pulumi-azure-native 2.87.0a1739193742__py3-none-any.whl → 2.87.0a1739200739__py3-none-any.whl

pulumi_azure_native/authorization/v20201001preview/role_management_policy.py

@@ -0,0 +1,326 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import copy
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from ... import _utilities
+from . import outputs
+from ._enums import *
+from ._inputs import *
+
+__all__ = ['RoleManagementPolicyArgs', 'RoleManagementPolicy']
+
+@pulumi.input_type
+class RoleManagementPolicyArgs:
+    def __init__(__self__, *,
+                 scope: pulumi.Input[str],
+                 description: Optional[pulumi.Input[str]] = None,
+                 display_name: Optional[pulumi.Input[str]] = None,
+                 is_organization_default: Optional[pulumi.Input[bool]] = None,
+                 role_management_policy_name: Optional[pulumi.Input[str]] = None,
+                 rules: Optional[pulumi.Input[Sequence[pulumi.Input[Union['RoleManagementPolicyApprovalRuleArgs', 'RoleManagementPolicyAuthenticationContextRuleArgs', 'RoleManagementPolicyEnablementRuleArgs', 'RoleManagementPolicyExpirationRuleArgs', 'RoleManagementPolicyNotificationRuleArgs']]]]] = None):
+        """
+        The set of arguments for constructing a RoleManagementPolicy resource.
+        :param pulumi.Input[str] scope: The role management policy scope.
+        :param pulumi.Input[str] description: The role management policy description.
+        :param pulumi.Input[str] display_name: The role management policy display name.
+        :param pulumi.Input[bool] is_organization_default: The role management policy is default policy.
+        :param pulumi.Input[str] role_management_policy_name: The name (guid) of the role management policy to upsert.
+        :param pulumi.Input[Sequence[pulumi.Input[Union['RoleManagementPolicyApprovalRuleArgs', 'RoleManagementPolicyAuthenticationContextRuleArgs', 'RoleManagementPolicyEnablementRuleArgs', 'RoleManagementPolicyExpirationRuleArgs', 'RoleManagementPolicyNotificationRuleArgs']]]] rules: The rule applied to the policy.
+        """
+        pulumi.set(__self__, "scope", scope)
+        if description is not None:
+            pulumi.set(__self__, "description", description)
+        if display_name is not None:
+            pulumi.set(__self__, "display_name", display_name)
+        if is_organization_default is not None:
+            pulumi.set(__self__, "is_organization_default", is_organization_default)
+        if role_management_policy_name is not None:
+            pulumi.set(__self__, "role_management_policy_name", role_management_policy_name)
+        if rules is not None:
+            pulumi.set(__self__, "rules", rules)
+
+    @property
+    @pulumi.getter
+    def scope(self) -> pulumi.Input[str]:
+        """
+        The role management policy scope.
+        """
+        return pulumi.get(self, "scope")
+
+    @scope.setter
+    def scope(self, value: pulumi.Input[str]):
+        pulumi.set(self, "scope", value)
+
+    @property
+    @pulumi.getter
+    def description(self) -> Optional[pulumi.Input[str]]:
+        """
+        The role management policy description.
+        """
+        return pulumi.get(self, "description")
+
+    @description.setter
+    def description(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "description", value)
+
+    @property
+    @pulumi.getter(name="displayName")
+    def display_name(self) -> Optional[pulumi.Input[str]]:
+        """
+        The role management policy display name.
+        """
+        return pulumi.get(self, "display_name")
+
+    @display_name.setter
+    def display_name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "display_name", value)
+
+    @property
+    @pulumi.getter(name="isOrganizationDefault")
+    def is_organization_default(self) -> Optional[pulumi.Input[bool]]:
+        """
+        The role management policy is default policy.
+        """
+        return pulumi.get(self, "is_organization_default")
+
+    @is_organization_default.setter
+    def is_organization_default(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "is_organization_default", value)
+
+    @property
+    @pulumi.getter(name="roleManagementPolicyName")
+    def role_management_policy_name(self) -> Optional[pulumi.Input[str]]:
+        """
+        The name (guid) of the role management policy to upsert.
