npm - @microsoft/terraform-cdk-constructs - Versions diffs - 1.2.0 → 1.3.1 - Mend

@microsoft/terraform-cdk-constructs 1.2.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (291) hide show

package/lib/azure-roledefinition/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from "./lib";

package/lib/azure-roledefinition/index.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./lib"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXp1cmUtcm9sZWRlZmluaXRpb24vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHdDQUFzQiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuL2xpYlwiO1xuIl19

package/lib/azure-roledefinition/lib/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from "./role-definition-schemas";
2	+ export * from "./role-definition";

package/lib/azure-roledefinition/lib/index.js ADDED Viewed

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./role-definition-schemas"), exports);
+__exportStar(require("./role-definition"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYXp1cmUtcm9sZWRlZmluaXRpb24vbGliL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw0REFBMEM7QUFDMUMsb0RBQWtDIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0ICogZnJvbSBcIi4vcm9sZS1kZWZpbml0aW9uLXNjaGVtYXNcIjtcbmV4cG9ydCAqIGZyb20gXCIuL3JvbGUtZGVmaW5pdGlvblwiO1xuIl19

package/lib/azure-roledefinition/lib/role-definition-schemas.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+/**
+ * API schemas for Azure Role Definition across all supported versions
+ *
+ * This file defines the complete API schemas for Microsoft.Authorization/roleDefinitions
+ * across all supported API versions. The schemas are used by the VersionedAzapiResource
+ * framework for validation, transformation, and version management.
+ */
+import { ApiSchema, VersionConfig } from "../../core-azure/lib/version-manager/interfaces/version-interfaces";
+/**
+ * API Schema for Role Definition version 2022-04-01
+ * This is the latest stable API version for role definitions
+ */
+export declare const ROLE_DEFINITION_SCHEMA_2022_04_01: ApiSchema;
+/**
+ * Version configuration for Role Definition 2022-04-01
+ */
+export declare const ROLE_DEFINITION_VERSION_2022_04_01: VersionConfig;
+/**
+ * All supported Role Definition versions for registration
+ */
+export declare const ALL_ROLE_DEFINITION_VERSIONS: VersionConfig[];
+/**
+ * Resource type constant
+ */
+export declare const ROLE_DEFINITION_TYPE = "Microsoft.Authorization/roleDefinitions";

package/lib/azure-roledefinition/lib/role-definition-schemas.js ADDED Viewed

@@ -0,0 +1,195 @@
+"use strict";
+/**
+ * API schemas for Azure Role Definition across all supported versions
+ *
+ * This file defines the complete API schemas for Microsoft.Authorization/roleDefinitions
+ * across all supported API versions. The schemas are used by the VersionedAzapiResource
+ * framework for validation, transformation, and version management.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ROLE_DEFINITION_TYPE = exports.ALL_ROLE_DEFINITION_VERSIONS = exports.ROLE_DEFINITION_VERSION_2022_04_01 = exports.ROLE_DEFINITION_SCHEMA_2022_04_01 = void 0;
+const version_interfaces_1 = require("../../core-azure/lib/version-manager/interfaces/version-interfaces");
+// =============================================================================
+// COMMON PROPERTY DEFINITIONS
+// =============================================================================
+/**
+ * Common property definitions shared across all Role Definition versions
+ */
+const COMMON_PROPERTIES = {
+    name: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: false,
+        description: "The name of the role definition resource. Automatically generated as a GUID by Terraform's guid() function",
+        validation: [
+        // Note: No pattern validation here because the name will be a Terraform function
+        // guid() that gets evaluated at apply time, not synthesis time.
