pulumi-azuread 5.48.0a1706744699__py3-none-any.whl → 6.8.0a1766208344__py3-none-any.whl

pulumi_azuread/provider.py

@@ -1,12 +1,17 @@
 # coding=utf-8
-# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+# *** WARNING: this file was generated by pulumi-language-python. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
-import copy
+import builtins as _builtins
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
 
 __all__ = ['ProviderArgs', 'Provider']
@@ -14,56 +19,54 @@ __all__ = ['ProviderArgs', 'Provider']
 @pulumi.input_type
 class ProviderArgs:
     def __init__(__self__, *,
-                 metadata_host: pulumi.Input[str],
-                 client_certificate: Optional[pulumi.Input[str]] = None,
-                 client_certificate_password: Optional[pulumi.Input[str]] = None,
-                 client_certificate_path: Optional[pulumi.Input[str]] = None,
-                 client_id: Optional[pulumi.Input[str]] = None,
-                 client_id_file_path: Optional[pulumi.Input[str]] = None,
-                 client_secret: Optional[pulumi.Input[str]] = None,
-                 client_secret_file_path: Optional[pulumi.Input[str]] = None,
-                 disable_terraform_partner_id: Optional[pulumi.Input[bool]] = None,
-                 environment: Optional[pulumi.Input[str]] = None,
-                 msi_endpoint: Optional[pulumi.Input[str]] = None,
-                 oidc_request_token: Optional[pulumi.Input[str]] = None,
-                 oidc_request_url: Optional[pulumi.Input[str]] = None,
-                 oidc_token: Optional[pulumi.Input[str]] = None,
-                 oidc_token_file_path: Optional[pulumi.Input[str]] = None,
-                 partner_id: Optional[pulumi.Input[str]] = None,
-                 tenant_id: Optional[pulumi.Input[str]] = None,
-                 use_cli: Optional[pulumi.Input[bool]] = None,
-                 use_msi: Optional[pulumi.Input[bool]] = None,
-                 use_oidc: Optional[pulumi.Input[bool]] = None):
+                 ado_pipeline_service_connection_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate_password: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_id_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_secret: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_secret_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 disable_terraform_partner_id: Optional[pulumi.Input[_builtins.bool]] = None,
+                 environment: Optional[pulumi.Input[_builtins.str]] = None,
+                 metadata_host: Optional[pulumi.Input[_builtins.str]] = None,
+                 msi_endpoint: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_request_token: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_request_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_token: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_token_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 partner_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 tenant_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 use_aks_workload_identity: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_cli: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_msi: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_oidc: Optional[pulumi.Input[_builtins.bool]] = None):
         """
         The set of arguments for constructing a Provider resource.
-        :param pulumi.Input[str] metadata_host: The Hostname which should be used for the Azure Metadata Service.
-        :param pulumi.Input[str] client_certificate: Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
-        :param pulumi.Input[str] client_certificate_password: The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client
-               Certificate
-        :param pulumi.Input[str] client_certificate_path: The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service
-               Principal using a Client Certificate
-        :param pulumi.Input[str] client_id: The Client ID which should be used for service principal authentication
-        :param pulumi.Input[str] client_id_file_path: The path to a file containing the Client ID which should be used for service principal authentication
-        :param pulumi.Input[str] client_secret: The application password to use when authenticating as a Service Principal using a Client Secret
-        :param pulumi.Input[str] client_secret_file_path: The path to a file containing the application password to use when authenticating as a Service Principal using a Client
-               Secret
-        :param pulumi.Input[bool] disable_terraform_partner_id: Disable the Terraform Partner ID, which is used if a custom `partner_id` isn't specified
-        :param pulumi.Input[str] environment: The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also
-               `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`
-        :param pulumi.Input[str] msi_endpoint: The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically
-        :param pulumi.Input[str] oidc_request_token: The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID
-               Connect.
-        :param pulumi.Input[str] oidc_request_url: The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal
-               using OpenID Connect.
-        :param pulumi.Input[str] oidc_token: The ID token for use when authenticating as a Service Principal using OpenID Connect.
-        :param pulumi.Input[str] oidc_token_file_path: The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
-        :param pulumi.Input[str] partner_id: A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution
-        :param pulumi.Input[str] tenant_id: The Tenant ID which should be used. Works with all authentication methods except Managed Identity
-        :param pulumi.Input[bool] use_cli: Allow Azure CLI to be used for Authentication
-        :param pulumi.Input[bool] use_msi: Allow Managed Identity to be used for Authentication
-        :param pulumi.Input[bool] use_oidc: Allow OpenID Connect to be used for authentication
-        """
-        pulumi.set(__self__, "metadata_host", metadata_host)
+        :param pulumi.Input[_builtins.str] ado_pipeline_service_connection_id: The Azure DevOps Pipeline Service Connection ID.
+        :param pulumi.Input[_builtins.str] client_certificate: Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
+        :param pulumi.Input[_builtins.str] client_certificate_password: The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate
+        :param pulumi.Input[_builtins.str] client_certificate_path: The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate
+        :param pulumi.Input[_builtins.str] client_id: The Client ID which should be used for service principal authentication
+        :param pulumi.Input[_builtins.str] client_id_file_path: The path to a file containing the Client ID which should be used for service principal authentication
+        :param pulumi.Input[_builtins.str] client_secret: The application password to use when authenticating as a Service Principal using a Client Secret
+        :param pulumi.Input[_builtins.str] client_secret_file_path: The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret
+        :param pulumi.Input[_builtins.str] environment: The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`. Not used and should not be specified when `metadata_host` is specified.
+        :param pulumi.Input[_builtins.str] metadata_host: The Hostname which should be used for the Azure Metadata Service.
+        :param pulumi.Input[_builtins.str] msi_endpoint: The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically
+        :param pulumi.Input[_builtins.str] oidc_request_token: The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] oidc_request_url: The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] oidc_token: The ID token for use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] oidc_token_file_path: The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] partner_id: A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution
+        :param pulumi.Input[_builtins.str] tenant_id: The Tenant ID which should be used. Works with all authentication methods except Managed Identity
+        :param pulumi.Input[_builtins.bool] use_aks_workload_identity: Allow Azure AKS Workload Identity to be used for Authentication.
+        :param pulumi.Input[_builtins.bool] use_cli: Allow Azure CLI to be used for Authentication
+        :param pulumi.Input[_builtins.bool] use_msi: Allow Managed Identity to be used for Authentication
+        :param pulumi.Input[_builtins.bool] use_oidc: Allow OpenID Connect to be used for authentication
+        """
+        if ado_pipeline_service_connection_id is not None:
+            pulumi.set(__self__, "ado_pipeline_service_connection_id", ado_pipeline_service_connection_id)
         if client_certificate is not None:
             pulumi.set(__self__, "client_certificate", client_certificate)
         if client_certificate_password is not None:
@@ -84,6 +87,8 @@ class ProviderArgs:
             environment = (_utilities.get_env('ARM_ENVIRONMENT') or 'public')
         if environment is not None:
             pulumi.set(__self__, "environment", environment)
+        if metadata_host is not None:
+            pulumi.set(__self__, "metadata_host", metadata_host)
         if msi_endpoint is None:
             msi_endpoint = _utilities.get_env('ARM_MSI_ENDPOINT')
         if msi_endpoint is not None:
@@ -100,6 +105,8 @@ class ProviderArgs:
             pulumi.set(__self__, "partner_id", partner_id)
         if tenant_id is not None:
             pulumi.set(__self__, "tenant_id", tenant_id)
+        if use_aks_workload_identity is not None:
+            pulumi.set(__self__, "use_aks_workload_identity", use_aks_workload_identity)
         if use_cli is not None:
             pulumi.set(__self__, "use_cli", use_cli)
         if use_msi is None:
@@ -109,278 +116,296 @@ class ProviderArgs:
         if use_oidc is not None:
             pulumi.set(__self__, "use_oidc", use_oidc)
 
