PyPI - pulumi-azuread - Versions diffs - 5.48.0a1706744699__py3-none-any.whl → 6.8.0a1766208344__py3-none-any.whl - Mend

pulumi-azuread 5.48.0a1706744699py3-none-any.whl → 6.8.0a1766208344py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pulumi-azuread might be problematic. Click here for more details.

Files changed (87) hide show

pulumi_azuread/__init__.py +48 -1
pulumi_azuread/_inputs.py +3803 -919
pulumi_azuread/_utilities.py +52 -12
pulumi_azuread/access_package.py +84 -78
pulumi_azuread/access_package_assignment_policy.py +202 -196
pulumi_azuread/access_package_catalog.py +82 -76
pulumi_azuread/access_package_catalog_role_assignment.py +73 -67
pulumi_azuread/access_package_resource_catalog_association.py +73 -67
pulumi_azuread/access_package_resource_package_association.py +79 -73
pulumi_azuread/administrative_unit.py +120 -100
pulumi_azuread/administrative_unit_member.py +66 -50
pulumi_azuread/administrative_unit_role_member.py +75 -69
pulumi_azuread/app_role_assignment.py +164 -264
pulumi_azuread/application.py +766 -692
pulumi_azuread/application_api_access.py +84 -80
pulumi_azuread/application_app_role.py +120 -116
pulumi_azuread/application_certificate.py +349 -211
pulumi_azuread/application_fallback_public_client.py +50 -44
pulumi_azuread/application_federated_identity_credential.py +142 -197
pulumi_azuread/application_from_template.py +90 -84
pulumi_azuread/application_identifier_uri.py +56 -52
pulumi_azuread/application_known_clients.py +50 -44
pulumi_azuread/application_optional_claims.py +87 -81
pulumi_azuread/application_owner.py +76 -42
pulumi_azuread/application_password.py +159 -205
pulumi_azuread/application_permission_scope.py +160 -156
pulumi_azuread/application_pre_authorized.py +120 -236
pulumi_azuread/application_redirect_uris.py +75 -69
pulumi_azuread/application_registration.py +315 -309
pulumi_azuread/authentication_strength_policy.py +73 -67
pulumi_azuread/claims_mapping_policy.py +48 -42
pulumi_azuread/conditional_access_policy.py +248 -232
pulumi_azuread/config/__init__.py +2 -1
pulumi_azuread/config/__init__.pyi +23 -17
pulumi_azuread/config/vars.py +47 -37
pulumi_azuread/custom_directory_role.py +128 -122
pulumi_azuread/directory_role.py +60 -54
pulumi_azuread/directory_role_assignment.py +194 -181
pulumi_azuread/directory_role_eligibility_schedule_request.py +86 -80
pulumi_azuread/directory_role_member.py +54 -48
pulumi_azuread/get_access_package.py +45 -31
pulumi_azuread/get_access_package_catalog.py +40 -27
pulumi_azuread/get_access_package_catalog_role.py +39 -25
pulumi_azuread/get_administrative_unit.py +42 -27
pulumi_azuread/get_application.py +135 -94
pulumi_azuread/get_application_published_app_ids.py +42 -47
pulumi_azuread/get_application_template.py +49 -33
pulumi_azuread/get_client_config.py +24 -15
pulumi_azuread/get_directory_object.py +32 -21
pulumi_azuread/get_directory_role_templates.py +20 -12
pulumi_azuread/get_directory_roles.py +23 -14
pulumi_azuread/get_domains.py +65 -46
pulumi_azuread/get_group.py +147 -88
pulumi_azuread/get_group_role_management_policy.py +178 -0
pulumi_azuread/get_groups.py +71 -51
pulumi_azuread/get_named_location.py +47 -22
pulumi_azuread/get_service_principal.py +108 -90
pulumi_azuread/get_service_principals.py +60 -64
pulumi_azuread/get_user.py +186 -118
pulumi_azuread/get_users.py +96 -53
pulumi_azuread/group.py +622 -464
pulumi_azuread/group_member.py +56 -50
pulumi_azuread/group_role_management_policy.py +544 -0
pulumi_azuread/group_without_members.py +1610 -0
pulumi_azuread/invitation.py +126 -120
pulumi_azuread/named_location.py +90 -76
pulumi_azuread/outputs.py +2844 -1308
pulumi_azuread/privileged_access_group_assignment_schedule.py +695 -0
pulumi_azuread/privileged_access_group_eligibility_schedule.py +695 -0
pulumi_azuread/provider.py +292 -246
pulumi_azuread/pulumi-plugin.json +2 -1
pulumi_azuread/service_principal.py +400 -461
pulumi_azuread/service_principal_certificate.py +230 -145
pulumi_azuread/service_principal_claims_mapping_policy_assignment.py +53 -47
pulumi_azuread/service_principal_delegated_permission_grant.py +146 -140
pulumi_azuread/service_principal_password.py +156 -141
pulumi_azuread/service_principal_token_signing_certificate.py +119 -124
pulumi_azuread/synchronization_job.py +105 -111
pulumi_azuread/synchronization_job_provision_on_demand.py +396 -0
pulumi_azuread/synchronization_secret.py +64 -70
pulumi_azuread/user.py +776 -730
pulumi_azuread/user_flow_attribute.py +76 -70
{pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/METADATA +21 -20
pulumi_azuread-6.8.0a1766208344.dist-info/RECORD +87 -0
{pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/WHEEL +1 -1
pulumi_azuread-5.48.0a1706744699.dist-info/RECORD +0 -81
{pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/top_level.txt +0 -0

pulumi_azuread/app_role_assignment.py CHANGED Viewed

@@ -1,12 +1,17 @@
 # coding=utf-8
-# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+# *** WARNING: this file was generated by pulumi-language-python. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
-import copy
+import builtins as _builtins
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
 __all__ = ['AppRoleAssignmentArgs', 'AppRoleAssignment']
@@ -14,73 +19,73 @@ __all__ = ['AppRoleAssignmentArgs', 'AppRoleAssignment']
 @pulumi.input_type
 class AppRoleAssignmentArgs:
     def __init__(__self__, *,
-                 app_role_id: pulumi.Input[str],
-                 principal_object_id: pulumi.Input[str],
-                 resource_object_id: pulumi.Input[str]):
+                 app_role_id: pulumi.Input[_builtins.str],
+                 principal_object_id: pulumi.Input[_builtins.str],
+                 resource_object_id: pulumi.Input[_builtins.str]):
         """
         The set of arguments for constructing a AppRoleAssignment resource.
-        :param pulumi.Input[str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
         """
         pulumi.set(__self__, "app_role_id", app_role_id)
         pulumi.set(__self__, "principal_object_id", principal_object_id)
         pulumi.set(__self__, "resource_object_id", resource_object_id)
-    @property
+    @_builtins.property
     @pulumi.getter(name="appRoleId")
-    def app_role_id(self) -> pulumi.Input[str]:
+    def app_role_id(self) -> pulumi.Input[_builtins.str]:
         """
         The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "app_role_id")
     @app_role_id.setter
-    def app_role_id(self, value: pulumi.Input[str]):
+    def app_role_id(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "app_role_id", value)
-    @property
+    @_builtins.property
     @pulumi.getter(name="principalObjectId")
-    def principal_object_id(self) -> pulumi.Input[str]:
+    def principal_object_id(self) -> pulumi.Input[_builtins.str]:
         """
         The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "principal_object_id")
     @principal_object_id.setter
-    def principal_object_id(self, value: pulumi.Input[str]):
+    def principal_object_id(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "principal_object_id", value)
-    @property
+    @_builtins.property
     @pulumi.getter(name="resourceObjectId")
-    def resource_object_id(self) -> pulumi.Input[str]:
+    def resource_object_id(self) -> pulumi.Input[_builtins.str]:
         """
         The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "resource_object_id")
     @resource_object_id.setter
-    def resource_object_id(self, value: pulumi.Input[str]):
+    def resource_object_id(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "resource_object_id", value)
 @pulumi.input_type
 class _AppRoleAssignmentState:
     def __init__(__self__, *,
-                 app_role_id: Optional[pulumi.Input[str]] = None,
-                 principal_display_name: Optional[pulumi.Input[str]] = None,
-                 principal_object_id: Optional[pulumi.Input[str]] = None,
-                 principal_type: Optional[pulumi.Input[str]] = None,
-                 resource_display_name: Optional[pulumi.Input[str]] = None,
-                 resource_object_id: Optional[pulumi.Input[str]] = None):
+                 app_role_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 principal_display_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 principal_object_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 principal_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 resource_display_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 resource_object_id: Optional[pulumi.Input[_builtins.str]] = None):
         """
         Input properties used for looking up and filtering AppRoleAssignment resources.
-        :param pulumi.Input[str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] principal_display_name: The display name of the principal to which the app role is assigned.
-        :param pulumi.Input[str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] principal_type: The object type of the principal to which the app role is assigned.
-        :param pulumi.Input[str] resource_display_name: The display name of the application representing the resource.
-        :param pulumi.Input[str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] principal_display_name: The display name of the principal to which the app role is assigned.
+        :param pulumi.Input[_builtins.str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] principal_type: The object type of the principal to which the app role is assigned.
+        :param pulumi.Input[_builtins.str] resource_display_name: The display name of the application representing the resource.
+        :param pulumi.Input[_builtins.str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
         """
         if app_role_id is not None:
             pulumi.set(__self__, "app_role_id", app_role_id)
@@ -95,87 +100,88 @@ class _AppRoleAssignmentState:
         if resource_object_id is not None:
             pulumi.set(__self__, "resource_object_id", resource_object_id)
-    @property
+    @_builtins.property
     @pulumi.getter(name="appRoleId")
-    def app_role_id(self) -> Optional[pulumi.Input[str]]:
+    def app_role_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "app_role_id")
     @app_role_id.setter
-    def app_role_id(self, value: Optional[pulumi.Input[str]]):
+    def app_role_id(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "app_role_id", value)
-    @property
+    @_builtins.property
     @pulumi.getter(name="principalDisplayName")
-    def principal_display_name(self) -> Optional[pulumi.Input[str]]:
+    def principal_display_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The display name of the principal to which the app role is assigned.
         """
         return pulumi.get(self, "principal_display_name")
     @principal_display_name.setter
-    def principal_display_name(self, value: Optional[pulumi.Input[str]]):
+    def principal_display_name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "principal_display_name", value)
-    @property
+    @_builtins.property
     @pulumi.getter(name="principalObjectId")
-    def principal_object_id(self) -> Optional[pulumi.Input[str]]:
+    def principal_object_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "principal_object_id")
     @principal_object_id.setter
-    def principal_object_id(self, value: Optional[pulumi.Input[str]]):
+    def principal_object_id(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "principal_object_id", value)
-    @property
+    @_builtins.property
     @pulumi.getter(name="principalType")
-    def principal_type(self) -> Optional[pulumi.Input[str]]:
+    def principal_type(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The object type of the principal to which the app role is assigned.
         """
         return pulumi.get(self, "principal_type")
     @principal_type.setter
-    def principal_type(self, value: Optional[pulumi.Input[str]]):
+    def principal_type(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "principal_type", value)
-    @property
+    @_builtins.property
     @pulumi.getter(name="resourceDisplayName")
-    def resource_display_name(self) -> Optional[pulumi.Input[str]]:
+    def resource_display_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The display name of the application representing the resource.
         """
         return pulumi.get(self, "resource_display_name")
     @resource_display_name.setter
-    def resource_display_name(self, value: Optional[pulumi.Input[str]]):
+    def resource_display_name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "resource_display_name", value)
-    @property
+    @_builtins.property
     @pulumi.getter(name="resourceObjectId")
-    def resource_object_id(self) -> Optional[pulumi.Input[str]]:
+    def resource_object_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "resource_object_id")
     @resource_object_id.setter
-    def resource_object_id(self, value: Optional[pulumi.Input[str]]):
+    def resource_object_id(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "resource_object_id", value)
+@pulumi.type_token("azuread:index/appRoleAssignment:AppRoleAssignment")
 class AppRoleAssignment(pulumi.CustomResource):
     @overload
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 app_role_id: Optional[pulumi.Input[str]] = None,
-                 principal_object_id: Optional[pulumi.Input[str]] = None,
-                 resource_object_id: Optional[pulumi.Input[str]] = None,
+                 app_role_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 principal_object_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 resource_object_id: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         """
         Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.
@@ -198,25 +204,25 @@ class AppRoleAssignment(pulumi.CustomResource):
         well_known = azuread.get_application_published_app_ids()
         msgraph = azuread.ServicePrincipal("msgraph",
-            application_id=well_known.result["MicrosoftGraph"],
+            client_id=well_known.result["microsoftGraph"],
             use_existing=True)
-        example_application = azuread.Application("exampleApplication",
+        example = azuread.Application("example",
             display_name="example",
-            required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(
-                resource_app_id=well_known.result["MicrosoftGraph"],
-                resource_accesses=[
-                    azuread.ApplicationRequiredResourceAccessResourceAccessArgs(
-                        id=msgraph.app_role_ids["User.Read.All"],
-                        type="Role",
-                    ),
-                    azuread.ApplicationRequiredResourceAccessResourceAccessArgs(
-                        id=msgraph.oauth2_permission_scope_ids["User.ReadWrite"],
-                        type="Scope",
-                    ),
+            required_resource_accesses=[{
+                "resource_app_id": well_known.result["microsoftGraph"],
+                "resource_accesses": [
+                    {
+                        "id": msgraph.app_role_ids["User.Read.All"],
+                        "type": "Role",
+                    },
+                    {
+                        "id": msgraph.oauth2_permission_scope_ids["User.ReadWrite"],
+                        "type": "Scope",
+                    },
                 ],
-            )])
-        example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
+            }])
+        example_service_principal = azuread.ServicePrincipal("example", client_id=example.client_id)
+        example_app_role_assignment = azuread.AppRoleAssignment("example",
             app_role_id=msgraph.app_role_ids["User.Read.All"],
             principal_object_id=example_service_principal.object_id,
             resource_object_id=msgraph.object_id)
@@ -228,28 +234,28 @@ class AppRoleAssignment(pulumi.CustomResource):
         import pulumi
         import pulumi_azuread as azuread
-        internal_application = azuread.Application("internalApplication",
+        internal = azuread.Application("internal",
             display_name="internal",
-            app_roles=[azuread.ApplicationAppRoleArgs(
-                allowed_member_types=["Application"],
-                description="Apps can query the database",
-                display_name="Query",
-                enabled=True,
-                id="00000000-0000-0000-0000-111111111111",
-                value="Query.All",
-            )])
-        internal_service_principal = azuread.ServicePrincipal("internalServicePrincipal", application_id=internal_application.application_id)
-        example_application = azuread.Application("exampleApplication",
+            app_roles=[{
+                "allowed_member_types": ["Application"],
+                "description": "Apps can query the database",
+                "display_name": "Query",
+                "enabled": True,
+                "id": "00000000-0000-0000-0000-111111111111",
+                "value": "Query.All",
+            }])
+        internal_service_principal = azuread.ServicePrincipal("internal", client_id=internal.client_id)
+        example = azuread.Application("example",
             display_name="example",
-            required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(
-                resource_app_id=internal_application.application_id,
-                resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(
-                    id=internal_service_principal.app_role_ids["Query.All"],
-                    type="Role",
-                )],
-            )])
-        example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
+            required_resource_accesses=[{
+                "resource_app_id": internal.client_id,
+                "resource_accesses": [{
+                    "id": internal_service_principal.app_role_ids["Query.All"],
+                    "type": "Role",
+                }],
+            }])
+        example_service_principal = azuread.ServicePrincipal("example", client_id=example.client_id)
+        example_app_role_assignment = azuread.AppRoleAssignment("example",
             app_role_id=internal_service_principal.app_role_ids["Query.All"],
             principal_object_id=example_service_principal.object_id,
             resource_object_id=internal_service_principal.object_id)
@@ -257,74 +263,21 @@ class AppRoleAssignment(pulumi.CustomResource):
         *Assign a user and group to an internal application*
-        ```python
-        import pulumi
-        import pulumi_azuread as azuread
-        example_domains = azuread.get_domains(only_initial=True)
-        internal_application = azuread.Application("internalApplication",
-            display_name="internal",
-            app_roles=[azuread.ApplicationAppRoleArgs(
-                allowed_member_types=[
-                    "Application",
-                    "User",
-                ],
-                description="Admins can perform all task actions",
-                display_name="Admin",
-                enabled=True,
-                id="00000000-0000-0000-0000-222222222222",
-                value="Admin.All",
-            )])
-        internal_service_principal = azuread.ServicePrincipal("internalServicePrincipal", application_id=internal_application.application_id)
-        example_group = azuread.Group("exampleGroup",
-            display_name="example",
-            security_enabled=True)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
-            app_role_id=internal_service_principal.app_role_ids["Admin.All"],
-            principal_object_id=example_group.object_id,
-            resource_object_id=internal_service_principal.object_id)
-        example_user = azuread.User("exampleUser",
-            display_name="D. Duck",
-            password="SecretP@sswd99!",
-            user_principal_name=f"d.duck@{example_domains.domains[0].domain_name}")
-        example_index_app_role_assignment_app_role_assignment = azuread.AppRoleAssignment("exampleIndex/appRoleAssignmentAppRoleAssignment",
-            app_role_id=internal_service_principal.app_role_ids["Admin.All"],
-            principal_object_id=example_user.object_id,
-            resource_object_id=internal_service_principal.object_id)
-        ```
-        *Assign a group to the default app role for an internal application*
-        ```python
-        import pulumi
-        import pulumi_azuread as azuread
-        internal_application = azuread.Application("internalApplication", display_name="internal")
-        internal_service_principal = azuread.ServicePrincipal("internalServicePrincipal", application_id=internal_application.application_id)
-        example_group = azuread.Group("exampleGroup",
-            display_name="example",
-            security_enabled=True)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
-            app_role_id="00000000-0000-0000-0000-000000000000",
-            principal_object_id=example_group.object_id,
-            resource_object_id=internal_service_principal.object_id)
-        ```
         ## Import
-        App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g.
+        App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g.
         ```sh
-         $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz
+        $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example /servicePrincipals/00000000-0000-0000-0000-000000000000/appRoleAssignedTo/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz
         ```
-         -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`.
+        -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `/servicePrincipals/{ResourcePrincipalID}/appRoleAssignedTo/{AppRoleAssignmentID}`.
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
         """
         ...
     @overload
@@ -353,25 +306,25 @@ class AppRoleAssignment(pulumi.CustomResource):
         well_known = azuread.get_application_published_app_ids()
         msgraph = azuread.ServicePrincipal("msgraph",
-            application_id=well_known.result["MicrosoftGraph"],
+            client_id=well_known.result["microsoftGraph"],
             use_existing=True)
-        example_application = azuread.Application("exampleApplication",
+        example = azuread.Application("example",
             display_name="example",
-            required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(
-                resource_app_id=well_known.result["MicrosoftGraph"],
-                resource_accesses=[
-                    azuread.ApplicationRequiredResourceAccessResourceAccessArgs(
-                        id=msgraph.app_role_ids["User.Read.All"],
-                        type="Role",
-                    ),
-                    azuread.ApplicationRequiredResourceAccessResourceAccessArgs(
-                        id=msgraph.oauth2_permission_scope_ids["User.ReadWrite"],
-                        type="Scope",
-                    ),
+            required_resource_accesses=[{
+                "resource_app_id": well_known.result["microsoftGraph"],
+                "resource_accesses": [
+                    {
+                        "id": msgraph.app_role_ids["User.Read.All"],
+                        "type": "Role",
+                    },
+                    {
+                        "id": msgraph.oauth2_permission_scope_ids["User.ReadWrite"],
+                        "type": "Scope",
+                    },
                 ],
-            )])
-        example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
+            }])
+        example_service_principal = azuread.ServicePrincipal("example", client_id=example.client_id)
+        example_app_role_assignment = azuread.AppRoleAssignment("example",
             app_role_id=msgraph.app_role_ids["User.Read.All"],
             principal_object_id=example_service_principal.object_id,
             resource_object_id=msgraph.object_id)
@@ -383,28 +336,28 @@ class AppRoleAssignment(pulumi.CustomResource):
         import pulumi
         import pulumi_azuread as azuread
-        internal_application = azuread.Application("internalApplication",
+        internal = azuread.Application("internal",
             display_name="internal",
-            app_roles=[azuread.ApplicationAppRoleArgs(
-                allowed_member_types=["Application"],
-                description="Apps can query the database",
-                display_name="Query",
-                enabled=True,
-                id="00000000-0000-0000-0000-111111111111",
-                value="Query.All",
-            )])
-        internal_service_principal = azuread.ServicePrincipal("internalServicePrincipal", application_id=internal_application.application_id)
-        example_application = azuread.Application("exampleApplication",
+            app_roles=[{
+                "allowed_member_types": ["Application"],
+                "description": "Apps can query the database",
+                "display_name": "Query",
+                "enabled": True,
+                "id": "00000000-0000-0000-0000-111111111111",
+                "value": "Query.All",
+            }])
+        internal_service_principal = azuread.ServicePrincipal("internal", client_id=internal.client_id)
+        example = azuread.Application("example",
             display_name="example",
-            required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(
-                resource_app_id=internal_application.application_id,
-                resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(
-                    id=internal_service_principal.app_role_ids["Query.All"],
-                    type="Role",
-                )],
-            )])
-        example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
+            required_resource_accesses=[{
+                "resource_app_id": internal.client_id,
+                "resource_accesses": [{
+                    "id": internal_service_principal.app_role_ids["Query.All"],
+                    "type": "Role",
+                }],
+            }])
+        example_service_principal = azuread.ServicePrincipal("example", client_id=example.client_id)
+        example_app_role_assignment = azuread.AppRoleAssignment("example",
             app_role_id=internal_service_principal.app_role_ids["Query.All"],
             principal_object_id=example_service_principal.object_id,
             resource_object_id=internal_service_principal.object_id)
@@ -412,68 +365,15 @@ class AppRoleAssignment(pulumi.CustomResource):
         *Assign a user and group to an internal application*
-        ```python
-        import pulumi
-        import pulumi_azuread as azuread
-        example_domains = azuread.get_domains(only_initial=True)
-        internal_application = azuread.Application("internalApplication",
-            display_name="internal",
-            app_roles=[azuread.ApplicationAppRoleArgs(
-                allowed_member_types=[
-                    "Application",
-                    "User",
-                ],
-                description="Admins can perform all task actions",
-                display_name="Admin",
-                enabled=True,
-                id="00000000-0000-0000-0000-222222222222",
-                value="Admin.All",
-            )])
-        internal_service_principal = azuread.ServicePrincipal("internalServicePrincipal", application_id=internal_application.application_id)
-        example_group = azuread.Group("exampleGroup",
-            display_name="example",
-            security_enabled=True)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
-            app_role_id=internal_service_principal.app_role_ids["Admin.All"],
-            principal_object_id=example_group.object_id,
-            resource_object_id=internal_service_principal.object_id)
-        example_user = azuread.User("exampleUser",
-            display_name="D. Duck",
-            password="SecretP@sswd99!",
-            user_principal_name=f"d.duck@{example_domains.domains[0].domain_name}")
-        example_index_app_role_assignment_app_role_assignment = azuread.AppRoleAssignment("exampleIndex/appRoleAssignmentAppRoleAssignment",
-            app_role_id=internal_service_principal.app_role_ids["Admin.All"],
-            principal_object_id=example_user.object_id,
-            resource_object_id=internal_service_principal.object_id)
-        ```
-        *Assign a group to the default app role for an internal application*
-        ```python
-        import pulumi
-        import pulumi_azuread as azuread
-        internal_application = azuread.Application("internalApplication", display_name="internal")
-        internal_service_principal = azuread.ServicePrincipal("internalServicePrincipal", application_id=internal_application.application_id)
-        example_group = azuread.Group("exampleGroup",
-            display_name="example",
-            security_enabled=True)
-        example_app_role_assignment = azuread.AppRoleAssignment("exampleAppRoleAssignment",
-            app_role_id="00000000-0000-0000-0000-000000000000",
-            principal_object_id=example_group.object_id,
-            resource_object_id=internal_service_principal.object_id)
-        ```
         ## Import
-        App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g.
+        App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g.
         ```sh
-         $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz
+        $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example /servicePrincipals/00000000-0000-0000-0000-000000000000/appRoleAssignedTo/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz
         ```
-         -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`.
+        -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `/servicePrincipals/{ResourcePrincipalID}/appRoleAssignedTo/{AppRoleAssignmentID}`.
         :param str resource_name: The name of the resource.
         :param AppRoleAssignmentArgs args: The arguments to use to populate this resource's properties.
@@ -490,9 +390,9 @@ class AppRoleAssignment(pulumi.CustomResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 app_role_id: Optional[pulumi.Input[str]] = None,
-                 principal_object_id: Optional[pulumi.Input[str]] = None,
-                 resource_object_id: Optional[pulumi.Input[str]] = None,
+                 app_role_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 principal_object_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 resource_object_id: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -524,12 +424,12 @@ class AppRoleAssignment(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
-            app_role_id: Optional[pulumi.Input[str]] = None,
-            principal_display_name: Optional[pulumi.Input[str]] = None,
-            principal_object_id: Optional[pulumi.Input[str]] = None,
-            principal_type: Optional[pulumi.Input[str]] = None,
-            resource_display_name: Optional[pulumi.Input[str]] = None,
-            resource_object_id: Optional[pulumi.Input[str]] = None) -> 'AppRoleAssignment':
+            app_role_id: Optional[pulumi.Input[_builtins.str]] = None,
+            principal_display_name: Optional[pulumi.Input[_builtins.str]] = None,
+            principal_object_id: Optional[pulumi.Input[_builtins.str]] = None,
+            principal_type: Optional[pulumi.Input[_builtins.str]] = None,
+            resource_display_name: Optional[pulumi.Input[_builtins.str]] = None,
+            resource_object_id: Optional[pulumi.Input[_builtins.str]] = None) -> 'AppRoleAssignment':
         """
         Get an existing AppRoleAssignment resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -537,12 +437,12 @@ class AppRoleAssignment(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] principal_display_name: The display name of the principal to which the app role is assigned.
-        :param pulumi.Input[str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
-        :param pulumi.Input[str] principal_type: The object type of the principal to which the app role is assigned.
-        :param pulumi.Input[str] resource_display_name: The display name of the application representing the resource.
-        :param pulumi.Input[str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] app_role_id: The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] principal_display_name: The display name of the principal to which the app role is assigned.
+        :param pulumi.Input[_builtins.str] principal_object_id: The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
+        :param pulumi.Input[_builtins.str] principal_type: The object type of the principal to which the app role is assigned.
+        :param pulumi.Input[_builtins.str] resource_display_name: The display name of the application representing the resource.
+        :param pulumi.Input[_builtins.str] resource_object_id: The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -556,49 +456,49 @@ class AppRoleAssignment(pulumi.CustomResource):
         __props__.__dict__["resource_object_id"] = resource_object_id
         return AppRoleAssignment(resource_name, opts=opts, __props__=__props__)
-    @property
+    @_builtins.property
     @pulumi.getter(name="appRoleId")
-    def app_role_id(self) -> pulumi.Output[str]:
+    def app_role_id(self) -> pulumi.Output[_builtins.str]:
         """
         The ID of the app role to be assigned, or the default role ID `00000000-0000-0000-0000-000000000000`. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "app_role_id")
-    @property
+    @_builtins.property
     @pulumi.getter(name="principalDisplayName")
-    def principal_display_name(self) -> pulumi.Output[str]:
+    def principal_display_name(self) -> pulumi.Output[_builtins.str]:
         """
         The display name of the principal to which the app role is assigned.
         """
         return pulumi.get(self, "principal_display_name")
-    @property
+    @_builtins.property
     @pulumi.getter(name="principalObjectId")
-    def principal_object_id(self) -> pulumi.Output[str]:
+    def principal_object_id(self) -> pulumi.Output[_builtins.str]:
         """
         The object ID of the user, group or service principal to be assigned this app role. Supported object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.
         """
         return pulumi.get(self, "principal_object_id")
-    @property
+    @_builtins.property
     @pulumi.getter(name="principalType")
-    def principal_type(self) -> pulumi.Output[str]:
+    def principal_type(self) -> pulumi.Output[_builtins.str]:
         """
         The object type of the principal to which the app role is assigned.
         """
         return pulumi.get(self, "principal_type")
-    @property
+    @_builtins.property
     @pulumi.getter(name="resourceDisplayName")
-    def resource_display_name(self) -> pulumi.Output[str]:
+    def resource_display_name(self) -> pulumi.Output[_builtins.str]:
         """
         The display name of the application representing the resource.
         """
         return pulumi.get(self, "resource_display_name")
-    @property
+    @_builtins.property
     @pulumi.getter(name="resourceObjectId")
-    def resource_object_id(self) -> pulumi.Output[str]:
+    def resource_object_id(self) -> pulumi.Output[_builtins.str]:
         """
         The object ID of the service principal representing the resource. Changing this forces a new resource to be created.
         """

pulumi-azuread 5.48.0a1706744699__py3-none-any.whl → 6.8.0a1766208344__py3-none-any.whl

Potentially problematic release.

pulumi-azuread 5.48.0a1706744699py3-none-any.whl → 6.8.0a1766208344py3-none-any.whl