+        // Azure will validate the final GUID format when the resource is created.
+        ],
+    },
+    roleName: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: true,
+        description: "The name of the role definition. This is the display name shown in the Azure portal",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Role name is required for role definitions",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.VALUE_RANGE,
+                value: { minLength: 1, maxLength: 128 },
+                message: "Role name must be between 1 and 128 characters",
+            },
+        ],
+    },
+    description: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: false,
+        description: "The role definition description. Provides detailed information about what the role allows",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.VALUE_RANGE,
+                value: { minLength: 0, maxLength: 1024 },
+                message: "Description must not exceed 1024 characters",
+            },
+        ],
+    },
+    type: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: false,
+        defaultValue: "CustomRole",
+        description: "The type of role definition. Valid values: BuiltInRole, CustomRole",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.PATTERN_MATCH,
+                value: "^(BuiltInRole|CustomRole)$",
+                message: "Role type must be either BuiltInRole or CustomRole",
+            },
+        ],
+    },
+    permissions: {
+        dataType: version_interfaces_1.PropertyType.ARRAY,
+        required: true,
+        description: "An array of permissions objects that define what actions the role can perform",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Permissions are required for role definitions",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.TYPE_CHECK,
+                value: version_interfaces_1.PropertyType.ARRAY,
+                message: "Permissions must be an array of permission objects",
+            },
+        ],
+    },
+    assignableScopes: {
+        dataType: version_interfaces_1.PropertyType.ARRAY,
+        required: true,
+        description: "An array of scopes where this role can be assigned (subscription, resource group, or management group)",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Assignable scopes are required for role definitions",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.TYPE_CHECK,
+                value: version_interfaces_1.PropertyType.ARRAY,
+                message: "Assignable scopes must be an array of scope strings",
+            },
+        ],
+    },
+    ignoreChanges: {
+        dataType: version_interfaces_1.PropertyType.ARRAY,
+        required: false,
+        description: "Array of property names to ignore during updates",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.TYPE_CHECK,
+                value: version_interfaces_1.PropertyType.ARRAY,
+                message: "IgnoreChanges must be an array of strings",
+            },
+        ],
+    },
+};
+// =============================================================================
+// VERSION-SPECIFIC SCHEMAS
+// =============================================================================
+/**
+ * API Schema for Role Definition version 2022-04-01
+ * This is the latest stable API version for role definitions
+ */
+exports.ROLE_DEFINITION_SCHEMA_2022_04_01 = {
+    resourceType: "Microsoft.Authorization/roleDefinitions",
+    version: "2022-04-01",
+    properties: {
+        ...COMMON_PROPERTIES,
+    },
+    required: ["roleName", "permissions", "assignableScopes"],
+    optional: ["name", "description", "type", "ignoreChanges"],
+    deprecated: [],
+    transformationRules: {},
+    validationRules: [
+        {
