PyPI - pulumi-azuread - Versions diffs - 5.48.0a1706744699__py3-none-any.whl → 6.8.0a1766208344__py3-none-any.whl - Mend

pulumi-azuread 5.48.0a1706744699py3-none-any.whl → 6.8.0a1766208344py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pulumi-azuread might be problematic. Click here for more details.

Files changed (87) hide show

pulumi_azuread/__init__.py +48 -1
pulumi_azuread/_inputs.py +3803 -919
pulumi_azuread/_utilities.py +52 -12
pulumi_azuread/access_package.py +84 -78
pulumi_azuread/access_package_assignment_policy.py +202 -196
pulumi_azuread/access_package_catalog.py +82 -76
pulumi_azuread/access_package_catalog_role_assignment.py +73 -67
pulumi_azuread/access_package_resource_catalog_association.py +73 -67
pulumi_azuread/access_package_resource_package_association.py +79 -73
pulumi_azuread/administrative_unit.py +120 -100
pulumi_azuread/administrative_unit_member.py +66 -50
pulumi_azuread/administrative_unit_role_member.py +75 -69
pulumi_azuread/app_role_assignment.py +164 -264
pulumi_azuread/application.py +766 -692
pulumi_azuread/application_api_access.py +84 -80
pulumi_azuread/application_app_role.py +120 -116
pulumi_azuread/application_certificate.py +349 -211
pulumi_azuread/application_fallback_public_client.py +50 -44
pulumi_azuread/application_federated_identity_credential.py +142 -197
pulumi_azuread/application_from_template.py +90 -84
pulumi_azuread/application_identifier_uri.py +56 -52
pulumi_azuread/application_known_clients.py +50 -44
pulumi_azuread/application_optional_claims.py +87 -81
pulumi_azuread/application_owner.py +76 -42
pulumi_azuread/application_password.py +159 -205
pulumi_azuread/application_permission_scope.py +160 -156
pulumi_azuread/application_pre_authorized.py +120 -236
pulumi_azuread/application_redirect_uris.py +75 -69
pulumi_azuread/application_registration.py +315 -309
pulumi_azuread/authentication_strength_policy.py +73 -67
pulumi_azuread/claims_mapping_policy.py +48 -42
pulumi_azuread/conditional_access_policy.py +248 -232
pulumi_azuread/config/__init__.py +2 -1
pulumi_azuread/config/__init__.pyi +23 -17
pulumi_azuread/config/vars.py +47 -37
pulumi_azuread/custom_directory_role.py +128 -122
pulumi_azuread/directory_role.py +60 -54
pulumi_azuread/directory_role_assignment.py +194 -181
pulumi_azuread/directory_role_eligibility_schedule_request.py +86 -80
pulumi_azuread/directory_role_member.py +54 -48
pulumi_azuread/get_access_package.py +45 -31
pulumi_azuread/get_access_package_catalog.py +40 -27
pulumi_azuread/get_access_package_catalog_role.py +39 -25
pulumi_azuread/get_administrative_unit.py +42 -27
pulumi_azuread/get_application.py +135 -94
pulumi_azuread/get_application_published_app_ids.py +42 -47
pulumi_azuread/get_application_template.py +49 -33
pulumi_azuread/get_client_config.py +24 -15
pulumi_azuread/get_directory_object.py +32 -21
pulumi_azuread/get_directory_role_templates.py +20 -12
pulumi_azuread/get_directory_roles.py +23 -14
pulumi_azuread/get_domains.py +65 -46
pulumi_azuread/get_group.py +147 -88
pulumi_azuread/get_group_role_management_policy.py +178 -0
pulumi_azuread/get_groups.py +71 -51
pulumi_azuread/get_named_location.py +47 -22
pulumi_azuread/get_service_principal.py +108 -90
pulumi_azuread/get_service_principals.py +60 -64
pulumi_azuread/get_user.py +186 -118
pulumi_azuread/get_users.py +96 -53
pulumi_azuread/group.py +622 -464
pulumi_azuread/group_member.py +56 -50
pulumi_azuread/group_role_management_policy.py +544 -0
pulumi_azuread/group_without_members.py +1610 -0
pulumi_azuread/invitation.py +126 -120
pulumi_azuread/named_location.py +90 -76
pulumi_azuread/outputs.py +2844 -1308
pulumi_azuread/privileged_access_group_assignment_schedule.py +695 -0
pulumi_azuread/privileged_access_group_eligibility_schedule.py +695 -0
pulumi_azuread/provider.py +292 -246
pulumi_azuread/pulumi-plugin.json +2 -1
pulumi_azuread/service_principal.py +400 -461
pulumi_azuread/service_principal_certificate.py +230 -145
pulumi_azuread/service_principal_claims_mapping_policy_assignment.py +53 -47
pulumi_azuread/service_principal_delegated_permission_grant.py +146 -140
pulumi_azuread/service_principal_password.py +156 -141
pulumi_azuread/service_principal_token_signing_certificate.py +119 -124
pulumi_azuread/synchronization_job.py +105 -111
pulumi_azuread/synchronization_job_provision_on_demand.py +396 -0
pulumi_azuread/synchronization_secret.py +64 -70
pulumi_azuread/user.py +776 -730
pulumi_azuread/user_flow_attribute.py +76 -70
{pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/METADATA +21 -20
pulumi_azuread-6.8.0a1766208344.dist-info/RECORD +87 -0
{pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/WHEEL +1 -1
pulumi_azuread-5.48.0a1706744699.dist-info/RECORD +0 -81
{pulumi_azuread-5.48.0a1706744699.dist-info → pulumi_azuread-6.8.0a1766208344.dist-info}/top_level.txt +0 -0

pulumi_azuread/privileged_access_group_assignment_schedule.py ADDED Viewed

@@ -0,0 +1,695 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from . import _utilities
+__all__ = ['PrivilegedAccessGroupAssignmentScheduleArgs', 'PrivilegedAccessGroupAssignmentSchedule']
+@pulumi.input_type
+class PrivilegedAccessGroupAssignmentScheduleArgs:
+    def __init__(__self__, *,
+                 assignment_type: pulumi.Input[_builtins.str],
+                 group_id: pulumi.Input[_builtins.str],
+                 principal_id: pulumi.Input[_builtins.str],
+                 duration: Optional[pulumi.Input[_builtins.str]] = None,
+                 expiration_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 justification: Optional[pulumi.Input[_builtins.str]] = None,
+                 permanent_assignment: Optional[pulumi.Input[_builtins.bool]] = None,
+                 start_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_number: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_system: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        The set of arguments for constructing a PrivilegedAccessGroupAssignmentSchedule resource.
+        :param pulumi.Input[_builtins.str] assignment_type: The type of assignment to the group. Can be either `member` or `owner`.
+        :param pulumi.Input[_builtins.str] group_id: The Object ID of the Azure AD group to which the principal will be assigned.
+        :param pulumi.Input[_builtins.str] principal_id: The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
+        :param pulumi.Input[_builtins.str] duration: The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
+        :param pulumi.Input[_builtins.str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
+        :param pulumi.Input[_builtins.str] justification: The justification for this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.bool] permanent_assignment: Is this assigment permanently valid.
+               At least one of `expiration_date`, `duration`, or `permanent_assignment` must be supplied. The role policy may limit the maximum duration which can be supplied.
+        :param pulumi.Input[_builtins.str] start_date: The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
+        :param pulumi.Input[_builtins.str] ticket_number: The ticket number in the ticket system approving this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.str] ticket_system: The ticket system containing the ticket number approving this assignment. May be required by the role policy.
+        """
+        pulumi.set(__self__, "assignment_type", assignment_type)
+        pulumi.set(__self__, "group_id", group_id)
+        pulumi.set(__self__, "principal_id", principal_id)
+        if duration is not None:
+            pulumi.set(__self__, "duration", duration)
+        if expiration_date is not None:
+            pulumi.set(__self__, "expiration_date", expiration_date)
+        if justification is not None:
+            pulumi.set(__self__, "justification", justification)
+        if permanent_assignment is not None:
+            pulumi.set(__self__, "permanent_assignment", permanent_assignment)
+        if start_date is not None:
+            pulumi.set(__self__, "start_date", start_date)
+        if ticket_number is not None:
+            pulumi.set(__self__, "ticket_number", ticket_number)
+        if ticket_system is not None:
+            pulumi.set(__self__, "ticket_system", ticket_system)
+    @_builtins.property
+    @pulumi.getter(name="assignmentType")
+    def assignment_type(self) -> pulumi.Input[_builtins.str]:
+        """
+        The type of assignment to the group. Can be either `member` or `owner`.
+        """
+        return pulumi.get(self, "assignment_type")
+    @assignment_type.setter
+    def assignment_type(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "assignment_type", value)
+    @_builtins.property
+    @pulumi.getter(name="groupId")
+    def group_id(self) -> pulumi.Input[_builtins.str]:
+        """
+        The Object ID of the Azure AD group to which the principal will be assigned.
+        """
+        return pulumi.get(self, "group_id")
+    @group_id.setter
+    def group_id(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "group_id", value)
+    @_builtins.property
+    @pulumi.getter(name="principalId")
+    def principal_id(self) -> pulumi.Input[_builtins.str]:
+        """
+        The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
+        """
+        return pulumi.get(self, "principal_id")
+    @principal_id.setter
+    def principal_id(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "principal_id", value)
+    @_builtins.property
+    @pulumi.getter
+    def duration(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
+        """
+        return pulumi.get(self, "duration")
+    @duration.setter
+    def duration(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "duration", value)
+    @_builtins.property
+    @pulumi.getter(name="expirationDate")
+    def expiration_date(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
+        """
+        return pulumi.get(self, "expiration_date")
+    @expiration_date.setter
+    def expiration_date(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "expiration_date", value)
+    @_builtins.property
+    @pulumi.getter
+    def justification(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The justification for this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "justification")
+    @justification.setter
+    def justification(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "justification", value)
+    @_builtins.property
+    @pulumi.getter(name="permanentAssignment")
+    def permanent_assignment(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Is this assigment permanently valid.
+        At least one of `expiration_date`, `duration`, or `permanent_assignment` must be supplied. The role policy may limit the maximum duration which can be supplied.
+        """
+        return pulumi.get(self, "permanent_assignment")
+    @permanent_assignment.setter
+    def permanent_assignment(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "permanent_assignment", value)
+    @_builtins.property
+    @pulumi.getter(name="startDate")
+    def start_date(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
+        """
+        return pulumi.get(self, "start_date")
+    @start_date.setter
+    def start_date(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "start_date", value)
+    @_builtins.property
+    @pulumi.getter(name="ticketNumber")
+    def ticket_number(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ticket number in the ticket system approving this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "ticket_number")
+    @ticket_number.setter
+    def ticket_number(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "ticket_number", value)
+    @_builtins.property
+    @pulumi.getter(name="ticketSystem")
+    def ticket_system(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ticket system containing the ticket number approving this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "ticket_system")
+    @ticket_system.setter
+    def ticket_system(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "ticket_system", value)
+@pulumi.input_type
+class _PrivilegedAccessGroupAssignmentScheduleState:
+    def __init__(__self__, *,
+                 assignment_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 duration: Optional[pulumi.Input[_builtins.str]] = None,
+                 expiration_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 group_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 justification: Optional[pulumi.Input[_builtins.str]] = None,
+                 permanent_assignment: Optional[pulumi.Input[_builtins.bool]] = None,
+                 principal_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 start_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 status: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_number: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_system: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        Input properties used for looking up and filtering PrivilegedAccessGroupAssignmentSchedule resources.
+        :param pulumi.Input[_builtins.str] assignment_type: The type of assignment to the group. Can be either `member` or `owner`.
+        :param pulumi.Input[_builtins.str] duration: The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
+        :param pulumi.Input[_builtins.str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
+        :param pulumi.Input[_builtins.str] group_id: The Object ID of the Azure AD group to which the principal will be assigned.
+        :param pulumi.Input[_builtins.str] justification: The justification for this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.bool] permanent_assignment: Is this assigment permanently valid.
+               At least one of `expiration_date`, `duration`, or `permanent_assignment` must be supplied. The role policy may limit the maximum duration which can be supplied.
+        :param pulumi.Input[_builtins.str] principal_id: The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
+        :param pulumi.Input[_builtins.str] start_date: The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
+        :param pulumi.Input[_builtins.str] status: (String) The provisioning status of this request.
+        :param pulumi.Input[_builtins.str] ticket_number: The ticket number in the ticket system approving this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.str] ticket_system: The ticket system containing the ticket number approving this assignment. May be required by the role policy.
+        """
+        if assignment_type is not None:
+            pulumi.set(__self__, "assignment_type", assignment_type)
+        if duration is not None:
+            pulumi.set(__self__, "duration", duration)
+        if expiration_date is not None:
+            pulumi.set(__self__, "expiration_date", expiration_date)
+        if group_id is not None:
+            pulumi.set(__self__, "group_id", group_id)
+        if justification is not None:
+            pulumi.set(__self__, "justification", justification)
+        if permanent_assignment is not None:
+            pulumi.set(__self__, "permanent_assignment", permanent_assignment)
+        if principal_id is not None:
+            pulumi.set(__self__, "principal_id", principal_id)
+        if start_date is not None:
+            pulumi.set(__self__, "start_date", start_date)
+        if status is not None:
+            pulumi.set(__self__, "status", status)
+        if ticket_number is not None:
+            pulumi.set(__self__, "ticket_number", ticket_number)
+        if ticket_system is not None:
+            pulumi.set(__self__, "ticket_system", ticket_system)
+    @_builtins.property
+    @pulumi.getter(name="assignmentType")
+    def assignment_type(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The type of assignment to the group. Can be either `member` or `owner`.
+        """
+        return pulumi.get(self, "assignment_type")
+    @assignment_type.setter
+    def assignment_type(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "assignment_type", value)
+    @_builtins.property
+    @pulumi.getter
+    def duration(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
+        """
+        return pulumi.get(self, "duration")
+    @duration.setter
+    def duration(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "duration", value)
+    @_builtins.property
+    @pulumi.getter(name="expirationDate")
+    def expiration_date(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
+        """
+        return pulumi.get(self, "expiration_date")
+    @expiration_date.setter
+    def expiration_date(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "expiration_date", value)
+    @_builtins.property
+    @pulumi.getter(name="groupId")
+    def group_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The Object ID of the Azure AD group to which the principal will be assigned.
+        """
+        return pulumi.get(self, "group_id")
+    @group_id.setter
+    def group_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "group_id", value)
+    @_builtins.property
+    @pulumi.getter
+    def justification(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The justification for this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "justification")
+    @justification.setter
+    def justification(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "justification", value)
+    @_builtins.property
+    @pulumi.getter(name="permanentAssignment")
+    def permanent_assignment(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Is this assigment permanently valid.
+        At least one of `expiration_date`, `duration`, or `permanent_assignment` must be supplied. The role policy may limit the maximum duration which can be supplied.
+        """
+        return pulumi.get(self, "permanent_assignment")
+    @permanent_assignment.setter
+    def permanent_assignment(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "permanent_assignment", value)
+    @_builtins.property
+    @pulumi.getter(name="principalId")
+    def principal_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
+        """
+        return pulumi.get(self, "principal_id")
+    @principal_id.setter
+    def principal_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "principal_id", value)
+    @_builtins.property
+    @pulumi.getter(name="startDate")
+    def start_date(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
+        """
+        return pulumi.get(self, "start_date")
+    @start_date.setter
+    def start_date(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "start_date", value)
+    @_builtins.property
+    @pulumi.getter
+    def status(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        (String) The provisioning status of this request.
+        """
+        return pulumi.get(self, "status")
+    @status.setter
+    def status(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "status", value)
+    @_builtins.property
+    @pulumi.getter(name="ticketNumber")
+    def ticket_number(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ticket number in the ticket system approving this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "ticket_number")
+    @ticket_number.setter
+    def ticket_number(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "ticket_number", value)
+    @_builtins.property
+    @pulumi.getter(name="ticketSystem")
+    def ticket_system(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ticket system containing the ticket number approving this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "ticket_system")
+    @ticket_system.setter
+    def ticket_system(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "ticket_system", value)
+@pulumi.type_token("azuread:index/privilegedAccessGroupAssignmentSchedule:PrivilegedAccessGroupAssignmentSchedule")
+class PrivilegedAccessGroupAssignmentSchedule(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 assignment_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 duration: Optional[pulumi.Input[_builtins.str]] = None,
+                 expiration_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 group_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 justification: Optional[pulumi.Input[_builtins.str]] = None,
+                 permanent_assignment: Optional[pulumi.Input[_builtins.bool]] = None,
+                 principal_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 start_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_number: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_system: Optional[pulumi.Input[_builtins.str]] = None,
+                 __props__=None):
+        """
+        Manages an active assignment to a privileged access group.
+        ## API Permissions
+        The following API permissions are required in order to use this resource.
+        When authenticated with a service principal, this resource requires the `PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup` Microsoft Graph API permissions.
+        When authenticated with a user principal, this resource requires `Global Administrator` directory role, or the `Privileged Role Administrator` role in Identity Governance.
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_azuread as azuread
+        example = azuread.Group("example",
+            display_name="group-name",
+            security_enabled=True)
+        member = azuread.User("member",
+            user_principal_name="jdoe@example.com",
+            display_name="J. Doe",
+            mail_nickname="jdoe",
+            password="SecretP@sswd99!")
+        example_privileged_access_group_assignment_schedule = azuread.PrivilegedAccessGroupAssignmentSchedule("example",
+            group_id=pim["id"],
+            principal_id=member.id,
+            assignment_type="member",
+            duration="P30D",
+            justification="as requested")
+        ```
+        ## Import
+        An assignment schedule can be imported using the schedule ID, e.g.
+        ```sh
+        $ pulumi import azuread:index/privilegedAccessGroupAssignmentSchedule:PrivilegedAccessGroupAssignmentSchedule example 00000000-0000-0000-0000-000000000000_member_00000000-0000-0000-0000-000000000000
+        ```
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] assignment_type: The type of assignment to the group. Can be either `member` or `owner`.
+        :param pulumi.Input[_builtins.str] duration: The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
+        :param pulumi.Input[_builtins.str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
+        :param pulumi.Input[_builtins.str] group_id: The Object ID of the Azure AD group to which the principal will be assigned.
+        :param pulumi.Input[_builtins.str] justification: The justification for this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.bool] permanent_assignment: Is this assigment permanently valid.
+               At least one of `expiration_date`, `duration`, or `permanent_assignment` must be supplied. The role policy may limit the maximum duration which can be supplied.
+        :param pulumi.Input[_builtins.str] principal_id: The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
+        :param pulumi.Input[_builtins.str] start_date: The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
+        :param pulumi.Input[_builtins.str] ticket_number: The ticket number in the ticket system approving this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.str] ticket_system: The ticket system containing the ticket number approving this assignment. May be required by the role policy.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: PrivilegedAccessGroupAssignmentScheduleArgs,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        Manages an active assignment to a privileged access group.
+        ## API Permissions
+        The following API permissions are required in order to use this resource.
+        When authenticated with a service principal, this resource requires the `PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup` Microsoft Graph API permissions.
+        When authenticated with a user principal, this resource requires `Global Administrator` directory role, or the `Privileged Role Administrator` role in Identity Governance.
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_azuread as azuread
+        example = azuread.Group("example",
+            display_name="group-name",
+            security_enabled=True)
+        member = azuread.User("member",
+            user_principal_name="jdoe@example.com",
+            display_name="J. Doe",
+            mail_nickname="jdoe",
+            password="SecretP@sswd99!")
+        example_privileged_access_group_assignment_schedule = azuread.PrivilegedAccessGroupAssignmentSchedule("example",
+            group_id=pim["id"],
+            principal_id=member.id,
+            assignment_type="member",
+            duration="P30D",
+            justification="as requested")
+        ```
+        ## Import
+        An assignment schedule can be imported using the schedule ID, e.g.
+        ```sh
+        $ pulumi import azuread:index/privilegedAccessGroupAssignmentSchedule:PrivilegedAccessGroupAssignmentSchedule example 00000000-0000-0000-0000-000000000000_member_00000000-0000-0000-0000-000000000000
+        ```
+        :param str resource_name: The name of the resource.
+        :param PrivilegedAccessGroupAssignmentScheduleArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(PrivilegedAccessGroupAssignmentScheduleArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 assignment_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 duration: Optional[pulumi.Input[_builtins.str]] = None,
+                 expiration_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 group_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 justification: Optional[pulumi.Input[_builtins.str]] = None,
+                 permanent_assignment: Optional[pulumi.Input[_builtins.bool]] = None,
+                 principal_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 start_date: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_number: Optional[pulumi.Input[_builtins.str]] = None,
+                 ticket_system: Optional[pulumi.Input[_builtins.str]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = PrivilegedAccessGroupAssignmentScheduleArgs.__new__(PrivilegedAccessGroupAssignmentScheduleArgs)
+            if assignment_type is None and not opts.urn:
+                raise TypeError("Missing required property 'assignment_type'")
+            __props__.__dict__["assignment_type"] = assignment_type
+            __props__.__dict__["duration"] = duration
+            __props__.__dict__["expiration_date"] = expiration_date
+            if group_id is None and not opts.urn:
+                raise TypeError("Missing required property 'group_id'")
+            __props__.__dict__["group_id"] = group_id
+            __props__.__dict__["justification"] = justification
+            __props__.__dict__["permanent_assignment"] = permanent_assignment
+            if principal_id is None and not opts.urn:
+                raise TypeError("Missing required property 'principal_id'")
+            __props__.__dict__["principal_id"] = principal_id
+            __props__.__dict__["start_date"] = start_date
+            __props__.__dict__["ticket_number"] = ticket_number
+            __props__.__dict__["ticket_system"] = ticket_system
+            __props__.__dict__["status"] = None
+        super(PrivilegedAccessGroupAssignmentSchedule, __self__).__init__(
+            'azuread:index/privilegedAccessGroupAssignmentSchedule:PrivilegedAccessGroupAssignmentSchedule',
+            resource_name,
+            __props__,
+            opts)
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            assignment_type: Optional[pulumi.Input[_builtins.str]] = None,
+            duration: Optional[pulumi.Input[_builtins.str]] = None,
+            expiration_date: Optional[pulumi.Input[_builtins.str]] = None,
+            group_id: Optional[pulumi.Input[_builtins.str]] = None,
+            justification: Optional[pulumi.Input[_builtins.str]] = None,
+            permanent_assignment: Optional[pulumi.Input[_builtins.bool]] = None,
+            principal_id: Optional[pulumi.Input[_builtins.str]] = None,
+            start_date: Optional[pulumi.Input[_builtins.str]] = None,
+            status: Optional[pulumi.Input[_builtins.str]] = None,
+            ticket_number: Optional[pulumi.Input[_builtins.str]] = None,
+            ticket_system: Optional[pulumi.Input[_builtins.str]] = None) -> 'PrivilegedAccessGroupAssignmentSchedule':
+        """
+        Get an existing PrivilegedAccessGroupAssignmentSchedule resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] assignment_type: The type of assignment to the group. Can be either `member` or `owner`.
+        :param pulumi.Input[_builtins.str] duration: The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
+        :param pulumi.Input[_builtins.str] expiration_date: The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
+        :param pulumi.Input[_builtins.str] group_id: The Object ID of the Azure AD group to which the principal will be assigned.
+        :param pulumi.Input[_builtins.str] justification: The justification for this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.bool] permanent_assignment: Is this assigment permanently valid.
+               At least one of `expiration_date`, `duration`, or `permanent_assignment` must be supplied. The role policy may limit the maximum duration which can be supplied.
+        :param pulumi.Input[_builtins.str] principal_id: The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
+        :param pulumi.Input[_builtins.str] start_date: The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
+        :param pulumi.Input[_builtins.str] status: (String) The provisioning status of this request.
+        :param pulumi.Input[_builtins.str] ticket_number: The ticket number in the ticket system approving this assignment. May be required by the role policy.
+        :param pulumi.Input[_builtins.str] ticket_system: The ticket system containing the ticket number approving this assignment. May be required by the role policy.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+        __props__ = _PrivilegedAccessGroupAssignmentScheduleState.__new__(_PrivilegedAccessGroupAssignmentScheduleState)
+        __props__.__dict__["assignment_type"] = assignment_type
+        __props__.__dict__["duration"] = duration
+        __props__.__dict__["expiration_date"] = expiration_date
+        __props__.__dict__["group_id"] = group_id
+        __props__.__dict__["justification"] = justification
+        __props__.__dict__["permanent_assignment"] = permanent_assignment
+        __props__.__dict__["principal_id"] = principal_id
+        __props__.__dict__["start_date"] = start_date
+        __props__.__dict__["status"] = status
+        __props__.__dict__["ticket_number"] = ticket_number
+        __props__.__dict__["ticket_system"] = ticket_system
+        return PrivilegedAccessGroupAssignmentSchedule(resource_name, opts=opts, __props__=__props__)
+    @_builtins.property
+    @pulumi.getter(name="assignmentType")
+    def assignment_type(self) -> pulumi.Output[_builtins.str]:
+        """
+        The type of assignment to the group. Can be either `member` or `owner`.
+        """
+        return pulumi.get(self, "assignment_type")
+    @_builtins.property
+    @pulumi.getter
+    def duration(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
+        """
+        return pulumi.get(self, "duration")
+    @_builtins.property
+    @pulumi.getter(name="expirationDate")
+    def expiration_date(self) -> pulumi.Output[_builtins.str]:
+        """
+        The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
+        """
+        return pulumi.get(self, "expiration_date")
+    @_builtins.property
+    @pulumi.getter(name="groupId")
+    def group_id(self) -> pulumi.Output[_builtins.str]:
+        """
+        The Object ID of the Azure AD group to which the principal will be assigned.
+        """
+        return pulumi.get(self, "group_id")
+    @_builtins.property
+    @pulumi.getter
+    def justification(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The justification for this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "justification")
+    @_builtins.property
+    @pulumi.getter(name="permanentAssignment")
+    def permanent_assignment(self) -> pulumi.Output[_builtins.bool]:
+        """
+        Is this assigment permanently valid.
+        At least one of `expiration_date`, `duration`, or `permanent_assignment` must be supplied. The role policy may limit the maximum duration which can be supplied.
+        """
+        return pulumi.get(self, "permanent_assignment")
+    @_builtins.property
+    @pulumi.getter(name="principalId")
+    def principal_id(self) -> pulumi.Output[_builtins.str]:
+        """
+        The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
+        """
+        return pulumi.get(self, "principal_id")
+    @_builtins.property
+    @pulumi.getter(name="startDate")
+    def start_date(self) -> pulumi.Output[_builtins.str]:
+        """
+        The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
+        """
+        return pulumi.get(self, "start_date")
+    @_builtins.property
+    @pulumi.getter
+    def status(self) -> pulumi.Output[_builtins.str]:
+        """
+        (String) The provisioning status of this request.
+        """
+        return pulumi.get(self, "status")
+    @_builtins.property
+    @pulumi.getter(name="ticketNumber")
+    def ticket_number(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The ticket number in the ticket system approving this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "ticket_number")
+    @_builtins.property
+    @pulumi.getter(name="ticketSystem")
+    def ticket_system(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The ticket system containing the ticket number approving this assignment. May be required by the role policy.
+        """
+        return pulumi.get(self, "ticket_system")

pulumi-azuread 5.48.0a1706744699__py3-none-any.whl → 6.8.0a1766208344__py3-none-any.whl

Potentially problematic release.

pulumi-azuread 5.48.0a1706744699py3-none-any.whl → 6.8.0a1766208344py3-none-any.whl