+        """
+        return pulumi.get(self, "role_management_policy_name")
+
+    @role_management_policy_name.setter
+    def role_management_policy_name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "role_management_policy_name", value)
+
+    @property
+    @pulumi.getter
+    def rules(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Union['RoleManagementPolicyApprovalRuleArgs', 'RoleManagementPolicyAuthenticationContextRuleArgs', 'RoleManagementPolicyEnablementRuleArgs', 'RoleManagementPolicyExpirationRuleArgs', 'RoleManagementPolicyNotificationRuleArgs']]]]]:
+        """
+        The rule applied to the policy.
+        """
+        return pulumi.get(self, "rules")
+
+    @rules.setter
+    def rules(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Union['RoleManagementPolicyApprovalRuleArgs', 'RoleManagementPolicyAuthenticationContextRuleArgs', 'RoleManagementPolicyEnablementRuleArgs', 'RoleManagementPolicyExpirationRuleArgs', 'RoleManagementPolicyNotificationRuleArgs']]]]]):
+        pulumi.set(self, "rules", value)
+
+
+class RoleManagementPolicy(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 description: Optional[pulumi.Input[str]] = None,
+                 display_name: Optional[pulumi.Input[str]] = None,
+                 is_organization_default: Optional[pulumi.Input[bool]] = None,
+                 role_management_policy_name: Optional[pulumi.Input[str]] = None,
+                 rules: Optional[pulumi.Input[Sequence[pulumi.Input[Union[Union['RoleManagementPolicyApprovalRuleArgs', 'RoleManagementPolicyApprovalRuleArgsDict'], Union['RoleManagementPolicyAuthenticationContextRuleArgs', 'RoleManagementPolicyAuthenticationContextRuleArgsDict'], Union['RoleManagementPolicyEnablementRuleArgs', 'RoleManagementPolicyEnablementRuleArgsDict'], Union['RoleManagementPolicyExpirationRuleArgs', 'RoleManagementPolicyExpirationRuleArgsDict'], Union['RoleManagementPolicyNotificationRuleArgs', 'RoleManagementPolicyNotificationRuleArgsDict']]]]]] = None,
+                 scope: Optional[pulumi.Input[str]] = None,
+                 __props__=None):
+        """
+        Role management policy
+
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[str] description: The role management policy description.
+        :param pulumi.Input[str] display_name: The role management policy display name.
+        :param pulumi.Input[bool] is_organization_default: The role management policy is default policy.
+        :param pulumi.Input[str] role_management_policy_name: The name (guid) of the role management policy to upsert.
+        :param pulumi.Input[Sequence[pulumi.Input[Union[Union['RoleManagementPolicyApprovalRuleArgs', 'RoleManagementPolicyApprovalRuleArgsDict'], Union['RoleManagementPolicyAuthenticationContextRuleArgs', 'RoleManagementPolicyAuthenticationContextRuleArgsDict'], Union['RoleManagementPolicyEnablementRuleArgs', 'RoleManagementPolicyEnablementRuleArgsDict'], Union['RoleManagementPolicyExpirationRuleArgs', 'RoleManagementPolicyExpirationRuleArgsDict'], Union['RoleManagementPolicyNotificationRuleArgs', 'RoleManagementPolicyNotificationRuleArgsDict']]]]] rules: The rule applied to the policy.
+        :param pulumi.Input[str] scope: The role management policy scope.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: RoleManagementPolicyArgs,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        Role management policy
+
+        :param str resource_name: The name of the resource.