+            property: "roleName",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Role name is required for role definitions",
+                },
+            ],
+        },
+        {
+            property: "permissions",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Permissions are required for role definitions",
+                },
+            ],
+        },
+        {
+            property: "assignableScopes",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Assignable scopes are required for role definitions",
+                },
+            ],
+        },
+    ],
+};
+// =============================================================================
+// VERSION CONFIGURATIONS
+// =============================================================================
+/**
+ * Version configuration for Role Definition 2022-04-01
+ */
+exports.ROLE_DEFINITION_VERSION_2022_04_01 = {
+    version: "2022-04-01",
+    schema: exports.ROLE_DEFINITION_SCHEMA_2022_04_01,
+    supportLevel: version_interfaces_1.VersionSupportLevel.ACTIVE,
+    releaseDate: "2022-04-01",
+    deprecationDate: undefined,
+    sunsetDate: undefined,
+    breakingChanges: [],
+    migrationGuide: "/docs/role-definition/migration-2022-04-01",
+    changeLog: [
+        {
+            changeType: "added",
+            description: "Stable release of Role Definition API with full support for custom RBAC roles",
+            breaking: false,
+        },
+    ],
+};
+/**
+ * All supported Role Definition versions for registration
+ */
+exports.ALL_ROLE_DEFINITION_VERSIONS = [
+    exports.ROLE_DEFINITION_VERSION_2022_04_01,
+];
+/**
+ * Resource type constant
+ */
+exports.ROLE_DEFINITION_TYPE = "Microsoft.Authorization/roleDefinitions";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm9sZS1kZWZpbml0aW9uLXNjaGVtYXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYXp1cmUtcm9sZWRlZmluaXRpb24vbGliL3JvbGUtZGVmaW5pdGlvbi1zY2hlbWFzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7O0dBTUc7OztBQUVILDJHQU80RTtBQUU1RSxnRkFBZ0Y7QUFDaEYsOEJBQThCO0FBQzlCLGdGQUFnRjtBQUVoRjs7R0FFRztBQUNILE1BQU0saUJBQWlCLEdBQTBDO0lBQy9ELElBQUksRUFBRTtRQUNKLFFBQVEsRUFBRSxpQ0FBWSxDQUFDLE1BQU07UUFDN0IsUUFBUSxFQUFFLEtBQUs7UUFDZixXQUFXLEVBQ1QsNEdBQTRHO1FBQzlHLFVBQVUsRUFBRTtRQUNWLGlGQUFpRjtRQUNqRixnRUFBZ0U7UUFDaEUsMEVBQTBFO1NBQzNFO0tBQ0Y7SUFDRCxRQUFRLEVBQUU7UUFDUixRQUFRLEVBQUUsaUNBQVksQ0FBQyxNQUFNO1FBQzdCLFFBQVEsRUFBRSxJQUFJO1FBQ2QsV0FBVyxFQUNULHFGQUFxRjtRQUN2RixVQUFVLEVBQUU7WUFDVjtnQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtnQkFDckMsT0FBTyxFQUFFLDRDQUE0QzthQUN0RDtZQUNEO2dCQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxXQUFXO2dCQUN4QyxLQUFLLEVBQUUsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLFNBQVMsRUFBRSxHQUFHLEVBQUU7Z0JBQ3ZDLE9BQU8sRUFBRSxnREFBZ0Q7YUFDMUQ7U0FDRjtLQUNGO0lBQ0QsV0FBVyxFQUFFO1FBQ1gsUUFBUSxFQUFFLGlDQUFZLENBQUMsTUFBTTtRQUM3QixRQUFRLEVBQUUsS0FBSztRQUNmLFdBQVcsRUFDVCwyRkFBMkY7UUFDN0YsVUFBVSxFQUFFO1lBQ1Y7Z0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFdBQVc7Z0JBQ3hDLEtBQUssRUFBRSxFQUFFLFNBQVMsRUFBRSxDQUFDLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRTtnQkFDeEMsT0FBTyxFQUFFLDZDQUE2QzthQUN2RDtTQUNGO0tBQ0Y7SUFDRCxJQUFJLEVBQUU7UUFDSixRQUFRLEVBQUUsaUNBQVksQ0FBQyxNQUFNO1FBQzdCLFFBQVEsRUFBRSxLQUFLO1FBQ2YsWUFBWSxFQUFFLFlBQVk7UUFDMUIsV0FBVyxFQUNULG9FQUFvRTtRQUN0RSxVQUFVLEVBQUU7WUFDVjtnQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsYUFBYTtnQkFDMUMsS0FBSyxFQUFFLDRCQUE0QjtnQkFDbkMsT0FBTyxFQUFFLG9EQUFvRDthQUM5RDtTQUNGO0tBQ0Y7SUFDRCxXQUFXLEVBQUU7UUFDWCxRQUFRLEVBQUUsaUNBQVksQ0FBQyxLQUFLO1FBQzVCLFFBQVEsRUFBRSxJQUFJO1FBQ2QsV0FBVyxFQUNULCtFQUErRTtRQUNqRixVQUFVLEVBQUU7WUFDVjtnQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtnQkFDckMsT0FBTyxFQUFFLCtDQUErQzthQUN6RDtZQUNEO2dCQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxVQUFVO2dCQUN2QyxLQUFLLEVBQUUsaUNBQVksQ0FBQyxLQUFLO2dCQUN6QixPQUFPLEVBQUUsb0RBQW9EO2FBQzlEO1NBQ0Y7S0FDRjtJQUNELGdCQUFnQixFQUFFO1FBQ2hCLFFBQVEsRUFBRSxpQ0FBWSxDQUFDLEtBQUs7UUFDNUIsUUFBUSxFQUFFLElBQUk7UUFDZCxXQUFXLEVBQ1Qsd0dBQXdHO1FBQzFHLFVBQVUsRUFBRTtZQUNWO2dCQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxRQUFRO2dCQUNyQyxPQUFPLEVBQUUscURBQXFEO2FBQy9EO1lBQ0Q7Z0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFVBQVU7Z0JBQ3ZDLEtBQUssRUFBRSxpQ0FBWSxDQUFDLEtBQUs7Z0JBQ3pCLE9BQU8sRUFBRSxxREFBcUQ7YUFDL0Q7U0FDRjtLQUNGO0lBQ0QsYUFBYSxFQUFFO1FBQ2IsUUFBUSxFQUFFLGlDQUFZLENBQUMsS0FBSztRQUM1QixRQUFRLEVBQUUsS0FBSztRQUNmLFdBQVcsRUFBRSxrREFBa0Q7UUFDL0QsVUFBVSxFQUFFO1lBQ1Y7Z0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFVBQVU7Z0JBQ3ZDLEtBQUssRUFBRSxpQ0FBWSxDQUFDLEtBQUs7Z0JBQ3pCLE9BQU8sRUFBRSwyQ0FBMkM7YUFDckQ7U0FDRjtLQUNGO0NBQ0YsQ0FBQztBQUVGLGdGQUFnRjtBQUNoRiwyQkFBMkI7QUFDM0IsZ0ZBQWdGO0FBRWhGOzs7R0FHRztBQUNVLFFBQUEsaUNBQWlDLEdBQWM7SUFDMUQsWUFBWSxFQUFFLHlDQUF5QztJQUN2RCxPQUFPLEVBQUUsWUFBWTtJQUNyQixVQUFVLEVBQUU7UUFDVixHQUFHLGlCQUFpQjtLQUNyQjtJQUNELFFBQVEsRUFBRSxDQUFDLFVBQVUsRUFBRSxhQUFhLEVBQUUsa0JBQWtCLENBQUM7SUFDekQsUUFBUSxFQUFFLENBQUMsTUFBTSxFQUFFLGFBQWEsRUFBRSxNQUFNLEVBQUUsZUFBZSxDQUFDO0lBQzFELFVBQVUsRUFBRSxFQUFFO0lBQ2QsbUJBQW1CLEVBQUUsRUFBRTtJQUN2QixlQUFlLEVBQUU7UUFDZjtZQUNFLFFBQVEsRUFBRSxVQUFVO1lBQ3BCLEtBQUssRUFBRTtnQkFDTDtvQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtvQkFDckMsT0FBTyxFQUFFLDRDQUE0QztpQkFDdEQ7YUFDRjtTQUNGO1FBQ0Q7WUFDRSxRQUFRLEVBQUUsYUFBYTtZQUN2QixLQUFLLEVBQUU7Z0JBQ0w7b0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7b0JBQ3JDLE9BQU8sRUFBRSwrQ0FBK0M7aUJBQ3pEO2FBQ0Y7U0FDRjtRQUNEO1lBQ0UsUUFBUSxFQUFFLGtCQUFrQjtZQUM1QixLQUFLLEVBQUU7Z0JBQ0w7b0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7b0JBQ3JDLE9BQU8sRUFBRSxxREFBcUQ7aUJBQy9EO2FBQ0Y7U0FDRjtLQUNGO0NBQ0YsQ0FBQztBQUVGLGdGQUFnRjtBQUNoRix5QkFBeUI7QUFDekIsZ0ZBQWdGO0FBRWhGOztHQUVHO0FBQ1UsUUFBQSxrQ0FBa0MsR0FBa0I7SUFDL0QsT0FBTyxFQUFFLFlBQVk7SUFDckIsTUFBTSxFQUFFLHlDQUFpQztJQUN6QyxZQUFZLEVBQUUsd0NBQW1CLENBQUMsTUFBTTtJQUN4QyxXQUFXLEVBQUUsWUFBWTtJQUN6QixlQUFlLEVBQUUsU0FBUztJQUMxQixVQUFVLEVBQUUsU0FBUztJQUNyQixlQUFlLEVBQUUsRUFBRTtJQUNuQixjQUFjLEVBQUUsNENBQTRDO0lBQzVELFNBQVMsRUFBRTtRQUNUO1lBQ0UsVUFBVSxFQUFFLE9BQU87WUFDbkIsV0FBVyxFQUNULCtFQUErRTtZQUNqRixRQUFRLEVBQUUsS0FBSztTQUNoQjtLQUNGO0NBQ0YsQ0FBQztBQUVGOztHQUVHO0FBQ1UsUUFBQSw0QkFBNEIsR0FBb0I7SUFDM0QsMENBQWtDO0NBQ25DLENBQUM7QUFFRjs7R0FFRztBQUNVLFFBQUEsb0JBQW9CLEdBQUcseUNBQXlDLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIEFQSSBzY2hlbWFzIGZvciBBenVyZSBSb2xlIERlZmluaXRpb24gYWNyb3NzIGFsbCBzdXBwb3J0ZWQgdmVyc2lvbnNcbiAqXG4gKiBUaGlzIGZpbGUgZGVmaW5lcyB0aGUgY29tcGxldGUgQVBJIHNjaGVtYXMgZm9yIE1pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVEZWZpbml0aW9uc1xuICogYWNyb3NzIGFsbCBzdXBwb3J0ZWQgQVBJIHZlcnNpb25zLiBUaGUgc2NoZW1hcyBhcmUgdXNlZCBieSB0aGUgVmVyc2lvbmVkQXphcGlSZXNvdXJjZVxuICogZnJhbWV3b3JrIGZvciB2YWxpZGF0aW9uLCB0cmFuc2Zvcm1hdGlvbiwgYW5kIHZlcnNpb24gbWFuYWdlbWVudC5cbiAqL1xuXG5pbXBvcnQge1xuICBBcGlTY2hlbWEsXG4gIFByb3BlcnR5RGVmaW5pdGlvbixcbiAgUHJvcGVydHlUeXBlLFxuICBWYWxpZGF0aW9uUnVsZVR5cGUsXG4gIFZlcnNpb25Db25maWcsXG4gIFZlcnNpb25TdXBwb3J0TGV2ZWwsXG59IGZyb20gXCIuLi8uLi9jb3JlLWF6dXJlL2xpYi92ZXJzaW9uLW1hbmFnZXIvaW50ZXJmYWNlcy92ZXJzaW9uLWludGVyZmFjZXNcIjtcblxuLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cbi8vIENPTU1PTiBQUk9QRVJUWSBERUZJTklUSU9OU1xuLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cblxuLyoqXG4gKiBDb21tb24gcHJvcGVydHkgZGVmaW5pdGlvbnMgc2hhcmVkIGFjcm9zcyBhbGwgUm9sZSBEZWZpbml0aW9uIHZlcnNpb25zXG4gKi9cbmNvbnN0IENPTU1PTl9QUk9QRVJUSUVTOiB7IFtrZXk6IHN0cmluZ106IFByb3BlcnR5RGVmaW5pdGlvbiB9ID0ge1xuICBuYW1lOiB7XG4gICAgZGF0YVR5cGU6IFByb3BlcnR5VHlwZS5TVFJJTkcsXG4gICAgcmVxdWlyZWQ6IGZhbHNlLFxuICAgIGRlc2NyaXB0aW9uOlxuICAgICAgXCJUaGUgbmFtZSBvZiB0aGUgcm9sZSBkZWZpbml0aW9uIHJlc291cmNlLiBBdXRvbWF0aWNhbGx5IGdlbmVyYXRlZCBhcyBhIEdVSUQgYnkgVGVycmFmb3JtJ3MgZ3VpZCgpIGZ1bmN0aW9uXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAgLy8gTm90ZTogTm8gcGF0dGVybiB2YWxpZGF0aW9uIGhlcmUgYmVjYXVzZSB0aGUgbmFtZSB3aWxsIGJlIGEgVGVycmFmb3JtIGZ1bmN0aW9uXG4gICAgICAvLyBndWlkKCkgdGhhdCBnZXRzIGV2YWx1YXRlZCBhdCBhcHBseSB0aW1lLCBub3Qgc3ludGhlc2lzIHRpbWUuXG4gICAgICAvLyBBenVyZSB3aWxsIHZhbGlkYXRlIHRoZSBmaW5hbCBHVUlEIGZvcm1hdCB3aGVuIHRoZSByZXNvdXJjZSBpcyBjcmVhdGVkLlxuICAgIF0sXG4gIH0sXG4gIHJvbGVOYW1lOiB7XG4gICAgZGF0YVR5cGU6IFByb3BlcnR5VHlwZS5TVFJJTkcsXG4gICAgcmVxdWlyZWQ6IHRydWUsXG4gICAgZGVzY3JpcHRpb246XG4gICAgICBcIlRoZSBuYW1lIG9mIHRoZSByb2xlIGRlZmluaXRpb24uIFRoaXMgaXMgdGhlIGRpc3BsYXkgbmFtZSBzaG93biBpbiB0aGUgQXp1cmUgcG9ydGFsXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICBtZXNzYWdlOiBcIlJvbGUgbmFtZSBpcyByZXF1aXJlZCBmb3Igcm9sZSBkZWZpbml0aW9uc1wiLFxuICAgICAgfSxcbiAgICAgIHtcbiAgICAgICAgcnVsZVR5cGU6IFZhbGlkYXRpb25SdWxlVHlwZS5WQUxVRV9SQU5HRSxcbiAgICAgICAgdmFsdWU6IHsgbWluTGVuZ3RoOiAxLCBtYXhMZW5ndGg6IDEyOCB9LFxuICAgICAgICBtZXNzYWdlOiBcIlJvbGUgbmFtZSBtdXN0IGJlIGJldHdlZW4gMSBhbmQgMTI4IGNoYXJhY3RlcnNcIixcbiAgICAgIH0sXG4gICAgXSxcbiAgfSxcbiAgZGVzY3JpcHRpb246IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLlNUUklORyxcbiAgICByZXF1aXJlZDogZmFsc2UsXG4gICAgZGVzY3JpcHRpb246XG4gICAgICBcIlRoZSByb2xlIGRlZmluaXRpb24gZGVzY3JpcHRpb24uIFByb3ZpZGVzIGRldGFpbGVkIGluZm9ybWF0aW9uIGFib3V0IHdoYXQgdGhlIHJvbGUgYWxsb3dzXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlZBTFVFX1JBTkdFLFxuICAgICAgICB2YWx1ZTogeyBtaW5MZW5ndGg6IDAsIG1heExlbmd0aDogMTAyNCB9LFxuICAgICAgICBtZXNzYWdlOiBcIkRlc2NyaXB0aW9uIG11c3Qgbm90IGV4Y2VlZCAxMDI0IGNoYXJhY3RlcnNcIixcbiAgICAgIH0sXG4gICAgXSxcbiAgfSxcbiAgdHlwZToge1xuICAgIGRhdGFUeXBlOiBQcm9wZXJ0eVR5cGUuU1RSSU5HLFxuICAgIHJlcXVpcmVkOiBmYWxzZSxcbiAgICBkZWZhdWx0VmFsdWU6IFwiQ3VzdG9tUm9sZVwiLFxuICAgIGRlc2NyaXB0aW9uOlxuICAgICAgXCJUaGUgdHlwZSBvZiByb2xlIGRlZmluaXRpb24uIFZhbGlkIHZhbHVlczogQnVpbHRJblJvbGUsIEN1c3RvbVJvbGVcIixcbiAgICB2YWxpZGF0aW9uOiBbXG4gICAgICB7XG4gICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUEFUVEVSTl9NQVRDSCxcbiAgICAgICAgdmFsdWU6IFwiXihCdWlsdEluUm9sZXxDdXN0b21Sb2xlKSRcIixcbiAgICAgICAgbWVzc2FnZTogXCJSb2xlIHR5cGUgbXVzdCBiZSBlaXRoZXIgQnVpbHRJblJvbGUgb3IgQ3VzdG9tUm9sZVwiLFxuICAgICAgfSxcbiAgICBdLFxuICB9LFxuICBwZXJtaXNzaW9uczoge1xuICAgIGRhdGFUeXBlOiBQcm9wZXJ0eVR5cGUuQVJSQVksXG4gICAgcmVxdWlyZWQ6IHRydWUsXG4gICAgZGVzY3JpcHRpb246XG4gICAgICBcIkFuIGFycmF5IG9mIHBlcm1pc3Npb25zIG9iamVjdHMgdGhhdCBkZWZpbmUgd2hhdCBhY3Rpb25zIHRoZSByb2xlIGNhbiBwZXJmb3JtXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICBtZXNzYWdlOiBcIlBlcm1pc3Npb25zIGFyZSByZXF1aXJlZCBmb3Igcm9sZSBkZWZpbml0aW9uc1wiLFxuICAgICAgfSxcbiAgICAgIHtcbiAgICAgICAgcnVsZVR5cGU6IFZhbGlkYXRpb25SdWxlVHlwZS5UWVBFX0NIRUNLLFxuICAgICAgICB2YWx1ZTogUHJvcGVydHlUeXBlLkFSUkFZLFxuICAgICAgICBtZXNzYWdlOiBcIlBlcm1pc3Npb25zIG11c3QgYmUgYW4gYXJyYXkgb2YgcGVybWlzc2lvbiBvYmplY3RzXCIsXG4gICAgICB9LFxuICAgIF0sXG4gIH0sXG4gIGFzc2lnbmFibGVTY29wZXM6IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLkFSUkFZLFxuICAgIHJlcXVpcmVkOiB0cnVlLFxuICAgIGRlc2NyaXB0aW9uOlxuICAgICAgXCJBbiBhcnJheSBvZiBzY29wZXMgd2hlcmUgdGhpcyByb2xlIGNhbiBiZSBhc3NpZ25lZCAoc3Vic2NyaXB0aW9uLCByZXNvdXJjZSBncm91cCwgb3IgbWFuYWdlbWVudCBncm91cClcIixcbiAgICB2YWxpZGF0aW9uOiBbXG4gICAgICB7XG4gICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgIG1lc3NhZ2U6IFwiQXNzaWduYWJsZSBzY29wZXMgYXJlIHJlcXVpcmVkIGZvciByb2xlIGRlZmluaXRpb25zXCIsXG4gICAgICB9LFxuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlRZUEVfQ0hFQ0ssXG4gICAgICAgIHZhbHVlOiBQcm9wZXJ0eVR5cGUuQVJSQVksXG4gICAgICAgIG1lc3NhZ2U6IFwiQXNzaWduYWJsZSBzY29wZXMgbXVzdCBiZSBhbiBhcnJheSBvZiBzY29wZSBzdHJpbmdzXCIsXG4gICAgICB9LFxuICAgIF0sXG4gIH0sXG4gIGlnbm9yZUNoYW5nZXM6IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLkFSUkFZLFxuICAgIHJlcXVpcmVkOiBmYWxzZSxcbiAgICBkZXNjcmlwdGlvbjogXCJBcnJheSBvZiBwcm9wZXJ0eSBuYW1lcyB0byBpZ25vcmUgZHVyaW5nIHVwZGF0ZXNcIixcbiAgICB2YWxpZGF0aW9uOiBbXG4gICAgICB7XG4gICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuVFlQRV9DSEVDSyxcbiAgICAgICAgdmFsdWU6IFByb3BlcnR5VHlwZS5BUlJBWSxcbiAgICAgICAgbWVzc2FnZTogXCJJZ25vcmVDaGFuZ2VzIG11c3QgYmUgYW4gYXJyYXkgb2Ygc3RyaW5nc1wiLFxuICAgICAgfSxcbiAgICBdLFxuICB9LFxufTtcblxuLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cbi8vIFZFUlNJT04tU1BFQ0lGSUMgU0NIRU1BU1xuLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cblxuLyoqXG4gKiBBUEkgU2NoZW1hIGZvciBSb2xlIERlZmluaXRpb24gdmVyc2lvbiAyMDIyLTA0LTAxXG4gKiBUaGlzIGlzIHRoZSBsYXRlc3Qgc3RhYmxlIEFQSSB2ZXJzaW9uIGZvciByb2xlIGRlZmluaXRpb25zXG4gKi9cbmV4cG9ydCBjb25zdCBST0xFX0RFRklOSVRJT05fU0NIRU1BXzIwMjJfMDRfMDE6IEFwaVNjaGVtYSA9IHtcbiAgcmVzb3VyY2VUeXBlOiBcIk1pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVEZWZpbml0aW9uc1wiLFxuICB2ZXJzaW9uOiBcIjIwMjItMDQtMDFcIixcbiAgcHJvcGVydGllczoge1xuICAgIC4uLkNPTU1PTl9QUk9QRVJUSUVTLFxuICB9LFxuICByZXF1aXJlZDogW1wicm9sZU5hbWVcIiwgXCJwZXJtaXNzaW9uc1wiLCBcImFzc2lnbmFibGVTY29wZXNcIl0sXG4gIG9wdGlvbmFsOiBbXCJuYW1lXCIsIFwiZGVzY3JpcHRpb25cIiwgXCJ0eXBlXCIsIFwiaWdub3JlQ2hhbmdlc1wiXSxcbiAgZGVwcmVjYXRlZDogW10sXG4gIHRyYW5zZm9ybWF0aW9uUnVsZXM6IHt9LFxuICB2YWxpZGF0aW9uUnVsZXM6IFtcbiAgICB7XG4gICAgICBwcm9wZXJ0eTogXCJyb2xlTmFtZVwiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJSb2xlIG5hbWUgaXMgcmVxdWlyZWQgZm9yIHJvbGUgZGVmaW5pdGlvbnNcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgICB7XG4gICAgICBwcm9wZXJ0eTogXCJwZXJtaXNzaW9uc1wiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJQZXJtaXNzaW9ucyBhcmUgcmVxdWlyZWQgZm9yIHJvbGUgZGVmaW5pdGlvbnNcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgICB7XG4gICAgICBwcm9wZXJ0eTogXCJhc3NpZ25hYmxlU2NvcGVzXCIsXG4gICAgICBydWxlczogW1xuICAgICAgICB7XG4gICAgICAgICAgcnVsZVR5cGU6IFZhbGlkYXRpb25SdWxlVHlwZS5SRVFVSVJFRCxcbiAgICAgICAgICBtZXNzYWdlOiBcIkFzc2lnbmFibGUgc2NvcGVzIGFyZSByZXF1aXJlZCBmb3Igcm9sZSBkZWZpbml0aW9uc1wiLFxuICAgICAgICB9LFxuICAgICAgXSxcbiAgICB9LFxuICBdLFxufTtcblxuLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cbi8vIFZFUlNJT04gQ09ORklHVVJBVElPTlNcbi8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG5cbi8qKlxuICogVmVyc2lvbiBjb25maWd1cmF0aW9uIGZvciBSb2xlIERlZmluaXRpb24gMjAyMi0wNC0wMVxuICovXG5leHBvcnQgY29uc3QgUk9MRV9ERUZJTklUSU9OX1ZFUlNJT05fMjAyMl8wNF8wMTogVmVyc2lvbkNvbmZpZyA9IHtcbiAgdmVyc2lvbjogXCIyMDIyLTA0LTAxXCIsXG4gIHNjaGVtYTogUk9MRV9ERUZJTklUSU9OX1NDSEVNQV8yMDIyXzA0XzAxLFxuICBzdXBwb3J0TGV2ZWw6IFZlcnNpb25TdXBwb3J0TGV2ZWwuQUNUSVZFLFxuICByZWxlYXNlRGF0ZTogXCIyMDIyLTA0LTAxXCIsXG4gIGRlcHJlY2F0aW9uRGF0ZTogdW5kZWZpbmVkLFxuICBzdW5zZXREYXRlOiB1bmRlZmluZWQsXG4gIGJyZWFraW5nQ2hhbmdlczogW10sXG4gIG1pZ3JhdGlvbkd1aWRlOiBcIi9kb2NzL3JvbGUtZGVmaW5pdGlvbi9taWdyYXRpb24tMjAyMi0wNC0wMVwiLFxuICBjaGFuZ2VMb2c6IFtcbiAgICB7XG4gICAgICBjaGFuZ2VUeXBlOiBcImFkZGVkXCIsXG4gICAgICBkZXNjcmlwdGlvbjpcbiAgICAgICAgXCJTdGFibGUgcmVsZWFzZSBvZiBSb2xlIERlZmluaXRpb24gQVBJIHdpdGggZnVsbCBzdXBwb3J0IGZvciBjdXN0b20gUkJBQyByb2xlc1wiLFxuICAgICAgYnJlYWtpbmc6IGZhbHNlLFxuICAgIH0sXG4gIF0sXG59O1xuXG4vKipcbiAqIEFsbCBzdXBwb3J0ZWQgUm9sZSBEZWZpbml0aW9uIHZlcnNpb25zIGZvciByZWdpc3RyYXRpb25cbiAqL1xuZXhwb3J0IGNvbnN0IEFMTF9ST0xFX0RFRklOSVRJT05fVkVSU0lPTlM6IFZlcnNpb25Db25maWdbXSA9IFtcbiAgUk9MRV9ERUZJTklUSU9OX1ZFUlNJT05fMjAyMl8wNF8wMSxcbl07XG5cbi8qKlxuICogUmVzb3VyY2UgdHlwZSBjb25zdGFudFxuICovXG5leHBvcnQgY29uc3QgUk9MRV9ERUZJTklUSU9OX1RZUEUgPSBcIk1pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVEZWZpbml0aW9uc1wiO1xuIl19

package/lib/azure-roledefinition/lib/role-definition.d.ts ADDED Viewed

@@ -0,0 +1,236 @@
+/**
+ * Unified Azure Role Definition implementation using VersionedAzapiResource framework
+ *
+ * This class provides a version-aware implementation for managing Azure Role Definitions
+ * using the AZAPI provider. Role definitions define custom RBAC roles with specific
+ * permissions that can be assigned to users, groups, or service principals.
+ *
+ * Supported API Versions:
+ * - 2022-04-01 (Active, Latest)
+ *
+ * Features:
+ * - Automatic latest version resolution when no version is specified
+ * - Explicit version pinning for stability requirements
+ * - Schema-driven validation and transformation
+ * - Support for custom role permissions (actions, notActions, dataActions, notDataActions)
