com.pulumi.azure.domainservices.kotlin.ServiceArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.domainservices.kotlin
import com.pulumi.azure.domainservices.ServiceArgs.builder
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceInitialReplicaSetArgs
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceInitialReplicaSetArgsBuilder
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceNotificationsArgs
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceNotificationsArgsBuilder
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceSecureLdapArgs
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceSecureLdapArgsBuilder
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceSecurityArgs
import com.pulumi.azure.domainservices.kotlin.inputs.ServiceSecurityArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* import * as azuread from "@pulumi/azuread";
* const deploy = new azure.core.ResourceGroup("deploy", {
* name: "example-resources",
* location: "West Europe",
* });
* const deployVirtualNetwork = new azure.network.VirtualNetwork("deploy", {
* name: "deploy-vnet",
* location: deploy.location,
* resourceGroupName: deploy.name,
* addressSpaces: ["10.0.1.0/16"],
* });
* const deploySubnet = new azure.network.Subnet("deploy", {
* name: "deploy-subnet",
* resourceGroupName: deploy.name,
* virtualNetworkName: deployVirtualNetwork.name,
* addressPrefixes: ["10.0.1.0/24"],
* });
* const deployNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("deploy", {
* name: "deploy-nsg",
* location: deploy.location,
* resourceGroupName: deploy.name,
* securityRules: [
* {
* name: "AllowSyncWithAzureAD",
* priority: 101,
* direction: "Inbound",
* access: "Allow",
* protocol: "Tcp",
* sourcePortRange: "*",
* destinationPortRange: "443",
* sourceAddressPrefix: "AzureActiveDirectoryDomainServices",
* destinationAddressPrefix: "*",
* },
* {
* name: "AllowRD",
* priority: 201,
* direction: "Inbound",
* access: "Allow",
* protocol: "Tcp",
* sourcePortRange: "*",
* destinationPortRange: "3389",
* sourceAddressPrefix: "CorpNetSaw",
* destinationAddressPrefix: "*",
* },
* {
* name: "AllowPSRemoting",
* priority: 301,
* direction: "Inbound",
* access: "Allow",
* protocol: "Tcp",
* sourcePortRange: "*",
* destinationPortRange: "5986",
* sourceAddressPrefix: "AzureActiveDirectoryDomainServices",
* destinationAddressPrefix: "*",
* },
* {
* name: "AllowLDAPS",
* priority: 401,
* direction: "Inbound",
* access: "Allow",
* protocol: "Tcp",
* sourcePortRange: "*",
* destinationPortRange: "636",
* sourceAddressPrefix: "*",
* destinationAddressPrefix: "*",
* },
* ],
* });
* const deploySubnetNetworkSecurityGroupAssociation = new azure.network.SubnetNetworkSecurityGroupAssociation("deploy", {
* subnetId: deploySubnet.id,
* networkSecurityGroupId: deployNetworkSecurityGroup.id,
* });
* const dcAdmins = new azuread.Group("dc_admins", {
* displayName: "AAD DC Administrators",
* securityEnabled: true,
* });
* const admin = new azuread.User("admin", {
* userPrincipalName: "[email protected]",
* displayName: "DC Administrator",
* password: "Pa55w0Rd!!1",
* });
* const adminGroupMember = new azuread.GroupMember("admin", {
* groupObjectId: dcAdmins.objectId,
* memberObjectId: admin.objectId,
* });
* const example = new azuread.ServicePrincipal("example", {applicationId: "2565bd9d-da50-47d4-8b85-4c97f669dc36"});
* const aadds = new azure.core.ResourceGroup("aadds", {
* name: "aadds-rg",
* location: "westeurope",
* });
* const exampleService = new azure.domainservices.Service("example", {
* name: "example-aadds",
* location: aadds.location,
* resourceGroupName: aadds.name,
* domainName: "widgetslogin.net",
* sku: "Enterprise",
* filteredSyncEnabled: false,
* initialReplicaSet: {
* subnetId: deploySubnet.id,
* },
* notifications: {
* additionalRecipients: [
* "[email protected]",
* "[email protected]",
* ],
* notifyDcAdmins: true,
* notifyGlobalAdmins: true,
* },
* security: {
* syncKerberosPasswords: true,
* syncNtlmPasswords: true,
* syncOnPremPasswords: true,
* },
* tags: {
* Environment: "prod",
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* import pulumi_azuread as azuread
* deploy = azure.core.ResourceGroup("deploy",
* name="example-resources",