+        :param RoleManagementPolicyArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(RoleManagementPolicyArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 description: Optional[pulumi.Input[str]] = None,
+                 display_name: Optional[pulumi.Input[str]] = None,
+                 is_organization_default: Optional[pulumi.Input[bool]] = None,
+                 role_management_policy_name: Optional[pulumi.Input[str]] = None,
+                 rules: Optional[pulumi.Input[Sequence[pulumi.Input[Union[Union['RoleManagementPolicyApprovalRuleArgs', 'RoleManagementPolicyApprovalRuleArgsDict'], Union['RoleManagementPolicyAuthenticationContextRuleArgs', 'RoleManagementPolicyAuthenticationContextRuleArgsDict'], Union['RoleManagementPolicyEnablementRuleArgs', 'RoleManagementPolicyEnablementRuleArgsDict'], Union['RoleManagementPolicyExpirationRuleArgs', 'RoleManagementPolicyExpirationRuleArgsDict'], Union['RoleManagementPolicyNotificationRuleArgs', 'RoleManagementPolicyNotificationRuleArgsDict']]]]]] = None,
+                 scope: Optional[pulumi.Input[str]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = RoleManagementPolicyArgs.__new__(RoleManagementPolicyArgs)
+
+            __props__.__dict__["description"] = description
+            __props__.__dict__["display_name"] = display_name
+            __props__.__dict__["is_organization_default"] = is_organization_default
+            __props__.__dict__["role_management_policy_name"] = role_management_policy_name
+            __props__.__dict__["rules"] = rules
+            if scope is None and not opts.urn:
+                raise TypeError("Missing required property 'scope'")
+            __props__.__dict__["scope"] = scope
+            __props__.__dict__["effective_rules"] = None
+            __props__.__dict__["last_modified_by"] = None
+            __props__.__dict__["last_modified_date_time"] = None
+            __props__.__dict__["name"] = None
+            __props__.__dict__["policy_properties"] = None
+            __props__.__dict__["type"] = None
+        alias_opts = pulumi.ResourceOptions(aliases=[pulumi.Alias(type_="azure-native:authorization/v20201001:RoleManagementPolicy"), pulumi.Alias(type_="azure-native:authorization/v20240201preview:RoleManagementPolicy"), pulumi.Alias(type_="azure-native:authorization/v20240901preview:RoleManagementPolicy"), pulumi.Alias(type_="azure-native:authorization:RoleManagementPolicy")])
+        opts = pulumi.ResourceOptions.merge(opts, alias_opts)
+        super(RoleManagementPolicy, __self__).__init__(
+            'azure-native:authorization/v20201001preview:RoleManagementPolicy',
+            resource_name,
+            __props__,
+            opts)
+
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None) -> 'RoleManagementPolicy':
+        """
+        Get an existing RoleManagementPolicy resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+
+        __props__ = RoleManagementPolicyArgs.__new__(RoleManagementPolicyArgs)
+
+        __props__.__dict__["description"] = None
+        __props__.__dict__["display_name"] = None
+        __props__.__dict__["effective_rules"] = None
+        __props__.__dict__["is_organization_default"] = None
+        __props__.__dict__["last_modified_by"] = None
+        __props__.__dict__["last_modified_date_time"] = None
+        __props__.__dict__["name"] = None
+        __props__.__dict__["policy_properties"] = None
+        __props__.__dict__["rules"] = None
+        __props__.__dict__["scope"] = None
+        __props__.__dict__["type"] = None
+        return RoleManagementPolicy(resource_name, opts=opts, __props__=__props__)
+
+    @property
+    @pulumi.getter
+    def description(self) -> pulumi.Output[Optional[str]]:
+        """
+        The role management policy description.
+        """
+        return pulumi.get(self, "description")
+
+    @property
+    @pulumi.getter(name="displayName")
+    def display_name(self) -> pulumi.Output[Optional[str]]:
+        """
+        The role management policy display name.
+        """
+        return pulumi.get(self, "display_name")
+
+    @property
+    @pulumi.getter(name="effectiveRules")
+    def effective_rules(self) -> pulumi.Output[Sequence[Any]]:
+        """
+        The readonly computed rule applied to the policy.
+        """
+        return pulumi.get(self, "effective_rules")
+
+    @property
+    @pulumi.getter(name="isOrganizationDefault")
+    def is_organization_default(self) -> pulumi.Output[Optional[bool]]:
+        """
+        The role management policy is default policy.
+        """
+        return pulumi.get(self, "is_organization_default")
+
+    @property
+    @pulumi.getter(name="lastModifiedBy")
+    def last_modified_by(self) -> pulumi.Output['outputs.PrincipalResponse']:
+        """
+        The name of the entity last modified it
+        """
+        return pulumi.get(self, "last_modified_by")
+
+    @property
+    @pulumi.getter(name="lastModifiedDateTime")
+    def last_modified_date_time(self) -> pulumi.Output[str]:
+        """
+        The last modified date time.
+        """
+        return pulumi.get(self, "last_modified_date_time")
+
+    @property
+    @pulumi.getter
+    def name(self) -> pulumi.Output[str]:
+        """
+        The role management policy name.
+        """
+        return pulumi.get(self, "name")
+
+    @property
+    @pulumi.getter(name="policyProperties")
+    def policy_properties(self) -> pulumi.Output['outputs.PolicyPropertiesResponse']:
+        """
+        Additional properties of scope
+        """
+        return pulumi.get(self, "policy_properties")
+
+    @property
+    @pulumi.getter
+    def rules(self) -> pulumi.Output[Optional[Sequence[Any]]]:
+        """
+        The rule applied to the policy.
