQztJQUU5QixNQUFNLE1BQU0sR0FBRztRQUNiLFFBQVEsRUFBRSxPQUFPLFFBQVEsS0FBSyxTQUFTLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsUUFBUSxDQUFDLFFBQVE7UUFDdEUsV0FBVyxFQUNULE9BQU8sUUFBUSxLQUFLLFNBQVMsQ0FBQyxDQUFDLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsV0FBVztRQUNqRSxLQUFLLEVBQUUsT0FBTyxRQUFRLEtBQUssU0FBUyxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxLQUFLO0tBQ2pFLENBQUM7SUFFRixJQUFJLE1BQU0sQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUNwQixjQUFjLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNsRSxDQUFDO0lBQ0QsSUFBSSxNQUFNLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDdkIsY0FBYyxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDeEUsQ0FBQztJQUNELElBQUksTUFBTSxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQ2pCLGNBQWMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQzVELENBQUM7SUFFRCxPQUFPLE9BQU8sQ0FBQztBQUNqQixDQUFDLENBQUM7QUFFSyxNQUFNLG1CQUFtQixHQUFHLENBQUMsRUFDbEMsSUFBSSxFQUNKLFFBQVEsRUFDUixLQUFLLEVBQ0wsU0FBUyxFQUNULEdBQUcsTUFBTSxFQUlSLEVBQUUsRUFBRTtJQUNMLE1BQU0sS0FBSyxHQUFHLElBQUEsb0JBQVksRUFBQyxNQUFNLENBQUMsQ0FBQztJQUNuQyxNQUFNLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO1FBQ2xDLE1BQU0sSUFBSSxHQUFHLENBQW9CLENBQUM7UUFDbEMsTUFBTSxRQUFRLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQztRQUN6QyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDZCxPQUFPLENBQUMsSUFBSSxDQUNWLGlCQUFpQixJQUFJLHlDQUF5QyxDQUMvRCxDQUFDO1lBQ0YsT0FBTztRQUNULENBQUM7UUFFRCxNQUFNLENBQUMsR0FBRyxHQUFHLElBQUksSUFBSSxJQUFJLEVBQUUsQ0FBQztRQUM1QixLQUFLLENBQUMsSUFBSSxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FDeEIsSUFBQSwrQkFBYyxFQUFDO1lBQ2IsSUFBSSxFQUFFLENBQUM7WUFDUCxRQUFRLEVBQUUsQ0FBQztZQUNYLFdBQVcsRUFBRSxRQUFRO1lBQ3JCLGFBQWEsRUFBRSxPQUFPO1lBQ3RCLEtBQUs7WUFDTCxTQUFTO1NBQ1YsQ0FBQyxDQUNILENBQUM7SUFDSixDQUFDLENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQztBQWpDVyxRQUFBLG1CQUFtQix1QkFpQzlCO0FBRUYscUJBQXFCO0FBQ3JCLE1BQU0sV0FBVyxHQUFzQztJQUNyRCxRQUFRLEVBQUUsQ0FBQyxRQUFRLENBQUM7SUFDcEIsV0FBVyxFQUFFLENBQUMsYUFBYSxDQUFDO0lBQzVCLEtBQUssRUFBRSxDQUFDLE9BQU8sQ0FBQztDQUNqQixDQUFDO0FBRUYsV0FBVztBQUNYLE1BQU0sWUFBWSxHQUFzQztJQUN0RCxRQUFRLEVBQUU7UUFDUixzQ0FBc0M7UUFDdEMsNENBQTRDO0tBQzdDO0lBQ0QsV0FBVyxFQUFFO1FBQ1gsc0NBQXNDO1FBQ3RDLDRDQUE0QztLQUM3QztJQUNELEtBQUssRUFBRTtRQUNMLDZDQUE2QztRQUM3Qyw2Q0FBNkM7S0FDOUM7Q0FDRixDQUFDO0FBRUYsV0FBVztBQUNYLE1BQU0sZUFBZSxHQUFzQztJQUN6RCxRQUFRLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQztJQUNqQyxXQUFXLEVBQUUsQ0FBQywwQkFBMEIsQ0FBQztJQUN6QyxLQUFLLEVBQUUsQ0FBQyw4QkFBOEIsRUFBRSwwQkFBMEIsQ0FBQztDQUNwRSxDQUFDO0FBRUYsaUJBQWlCO0FBQ2pCLE1BQU0saUJBQWlCLEdBQXNDO0lBQzNELFFBQVEsRUFBRTtRQUNSLDBDQUEwQztRQUMxQyx1Q0FBdUM7UUFDdkMsd0JBQXdCO1FBQ3hCLHVCQUF1QjtRQUN2Qiw0QkFBNEI7UUFDNUIsa0JBQWtCO0tBQ25CO0lBQ0QsV0FBVyxFQUFFO1FBQ1gsZ0NBQWdDO1FBQ2hDLDBCQUEwQjtRQUMxQiwyQkFBMkI7UUFDM0IsdUJBQXVCO0tBQ3hCO0lBQ0QsS0FBSyxFQUFFLENBQUMseUJBQXlCLEVBQUUscUNBQXFDLENBQUM7Q0FDMUUsQ0FBQztBQUVGLGVBQWU7QUFDZixNQUFNLGdCQUFnQixHQUFzQztJQUMxRCxRQUFRLEVBQUU7UUFDUiwwQkFBMEI7UUFDMUIsb0NBQW9DO1FBQ3BDLDJCQUEyQjtRQUMzQiwyQkFBMkI7S0FDNUI7SUFDRCxXQUFXLEVBQUU7UUFDWCxvQ0FBb0M7UUFDcEMsNkJBQTZCO1FBQzdCLG1EQUFtRDtRQUNuRCwrQkFBK0I7UUFDL0IscUNBQXFDO1FBQ3JDLHlDQUF5QztRQUN6QyxrREFBa0Q7UUFDbEQsZ0NBQWdDO1FBQ2hDLHNDQUFzQztRQUN0QyxtQ0FBbUM7UUFDbkMsZ0NBQWdDO0tBQ2pDO0lBQ0QsS0FBSyxFQUFFO1FBQ0wsMkNBQTJDO1FBQzNDLHlCQUF5QjtRQUN6QiwwQ0FBMEM7S0FDM0M7Q0FDRixDQUFDO0FBRUYsMEJBQTBCO0FBQzFCLE1BQU0saUJBQWlCLEdBQXNDO0lBQzNELFFBQVEsRUFBRTtRQUNSLGdDQUFnQztRQUNoQyx1QkFBdUI7UUFDdkIscUJBQXFCO1FBQ3JCLFlBQVk7S0FDYjtJQUNELFdBQVcsRUFBRTtRQUNYLGdCQUFnQjtRQUNoQixTQUFTO1FBQ1QsU0FBUztRQUVULCtCQUErQjtRQUMvQiwwQkFBMEI7UUFDMUIsd0JBQXdCO0tBQ3pCO0lBQ0QsS0FBSyxFQUFFLENBQUMsV0FBVyxDQUFDO0NBQ3JCLENBQUM7QUFFRixpQkFBaUI7QUFDakIsTUFBTSxrQkFBa0IsR0FBc0M7SUFDNUQsUUFBUSxFQUFFLENBQUMsK0JBQStCLENBQUM7SUFDM0MsV0FBVyxFQUFFLENBQUMsOEJBQThCLENBQUM7SUFDN0MsS0FBSyxFQUFFLEVBQUU7Q0FDVixDQUFDO0FBRUYsTUFBTSxlQUFlLEdBQXNDO0lBQ3pELFFBQVEsRUFBRSxDQUFDLGlDQUFpQyxDQUFDO0lBQzdDLFdBQVcsRUFBRSxDQUFDLCtCQUErQixDQUFDO0lBQzlDLEtBQUssRUFBRSxDQUFDLDhCQUE4QixDQUFDO0NBQ3hDLENBQUM7QUFFRixNQUFNLFlBQVksR0FBc0M7SUFDdEQsUUFBUSxFQUFFLENBQUMseUJBQXlCLENBQUM7SUFDckMsV0FBVyxFQUFFLENBQUMsb0JBQW9CLENBQUM7SUFDbkMsS0FBSyxFQUFFLENBQUMsd0JBQXdCLENBQUM7Q0FDbEMsQ0FBQztBQXdCSyxNQUFNLFlBQVksR0FBRyxDQUFDLEVBQzNCLGFBQWEsRUFDYixjQUFjLEVBQ2QsZ0JBQWdCLEVBQ2hCLGNBQWMsRUFDZCxrQkFBa0IsRUFDbEIsY0FBYyxFQUNkLGVBQWUsRUFDZixnQkFBZ0IsRUFDaEIsYUFBYSxHQUNHLEVBQXFDLEVBQUU7SUFDdkQsTUFBTSxFQUFFLEdBQWlCO1FBQ3ZCLFFBQVEsRUFBRSxJQUFJLEdBQUcsRUFBVTtRQUMzQixLQUFLLEVBQUUsSUFBSSxHQUFHLEVBQVU7UUFDeEIsV0FBVyxFQUFFLElBQUksR0FBRyxFQUFVO0tBQy9CLENBQUM7SUFFRixVQUFVLENBQUMsY0FBYyxFQUFFLGVBQWUsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNoRCxVQUFVLENBQUMsYUFBYSxFQUFFLFdBQVcsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUMzQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsaUJBQWlCLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDcEQsVUFBVSxDQUFDLGNBQWMsRUFBRSxZQUFZLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDN0MsVUFBVSxDQUFDLGtCQUFrQixFQUFFLGdCQUFnQixFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBQ3JELFVBQVUsQ0FBQyxjQUFjLEVBQUUsaUJBQWlCLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDbEQsVUFBVSxDQUFDLGVBQWUsRUFBRSxrQkFBa0IsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNwRCxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsZUFBZSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBQ2xELFVBQVUsQ0FBQyxhQUFhLEVBQUUsWUFBWSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBRTVDLE9BQU87UUFDTCxRQUFRLEVBQUUsS0FBSyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsUUFBUSxDQUFDLENBQUMsSUFBSSxFQUFFO1FBQ3hDLEtBQUssRUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLEVBQUU7UUFDbEMsV0FBVyxFQUFFLEtBQUssQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLFdBQVcsQ0FBQyxDQUFDLElBQUksRUFBRTtLQUMvQyxDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBaENXLFFBQUEsWUFBWSxnQkFnQ3ZCIn0=

package/AzAd/EnvRoles.js

@@ -1,94 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getEnvRolesOutput = exports.createEnvRoles = exports.pushEnvRolesToVault = void 0;
-const EnvRoles_Consts_1 = require("./EnvRoles.Consts");
-const Role_1 = __importDefault(require("./Role"));
-const pulumi_1 = require("@pulumi/pulumi");
-const Common_1 = require("../Common");
-const CustomHelper_1 = require("../KeyVault/CustomHelper");
-const Helper_1 = require("../KeyVault/Helper");
-const envRoleConfig = {
-    readOnly: {
-        roleName: 'Readonly',
-        appName: 'Azure',
-    },
-    contributor: {
-        roleName: 'Contributor',
-        appName: 'Azure',
-    },
-    admin: {
-        roleName: 'Admin',
-        appName: 'Azure',
-    },
-};
-const getRoleSecretName = (name) => ({
-    objectIdName: (0, Helper_1.getVaultItemName)(`envRoles-${name}-object-id`),
-    displayName: (0, Helper_1.getVaultItemName)(`envRoles-${name}-display-name`),
-});
-const pushEnvRolesToVault = (envRoles, vaultInfo) => {
-    Object.keys(envRoleConfig).forEach((key) => {
-        const role = envRoles[key];
-        //Add to Key Vault
-        const secretNames = getRoleSecretName(key);
-        (0, CustomHelper_1.addCustomSecrets)({
-            vaultInfo,
-            contentType: 'Env Roles',
-            items: [
-                { name: secretNames.objectIdName, value: role.objectId },
-                { name: secretNames.displayName, value: role.displayName },
-            ],
-        });
-    });
-};
-exports.pushEnvRolesToVault = pushEnvRolesToVault;
-const createEnvRoles = () => {
-    const groups = {};
-    Object.keys(envRoleConfig).forEach((key) => {
-        const k = key;
-        const config = envRoleConfig[k];
-        const g = (0, Role_1.default)(config);
-        groups[k] = (0, pulumi_1.output)([g.objectId, g.displayName]).apply(([i, d]) => ({
-            objectId: i,
-            displayName: d,
-        }));
-    });
-    const pushToVault = (vaultInfo) => (0, exports.pushEnvRolesToVault)(groups, vaultInfo);
-    //Allows Some Subscription level access
-    //1. Allows to AcrPull
-    (0, EnvRoles_Consts_1.grantEnvRolesAccess)({
-        envRoles: groups,
-        name: 'envRoles-SubScope-Access',