* location="West Europe")
* deploy_virtual_network = azure.network.VirtualNetwork("deploy",
* name="deploy-vnet",
* location=deploy.location,
* resource_group_name=deploy.name,
* address_spaces=["10.0.1.0/16"])
* deploy_subnet = azure.network.Subnet("deploy",
* name="deploy-subnet",
* resource_group_name=deploy.name,
* virtual_network_name=deploy_virtual_network.name,
* address_prefixes=["10.0.1.0/24"])
* deploy_network_security_group = azure.network.NetworkSecurityGroup("deploy",
* name="deploy-nsg",
* location=deploy.location,
* resource_group_name=deploy.name,
* security_rules=[
* azure.network.NetworkSecurityGroupSecurityRuleArgs(
* name="AllowSyncWithAzureAD",
* priority=101,
* direction="Inbound",
* access="Allow",
* protocol="Tcp",
* source_port_range="*",
* destination_port_range="443",
* source_address_prefix="AzureActiveDirectoryDomainServices",
* destination_address_prefix="*",
* ),
* azure.network.NetworkSecurityGroupSecurityRuleArgs(
* name="AllowRD",
* priority=201,
* direction="Inbound",
* access="Allow",
* protocol="Tcp",
* source_port_range="*",
* destination_port_range="3389",
* source_address_prefix="CorpNetSaw",
* destination_address_prefix="*",
* ),
* azure.network.NetworkSecurityGroupSecurityRuleArgs(
* name="AllowPSRemoting",
* priority=301,
* direction="Inbound",
* access="Allow",
* protocol="Tcp",
* source_port_range="*",
* destination_port_range="5986",
* source_address_prefix="AzureActiveDirectoryDomainServices",
* destination_address_prefix="*",
* ),
* azure.network.NetworkSecurityGroupSecurityRuleArgs(
* name="AllowLDAPS",
* priority=401,
* direction="Inbound",
* access="Allow",
* protocol="Tcp",
* source_port_range="*",
* destination_port_range="636",
* source_address_prefix="*",
* destination_address_prefix="*",
* ),
* ])
* deploy_subnet_network_security_group_association = azure.network.SubnetNetworkSecurityGroupAssociation("deploy",
* subnet_id=deploy_subnet.id,
* network_security_group_id=deploy_network_security_group.id)
* dc_admins = azuread.Group("dc_admins",
* display_name="AAD DC Administrators",
* security_enabled=True)
* admin = azuread.User("admin",
* user_principal_name="[email protected]",
* display_name="DC Administrator",
* password="Pa55w0Rd!!1")
* admin_group_member = azuread.GroupMember("admin",
* group_object_id=dc_admins.object_id,
* member_object_id=admin.object_id)
* example = azuread.ServicePrincipal("example", application_id="2565bd9d-da50-47d4-8b85-4c97f669dc36")
* aadds = azure.core.ResourceGroup("aadds",
* name="aadds-rg",
* location="westeurope")
* example_service = azure.domainservices.Service("example",
* name="example-aadds",
* location=aadds.location,
* resource_group_name=aadds.name,
* domain_name="widgetslogin.net",
* sku="Enterprise",
* filtered_sync_enabled=False,
* initial_replica_set=azure.domainservices.ServiceInitialReplicaSetArgs(
* subnet_id=deploy_subnet.id,
* ),
* notifications=azure.domainservices.ServiceNotificationsArgs(
* additional_recipients=[
* "[email protected]",
* "[email protected]",
* ],
* notify_dc_admins=True,
* notify_global_admins=True,
* ),
* security=azure.domainservices.ServiceSecurityArgs(
* sync_kerberos_passwords=True,
* sync_ntlm_passwords=True,
* sync_on_prem_passwords=True,
* ),
* tags={
* "Environment": "prod",
* })
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* using AzureAD = Pulumi.AzureAD;
* return await Deployment.RunAsync(() =>
* {
* var deploy = new Azure.Core.ResourceGroup("deploy", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var deployVirtualNetwork = new Azure.Network.VirtualNetwork("deploy", new()
* {
* Name = "deploy-vnet",
* Location = deploy.Location,
* ResourceGroupName = deploy.Name,
* AddressSpaces = new[]
* {
* "10.0.1.0/16",
* },
* });
* var deploySubnet = new Azure.Network.Subnet("deploy", new()
* {
* Name = "deploy-subnet",
* ResourceGroupName = deploy.Name,
* VirtualNetworkName = deployVirtualNetwork.Name,
* AddressPrefixes = new[]
* {
* "10.0.1.0/24",
* },
* });
* var deployNetworkSecurityGroup = new Azure.Network.NetworkSecurityGroup("deploy", new()
* {
* Name = "deploy-nsg",
* Location = deploy.Location,
* ResourceGroupName = deploy.Name,
* SecurityRules = new[]
* {