+        """
+        return pulumi.get(self, "rules")
+
+    @property
+    @pulumi.getter
+    def scope(self) -> pulumi.Output[Optional[str]]:
+        """
+        The role management policy scope.
+        """
+        return pulumi.get(self, "scope")
+
+    @property
+    @pulumi.getter
+    def type(self) -> pulumi.Output[str]:
+        """
+        The role management policy type.
+        """
+        return pulumi.get(self, "type")
+

pulumi_azure_native/authorization/v20240201preview/__init__.py

@@ -5,6 +5,10 @@
 from ... import _utilities
 import typing
 # Export this package's modules as members:
+from ._enums import *
+from .get_role_management_policy import *
 from .get_role_management_policy_assignment import *
+from .role_management_policy import *
 from .role_management_policy_assignment import *
+from ._inputs import *
 from . import outputs

pulumi_azure_native/authorization/v20240201preview/_enums.py

@@ -0,0 +1,96 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+from enum import Enum
+
+__all__ = [
+    'ApprovalMode',
+    'EnablementRules',
+    'ExcludedPrincipalTypes',
+    'NotificationDeliveryMechanism',
+    'NotificationLevel',
+    'PIMOnlyMode',
+    'RecipientType',
+    'RoleManagementPolicyRuleType',
+    'UserType',
+]
+
+
+class ApprovalMode(str, Enum):
+    """
+    The type of rule
+    """
+    SINGLE_STAGE = "SingleStage"
+    SERIAL = "Serial"
+    PARALLEL = "Parallel"
+    NO_APPROVAL = "NoApproval"
+
+
+class EnablementRules(str, Enum):
+    """
+    The type of enablement rule
+    """
+    MULTI_FACTOR_AUTHENTICATION = "MultiFactorAuthentication"
+    JUSTIFICATION = "Justification"
+    TICKETING = "Ticketing"
+
+
+class ExcludedPrincipalTypes(str, Enum):
+    SERVICE_PRINCIPALS_AS_TARGET = "ServicePrincipalsAsTarget"
+    SERVICE_PRINCIPALS_AS_REQUESTOR = "ServicePrincipalsAsRequestor"
+
+
+class NotificationDeliveryMechanism(str, Enum):
+    """
+    The type of notification.
+    """
+    EMAIL = "Email"
+
+
+class NotificationLevel(str, Enum):
+    """
+    The notification level.
+    """
+    NONE = "None"
+    CRITICAL = "Critical"
+    ALL = "All"
+
+
+class PIMOnlyMode(str, Enum):
+    """
+    Determines whether the setting is enabled, disabled or report only.
+    """
+    DISABLED = "Disabled"
+    ENABLED = "Enabled"
+    REPORT_ONLY = "ReportOnly"
+
+
+class RecipientType(str, Enum):
+    """
+    The recipient type.
+    """
+    REQUESTOR = "Requestor"
+    APPROVER = "Approver"
+    ADMIN = "Admin"
+
+
+class RoleManagementPolicyRuleType(str, Enum):
+    """
+    The type of rule
+    """
+    ROLE_MANAGEMENT_POLICY_APPROVAL_RULE = "RoleManagementPolicyApprovalRule"
+    ROLE_MANAGEMENT_POLICY_AUTHENTICATION_CONTEXT_RULE = "RoleManagementPolicyAuthenticationContextRule"
+    ROLE_MANAGEMENT_POLICY_ENABLEMENT_RULE = "RoleManagementPolicyEnablementRule"
+    ROLE_MANAGEMENT_POLICY_EXPIRATION_RULE = "RoleManagementPolicyExpirationRule"
+    ROLE_MANAGEMENT_POLICY_NOTIFICATION_RULE = "RoleManagementPolicyNotificationRule"
+    ROLE_MANAGEMENT_POLICY_PIM_ONLY_MODE_RULE = "RoleManagementPolicyPimOnlyModeRule"
+
+
+class UserType(str, Enum):
+    """
+    The type of user.
+    """
+    USER = "User"
+    GROUP = "Group"
+    SERVICE_PRINCIPAL = "ServicePrincipal"