-        scope: Common_1.defaultSubScope,
-        enableACRRoles: { contributor: true },
-    });
-    return {
-        ...groups,
-        pushToVault,
-    };
-};
-exports.createEnvRoles = createEnvRoles;
-/** Get Single Env Role Object */
-const getEnvRole = async (name, vaultInfo) => {
-    const secretNames = getRoleSecretName(name);
-    const [objectId, displayName] = await Promise.all([
-        (0, Helper_1.getSecret)({ name: secretNames.objectIdName, vaultInfo }),
-        (0, Helper_1.getSecret)({ name: secretNames.displayName, vaultInfo }),
-    ]);
-    return {
-        displayName: displayName?.value,
-        objectId: objectId?.value,
-    };
-};
-/** Get All Env Role Objects */
-const getEnvRolesOutput = (vaultInfo) => {
-    const rs = {};
-    Object.keys(envRoleConfig).forEach((key) => {
-        rs[key] = (0, pulumi_1.output)(getEnvRole(key, vaultInfo));
-    });
-    return rs;
-};
-exports.getEnvRolesOutput = getEnvRolesOutput;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRW52Um9sZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQXpBZC9FbnZSb2xlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFBQSx1REFBd0Q7QUFDeEQsa0RBQXlDO0FBRXpDLDJDQUFnRDtBQUNoRCxzQ0FBNEM7QUFDNUMsMkRBQTREO0FBQzVELCtDQUFpRTtBQUlqRSxNQUFNLGFBQWEsR0FBdUM7SUFDeEQsUUFBUSxFQUFFO1FBQ1IsUUFBUSxFQUFFLFVBQVU7UUFDcEIsT0FBTyxFQUFFLE9BQU87S0FDakI7SUFDRCxXQUFXLEVBQUU7UUFDWCxRQUFRLEVBQUUsYUFBYTtRQUN2QixPQUFPLEVBQUUsT0FBTztLQUNqQjtJQUNELEtBQUssRUFBRTtRQUNMLFFBQVEsRUFBRSxPQUFPO1FBQ2pCLE9BQU8sRUFBRSxPQUFPO0tBQ2pCO0NBQ0YsQ0FBQztBQVFGLE1BQU0saUJBQWlCLEdBQUcsQ0FBQyxJQUFZLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDM0MsWUFBWSxFQUFFLElBQUEseUJBQWdCLEVBQUMsWUFBWSxJQUFJLFlBQVksQ0FBQztJQUM1RCxXQUFXLEVBQUUsSUFBQSx5QkFBZ0IsRUFBQyxZQUFZLElBQUksZUFBZSxDQUFDO0NBQy9ELENBQUMsQ0FBQztBQU1JLE1BQU0sbUJBQW1CLEdBQUcsQ0FDakMsUUFBc0IsRUFDdEIsU0FBdUIsRUFDdkIsRUFBRTtJQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUU7UUFDekMsTUFBTSxJQUFJLEdBQUcsUUFBUSxDQUFDLEdBQXNCLENBQUMsQ0FBQztRQUM5QyxrQkFBa0I7UUFDbEIsTUFBTSxXQUFXLEdBQUcsaUJBQWlCLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDM0MsSUFBQSwrQkFBZ0IsRUFBQztZQUNmLFNBQVM7WUFDVCxXQUFXLEVBQUUsV0FBVztZQUN4QixLQUFLLEVBQUU7Z0JBQ0wsRUFBRSxJQUFJLEVBQUUsV0FBVyxDQUFDLFlBQVksRUFBRSxLQUFLLEVBQUUsSUFBSSxDQUFDLFFBQVEsRUFBRTtnQkFDeEQsRUFBRSxJQUFJLEVBQUUsV0FBVyxDQUFDLFdBQVcsRUFBRSxLQUFLLEVBQUUsSUFBSSxDQUFDLFdBQVcsRUFBRTthQUMzRDtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQyxDQUFDO0FBakJXLFFBQUEsbUJBQW1CLHVCQWlCOUI7QUFFSyxNQUFNLGNBQWMsR0FBRyxHQUFHLEVBQUU7SUFDakMsTUFBTSxNQUFNLEdBQWlCLEVBQVMsQ0FBQztJQUV2QyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFO1FBQ3pDLE1BQU0sQ0FBQyxHQUFHLEdBQXNCLENBQUM7UUFDakMsTUFBTSxNQUFNLEdBQUcsYUFBYSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2hDLE1BQU0sQ0FBQyxHQUFHLElBQUEsY0FBSSxFQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRXZCLE1BQU0sQ0FBQyxDQUFDLENBQUMsR0FBRyxJQUFBLGVBQU0sRUFBQyxDQUFDLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7WUFDakUsUUFBUSxFQUFFLENBQUM7WUFDWCxXQUFXLEVBQUUsQ0FBQztTQUNmLENBQUMsQ0FBQyxDQUFDO0lBQ04sQ0FBQyxDQUFDLENBQUM7SUFFSCxNQUFNLFdBQVcsR0FBRyxDQUFDLFNBQXVCLEVBQUUsRUFBRSxDQUM5QyxJQUFBLDJCQUFtQixFQUFDLE1BQU0sRUFBRSxTQUFTLENBQUMsQ0FBQztJQUV6Qyx1Q0FBdUM7SUFDdkMsc0JBQXNCO0lBQ3RCLElBQUEscUNBQW1CLEVBQUM7UUFDbEIsUUFBUSxFQUFFLE1BQU07UUFDaEIsSUFBSSxFQUFFLDBCQUEwQjtRQUNoQyxLQUFLLEVBQUUsd0JBQWU7UUFDdEIsY0FBYyxFQUFFLEVBQUUsV0FBVyxFQUFFLElBQUksRUFBRTtLQUN0QyxDQUFDLENBQUM7SUFFSCxPQUFPO1FBQ0wsR0FBRyxNQUFNO1FBQ1QsV0FBVztLQUNVLENBQUM7QUFDMUIsQ0FBQyxDQUFDO0FBOUJXLFFBQUEsY0FBYyxrQkE4QnpCO0FBRUYsaUNBQWlDO0FBQ2pDLE1BQU0sVUFBVSxHQUFHLEtBQUssRUFBRSxJQUFZLEVBQUUsU0FBdUIsRUFBRSxFQUFFO0lBQ2pFLE1BQU0sV0FBVyxHQUFHLGlCQUFpQixDQUFDLElBQUksQ0FBQyxDQUFDO0lBRTVDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsV0FBVyxDQUFDLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDO1FBQ2hELElBQUEsa0JBQVMsRUFBQyxFQUFFLElBQUksRUFBRSxXQUFXLENBQUMsWUFBWSxFQUFFLFNBQVMsRUFBRSxDQUFDO1FBQ3hELElBQUEsa0JBQVMsRUFBQyxFQUFFLElBQUksRUFBRSxXQUFXLENBQUMsV0FBVyxFQUFFLFNBQVMsRUFBRSxDQUFDO0tBQ3hELENBQUMsQ0FBQztJQUVILE9BQU87UUFDTCxXQUFXLEVBQUUsV0FBVyxFQUFFLEtBQU07UUFDaEMsUUFBUSxFQUFFLFFBQVEsRUFBRSxLQUFNO0tBQzNCLENBQUM7QUFDSixDQUFDLENBQUM7QUFFRiwrQkFBK0I7QUFDeEIsTUFBTSxpQkFBaUIsR0FBRyxDQUFDLFNBQXVCLEVBQUUsRUFBRTtJQUMzRCxNQUFNLEVBQUUsR0FBNEMsRUFBRSxDQUFDO0lBRXZELE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUU7UUFDekMsRUFBRSxDQUFDLEdBQUcsQ0FBQyxHQUFHLElBQUEsZUFBTSxFQUFDLFVBQVUsQ0FBQyxHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztJQUMvQyxDQUFDLENBQUMsQ0FBQztJQUVILE9BQU8sRUFBa0IsQ0FBQztBQUM1QixDQUFDLENBQUM7QUFSVyxRQUFBLGlCQUFpQixxQkFRNUIifQ==

package/AzAd/Role.d.ts

@@ -1,17 +0,0 @@
-import { GroupPermissionProps } from "./Group";
-import { Environments } from "../Common/AzureEnv";
-import { Input } from "@pulumi/pulumi";
-export interface RoleProps {
-    env?: Environments;
-    /** The country code or GLB for Global*/
-    location?: string;
-    appName: string;
-    moduleName?: string;
-    roleName: string;
-    members?: Input<string>[];
-    owners?: Input<Input<string>[]>;
-    permissions?: Array<GroupPermissionProps>;
-}
-export type RoleNameType = Pick<RoleProps, "env" | "location" | "appName" | "moduleName" | "roleName">;
-declare const _default: ({ members, owners, permissions, ...others }: RoleProps) => import("@pulumi/pulumi").Output<import("@pulumi/azuread/group").Group>;
-export default _default;