+ * - Assignable scopes configuration (subscription, resource group, management group)
+ * - JSII compliance for multi-language support
+ */
+import * as cdktf from "cdktf";
+import { Construct } from "constructs";
+import { AzapiResource, AzapiResourceProps } from "../../core-azure/lib/azapi/azapi-resource";
+import { ApiSchema } from "../../core-azure/lib/version-manager/interfaces/version-interfaces";
+/**
+ * Permission configuration for role definitions
+ * Defines what actions the role can perform on control plane and data plane
+ */
+export interface RoleDefinitionPermission {
+    /**
+     * Array of allowed control plane actions
+     * Actions are operations that can be performed on Azure resources
+     *
+     * @example ["Microsoft.Compute/virtualMachines/read", "Microsoft.Compute/virtualMachines/start/action"]
+     */
+    readonly actions?: string[];
+    /**
+     * Array of excluded control plane actions
+     * Actions that are explicitly denied even if included in actions array
+     *
+     * @example ["Microsoft.Compute/virtualMachines/delete"]
+     */
+    readonly notActions?: string[];
+    /**
+     * Array of allowed data plane actions
+     * Data actions are operations that can be performed on data within resources
+     *
+     * @example ["Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read"]
+     */
+    readonly dataActions?: string[];
+    /**
+     * Array of excluded data plane actions
+     * Data actions that are explicitly denied
+     *
+     * @example ["Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete"]
+     */
+    readonly notDataActions?: string[];
+}
+/**
+ * Properties for the unified Azure Role Definition
+ *
+ * Extends AzapiResourceProps with Role Definition specific properties
+ */
+export interface RoleDefinitionProps extends AzapiResourceProps {
+    /**
+     * The name of the role definition
+     * This is the display name shown in the Azure portal
+     * Required property
+     *
+     * @example "Virtual Machine Reader"
+     */
+    readonly roleName: string;
+    /**
+     * The role definition description
+     * Provides detailed information about what the role allows
+     *
+     * @example "Can view virtual machines and their properties"
+     */
+    readonly description?: string;
+    /**
+     * The type of role definition
+     * @default "CustomRole"
+     * @example "CustomRole", "BuiltInRole"
+     */
+    readonly type?: string;
+    /**
+     * An array of permissions objects that define what actions the role can perform
+     * Required property
+     *
+     * @example
+     * [
+     *   {
+     *     actions: ["Microsoft.Compute/virtualMachines/read"],
+     *     notActions: [],
+     *     dataActions: [],
+     *     notDataActions: []
+     *   }
+     * ]
+     */
+    readonly permissions: RoleDefinitionPermission[];
+    /**
+     * An array of scopes where this role can be assigned
+     * Can include subscription, resource group, or management group scopes
+     * Required property
+     *
+     * @example ["/subscriptions/00000000-0000-0000-0000-000000000000"]
+     * @example ["/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-name"]
+     */
+    readonly assignableScopes: string[];
+    /**
+     * The lifecycle rules to ignore changes
+     * @example ["description"]
+     */
+    readonly ignoreChanges?: string[];
+}
+/**
+ * Properties interface for Azure Role Definition
+ * This is required for JSII compliance to support multi-language code generation
+ */
+export interface RoleDefinitionProperties {
+    /**
+     * The name of the role definition
+     */
+    readonly roleName: string;
+    /**
+     * The role definition description
+     */
+    readonly description?: string;
+    /**
+     * The type of role definition
+     */
+    readonly type?: string;
+    /**
+     * An array of permissions objects
+     */
+    readonly permissions: RoleDefinitionPermission[];
+    /**
+     * An array of assignable scopes
+     */
+    readonly assignableScopes: string[];
+}
+/**
+ * The resource body interface for Azure Role Definition API calls
+ * This matches the Azure REST API schema for role definitions
+ */
+export interface RoleDefinitionBody {
+    /**
+     * The properties of the role definition
+     */
+    readonly properties: RoleDefinitionProperties;
+}
+/**
+ * Unified Azure Role Definition implementation
+ *
+ * This class provides a single, version-aware implementation for managing Azure
+ * Role Definitions. It automatically handles version resolution, schema validation,
+ * and property transformation.
+ *
+ * Note: Role definitions are tenant-specific resources deployed at subscription or
+ * management group scope. Unlike most Azure resources, they do not have a location
+ * property as they are not region-specific.
+ *
+ * @example
+ * Basic custom role definition for read-only access to compute resources
+ *
+ * Advanced features like data plane actions and complex permissions are supported
+ *
+ * @stability stable
+ */
+export declare class RoleDefinition extends AzapiResource {
+    /**
+     * The input properties for this Role Definition instance
+     */
+    readonly props: RoleDefinitionProps;
+    readonly idOutput: cdktf.TerraformOutput;
+    readonly nameOutput: cdktf.TerraformOutput;
+    /**
+     * Creates a new Azure Role Definition using the VersionedAzapiResource framework
+     *
+     * The constructor automatically handles version resolution, schema registration,
+     * validation, and resource creation.
+     *
+     * @param scope - The scope in which to define this construct
+     * @param id - The unique identifier for this instance
+     * @param props - Configuration properties for the Role Definition
+     */
+    constructor(scope: Construct, id: string, props: RoleDefinitionProps);
+    /**
+     * Gets the default API version to use when no explicit version is specified
+     * Returns the most recent stable version as the default
+     */
+    protected defaultVersion(): string;
+    /**
+     * Gets the Azure resource type for Role Definitions
+     */
+    protected resourceType(): string;
+    /**
+     * Gets the API schema for the resolved version
+     * Uses the framework's schema resolution to get the appropriate schema
+     */
+    protected apiSchema(): ApiSchema;
+    /**
+     * Overrides the name resolution to generate deterministic GUIDs for role definitions
+     *
+     * Role definitions require GUID format IDs. This implementation generates a deterministic
+     * UUID based on the role definition's key properties to ensure:
+     * - Same GUID is generated on re-deployments with same parameters
+     * - Idempotent deployments (no duplicate role definitions)
+     * - Consistent behavior across deployment runs
+     */
+    protected resolveName(props: AzapiResourceProps): string;
+    /**
+     * Creates the resource body for the Azure API call
+     * Transforms the input properties into the JSON format expected by Azure REST API
+     *
+     * Note: Role definitions do not have a location property as they are
+     * tenant-specific resources deployed at subscription or management group scope.
+     */
+    protected createResourceBody(props: any): any;
+    /**
+     * Get the full resource identifier for use in other Azure resources
+     * Alias for the id property
+     */
+    get resourceId(): string;
+    /**
+     * Get the role name
+     */
+    get roleName(): string;
+    /**
+     * Get the role type
+     */
+    get roleType(): string;
+    /**
+     * Applies ignore changes lifecycle rules if specified in props
+     * Always includes body.properties.assignableScopes to handle Azure API format normalization
+     */
+    private _applyIgnoreChanges;
+}