* new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
* {
* Name = "AllowSyncWithAzureAD",
* Priority = 101,
* Direction = "Inbound",
* Access = "Allow",
* Protocol = "Tcp",
* SourcePortRange = "*",
* DestinationPortRange = "443",
* SourceAddressPrefix = "AzureActiveDirectoryDomainServices",
* DestinationAddressPrefix = "*",
* },
* new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
* {
* Name = "AllowRD",
* Priority = 201,
* Direction = "Inbound",
* Access = "Allow",
* Protocol = "Tcp",
* SourcePortRange = "*",
* DestinationPortRange = "3389",
* SourceAddressPrefix = "CorpNetSaw",
* DestinationAddressPrefix = "*",
* },
* new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
* {
* Name = "AllowPSRemoting",
* Priority = 301,
* Direction = "Inbound",
* Access = "Allow",
* Protocol = "Tcp",
* SourcePortRange = "*",
* DestinationPortRange = "5986",
* SourceAddressPrefix = "AzureActiveDirectoryDomainServices",
* DestinationAddressPrefix = "*",
* },
* new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
* {
* Name = "AllowLDAPS",
* Priority = 401,
* Direction = "Inbound",
* Access = "Allow",
* Protocol = "Tcp",
* SourcePortRange = "*",
* DestinationPortRange = "636",
* SourceAddressPrefix = "*",
* DestinationAddressPrefix = "*",
* },
* },
* });
* var deploySubnetNetworkSecurityGroupAssociation = new Azure.Network.SubnetNetworkSecurityGroupAssociation("deploy", new()
* {
* SubnetId = deploySubnet.Id,
* NetworkSecurityGroupId = deployNetworkSecurityGroup.Id,
* });
* var dcAdmins = new AzureAD.Group("dc_admins", new()
* {
* DisplayName = "AAD DC Administrators",
* SecurityEnabled = true,
* });
* var admin = new AzureAD.User("admin", new()
* {
* UserPrincipalName = "[email protected]",
* DisplayName = "DC Administrator",
* Password = "Pa55w0Rd!!1",
* });
* var adminGroupMember = new AzureAD.GroupMember("admin", new()
* {
* GroupObjectId = dcAdmins.ObjectId,
* MemberObjectId = admin.ObjectId,
* });
* var example = new AzureAD.ServicePrincipal("example", new()
* {
* ApplicationId = "2565bd9d-da50-47d4-8b85-4c97f669dc36",
* });
* var aadds = new Azure.Core.ResourceGroup("aadds", new()
* {
* Name = "aadds-rg",
* Location = "westeurope",
* });
* var exampleService = new Azure.DomainServices.Service("example", new()
* {
* Name = "example-aadds",
* Location = aadds.Location,
* ResourceGroupName = aadds.Name,
* DomainName = "widgetslogin.net",
* Sku = "Enterprise",
* FilteredSyncEnabled = false,
* InitialReplicaSet = new Azure.DomainServices.Inputs.ServiceInitialReplicaSetArgs
* {
* SubnetId = deploySubnet.Id,
* },
* Notifications = new Azure.DomainServices.Inputs.ServiceNotificationsArgs
* {
* AdditionalRecipients = new[]
* {
* "[email protected]",
* "[email protected]",
* },
* NotifyDcAdmins = true,
* NotifyGlobalAdmins = true,
* },
* Security = new Azure.DomainServices.Inputs.ServiceSecurityArgs
* {
* SyncKerberosPasswords = true,
* SyncNtlmPasswords = true,
* SyncOnPremPasswords = true,
* },
* Tags =
* {
* { "Environment", "prod" },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/domainservices"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
* "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* deploy, err := core.NewResourceGroup(ctx, "deploy", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* deployVirtualNetwork, err := network.NewVirtualNetwork(ctx, "deploy", &network.VirtualNetworkArgs{
* Name: pulumi.String("deploy-vnet"),
* Location: deploy.Location,
* ResourceGroupName: deploy.Name,
* AddressSpaces: pulumi.StringArray{
* pulumi.String("10.0.1.0/16"),
* },
* })
* if err != nil {
* return err
* }
* deploySubnet, err := network.NewSubnet(ctx, "deploy", &network.SubnetArgs{
* Name: pulumi.String("deploy-subnet"),
* ResourceGroupName: deploy.Name,
* VirtualNetworkName: deployVirtualNetwork.Name,
* AddressPrefixes: pulumi.StringArray{
* pulumi.String("10.0.1.0/24"),
* },
* })
* if err != nil {
* return err
* }
* deployNetworkSecurityGroup, err := network.NewNetworkSecurityGroup(ctx, "deploy", &network.NetworkSecurityGroupArgs{
* Name: pulumi.String("deploy-nsg"),
* Location: deploy.Location,
* ResourceGroupName: deploy.Name,
* SecurityRules: network.NetworkSecurityGroupSecurityRuleArray{
* &network.NetworkSecurityGroupSecurityRuleArgs{
* Name: pulumi.String("AllowSyncWithAzureAD"),
* Priority: pulumi.Int(101),
* Direction: pulumi.String("Inbound"),
* Access: pulumi.String("Allow"),
* Protocol: pulumi.String("Tcp"),
* SourcePortRange: pulumi.String("*"),
* DestinationPortRange: pulumi.String("443"),
* SourceAddressPrefix: pulumi.String("AzureActiveDirectoryDomainServices"),
* DestinationAddressPrefix: pulumi.String("*"),
* },
* &network.NetworkSecurityGroupSecurityRuleArgs{
* Name: pulumi.String("AllowRD"),
* Priority: pulumi.Int(201),
* Direction: pulumi.String("Inbound"),
* Access: pulumi.String("Allow"),
* Protocol: pulumi.String("Tcp"),
* SourcePortRange: pulumi.String("*"),
* DestinationPortRange: pulumi.String("3389"),
* SourceAddressPrefix: pulumi.String("CorpNetSaw"),
* DestinationAddressPrefix: pulumi.String("*"),
* },
* &network.NetworkSecurityGroupSecurityRuleArgs{
* Name: pulumi.String("AllowPSRemoting"),
* Priority: pulumi.Int(301),
* Direction: pulumi.String("Inbound"),
* Access: pulumi.String("Allow"),
* Protocol: pulumi.String("Tcp"),
* SourcePortRange: pulumi.String("*"),
* DestinationPortRange: pulumi.String("5986"),
* SourceAddressPrefix: pulumi.String("AzureActiveDirectoryDomainServices"),
* DestinationAddressPrefix: pulumi.String("*"),
* },
* &network.NetworkSecurityGroupSecurityRuleArgs{
* Name: pulumi.String("AllowLDAPS"),
* Priority: pulumi.Int(401),
* Direction: pulumi.String("Inbound"),
* Access: pulumi.String("Allow"),
* Protocol: pulumi.String("Tcp"),
* SourcePortRange: pulumi.String("*"),
* DestinationPortRange: pulumi.String("636"),
* SourceAddressPrefix: pulumi.String("*"),
* DestinationAddressPrefix: pulumi.String("*"),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = network.NewSubnetNetworkSecurityGroupAssociation(ctx, "deploy", &network.SubnetNetworkSecurityGroupAssociationArgs{
* SubnetId: deploySubnet.ID(),
* NetworkSecurityGroupId: deployNetworkSecurityGroup.ID(),
* })
* if err != nil {
* return err
* }
* dcAdmins, err := azuread.NewGroup(ctx, "dc_admins", &azuread.GroupArgs{
* DisplayName: pulumi.String("AAD DC Administrators"),
* SecurityEnabled: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* admin, err := azuread.NewUser(ctx, "admin", &azuread.UserArgs{
* UserPrincipalName: pulumi.String("[email protected]"),
* DisplayName: pulumi.String("DC Administrator"),
* Password: pulumi.String("Pa55w0Rd!!1"),
* })
* if err != nil {
* return err
* }
* _, err = azuread.NewGroupMember(ctx, "admin", &azuread.GroupMemberArgs{
* GroupObjectId: dcAdmins.ObjectId,
* MemberObjectId: admin.ObjectId,
* })
* if err != nil {
* return err
* }
* _, err = azuread.NewServicePrincipal(ctx, "example", &azuread.ServicePrincipalArgs{
* ApplicationId: pulumi.String("2565bd9d-da50-47d4-8b85-4c97f669dc36"),
* })
* if err != nil {
* return err
* }
* aadds, err := core.NewResourceGroup(ctx, "aadds", &core.ResourceGroupArgs{
* Name: pulumi.String("aadds-rg"),
* Location: pulumi.String("westeurope"),
* })
* if err != nil {
* return err
* }
* _, err = domainservices.NewService(ctx, "example", &domainservices.ServiceArgs{
* Name: pulumi.String("example-aadds"),
* Location: aadds.Location,
* ResourceGroupName: aadds.Name,
* DomainName: pulumi.String("widgetslogin.net"),
* Sku: pulumi.String("Enterprise"),
* FilteredSyncEnabled: pulumi.Bool(false),
* InitialReplicaSet: &domainservices.ServiceInitialReplicaSetArgs{
* SubnetId: deploySubnet.ID(),
* },
* Notifications: &domainservices.ServiceNotificationsArgs{
* AdditionalRecipients: pulumi.StringArray{
* pulumi.String("[email protected]"),
* pulumi.String("[email protected]"),
* },
* NotifyDcAdmins: pulumi.Bool(true),
* NotifyGlobalAdmins: pulumi.Bool(true),
* },
* Security: &domainservices.ServiceSecurityArgs{
* SyncKerberosPasswords: pulumi.Bool(true),
* SyncNtlmPasswords: pulumi.Bool(true),
* SyncOnPremPasswords: pulumi.Bool(true),
* },
* Tags: pulumi.StringMap{
* "Environment": pulumi.String("prod"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.network.VirtualNetwork;
* import com.pulumi.azure.network.VirtualNetworkArgs;
* import com.pulumi.azure.network.Subnet;
* import com.pulumi.azure.network.SubnetArgs;
* import com.pulumi.azure.network.NetworkSecurityGroup;
* import com.pulumi.azure.network.NetworkSecurityGroupArgs;
* import com.pulumi.azure.network.inputs.NetworkSecurityGroupSecurityRuleArgs;
* import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociation;
* import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociationArgs;
* import com.pulumi.azuread.Group;
* import com.pulumi.azuread.GroupArgs;
* import com.pulumi.azuread.User;
* import com.pulumi.azuread.UserArgs;
* import com.pulumi.azuread.GroupMember;
* import com.pulumi.azuread.GroupMemberArgs;
* import com.pulumi.azuread.ServicePrincipal;
* import com.pulumi.azuread.ServicePrincipalArgs;
* import com.pulumi.azure.domainservices.Service;
* import com.pulumi.azure.domainservices.ServiceArgs;
* import com.pulumi.azure.domainservices.inputs.ServiceInitialReplicaSetArgs;
* import com.pulumi.azure.domainservices.inputs.ServiceNotificationsArgs;
* import com.pulumi.azure.domainservices.inputs.ServiceSecurityArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var deploy = new ResourceGroup("deploy", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var deployVirtualNetwork = new VirtualNetwork("deployVirtualNetwork", VirtualNetworkArgs.builder()
* .name("deploy-vnet")
* .location(deploy.location())
* .resourceGroupName(deploy.name())
* .addressSpaces("10.0.1.0/16")
* .build());
* var deploySubnet = new Subnet("deploySubnet", SubnetArgs.builder()
* .name("deploy-subnet")
* .resourceGroupName(deploy.name())
* .virtualNetworkName(deployVirtualNetwork.name())
* .addressPrefixes("10.0.1.0/24")
* .build());
* var deployNetworkSecurityGroup = new NetworkSecurityGroup("deployNetworkSecurityGroup", NetworkSecurityGroupArgs.builder()
* .name("deploy-nsg")
* .location(deploy.location())
* .resourceGroupName(deploy.name())
* .securityRules(
* NetworkSecurityGroupSecurityRuleArgs.builder()
* .name("AllowSyncWithAzureAD")
* .priority(101)
* .direction("Inbound")
* .access("Allow")
* .protocol("Tcp")
* .sourcePortRange("*")
* .destinationPortRange("443")
* .sourceAddressPrefix("AzureActiveDirectoryDomainServices")
* .destinationAddressPrefix("*")
* .build(),
* NetworkSecurityGroupSecurityRuleArgs.builder()
* .name("AllowRD")
* .priority(201)
* .direction("Inbound")
* .access("Allow")
* .protocol("Tcp")
* .sourcePortRange("*")
* .destinationPortRange("3389")
* .sourceAddressPrefix("CorpNetSaw")
* .destinationAddressPrefix("*")
* .build(),
* NetworkSecurityGroupSecurityRuleArgs.builder()
* .name("AllowPSRemoting")
* .priority(301)
* .direction("Inbound")
* .access("Allow")
* .protocol("Tcp")
* .sourcePortRange("*")
* .destinationPortRange("5986")
* .sourceAddressPrefix("AzureActiveDirectoryDomainServices")
* .destinationAddressPrefix("*")
* .build(),
* NetworkSecurityGroupSecurityRuleArgs.builder()
* .name("AllowLDAPS")
* .priority(401)
* .direction("Inbound")
* .access("Allow")
* .protocol("Tcp")
* .sourcePortRange("*")
* .destinationPortRange("636")
* .sourceAddressPrefix("*")
* .destinationAddressPrefix("*")
* .build())
* .build());
* var deploySubnetNetworkSecurityGroupAssociation = new SubnetNetworkSecurityGroupAssociation("deploySubnetNetworkSecurityGroupAssociation", SubnetNetworkSecurityGroupAssociationArgs.builder()
* .subnetId(deploySubnet.id())
* .networkSecurityGroupId(deployNetworkSecurityGroup.id())
* .build());
* var dcAdmins = new Group("dcAdmins", GroupArgs.builder()
* .displayName("AAD DC Administrators")
* .securityEnabled(true)
* .build());
* var admin = new User("admin", UserArgs.builder()
* .userPrincipalName("[email protected]")
* .displayName("DC Administrator")
* .password("Pa55w0Rd!!1")
* .build());
* var adminGroupMember = new GroupMember("adminGroupMember", GroupMemberArgs.builder()
* .groupObjectId(dcAdmins.objectId())
* .memberObjectId(admin.objectId())
* .build());
* var example = new ServicePrincipal("example", ServicePrincipalArgs.builder()
* .applicationId("2565bd9d-da50-47d4-8b85-4c97f669dc36")
* .build());
* var aadds = new ResourceGroup("aadds", ResourceGroupArgs.builder()
* .name("aadds-rg")
* .location("westeurope")
* .build());
* var exampleService = new Service("exampleService", ServiceArgs.builder()
* .name("example-aadds")
* .location(aadds.location())
* .resourceGroupName(aadds.name())
* .domainName("widgetslogin.net")
* .sku("Enterprise")
* .filteredSyncEnabled(false)
* .initialReplicaSet(ServiceInitialReplicaSetArgs.builder()
* .subnetId(deploySubnet.id())
* .build())
* .notifications(ServiceNotificationsArgs.builder()
* .additionalRecipients(
* "[email protected]",
* "[email protected]")
* .notifyDcAdmins(true)
* .notifyGlobalAdmins(true)
* .build())
* .security(ServiceSecurityArgs.builder()
* .syncKerberosPasswords(true)
* .syncNtlmPasswords(true)
* .syncOnPremPasswords(true)
* .build())
* .tags(Map.of("Environment", "prod"))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* deploy:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* deployVirtualNetwork:
* type: azure:network:VirtualNetwork
* name: deploy
* properties:
* name: deploy-vnet
* location: ${deploy.location}
* resourceGroupName: ${deploy.name}
* addressSpaces:
* - 10.0.1.0/16
* deploySubnet:
* type: azure:network:Subnet
* name: deploy
* properties:
* name: deploy-subnet
* resourceGroupName: ${deploy.name}
* virtualNetworkName: ${deployVirtualNetwork.name}
* addressPrefixes:
* - 10.0.1.0/24
* deployNetworkSecurityGroup:
* type: azure:network:NetworkSecurityGroup
* name: deploy
* properties:
* name: deploy-nsg
* location: ${deploy.location}
* resourceGroupName: ${deploy.name}
* securityRules:
* - name: AllowSyncWithAzureAD
* priority: 101
* direction: Inbound
* access: Allow
* protocol: Tcp
* sourcePortRange: '*'
* destinationPortRange: '443'
* sourceAddressPrefix: AzureActiveDirectoryDomainServices
* destinationAddressPrefix: '*'
* - name: AllowRD
* priority: 201
* direction: Inbound
* access: Allow
* protocol: Tcp
* sourcePortRange: '*'
* destinationPortRange: '3389'
* sourceAddressPrefix: CorpNetSaw
* destinationAddressPrefix: '*'
* - name: AllowPSRemoting
* priority: 301
* direction: Inbound
* access: Allow
* protocol: Tcp
* sourcePortRange: '*'
* destinationPortRange: '5986'
* sourceAddressPrefix: AzureActiveDirectoryDomainServices
* destinationAddressPrefix: '*'
* - name: AllowLDAPS
* priority: 401
* direction: Inbound
* access: Allow
* protocol: Tcp
* sourcePortRange: '*'
* destinationPortRange: '636'
* sourceAddressPrefix: '*'
* destinationAddressPrefix: '*'
* deploySubnetNetworkSecurityGroupAssociation:
* type: azure:network:SubnetNetworkSecurityGroupAssociation
* name: deploy
* properties:
* subnetId: ${deploySubnet.id}
* networkSecurityGroupId: ${deployNetworkSecurityGroup.id}
* dcAdmins:
* type: azuread:Group
* name: dc_admins
* properties:
* displayName: AAD DC Administrators
* securityEnabled: true
* admin:
* type: azuread:User
* properties:
* userPrincipalName: [email protected]
* displayName: DC Administrator
* password: Pa55w0Rd!!1
* adminGroupMember:
* type: azuread:GroupMember
* name: admin
* properties:
* groupObjectId: ${dcAdmins.objectId}
* memberObjectId: ${admin.objectId}
* example:
* type: azuread:ServicePrincipal
* properties:
* applicationId: 2565bd9d-da50-47d4-8b85-4c97f669dc36
* aadds:
* type: azure:core:ResourceGroup
* properties:
* name: aadds-rg
* location: westeurope
* exampleService:
* type: azure:domainservices:Service
* name: example
* properties:
* name: example-aadds
* location: ${aadds.location}
* resourceGroupName: ${aadds.name}
* domainName: widgetslogin.net
* sku: Enterprise
* filteredSyncEnabled: false
* initialReplicaSet:
* subnetId: ${deploySubnet.id}
* notifications:
* additionalRecipients:
* - [email protected]
* - [email protected]
* notifyDcAdmins: true
* notifyGlobalAdmins: true
* security:
* syncKerberosPasswords: true
* syncNtlmPasswords: true
* syncOnPremPasswords: true
* tags:
* Environment: prod
* ```
*
* ## Import
* Domain Services can be imported using the resource ID, together with the Replica Set ID that you wish to designate as the initial replica set, e.g.
* ```sh
* $ pulumi import azure:domainservices/service:Service example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.AAD/domainServices/instance1/initialReplicaSetId/00000000-0000-0000-0000-000000000000
* ```
* @property domainConfigurationType The configuration type of this Active Directory Domain. Possible values are `FullySynced` and `ResourceTrusting`. Changing this forces a new resource to be created.
* @property domainName The Active Directory domain to use. See [official documentation](https://docs.microsoft.com/azure/active-directory-domain-services/tutorial-create-instance#create-a-managed-domain) for constraints and recommendations. Changing this forces a new resource to be created.
* @property filteredSyncEnabled Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to `false`.
* @property initialReplicaSet An `initial_replica_set` block as defined below. The initial replica set inherits the same location as the Domain Service resource.
* @property location The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
* @property name The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
* @property notifications A `notifications` block as defined below.
* @property resourceGroupName The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
* @property secureLdap A `secure_ldap` block as defined below.
* @property security A `security` block as defined below.
* @property sku The SKU to use when provisioning the Domain Service resource. One of `Standard`, `Enterprise` or `Premium`.
* @property tags A mapping of tags assigned to the resource.
*/
public data class ServiceArgs(
public val domainConfigurationType: Output? = null,
public val domainName: Output? = null,
public val filteredSyncEnabled: Output? = null,
public val initialReplicaSet: Output? = null,
public val location: Output? = null,
public val name: Output? = null,
public val notifications: Output? = null,
public val resourceGroupName: Output? = null,
public val secureLdap: Output? = null,
public val security: Output? = null,
public val sku: Output? = null,
public val tags: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.domainservices.ServiceArgs =
com.pulumi.azure.domainservices.ServiceArgs.builder()
.domainConfigurationType(domainConfigurationType?.applyValue({ args0 -> args0 }))
.domainName(domainName?.applyValue({ args0 -> args0 }))
.filteredSyncEnabled(filteredSyncEnabled?.applyValue({ args0 -> args0 }))
.initialReplicaSet(initialReplicaSet?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.location(location?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.notifications(notifications?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.resourceGroupName(resourceGroupName?.applyValue({ args0 -> args0 }))
.secureLdap(secureLdap?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.security(security?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.sku(sku?.applyValue({ args0 -> args0 }))
.tags(
tags?.applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}),
).build()
}
/**
* Builder for [ServiceArgs].
*/
@PulumiTagMarker
public class ServiceArgsBuilder internal constructor() {
private var domainConfigurationType: Output? = null
private var domainName: Output? = null
private var filteredSyncEnabled: Output? = null
private var initialReplicaSet: Output? = null
private var location: Output? = null
private var name: Output? = null
private var notifications: Output? = null
private var resourceGroupName: Output? = null
private var secureLdap: Output? = null
private var security: Output? = null
private var sku: Output? = null
private var tags: Output>? = null
/**
* @param value The configuration type of this Active Directory Domain. Possible values are `FullySynced` and `ResourceTrusting`. Changing this forces a new resource to be created.
*/
@JvmName("lrlfsqydrphjwgtu")
public suspend fun domainConfigurationType(`value`: Output) {
this.domainConfigurationType = value
}
/**
* @param value The Active Directory domain to use. See [official documentation](https://docs.microsoft.com/azure/active-directory-domain-services/tutorial-create-instance#create-a-managed-domain) for constraints and recommendations. Changing this forces a new resource to be created.
*/
@JvmName("vewuhalgvvcutstk")
public suspend fun domainName(`value`: Output) {
this.domainName = value
}
/**
* @param value Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to `false`.
*/
@JvmName("tcmfoaygdbiehkpe")
public suspend fun filteredSyncEnabled(`value`: Output) {
this.filteredSyncEnabled = value
}
/**
* @param value An `initial_replica_set` block as defined below. The initial replica set inherits the same location as the Domain Service resource.
*/
@JvmName("iambvujtbmthxinb")
public suspend fun initialReplicaSet(`value`: Output) {
this.initialReplicaSet = value
}
/**
* @param value The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
*/
@JvmName("jupcgxesqmocbkem")
public suspend fun location(`value`: Output) {
this.location = value
}
/**
* @param value The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
*/
@JvmName("pywcgomffnoaktim")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value A `notifications` block as defined below.
*/
@JvmName("jlvoiroxenwaprno")
public suspend fun notifications(`value`: Output) {
this.notifications = value
}
/**
* @param value The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
*/
@JvmName("xuombmgpfmlahwqa")
public suspend fun resourceGroupName(`value`: Output) {
this.resourceGroupName = value
}
/**
* @param value A `secure_ldap` block as defined below.
*/
@JvmName("xijdeykcguqbrshg")
public suspend fun secureLdap(`value`: Output) {
this.secureLdap = value
}
/**
* @param value A `security` block as defined below.
*/
@JvmName("jpigvblwonxirdsf")
public suspend fun security(`value`: Output) {
this.security = value
}
/**
* @param value The SKU to use when provisioning the Domain Service resource. One of `Standard`, `Enterprise` or `Premium`.
*/
@JvmName("krmxsoioiowdcnfj")
public suspend fun sku(`value`: Output) {
this.sku = value
}
/**
* @param value A mapping of tags assigned to the resource.
*/
@JvmName("kgbuupmxsrildapr")
public suspend fun tags(`value`: Output>) {
this.tags = value
}
/**
* @param value The configuration type of this Active Directory Domain. Possible values are `FullySynced` and `ResourceTrusting`. Changing this forces a new resource to be created.
*/
@JvmName("lmwaglvvxlyeiodw")
public suspend fun domainConfigurationType(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.domainConfigurationType = mapped
}
/**
* @param value The Active Directory domain to use. See [official documentation](https://docs.microsoft.com/azure/active-directory-domain-services/tutorial-create-instance#create-a-managed-domain) for constraints and recommendations. Changing this forces a new resource to be created.
*/
@JvmName("xwdxwsvoowpqluhd")
public suspend fun domainName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.domainName = mapped
}
/**
* @param value Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to `false`.
*/
@JvmName("oqgfrejjugnhhcnw")
public suspend fun filteredSyncEnabled(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.filteredSyncEnabled = mapped
}
/**
* @param value An `initial_replica_set` block as defined below. The initial replica set inherits the same location as the Domain Service resource.
*/
@JvmName("eainjtebeaanvwsn")
public suspend fun initialReplicaSet(`value`: ServiceInitialReplicaSetArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.initialReplicaSet = mapped
}
/**
* @param argument An `initial_replica_set` block as defined below. The initial replica set inherits the same location as the Domain Service resource.
*/
@JvmName("nwujnyfusohtorby")
public suspend
fun initialReplicaSet(argument: suspend ServiceInitialReplicaSetArgsBuilder.() -> Unit) {
val toBeMapped = ServiceInitialReplicaSetArgsBuilder().applySuspend { argument() }.build()
val mapped = of(toBeMapped)
this.initialReplicaSet = mapped
}
/**
* @param value The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
*/
@JvmName("vljsbmjttmbihhtf")
public suspend fun location(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.location = mapped
}
/**
* @param value The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
*/
@JvmName("yivxwgwgjgedfvni")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value A `notifications` block as defined below.
*/
@JvmName("jopjbeiqqkhkqdfo")
public suspend fun notifications(`value`: ServiceNotificationsArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.notifications = mapped
}
/**
* @param argument A `notifications` block as defined below.
*/
@JvmName("ywwvgkxtrqkkajml")
public suspend fun notifications(argument: suspend ServiceNotificationsArgsBuilder.() -> Unit) {
val toBeMapped = ServiceNotificationsArgsBuilder().applySuspend { argument() }.build()
val mapped = of(toBeMapped)
this.notifications = mapped
}
/**
* @param value The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
*/
@JvmName("wtvoynqelwxhbwef")
public suspend fun resourceGroupName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.resourceGroupName = mapped
}
/**
* @param value A `secure_ldap` block as defined below.
*/
@JvmName("cwkaslevrmksdsvo")
public suspend fun secureLdap(`value`: ServiceSecureLdapArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.secureLdap = mapped
}
/**
* @param argument A `secure_ldap` block as defined below.
*/
@JvmName("twolbxkerfkbibfb")
public suspend fun secureLdap(argument: suspend ServiceSecureLdapArgsBuilder.() -> Unit) {
val toBeMapped = ServiceSecureLdapArgsBuilder().applySuspend { argument() }.build()
val mapped = of(toBeMapped)
this.secureLdap = mapped
}
/**
* @param value A `security` block as defined below.
*/
@JvmName("pbvyjrcnhbspvkpm")
public suspend fun security(`value`: ServiceSecurityArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.security = mapped
}
/**
* @param argument A `security` block as defined below.
*/
@JvmName("diugjowdkmsnosvs")
public suspend fun security(argument: suspend ServiceSecurityArgsBuilder.() -> Unit) {
val toBeMapped = ServiceSecurityArgsBuilder().applySuspend { argument() }.build()
val mapped = of(toBeMapped)
this.security = mapped
}
/**
* @param value The SKU to use when provisioning the Domain Service resource. One of `Standard`, `Enterprise` or `Premium`.
*/
@JvmName("jrtmmrhmfwdurant")
public suspend fun sku(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.sku = mapped
}
/**
* @param value A mapping of tags assigned to the resource.
*/
@JvmName("qtvbecrwlhyfedue")
public suspend fun tags(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tags = mapped
}
/**
* @param values A mapping of tags assigned to the resource.
*/
@JvmName("etkvhkvhwhvqeduw")
public fun tags(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.tags = mapped
}
internal fun build(): ServiceArgs = ServiceArgs(
domainConfigurationType = domainConfigurationType,
domainName = domainName,
filteredSyncEnabled = filteredSyncEnabled,
initialReplicaSet = initialReplicaSet,
location = location,
name = name,
notifications = notifications,
resourceGroupName = resourceGroupName,
secureLdap = secureLdap,
security = security,
sku = sku,
tags = tags,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy