pulumi-azuread 5.48.0a1706744699__py3-none-any.whl → 6.8.0a1766208344__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pulumi-azuread might be problematic. Click here for more details.
- pulumi_azuread/__init__.py +48 -1
- pulumi_azuread/_inputs.py +3803 -919
- pulumi_azuread/_utilities.py +52 -12
- pulumi_azuread/access_package.py +84 -78
- pulumi_azuread/access_package_assignment_policy.py +202 -196
- pulumi_azuread/access_package_catalog.py +82 -76
- pulumi_azuread/access_package_catalog_role_assignment.py +73 -67
- pulumi_azuread/access_package_resource_catalog_association.py +73 -67
- pulumi_azuread/access_package_resource_package_association.py +79 -73
- pulumi_azuread/administrative_unit.py +120 -100
- pulumi_azuread/administrative_unit_member.py +66 -50
- pulumi_azuread/administrative_unit_role_member.py +75 -69
- pulumi_azuread/app_role_assignment.py +164 -264
- pulumi_azuread/application.py +766 -692
- pulumi_azuread/application_api_access.py +84 -80
- pulumi_azuread/application_app_role.py +120 -116
- pulumi_azuread/application_certificate.py +349 -211
- pulumi_azuread/application_fallback_public_client.py +50 -44
- pulumi_azuread/application_federated_identity_credential.py +142 -197
- pulumi_azuread/application_from_template.py +90 -84
- pulumi_azuread/application_identifier_uri.py +56 -52
- pulumi_azuread/application_known_clients.py +50 -44
- pulumi_azuread/application_optional_claims.py +87 -81
- pulumi_azuread/application_owner.py +76 -42
- pulumi_azuread/application_password.py +159 -205
- pulumi_azuread/application_permission_scope.py +160 -156
- pulumi_azuread/application_pre_authorized.py +120 -236
- pulumi_azuread/application_redirect_uris.py +75 -69
- pulumi_azuread/application_registration.py +315 -309
- pulumi_azuread/authentication_strength_policy.py +73 -67
- pulumi_azuread/claims_mapping_policy.py +48 -42
- pulumi_azuread/conditional_access_policy.py +248 -232
- pulumi_azuread/config/__init__.py +2 -1
- pulumi_azuread/config/__init__.pyi +23 -17
- pulumi_azuread/config/vars.py +47 -37
- pulumi_azuread/custom_directory_role.py +128 -122
- pulumi_azuread/directory_role.py +60 -54
- pulumi_azuread/directory_role_assignment.py +194 -181
- pulumi_azuread/directory_role_eligibility_schedule_request.py +86 -80
- pulumi_azuread/directory_role_member.py +54 -48
- pulumi_azuread/get_access_package.py +45 -31
- pulumi_azuread/get_access_package_catalog.py +40 -27
- pulumi_azuread/get_access_package_catalog_role.py +39 -25
- pulumi_azuread/get_administrative_unit.py +42 -27
- pulumi_azuread/get_application.py +135 -94
- pulumi_azuread/get_application_published_app_ids.py +42 -47
- pulumi_azuread/get_application_template.py +49 -33
- pulumi_azuread/get_client_config.py +24 -15
- pulumi_azuread/get_directory_object.py +32 -21
- pulumi_azuread/get_directory_role_templates.py +20 -12
- pulumi_azuread/get_directory_roles.py +23 -14
- pulumi_azuread/get_domains.py +65 -46
- pulumi_azuread/get_group.py +147 -88
- pulumi_azuread/get_group_role_management_policy.py +178 -0
- pulumi_azuread/get_groups.py +71 -51
- pulumi_azuread/get_named_location.py +47 -22
- pulumi_azuread/get_service_principal.py +108 -90
- pulumi_azuread/get_service_principals.py +60 -64
- pulumi_azuread/get_user.py +186 -118
- pulumi_azuread/get_users.py +96 -53
- pulumi_azuread/group.py +622 -464
- pulumi_azuread/group_member.py +56 -50
- pulumi_azuread/group_role_management_policy.py +544 -0
- pulumi_azuread/group_without_members.py +1610 -0
- pulumi_azuread/invitation.py +126 -120
- pulumi_azuread/named_location.py +90 -76
- pulumi_azuread/outputs.py +2844 -1308
- pulumi_azuread/privileged_access_group_assignment_schedule.py +695 -0
