com.pulumi.azure.cosmosdb.kotlin.SqlRoleDefinitionArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.cosmosdb.kotlin
import com.pulumi.azure.cosmosdb.SqlRoleDefinitionArgs.builder
import com.pulumi.azure.cosmosdb.kotlin.inputs.SqlRoleDefinitionPermissionArgs
import com.pulumi.azure.cosmosdb.kotlin.inputs.SqlRoleDefinitionPermissionArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Manages a Cosmos DB SQL Role Definition.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const current = azure.core.getClientConfig({});
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleAccount = new azure.cosmosdb.Account("example", {
* name: "example-cosmosdb",
* location: example.location,
* resourceGroupName: example.name,
* offerType: "Standard",
* kind: "GlobalDocumentDB",
* consistencyPolicy: {
* consistencyLevel: "Strong",
* },
* geoLocations: [{
* location: example.location,
* failoverPriority: 0,
* }],
* });
* const exampleSqlRoleDefinition = new azure.cosmosdb.SqlRoleDefinition("example", {
* roleDefinitionId: "84cf3a8b-4122-4448-bce2-fa423cfe0a15",
* resourceGroupName: example.name,
* accountName: exampleAccount.name,
* name: "acctestsqlrole",
* assignableScopes: [pulumi.interpolate`${exampleAccount.id}/dbs/sales`],
* permissions: [{
* dataActions: ["Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read"],
* }],
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* current = azure.core.get_client_config()
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_account = azure.cosmosdb.Account("example",
* name="example-cosmosdb",
* location=example.location,
* resource_group_name=example.name,
* offer_type="Standard",
* kind="GlobalDocumentDB",
* consistency_policy={
* "consistency_level": "Strong",
* },
* geo_locations=[{
* "location": example.location,
* "failover_priority": 0,
* }])
* example_sql_role_definition = azure.cosmosdb.SqlRoleDefinition("example",
* role_definition_id="84cf3a8b-4122-4448-bce2-fa423cfe0a15",
* resource_group_name=example.name,
* account_name=example_account.name,
* name="acctestsqlrole",
* assignable_scopes=[example_account.id.apply(lambda id: f"{id}/dbs/sales")],
* permissions=[{
* "data_actions": ["Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read"],
* }])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var current = Azure.Core.GetClientConfig.Invoke();
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleAccount = new Azure.CosmosDB.Account("example", new()
* {
* Name = "example-cosmosdb",
* Location = example.Location,
* ResourceGroupName = example.Name,
* OfferType = "Standard",
* Kind = "GlobalDocumentDB",
* ConsistencyPolicy = new Azure.CosmosDB.Inputs.AccountConsistencyPolicyArgs
* {
* ConsistencyLevel = "Strong",
* },
* GeoLocations = new[]
* {
* new Azure.CosmosDB.Inputs.AccountGeoLocationArgs
* {
* Location = example.Location,
* FailoverPriority = 0,
* },
* },
* });
* var exampleSqlRoleDefinition = new Azure.CosmosDB.SqlRoleDefinition("example", new()
* {
* RoleDefinitionId = "84cf3a8b-4122-4448-bce2-fa423cfe0a15",
* ResourceGroupName = example.Name,
* AccountName = exampleAccount.Name,
* Name = "acctestsqlrole",
* AssignableScopes = new[]
* {
* exampleAccount.Id.Apply(id => $"{id}/dbs/sales"),
* },
* Permissions = new[]
* {
* new Azure.CosmosDB.Inputs.SqlRoleDefinitionPermissionArgs
* {
* DataActions = new[]
* {
* "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read",
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cosmosdb"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleAccount, err := cosmosdb.NewAccount(ctx, "example", &cosmosdb.AccountArgs{
* Name: pulumi.String("example-cosmosdb"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* OfferType: pulumi.String("Standard"),
* Kind: pulumi.String("GlobalDocumentDB"),
* ConsistencyPolicy: &cosmosdb.AccountConsistencyPolicyArgs{
* ConsistencyLevel: pulumi.String("Strong"),
* },
* GeoLocations: cosmosdb.AccountGeoLocationArray{
* &cosmosdb.AccountGeoLocationArgs{
* Location: example.Location,
* FailoverPriority: pulumi.Int(0),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = cosmosdb.NewSqlRoleDefinition(ctx, "example", &cosmosdb.SqlRoleDefinitionArgs{
* RoleDefinitionId: pulumi.String("84cf3a8b-4122-4448-bce2-fa423cfe0a15"),
* ResourceGroupName: example.Name,
* AccountName: exampleAccount.Name,
* Name: pulumi.String("acctestsqlrole"),
* AssignableScopes: pulumi.StringArray{
* exampleAccount.ID().ApplyT(func(id string) (string, error) {
* return fmt.Sprintf("%v/dbs/sales", id), nil
* }).(pulumi.StringOutput),
* },
* Permissions: cosmosdb.SqlRoleDefinitionPermissionArray{
* &cosmosdb.SqlRoleDefinitionPermissionArgs{
* DataActions: pulumi.StringArray{
* pulumi.String("Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read"),
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.cosmosdb.Account;
* import com.pulumi.azure.cosmosdb.AccountArgs;
* import com.pulumi.azure.cosmosdb.inputs.AccountConsistencyPolicyArgs;
* import com.pulumi.azure.cosmosdb.inputs.AccountGeoLocationArgs;
* import com.pulumi.azure.cosmosdb.SqlRoleDefinition;
* import com.pulumi.azure.cosmosdb.SqlRoleDefinitionArgs;
* import com.pulumi.azure.cosmosdb.inputs.SqlRoleDefinitionPermissionArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = CoreFunctions.getClientConfig();
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("example-cosmosdb")
* .location(example.location())
* .resourceGroupName(example.name())
* .offerType("Standard")
* .kind("GlobalDocumentDB")
* .consistencyPolicy(AccountConsistencyPolicyArgs.builder()
* .consistencyLevel("Strong")
* .build())
* .geoLocations(AccountGeoLocationArgs.builder()
* .location(example.location())
* .failoverPriority(0)
* .build())
* .build());
* var exampleSqlRoleDefinition = new SqlRoleDefinition("exampleSqlRoleDefinition", SqlRoleDefinitionArgs.builder()
* .roleDefinitionId("84cf3a8b-4122-4448-bce2-fa423cfe0a15")
* .resourceGroupName(example.name())
* .accountName(exampleAccount.name())
* .name("acctestsqlrole")
* .assignableScopes(exampleAccount.id().applyValue(id -> String.format("%s/dbs/sales", id)))
* .permissions(SqlRoleDefinitionPermissionArgs.builder()
* .dataActions("Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read")
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleAccount:
* type: azure:cosmosdb:Account
* name: example
* properties:
* name: example-cosmosdb
* location: ${example.location}
* resourceGroupName: ${example.name}
* offerType: Standard
* kind: GlobalDocumentDB
* consistencyPolicy:
* consistencyLevel: Strong
* geoLocations:
* - location: ${example.location}
* failoverPriority: 0
* exampleSqlRoleDefinition:
* type: azure:cosmosdb:SqlRoleDefinition
* name: example
* properties:
* roleDefinitionId: 84cf3a8b-4122-4448-bce2-fa423cfe0a15
* resourceGroupName: ${example.name}
* accountName: ${exampleAccount.name}
* name: acctestsqlrole
* assignableScopes:
* - ${exampleAccount.id}/dbs/sales
* permissions:
* - dataActions:
* - Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* Cosmos DB SQL Role Definitions can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:cosmosdb/sqlRoleDefinition:SqlRoleDefinition example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.DocumentDB/databaseAccounts/account1/sqlRoleDefinitions/28b3c337-f436-482b-a167-c2618dc52033
* ```
* @property accountName The name of the Cosmos DB Account. Changing this forces a new resource to be created.
* @property assignableScopes A list of fully qualified scopes at or below which Role Assignments may be created using this Cosmos DB SQL Role Definition. It will allow application of this Cosmos DB SQL Role Definition on the entire Database Account or any underlying Database/Collection. Scopes higher than Database Account are not enforceable as assignable scopes.
* > **NOTE:** The resources referenced in assignable scopes need not exist.
* @property name An user-friendly name for the Cosmos DB SQL Role Definition which must be unique for the Database Account.
* @property permissions A `permissions` block as defined below.
* @property resourceGroupName The name of the Resource Group in which the Cosmos DB SQL Role Definition is created. Changing this forces a new resource to be created.