-    @property
-    @pulumi.getter(name="metadataHost")
-    def metadata_host(self) -> pulumi.Input[str]:
+    @_builtins.property
+    @pulumi.getter(name="adoPipelineServiceConnectionId")
+    def ado_pipeline_service_connection_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The Hostname which should be used for the Azure Metadata Service.
+        The Azure DevOps Pipeline Service Connection ID.
         """
-        return pulumi.get(self, "metadata_host")
+        return pulumi.get(self, "ado_pipeline_service_connection_id")
 
-    @metadata_host.setter
-    def metadata_host(self, value: pulumi.Input[str]):
-        pulumi.set(self, "metadata_host", value)
+    @ado_pipeline_service_connection_id.setter
+    def ado_pipeline_service_connection_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "ado_pipeline_service_connection_id", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientCertificate")
-    def client_certificate(self) -> Optional[pulumi.Input[str]]:
+    def client_certificate(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
         """
         return pulumi.get(self, "client_certificate")
 
     @client_certificate.setter
-    def client_certificate(self, value: Optional[pulumi.Input[str]]):
+    def client_certificate(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "client_certificate", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientCertificatePassword")
-    def client_certificate_password(self) -> Optional[pulumi.Input[str]]:
+    def client_certificate_password(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client
-        Certificate
+        The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate
         """
         return pulumi.get(self, "client_certificate_password")
 
     @client_certificate_password.setter
-    def client_certificate_password(self, value: Optional[pulumi.Input[str]]):
+    def client_certificate_password(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "client_certificate_password", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientCertificatePath")
-    def client_certificate_path(self) -> Optional[pulumi.Input[str]]:
+    def client_certificate_path(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service
-        Principal using a Client Certificate
+        The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate
         """
         return pulumi.get(self, "client_certificate_path")
 
     @client_certificate_path.setter
-    def client_certificate_path(self, value: Optional[pulumi.Input[str]]):
+    def client_certificate_path(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "client_certificate_path", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientId")
-    def client_id(self) -> Optional[pulumi.Input[str]]:
+    def client_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The Client ID which should be used for service principal authentication
         """
         return pulumi.get(self, "client_id")
 
     @client_id.setter
-    def client_id(self, value: Optional[pulumi.Input[str]]):
+    def client_id(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "client_id", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientIdFilePath")
-    def client_id_file_path(self) -> Optional[pulumi.Input[str]]:
+    def client_id_file_path(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The path to a file containing the Client ID which should be used for service principal authentication
         """
         return pulumi.get(self, "client_id_file_path")
 
     @client_id_file_path.setter
-    def client_id_file_path(self, value: Optional[pulumi.Input[str]]):
+    def client_id_file_path(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "client_id_file_path", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientSecret")
-    def client_secret(self) -> Optional[pulumi.Input[str]]:
+    def client_secret(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The application password to use when authenticating as a Service Principal using a Client Secret
         """
         return pulumi.get(self, "client_secret")
 
     @client_secret.setter
-    def client_secret(self, value: Optional[pulumi.Input[str]]):
+    def client_secret(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "client_secret", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientSecretFilePath")
-    def client_secret_file_path(self) -> Optional[pulumi.Input[str]]:
+    def client_secret_file_path(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The path to a file containing the application password to use when authenticating as a Service Principal using a Client
-        Secret
+        The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret
         """
         return pulumi.get(self, "client_secret_file_path")
 
     @client_secret_file_path.setter
-    def client_secret_file_path(self, value: Optional[pulumi.Input[str]]):
+    def client_secret_file_path(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "client_secret_file_path", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="disableTerraformPartnerId")
-    def disable_terraform_partner_id(self) -> Optional[pulumi.Input[bool]]:
-        """
-        Disable the Terraform Partner ID, which is used if a custom `partner_id` isn't specified
-        """
+    def disable_terraform_partner_id(self) -> Optional[pulumi.Input[_builtins.bool]]:
         return pulumi.get(self, "disable_terraform_partner_id")
 
     @disable_terraform_partner_id.setter
-    def disable_terraform_partner_id(self, value: Optional[pulumi.Input[bool]]):
+    def disable_terraform_partner_id(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "disable_terraform_partner_id", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def environment(self) -> Optional[pulumi.Input[str]]:
+    def environment(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also
-        `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`
+        The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`. Not used and should not be specified when `metadata_host` is specified.
         """
         return pulumi.get(self, "environment")
 
     @environment.setter
-    def environment(self, value: Optional[pulumi.Input[str]]):
+    def environment(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "environment", value)
 
-    @property
+    @_builtins.property
+    @pulumi.getter(name="metadataHost")
+    def metadata_host(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The Hostname which should be used for the Azure Metadata Service.
+        """
+        return pulumi.get(self, "metadata_host")
+
+    @metadata_host.setter
+    def metadata_host(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "metadata_host", value)
+
+    @_builtins.property
     @pulumi.getter(name="msiEndpoint")
-    def msi_endpoint(self) -> Optional[pulumi.Input[str]]:
+    def msi_endpoint(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically
         """
         return pulumi.get(self, "msi_endpoint")
 
     @msi_endpoint.setter
-    def msi_endpoint(self, value: Optional[pulumi.Input[str]]):
+    def msi_endpoint(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "msi_endpoint", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcRequestToken")
-    def oidc_request_token(self) -> Optional[pulumi.Input[str]]:
+    def oidc_request_token(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID
-        Connect.
+        The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_request_token")
 
     @oidc_request_token.setter
-    def oidc_request_token(self, value: Optional[pulumi.Input[str]]):
+    def oidc_request_token(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oidc_request_token", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcRequestUrl")
-    def oidc_request_url(self) -> Optional[pulumi.Input[str]]:
+    def oidc_request_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal
-        using OpenID Connect.
+        The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_request_url")
 
     @oidc_request_url.setter
-    def oidc_request_url(self, value: Optional[pulumi.Input[str]]):
+    def oidc_request_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oidc_request_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcToken")
-    def oidc_token(self) -> Optional[pulumi.Input[str]]:
+    def oidc_token(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The ID token for use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_token")
 
     @oidc_token.setter
-    def oidc_token(self, value: Optional[pulumi.Input[str]]):
+    def oidc_token(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oidc_token", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcTokenFilePath")
-    def oidc_token_file_path(self) -> Optional[pulumi.Input[str]]:
+    def oidc_token_file_path(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_token_file_path")
 
     @oidc_token_file_path.setter
-    def oidc_token_file_path(self, value: Optional[pulumi.Input[str]]):
+    def oidc_token_file_path(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oidc_token_file_path", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="partnerId")
-    def partner_id(self) -> Optional[pulumi.Input[str]]:
+    def partner_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution
         """
         return pulumi.get(self, "partner_id")
 
     @partner_id.setter
-    def partner_id(self, value: Optional[pulumi.Input[str]]):
+    def partner_id(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "partner_id", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="tenantId")
-    def tenant_id(self) -> Optional[pulumi.Input[str]]:
+    def tenant_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The Tenant ID which should be used. Works with all authentication methods except Managed Identity
         """
         return pulumi.get(self, "tenant_id")
 
     @tenant_id.setter
-    def tenant_id(self, value: Optional[pulumi.Input[str]]):
+    def tenant_id(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "tenant_id", value)
 
-    @property
+    @_builtins.property
+    @pulumi.getter(name="useAksWorkloadIdentity")
+    def use_aks_workload_identity(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Allow Azure AKS Workload Identity to be used for Authentication.
+        """
+        return pulumi.get(self, "use_aks_workload_identity")
+
+    @use_aks_workload_identity.setter
+    def use_aks_workload_identity(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "use_aks_workload_identity", value)
+
+    @_builtins.property
     @pulumi.getter(name="useCli")
-    def use_cli(self) -> Optional[pulumi.Input[bool]]:
+    def use_cli(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
         Allow Azure CLI to be used for Authentication
         """
         return pulumi.get(self, "use_cli")
 
     @use_cli.setter
-    def use_cli(self, value: Optional[pulumi.Input[bool]]):
+    def use_cli(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "use_cli", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="useMsi")
-    def use_msi(self) -> Optional[pulumi.Input[bool]]:
+    def use_msi(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
         Allow Managed Identity to be used for Authentication
         """
         return pulumi.get(self, "use_msi")
 
     @use_msi.setter
-    def use_msi(self, value: Optional[pulumi.Input[bool]]):
+    def use_msi(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "use_msi", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="useOidc")
-    def use_oidc(self) -> Optional[pulumi.Input[bool]]:
+    def use_oidc(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
         Allow OpenID Connect to be used for authentication
         """
         return pulumi.get(self, "use_oidc")
 
     @use_oidc.setter
-    def use_oidc(self, value: Optional[pulumi.Input[bool]]):
+    def use_oidc(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "use_oidc", value)
 
 
+@pulumi.type_token("pulumi:providers:azuread")
 class Provider(pulumi.ProviderResource):
     @overload
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 client_certificate: Optional[pulumi.Input[str]] = None,
-                 client_certificate_password: Optional[pulumi.Input[str]] = None,
-                 client_certificate_path: Optional[pulumi.Input[str]] = None,
-                 client_id: Optional[pulumi.Input[str]] = None,
-                 client_id_file_path: Optional[pulumi.Input[str]] = None,
-                 client_secret: Optional[pulumi.Input[str]] = None,
-                 client_secret_file_path: Optional[pulumi.Input[str]] = None,
-                 disable_terraform_partner_id: Optional[pulumi.Input[bool]] = None,
-                 environment: Optional[pulumi.Input[str]] = None,
-                 metadata_host: Optional[pulumi.Input[str]] = None,
-                 msi_endpoint: Optional[pulumi.Input[str]] = None,
-                 oidc_request_token: Optional[pulumi.Input[str]] = None,
-                 oidc_request_url: Optional[pulumi.Input[str]] = None,
-                 oidc_token: Optional[pulumi.Input[str]] = None,
-                 oidc_token_file_path: Optional[pulumi.Input[str]] = None,
-                 partner_id: Optional[pulumi.Input[str]] = None,
-                 tenant_id: Optional[pulumi.Input[str]] = None,
-                 use_cli: Optional[pulumi.Input[bool]] = None,
-                 use_msi: Optional[pulumi.Input[bool]] = None,
-                 use_oidc: Optional[pulumi.Input[bool]] = None,
+                 ado_pipeline_service_connection_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate_password: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_id_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_secret: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_secret_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 disable_terraform_partner_id: Optional[pulumi.Input[_builtins.bool]] = None,
+                 environment: Optional[pulumi.Input[_builtins.str]] = None,
+                 metadata_host: Optional[pulumi.Input[_builtins.str]] = None,
+                 msi_endpoint: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_request_token: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_request_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_token: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_token_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 partner_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 tenant_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 use_aks_workload_identity: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_cli: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_msi: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_oidc: Optional[pulumi.Input[_builtins.bool]] = None,
                  __props__=None):
         """
         The provider type for the azuread package. By default, resources use package-wide configuration
@@ -390,38 +415,33 @@ class Provider(pulumi.ProviderResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] client_certificate: Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
-        :param pulumi.Input[str] client_certificate_password: The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client
-               Certificate
-        :param pulumi.Input[str] client_certificate_path: The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service
-               Principal using a Client Certificate
-        :param pulumi.Input[str] client_id: The Client ID which should be used for service principal authentication
-        :param pulumi.Input[str] client_id_file_path: The path to a file containing the Client ID which should be used for service principal authentication
-        :param pulumi.Input[str] client_secret: The application password to use when authenticating as a Service Principal using a Client Secret
-        :param pulumi.Input[str] client_secret_file_path: The path to a file containing the application password to use when authenticating as a Service Principal using a Client
-               Secret
-        :param pulumi.Input[bool] disable_terraform_partner_id: Disable the Terraform Partner ID, which is used if a custom `partner_id` isn't specified
-        :param pulumi.Input[str] environment: The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also
-               `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`
-        :param pulumi.Input[str] metadata_host: The Hostname which should be used for the Azure Metadata Service.
-        :param pulumi.Input[str] msi_endpoint: The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically
-        :param pulumi.Input[str] oidc_request_token: The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID
-               Connect.
-        :param pulumi.Input[str] oidc_request_url: The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal
-               using OpenID Connect.
-        :param pulumi.Input[str] oidc_token: The ID token for use when authenticating as a Service Principal using OpenID Connect.
-        :param pulumi.Input[str] oidc_token_file_path: The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
-        :param pulumi.Input[str] partner_id: A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution
-        :param pulumi.Input[str] tenant_id: The Tenant ID which should be used. Works with all authentication methods except Managed Identity
-        :param pulumi.Input[bool] use_cli: Allow Azure CLI to be used for Authentication
-        :param pulumi.Input[bool] use_msi: Allow Managed Identity to be used for Authentication
-        :param pulumi.Input[bool] use_oidc: Allow OpenID Connect to be used for authentication
+        :param pulumi.Input[_builtins.str] ado_pipeline_service_connection_id: The Azure DevOps Pipeline Service Connection ID.
+        :param pulumi.Input[_builtins.str] client_certificate: Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
+        :param pulumi.Input[_builtins.str] client_certificate_password: The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate
+        :param pulumi.Input[_builtins.str] client_certificate_path: The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate
+        :param pulumi.Input[_builtins.str] client_id: The Client ID which should be used for service principal authentication
+        :param pulumi.Input[_builtins.str] client_id_file_path: The path to a file containing the Client ID which should be used for service principal authentication
+        :param pulumi.Input[_builtins.str] client_secret: The application password to use when authenticating as a Service Principal using a Client Secret
+        :param pulumi.Input[_builtins.str] client_secret_file_path: The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret
+        :param pulumi.Input[_builtins.str] environment: The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`. Not used and should not be specified when `metadata_host` is specified.
+        :param pulumi.Input[_builtins.str] metadata_host: The Hostname which should be used for the Azure Metadata Service.
+        :param pulumi.Input[_builtins.str] msi_endpoint: The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically
+        :param pulumi.Input[_builtins.str] oidc_request_token: The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] oidc_request_url: The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] oidc_token: The ID token for use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] oidc_token_file_path: The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
+        :param pulumi.Input[_builtins.str] partner_id: A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution
+        :param pulumi.Input[_builtins.str] tenant_id: The Tenant ID which should be used. Works with all authentication methods except Managed Identity
+        :param pulumi.Input[_builtins.bool] use_aks_workload_identity: Allow Azure AKS Workload Identity to be used for Authentication.
+        :param pulumi.Input[_builtins.bool] use_cli: Allow Azure CLI to be used for Authentication
+        :param pulumi.Input[_builtins.bool] use_msi: Allow Managed Identity to be used for Authentication
+        :param pulumi.Input[_builtins.bool] use_oidc: Allow OpenID Connect to be used for authentication
         """
         ...
     @overload
     def __init__(__self__,
                  resource_name: str,
-                 args: ProviderArgs,
+                 args: Optional[ProviderArgs] = None,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
         The provider type for the azuread package. By default, resources use package-wide configuration
@@ -444,26 +464,28 @@ class Provider(pulumi.ProviderResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 client_certificate: Optional[pulumi.Input[str]] = None,
-                 client_certificate_password: Optional[pulumi.Input[str]] = None,
-                 client_certificate_path: Optional[pulumi.Input[str]] = None,
-                 client_id: Optional[pulumi.Input[str]] = None,
-                 client_id_file_path: Optional[pulumi.Input[str]] = None,
-                 client_secret: Optional[pulumi.Input[str]] = None,
-                 client_secret_file_path: Optional[pulumi.Input[str]] = None,
-                 disable_terraform_partner_id: Optional[pulumi.Input[bool]] = None,
-                 environment: Optional[pulumi.Input[str]] = None,
-                 metadata_host: Optional[pulumi.Input[str]] = None,
-                 msi_endpoint: Optional[pulumi.Input[str]] = None,
-                 oidc_request_token: Optional[pulumi.Input[str]] = None,
-                 oidc_request_url: Optional[pulumi.Input[str]] = None,
-                 oidc_token: Optional[pulumi.Input[str]] = None,
-                 oidc_token_file_path: Optional[pulumi.Input[str]] = None,
-                 partner_id: Optional[pulumi.Input[str]] = None,
-                 tenant_id: Optional[pulumi.Input[str]] = None,
-                 use_cli: Optional[pulumi.Input[bool]] = None,
-                 use_msi: Optional[pulumi.Input[bool]] = None,
-                 use_oidc: Optional[pulumi.Input[bool]] = None,
+                 ado_pipeline_service_connection_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate_password: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_certificate_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_id_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_secret: Optional[pulumi.Input[_builtins.str]] = None,
+                 client_secret_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 disable_terraform_partner_id: Optional[pulumi.Input[_builtins.bool]] = None,
+                 environment: Optional[pulumi.Input[_builtins.str]] = None,
+                 metadata_host: Optional[pulumi.Input[_builtins.str]] = None,
+                 msi_endpoint: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_request_token: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_request_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_token: Optional[pulumi.Input[_builtins.str]] = None,
+                 oidc_token_file_path: Optional[pulumi.Input[_builtins.str]] = None,
+                 partner_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 tenant_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 use_aks_workload_identity: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_cli: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_msi: Optional[pulumi.Input[_builtins.bool]] = None,
+                 use_oidc: Optional[pulumi.Input[_builtins.bool]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -473,19 +495,18 @@ class Provider(pulumi.ProviderResource):
                 raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
             __props__ = ProviderArgs.__new__(ProviderArgs)
 
+            __props__.__dict__["ado_pipeline_service_connection_id"] = ado_pipeline_service_connection_id
             __props__.__dict__["client_certificate"] = client_certificate
-            __props__.__dict__["client_certificate_password"] = client_certificate_password
+            __props__.__dict__["client_certificate_password"] = None if client_certificate_password is None else pulumi.Output.secret(client_certificate_password)
             __props__.__dict__["client_certificate_path"] = client_certificate_path
-            __props__.__dict__["client_id"] = client_id
+            __props__.__dict__["client_id"] = None if client_id is None else pulumi.Output.secret(client_id)
             __props__.__dict__["client_id_file_path"] = client_id_file_path
-            __props__.__dict__["client_secret"] = client_secret
+            __props__.__dict__["client_secret"] = None if client_secret is None else pulumi.Output.secret(client_secret)
             __props__.__dict__["client_secret_file_path"] = client_secret_file_path
             __props__.__dict__["disable_terraform_partner_id"] = pulumi.Output.from_input(disable_terraform_partner_id).apply(pulumi.runtime.to_json) if disable_terraform_partner_id is not None else None
             if environment is None:
                 environment = (_utilities.get_env('ARM_ENVIRONMENT') or 'public')
             __props__.__dict__["environment"] = environment
-            if metadata_host is None and not opts.urn:
-                raise TypeError("Missing required property 'metadata_host'")
             __props__.__dict__["metadata_host"] = metadata_host
             if msi_endpoint is None:
                 msi_endpoint = _utilities.get_env('ARM_MSI_ENDPOINT')
@@ -496,148 +517,173 @@ class Provider(pulumi.ProviderResource):
             __props__.__dict__["oidc_token_file_path"] = oidc_token_file_path
             __props__.__dict__["partner_id"] = partner_id
             __props__.__dict__["tenant_id"] = tenant_id
+            __props__.__dict__["use_aks_workload_identity"] = pulumi.Output.from_input(use_aks_workload_identity).apply(pulumi.runtime.to_json) if use_aks_workload_identity is not None else None
             __props__.__dict__["use_cli"] = pulumi.Output.from_input(use_cli).apply(pulumi.runtime.to_json) if use_cli is not None else None
             if use_msi is None:
                 use_msi = (_utilities.get_env_bool('ARM_USE_MSI') or False)
             __props__.__dict__["use_msi"] = pulumi.Output.from_input(use_msi).apply(pulumi.runtime.to_json) if use_msi is not None else None
             __props__.__dict__["use_oidc"] = pulumi.Output.from_input(use_oidc).apply(pulumi.runtime.to_json) if use_oidc is not None else None
+        secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["clientCertificatePassword", "clientId", "clientSecret"])
+        opts = pulumi.ResourceOptions.merge(opts, secret_opts)
         super(Provider, __self__).__init__(
             'azuread',
             resource_name,
             __props__,
             opts)
 
-    @property
+    @_builtins.property
+    @pulumi.getter(name="adoPipelineServiceConnectionId")
+    def ado_pipeline_service_connection_id(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The Azure DevOps Pipeline Service Connection ID.
+        """
+        return pulumi.get(self, "ado_pipeline_service_connection_id")
+
+    @_builtins.property
     @pulumi.getter(name="clientCertificate")
-    def client_certificate(self) -> pulumi.Output[Optional[str]]:
+    def client_certificate(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate
         """
         return pulumi.get(self, "client_certificate")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientCertificatePassword")
-    def client_certificate_password(self) -> pulumi.Output[Optional[str]]:
+    def client_certificate_password(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client
-        Certificate
+        The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate
         """
         return pulumi.get(self, "client_certificate_password")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientCertificatePath")
-    def client_certificate_path(self) -> pulumi.Output[Optional[str]]:
+    def client_certificate_path(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service
-        Principal using a Client Certificate
+        The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate
         """
         return pulumi.get(self, "client_certificate_path")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientId")
-    def client_id(self) -> pulumi.Output[Optional[str]]:
+    def client_id(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The Client ID which should be used for service principal authentication
         """
         return pulumi.get(self, "client_id")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientIdFilePath")
-    def client_id_file_path(self) -> pulumi.Output[Optional[str]]:
+    def client_id_file_path(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The path to a file containing the Client ID which should be used for service principal authentication
         """
         return pulumi.get(self, "client_id_file_path")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientSecret")
-    def client_secret(self) -> pulumi.Output[Optional[str]]:
+    def client_secret(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The application password to use when authenticating as a Service Principal using a Client Secret
         """
         return pulumi.get(self, "client_secret")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="clientSecretFilePath")
-    def client_secret_file_path(self) -> pulumi.Output[Optional[str]]:
+    def client_secret_file_path(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The path to a file containing the application password to use when authenticating as a Service Principal using a Client
-        Secret
+        The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret
         """
         return pulumi.get(self, "client_secret_file_path")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def environment(self) -> pulumi.Output[Optional[str]]:
+    def environment(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also
-        `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`
+        The cloud environment which should be used. Possible values are: `global` (also `public`), `usgovernmentl4` (also `usgovernment`), `usgovernmentl5` (also `dod`), and `china`. Defaults to `global`. Not used and should not be specified when `metadata_host` is specified.
         """
         return pulumi.get(self, "environment")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="metadataHost")
-    def metadata_host(self) -> pulumi.Output[str]:
+    def metadata_host(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The Hostname which should be used for the Azure Metadata Service.
         """
         return pulumi.get(self, "metadata_host")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="msiEndpoint")
-    def msi_endpoint(self) -> pulumi.Output[Optional[str]]:
+    def msi_endpoint(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically
         """
         return pulumi.get(self, "msi_endpoint")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcRequestToken")
-    def oidc_request_token(self) -> pulumi.Output[Optional[str]]:
+    def oidc_request_token(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID
-        Connect.
+        The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_request_token")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcRequestUrl")
-    def oidc_request_url(self) -> pulumi.Output[Optional[str]]:
+    def oidc_request_url(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal
-        using OpenID Connect.
+        The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_request_url")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcToken")
-    def oidc_token(self) -> pulumi.Output[Optional[str]]:
+    def oidc_token(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The ID token for use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_token")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oidcTokenFilePath")
-    def oidc_token_file_path(self) -> pulumi.Output[Optional[str]]:
+    def oidc_token_file_path(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
         """
         return pulumi.get(self, "oidc_token_file_path")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="partnerId")
-    def partner_id(self) -> pulumi.Output[Optional[str]]:
+    def partner_id(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution
         """
         return pulumi.get(self, "partner_id")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="tenantId")
-    def tenant_id(self) -> pulumi.Output[Optional[str]]:
+    def tenant_id(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The Tenant ID which should be used. Works with all authentication methods except Managed Identity
         """
         return pulumi.get(self, "tenant_id")
 
+    @pulumi.output_type
+    class TerraformConfigResult:
+        def __init__(__self__, result=None):
+            if result and not isinstance(result, dict):
+                raise TypeError("Expected argument 'result' to be a dict")
+            pulumi.set(__self__, "result", result)
+
+        @_builtins.property
+        @pulumi.getter
+        def result(self) -> Mapping[str, Any]:
+            return pulumi.get(self, "result")
+
+    def terraform_config(__self__) -> pulumi.Output['Provider.TerraformConfigResult']:
+        """
+        This function returns a Terraform config object with terraform-namecased keys,to be used with the Terraform Module Provider.
+        """
+        __args__ = dict()
+        __args__['__self__'] = __self__
+        return pulumi.runtime.call('pulumi:providers:azuread/terraformConfig', __args__, res=__self__, typ=Provider.TerraformConfigResult)
+