- pulumi_azuread/privileged_access_group_eligibility_schedule.py +695 -0
- pulumi_azuread/provider.py +292 -246
- pulumi_azuread/pulumi-plugin.json +2 -1
- pulumi_azuread/service_principal.py +400 -461
- pulumi_azuread/service_principal_certificate.py +230 -145
- pulumi_azuread/service_principal_claims_mapping_policy_assignment.py +53 -47
- pulumi_azuread/service_principal_delegated_permission_grant.py +146 -140
- pulumi_azuread/service_principal_password.py +156 -141
- pulumi_azuread/service_principal_token_signing_certificate.py +119 -124
- pulumi_azuread/synchronization_job.py +105 -111
- pulumi_azuread/synchronization_job_provision_on_demand.py +396 -0
- pulumi_azuread/synchronization_secret.py +64 -70
- pulumi_azuread/user.py +776 -730
- pulumi_azuread/user_flow_attribute.py +76 -70
- {pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/METADATA +21 -20
- pulumi_azuread-6.8.0a1766208344.dist-info/RECORD +87 -0
- {pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/WHEEL +1 -1
- pulumi_azuread-5.48.0a1706744699.dist-info/RECORD +0 -81
- {pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/top_level.txt +0 -0
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
# coding=utf-8
|
|
2
|
-
# *** WARNING: this file was generated by
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
+
import builtins as _builtins
|
|
5
6
|
import sys
|
|
6
7
|
from .vars import _ExportableConfig
|
|
7
8
|
|
|
@@ -1,14 +1,24 @@
|
|
|
1
1
|
# coding=utf-8
|
|
2
|
-
# *** WARNING: this file was generated by
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
-
import
|
|
5
|
+
import builtins as _builtins
|
|
6
6
|
import warnings
|
|
7
|
+
import sys
|
|
7
8
|
import pulumi
|
|
8
9
|
import pulumi.runtime
|
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
10
15
|
from .. import _utilities
|
|
11
16
|
|
|
17
|
+
adoPipelineServiceConnectionId: Optional[str]
|
|
18
|
+
"""
|
|
19
|
+
The Azure DevOps Pipeline Service Connection ID.
|
|
20
|
+
"""
|
|
21
|
+
|
|
12
22
|
clientCertificate: Optional[str]
|
|
13
23
|
"""
|
|
14
24
|
Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
|
|
@@ -16,14 +26,12 @@ Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Servic
|
|
|
16
26
|
|
|
17
27
|
clientCertificatePassword: Optional[str]
|
|
18
28
|
"""
|
|
19
|
-
The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client
|
|
20
|
-
Certificate
|
|
29
|
+
The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate
|
|
21
30
|
"""
|
|
22
31
|
|
|
23
32
|
clientCertificatePath: Optional[str]
|
|
24
33
|
"""
|
|
25
|
-
The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service
|
|
26
|
-
Principal using a Client Certificate
|
|
34
|
+
The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate
|
|
27
35
|
"""
|
|
28
36
|
|
|
29
37
|
clientId: Optional[str]
|
|
@@ -43,19 +51,14 @@ The application password to use when authenticating as a Service Principal using
|
|
|
43
51
|
|
|
44
52
|
clientSecretFilePath: Optional[str]
|
|
45
53
|
"""
|
|
46
|
-
The path to a file containing the application password to use when authenticating as a Service Principal using a Client
|
|
47
|
-
Secret
|
|
54
|
+
The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret
|
|
48
55
|
"""
|
|
49
56
|
|
|
50
57
|
disableTerraformPartnerId: Optional[bool]
|
|
51
|
-
"""
|
|
52
|
-
Disable the Terraform Partner ID, which is used if a custom `partner_id` isn't specified
|
|
53
|
-
"""
|
|
54
58
|
|
|
55
59
|
environment: str
|
|
56
60
|
"""
|
|
57
|
-
The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also
|
|
58
|
-
`usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`
|
|
61
|
+
The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`. Not used and should not be specified when `metadata_host` is specified.
|
|
59
62
|
"""
|
|
60
63
|
|
|
61
64
|
metadataHost: Optional[str]
|
|
@@ -70,14 +73,12 @@ The path to a custom endpoint for Managed Identity - in most circumstances this
|
|
|
70
73
|
|
|
71
74
|
oidcRequestToken: Optional[str]
|
|
72
75
|
"""
|
|
73
|
-
The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID
|
|
74
|
-
Connect.
|
|
76
|
+
The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID Connect.
|
|
75
77
|
"""
|
|
76
78
|
|
|
77
79
|
oidcRequestUrl: Optional[str]
|
|
78
80
|
"""
|
|
79
|
-
The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal
|
|
80
|
-
using OpenID Connect.
|
|
81
|
+
The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal using OpenID Connect.
|
|
81
82
|
"""
|
|
82
83
|
|
|
83
84
|
oidcToken: Optional[str]
|
|
@@ -100,6 +101,11 @@ tenantId: Optional[str]
|
|
|
100
101
|
The Tenant ID which should be used. Works with all authentication methods except Managed Identity
|
|
101
102
|
"""
|
|
102
103
|
|
|
104
|
+
useAksWorkloadIdentity: Optional[bool]
|
|
105
|
+
"""
|
|
106
|
+
Allow Azure AKS Workload Identity to be used for Authentication.
|
|
107
|
+
"""
|
|
108
|
+
|
|
103
109
|
useCli: Optional[bool]
|
|
104
110
|
"""
|
|
105
111
|
Allow Azure CLI to be used for Authentication
|
pulumi_azuread/config/vars.py
CHANGED
|
@@ -1,12 +1,17 @@
|
|
|
1
1
|
# coding=utf-8
|
|
2
|
-
# *** WARNING: this file was generated by
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
-
import
|
|
5
|
+
import builtins as _builtins
|
|
6
6
|
import warnings
|
|
7
|
+
import sys
|
|
7
8
|
import pulumi
|
|
8
9
|
import pulumi.runtime
|
|
9
10
|
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
10
15
|
from .. import _utilities
|
|
11
16
|
|
|
12
17
|
import types
|
|
@@ -15,146 +20,151 @@ __config__ = pulumi.Config('azuread')
|
|
|
15
20
|
|
|
16
21
|
|
|
17
22
|
class _ExportableConfig(types.ModuleType):
|
|
18
|
-
@property
|
|
23
|
+
@_builtins.property
|
|
24
|
+
def ado_pipeline_service_connection_id(self) -> Optional[str]:
|
|
25
|
+
"""
|
|
26
|
+
The Azure DevOps Pipeline Service Connection ID.
|
|
27
|
+
"""
|
|
28
|
+
return __config__.get('adoPipelineServiceConnectionId')
|
|
29
|
+
|
|
30
|
+
@_builtins.property
|
|
19
31
|
def client_certificate(self) -> Optional[str]:
|
|
20
32
|
"""
|
|
21
33
|
Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
|
|
22
34
|
"""
|
|
23
35
|
return __config__.get('clientCertificate')
|
|
24
36
|
|
|
25
|
-
@property
|
|
37
|
+
@_builtins.property
|
|
26
38
|
def client_certificate_password(self) -> Optional[str]:
|
|
27
39
|
"""
|
|
28
|
-
The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client
|
|
29
|
-
Certificate
|
|
40
|
+
The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate
|
|
30
41
|
"""
|
|
31
42
|
return __config__.get('clientCertificatePassword')
|
|
32
43
|
|
|
33
|
-
@property
|
|
44
|
+
@_builtins.property
|
|
34
45
|
def client_certificate_path(self) -> Optional[str]:
|
|
35
46
|
"""
|
|
36
|
-
The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service
|
|
37
|
-
Principal using a Client Certificate
|
|
47
|
+
The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate
|
|
38
48
|
"""
|
|
39
49
|
return __config__.get('clientCertificatePath')
|
|
40
50
|
|
|
41
|
-
@property
|
|
51
|
+
@_builtins.property
|
|
42
52
|
def client_id(self) -> Optional[str]:
|
|
43
53
|
"""
|
|
44
54
|
The Client ID which should be used for service principal authentication
|
|
45
55
|
"""
|
|
46
56
|
return __config__.get('clientId')
|
|
47
57
|
|
|
48
|
-
@property
|
|
58
|
+
@_builtins.property
|
|
49
59
|
def client_id_file_path(self) -> Optional[str]:
|
|
50
60
|
"""
|
|
51
61
|
The path to a file containing the Client ID which should be used for service principal authentication
|
|
52
62
|
"""
|
|
53
63
|
return __config__.get('clientIdFilePath')
|
|
54
64
|
|
|
55
|
-
@property
|
|
65
|
+
@_builtins.property
|
|
56
66
|
def client_secret(self) -> Optional[str]:
|
|
57
67
|
"""
|
|
58
68
|
The application password to use when authenticating as a Service Principal using a Client Secret
|
|
59
69
|
"""
|
|
60
70
|
return __config__.get('clientSecret')
|
|
61
71
|
|
|
62
|
-
@property
|
|
72
|
+
@_builtins.property
|
|
63
73
|
def client_secret_file_path(self) -> Optional[str]:
|
|
64
74
|
"""
|
|
65
|
-
The path to a file containing the application password to use when authenticating as a Service Principal using a Client
|
|
66
|
-
Secret
|
|
75
|
+
The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret
|
|
67
76
|
"""
|
|
68
77
|
return __config__.get('clientSecretFilePath')
|
|
69
78
|
|
|
70
|
-
@property
|
|
79
|
+
@_builtins.property
|
|
71
80
|
def disable_terraform_partner_id(self) -> Optional[bool]:
|
|
72
|
-
"""
|
|
73
|
-
Disable the Terraform Partner ID, which is used if a custom `partner_id` isn't specified
|
|
74
|
-
"""
|
|
75
81
|
return __config__.get_bool('disableTerraformPartnerId')
|
|
76
82
|
|
|
77
|
-
@property
|
|
83
|
+
@_builtins.property
|
|
78
84
|
def environment(self) -> str:
|
|
79
85
|
"""
|
|
80
|
-
The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also
|
|
81
|
-
`usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`
|
|
86
|
+
The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`. Not used and should not be specified when `metadata_host` is specified.
|
|
82
87
|
"""
|
|
83
88
|
return __config__.get('environment') or (_utilities.get_env('ARM_ENVIRONMENT') or 'public')
|
|
84
89
|
|
|
85
|
-
@property
|
|
90
|
+
@_builtins.property
|
|
86
91
|
def metadata_host(self) -> Optional[str]:
|
|
87
92
|
"""
|
|
88
93
|
The Hostname which should be used for the Azure Metadata Service.
|
|
89
94
|
"""
|
|
90
95
|
return __config__.get('metadataHost')
|
|
91
96
|
|
|
92
|
-
@property
|
|
97
|
+
@_builtins.property
|
|
93
98
|
def msi_endpoint(self) -> Optional[str]:
|
|
94
99
|
"""
|
|
95
100
|
The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically
|
|
96
101
|
"""
|
|
97
102
|
return __config__.get('msiEndpoint') or _utilities.get_env('ARM_MSI_ENDPOINT')
|
|
98
103
|
|
|
99
|
-
@property
|
|
104
|
+
@_builtins.property
|
|
100
105
|
def oidc_request_token(self) -> Optional[str]:
|
|
101
106
|
"""
|
|
102
|
-
The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID
|
|
103
|
-
Connect.
|
|
107
|
+
The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID Connect.
|
|
104
108
|
"""
|
|
105
109
|
return __config__.get('oidcRequestToken')
|
|
106
110
|
|
|
107
|
-
@property
|
|
111
|
+
@_builtins.property
|
|
108
112
|
def oidc_request_url(self) -> Optional[str]:
|
|
109
113
|
"""
|
|
110
|
-
The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal
|
|
111
|
-
using OpenID Connect.
|
|
114
|
+
The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal using OpenID Connect.
|
|
112
115
|
"""
|
|
113
116
|
return __config__.get('oidcRequestUrl')
|
|
114
117
|
|
|
115
|
-
@property
|
|
118
|
+
@_builtins.property
|
|
116
119
|
def oidc_token(self) -> Optional[str]:
|
|
117
120
|
"""
|
|
118
121
|
The ID token for use when authenticating as a Service Principal using OpenID Connect.
|
|
119
122
|
"""
|
|
120
123
|
return __config__.get('oidcToken')
|
|
121
124
|
|
|
122
|
-
@property
|
|
125
|
+
@_builtins.property
|
|
123
126
|
def oidc_token_file_path(self) -> Optional[str]:
|
|
124
127
|
"""
|
|
125
128
|
The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
|
|
126
129
|
"""
|
|
127
130
|
return __config__.get('oidcTokenFilePath')
|
|
128
131
|
|
|
129
|
-
@property
|
|
132
|
+
@_builtins.property
|
|
130
133
|
def partner_id(self) -> Optional[str]:
|
|
131
134
|
"""
|
|
132
135
|
A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution
|
|
133
136
|
"""
|
|
134
137
|
return __config__.get('partnerId')
|
|
135
138
|
|
|
136
|
-
@property
|
|
139
|
+
@_builtins.property
|
|
137
140
|
def tenant_id(self) -> Optional[str]:
|
|
138
141
|
"""
|
|
139
142
|
The Tenant ID which should be used. Works with all authentication methods except Managed Identity
|
|
140
143
|
"""
|
|
141
144
|
return __config__.get('tenantId')
|
|
142
145
|
|
|
143
|
-
@property
|
|
146
|
+
@_builtins.property
|
|
147
|
+
def use_aks_workload_identity(self) -> Optional[bool]:
|
|
148
|
+
"""
|
|
149
|
+
Allow Azure AKS Workload Identity to be used for Authentication.
|
|
150
|
+
"""
|
|
151
|
+
return __config__.get_bool('useAksWorkloadIdentity')
|
|
152
|
+
|
|
153
|
+
@_builtins.property
|
|
144
154
|
def use_cli(self) -> Optional[bool]:
|
|
145
155
|
"""
|
|
146
156
|
Allow Azure CLI to be used for Authentication
|
|
147
157
|
"""
|
|
148
158
|
return __config__.get_bool('useCli')
|
|
149
159
|
|
|
150
|
-
@property
|
|
160
|
+
@_builtins.property
|
|
151
161
|
def use_msi(self) -> bool:
|
|
152
162
|
"""
|
|
153
163
|
Allow Managed Identity to be used for Authentication
|
|
154
164
|
"""
|
|
155
165
|
return __config__.get_bool('useMsi') or (_utilities.get_env_bool('ARM_USE_MSI') or False)
|
|
156
166
|
|
|
157
|
-
@property
|
|
167
|
+
@_builtins.property
|
|
158
168
|
def use_oidc(self) -> Optional[bool]:
|
|
159
169
|
"""
|
|
160
170
|
Allow OpenID Connect to be used for authentication
|