* @property roleDefinitionId The GUID as the name of the Cosmos DB SQL Role Definition - one will be generated if not specified. Changing this forces a new resource to be created.
* @property type The type of the Cosmos DB SQL Role Definition. Possible values are `BuiltInRole` and `CustomRole`. Defaults to `CustomRole`. Changing this forces a new resource to be created.
*/
public data class SqlRoleDefinitionArgs(
public val accountName: Output? = null,
public val assignableScopes: Output>? = null,
public val name: Output? = null,
public val permissions: Output>? = null,
public val resourceGroupName: Output? = null,
public val roleDefinitionId: Output? = null,
public val type: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.cosmosdb.SqlRoleDefinitionArgs =
com.pulumi.azure.cosmosdb.SqlRoleDefinitionArgs.builder()
.accountName(accountName?.applyValue({ args0 -> args0 }))
.assignableScopes(assignableScopes?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.name(name?.applyValue({ args0 -> args0 }))
.permissions(
permissions?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.resourceGroupName(resourceGroupName?.applyValue({ args0 -> args0 }))
.roleDefinitionId(roleDefinitionId?.applyValue({ args0 -> args0 }))
.type(type?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [SqlRoleDefinitionArgs].
*/
@PulumiTagMarker
public class SqlRoleDefinitionArgsBuilder internal constructor() {
private var accountName: Output? = null
private var assignableScopes: Output>? = null
private var name: Output? = null
private var permissions: Output>? = null
private var resourceGroupName: Output? = null
private var roleDefinitionId: Output? = null
private var type: Output? = null
/**
* @param value The name of the Cosmos DB Account. Changing this forces a new resource to be created.
*/
@JvmName("vxcdmboufprybyad")
public suspend fun accountName(`value`: Output) {
this.accountName = value
}
/**
* @param value A list of fully qualified scopes at or below which Role Assignments may be created using this Cosmos DB SQL Role Definition. It will allow application of this Cosmos DB SQL Role Definition on the entire Database Account or any underlying Database/Collection. Scopes higher than Database Account are not enforceable as assignable scopes.
* > **NOTE:** The resources referenced in assignable scopes need not exist.
*/
@JvmName("qhviiqbanjcgeixg")
public suspend fun assignableScopes(`value`: Output>) {
this.assignableScopes = value
}
@JvmName("ptfjuypnxbloatso")
public suspend fun assignableScopes(vararg values: Output) {
this.assignableScopes = Output.all(values.asList())
}
/**
* @param values A list of fully qualified scopes at or below which Role Assignments may be created using this Cosmos DB SQL Role Definition. It will allow application of this Cosmos DB SQL Role Definition on the entire Database Account or any underlying Database/Collection. Scopes higher than Database Account are not enforceable as assignable scopes.
* > **NOTE:** The resources referenced in assignable scopes need not exist.
*/
@JvmName("thxtriewuuogbwmx")
public suspend fun assignableScopes(values: List>) {
this.assignableScopes = Output.all(values)
}
/**
* @param value An user-friendly name for the Cosmos DB SQL Role Definition which must be unique for the Database Account.
*/
@JvmName("rplxmpqvcmtrfsyg")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value A `permissions` block as defined below.
*/
@JvmName("sbwaccqwyajanogw")
public suspend fun permissions(`value`: Output>) {
this.permissions = value
}
@JvmName("diwuifksaxmhbsvb")
public suspend fun permissions(vararg values: Output) {
this.permissions = Output.all(values.asList())
}
/**
* @param values A `permissions` block as defined below.
*/
@JvmName("evhltxqiaquybunr")
public suspend fun permissions(values: List>) {
this.permissions = Output.all(values)
}
/**
* @param value The name of the Resource Group in which the Cosmos DB SQL Role Definition is created. Changing this forces a new resource to be created.
*/
@JvmName("nwiibckxtdchokql")
public suspend fun resourceGroupName(`value`: Output) {
this.resourceGroupName = value
}
/**
* @param value The GUID as the name of the Cosmos DB SQL Role Definition - one will be generated if not specified. Changing this forces a new resource to be created.
*/
@JvmName("xibjipabjusivbjl")
public suspend fun roleDefinitionId(`value`: Output) {
this.roleDefinitionId = value
}
/**
* @param value The type of the Cosmos DB SQL Role Definition. Possible values are `BuiltInRole` and `CustomRole`. Defaults to `CustomRole`. Changing this forces a new resource to be created.
*/
@JvmName("mveehyetychfilml")
public suspend fun type(`value`: Output) {
this.type = value
}
/**
* @param value The name of the Cosmos DB Account. Changing this forces a new resource to be created.
*/
@JvmName("xetmivhwlhrgxvog")
public suspend fun accountName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.accountName = mapped
}
/**
* @param value A list of fully qualified scopes at or below which Role Assignments may be created using this Cosmos DB SQL Role Definition. It will allow application of this Cosmos DB SQL Role Definition on the entire Database Account or any underlying Database/Collection. Scopes higher than Database Account are not enforceable as assignable scopes.
* > **NOTE:** The resources referenced in assignable scopes need not exist.
*/
@JvmName("dnfqtcbglygimifl")
public suspend fun assignableScopes(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.assignableScopes = mapped
}
/**
* @param values A list of fully qualified scopes at or below which Role Assignments may be created using this Cosmos DB SQL Role Definition. It will allow application of this Cosmos DB SQL Role Definition on the entire Database Account or any underlying Database/Collection. Scopes higher than Database Account are not enforceable as assignable scopes.
* > **NOTE:** The resources referenced in assignable scopes need not exist.
*/
@JvmName("hkixqqiugkqdlcet")
public suspend fun assignableScopes(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.assignableScopes = mapped
}
/**
* @param value An user-friendly name for the Cosmos DB SQL Role Definition which must be unique for the Database Account.
*/
@JvmName("meqgoiwrhdefpmsk")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value A `permissions` block as defined below.
*/
@JvmName("ddcvyjglahpnynwv")
public suspend fun permissions(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.permissions = mapped
}
/**
* @param argument A `permissions` block as defined below.
*/
@JvmName("eojvmabesntsderr")
public suspend fun permissions(argument: List Unit>) {
val toBeMapped = argument.toList().map {
SqlRoleDefinitionPermissionArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.permissions = mapped
}
/**
* @param argument A `permissions` block as defined below.
*/
@JvmName("rcdijrxkjbcvuwcq")
public suspend fun permissions(vararg argument: suspend SqlRoleDefinitionPermissionArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
SqlRoleDefinitionPermissionArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.permissions = mapped
}
/**
* @param argument A `permissions` block as defined below.
*/
@JvmName("cxqlnroggqetgdgo")
public suspend fun permissions(argument: suspend SqlRoleDefinitionPermissionArgsBuilder.() -> Unit) {
val toBeMapped = listOf(
SqlRoleDefinitionPermissionArgsBuilder().applySuspend {
argument()
}.build(),
)
val mapped = of(toBeMapped)
this.permissions = mapped
}
/**
* @param values A `permissions` block as defined below.
*/
@JvmName("diyfulsfwuvmtlhc")
public suspend fun permissions(vararg values: SqlRoleDefinitionPermissionArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.permissions = mapped
}
/**
* @param value The name of the Resource Group in which the Cosmos DB SQL Role Definition is created. Changing this forces a new resource to be created.
*/
@JvmName("foulfkwrfqelvwla")
public suspend fun resourceGroupName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.resourceGroupName = mapped
}
/**
* @param value The GUID as the name of the Cosmos DB SQL Role Definition - one will be generated if not specified. Changing this forces a new resource to be created.
*/
@JvmName("mvjmueahkgdhtrms")
public suspend fun roleDefinitionId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.roleDefinitionId = mapped
}
/**
* @param value The type of the Cosmos DB SQL Role Definition. Possible values are `BuiltInRole` and `CustomRole`. Defaults to `CustomRole`. Changing this forces a new resource to be created.
*/
@JvmName("nyfxfltxxqplhcpm")
public suspend fun type(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.type = mapped
}
internal fun build(): SqlRoleDefinitionArgs = SqlRoleDefinitionArgs(
accountName = accountName,
assignableScopes = assignableScopes,
name = name,
permissions = permissions,
resourceGroupName = resourceGroupName,
roleDefinitionId = roleDefinitionId,
type = type,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy