Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.azure.pim.kotlin.EligibleRoleAssignment.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.pim.kotlin
import com.pulumi.azure.pim.kotlin.outputs.EligibleRoleAssignmentSchedule
import com.pulumi.azure.pim.kotlin.outputs.EligibleRoleAssignmentTicket
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import com.pulumi.azure.pim.kotlin.outputs.EligibleRoleAssignmentSchedule.Companion.toKotlin as eligibleRoleAssignmentScheduleToKotlin
import com.pulumi.azure.pim.kotlin.outputs.EligibleRoleAssignmentTicket.Companion.toKotlin as eligibleRoleAssignmentTicketToKotlin
/**
* Builder for [EligibleRoleAssignment].
*/
@PulumiTagMarker
public class EligibleRoleAssignmentResourceBuilder internal constructor() {
public var name: String? = null
public var args: EligibleRoleAssignmentArgs = EligibleRoleAssignmentArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend EligibleRoleAssignmentArgsBuilder.() -> Unit) {
val builder = EligibleRoleAssignmentArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): EligibleRoleAssignment {
val builtJavaResource = com.pulumi.azure.pim.EligibleRoleAssignment(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return EligibleRoleAssignment(builtJavaResource)
}
}
/**
* Manages a PIM Eligible Role Assignment.
* ## Example Usage
* ### Subscription)
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* import * as time from "@pulumiverse/time";
* const primary = azure.core.getSubscription({});
* const example = azure.core.getClientConfig({});
* const exampleGetRoleDefinition = azure.authorization.getRoleDefinition({
* name: "Reader",
* });
* const exampleStatic = new time.Static("example", {});
* const exampleEligibleRoleAssignment = new azure.pim.EligibleRoleAssignment("example", {
* scope: primary.then(primary => primary.id),
* roleDefinitionId: Promise.all([primary, exampleGetRoleDefinition]).then(([primary, exampleGetRoleDefinition]) => `${primary.id}${exampleGetRoleDefinition.id}`),
* principalId: example.then(example => example.objectId),
* schedule: {
* startDateTime: exampleStatic.rfc3339,
* expiration: {
* durationHours: 8,
* },
* },
* justification: "Expiration Duration Set",
* ticket: {
* number: "1",
* system: "example ticket system",
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* import pulumiverse_time as time
* primary = azure.core.get_subscription()
* example = azure.core.get_client_config()
* example_get_role_definition = azure.authorization.get_role_definition(name="Reader")
* example_static = time.Static("example")
* example_eligible_role_assignment = azure.pim.EligibleRoleAssignment("example",
* scope=primary.id,
* role_definition_id=f"{primary.id}{example_get_role_definition.id}",
* principal_id=example.object_id,
* schedule={
* "start_date_time": example_static.rfc3339,
* "expiration": {
* "duration_hours": 8,
* },
* },
* justification="Expiration Duration Set",
* ticket={
* "number": "1",
* "system": "example ticket system",
* })
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* using Time = Pulumiverse.Time;
* return await Deployment.RunAsync(() =>
* {
* var primary = Azure.Core.GetSubscription.Invoke();
* var example = Azure.Core.GetClientConfig.Invoke();
* var exampleGetRoleDefinition = Azure.Authorization.GetRoleDefinition.Invoke(new()
* {
* Name = "Reader",
* });
* var exampleStatic = new Time.Static("example");
* var exampleEligibleRoleAssignment = new Azure.Pim.EligibleRoleAssignment("example", new()
* {
* Scope = primary.Apply(getSubscriptionResult => getSubscriptionResult.Id),
* RoleDefinitionId = Output.Tuple(primary, exampleGetRoleDefinition).Apply(values =>
* {
* var primary = values.Item1;
* var exampleGetRoleDefinition = values.Item2;
* return $"{primary.Apply(getSubscriptionResult => getSubscriptionResult.Id)}{exampleGetRoleDefinition.Apply(getRoleDefinitionResult => getRoleDefinitionResult.Id)}";
* }),
* PrincipalId = example.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* Schedule = new Azure.Pim.Inputs.EligibleRoleAssignmentScheduleArgs
* {
* StartDateTime = exampleStatic.Rfc3339,
* Expiration = new Azure.Pim.Inputs.EligibleRoleAssignmentScheduleExpirationArgs
* {
* DurationHours = 8,
* },
* },
* Justification = "Expiration Duration Set",
* Ticket = new Azure.Pim.Inputs.EligibleRoleAssignmentTicketArgs
* {
* Number = "1",
* System = "example ticket system",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/pim"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* "github.com/pulumiverse/pulumi-time/sdk/go/time"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* primary, err := core.LookupSubscription(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* exampleGetRoleDefinition, err := authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
* Name: pulumi.StringRef("Reader"),
* }, nil)
* if err != nil {
* return err
* }
* exampleStatic, err := time.NewStatic(ctx, "example", nil)
* if err != nil {
* return err
* }
* _, err = pim.NewEligibleRoleAssignment(ctx, "example", &pim.EligibleRoleAssignmentArgs{
* Scope: pulumi.String(primary.Id),
* RoleDefinitionId: pulumi.Sprintf("%v%v", primary.Id, exampleGetRoleDefinition.Id),
* PrincipalId: pulumi.String(example.ObjectId),
* Schedule: &pim.EligibleRoleAssignmentScheduleArgs{
* StartDateTime: exampleStatic.Rfc3339,
* Expiration: &pim.EligibleRoleAssignmentScheduleExpirationArgs{
* DurationHours: pulumi.Int(8),
* },
* },
* Justification: pulumi.String("Expiration Duration Set"),
* Ticket: &pim.EligibleRoleAssignmentTicketArgs{
* Number: pulumi.String("1"),
* System: pulumi.String("example ticket system"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.inputs.GetSubscriptionArgs;
* import com.pulumi.azure.authorization.AuthorizationFunctions;
* import com.pulumi.azure.authorization.inputs.GetRoleDefinitionArgs;
* import com.pulumi.time.Static;
* import com.pulumi.azure.pim.EligibleRoleAssignment;
* import com.pulumi.azure.pim.EligibleRoleAssignmentArgs;
* import com.pulumi.azure.pim.inputs.EligibleRoleAssignmentScheduleArgs;
* import com.pulumi.azure.pim.inputs.EligibleRoleAssignmentScheduleExpirationArgs;
* import com.pulumi.azure.pim.inputs.EligibleRoleAssignmentTicketArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var primary = CoreFunctions.getSubscription();
* final var example = CoreFunctions.getClientConfig();
* final var exampleGetRoleDefinition = AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
* .name("Reader")
* .build());
* var exampleStatic = new Static("exampleStatic");
* var exampleEligibleRoleAssignment = new EligibleRoleAssignment("exampleEligibleRoleAssignment", EligibleRoleAssignmentArgs.builder()
* .scope(primary.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
* .roleDefinitionId(String.format("%s%s", primary.applyValue(getSubscriptionResult -> getSubscriptionResult.id()),exampleGetRoleDefinition.applyValue(getRoleDefinitionResult -> getRoleDefinitionResult.id())))
* .principalId(example.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .schedule(EligibleRoleAssignmentScheduleArgs.builder()
* .startDateTime(exampleStatic.rfc3339())
* .expiration(EligibleRoleAssignmentScheduleExpirationArgs.builder()
* .durationHours(8)
* .build())
* .build())
* .justification("Expiration Duration Set")
* .ticket(EligibleRoleAssignmentTicketArgs.builder()
* .number("1")
* .system("example ticket system")
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* exampleStatic:
* type: time:Static
* name: example
* exampleEligibleRoleAssignment:
* type: azure:pim:EligibleRoleAssignment
* name: example
* properties:
* scope: ${primary.id}
* roleDefinitionId: ${primary.id}${exampleGetRoleDefinition.id}
* principalId: ${example.objectId}
* schedule:
* startDateTime: ${exampleStatic.rfc3339}
* expiration:
* durationHours: 8
* justification: Expiration Duration Set
* ticket:
* number: '1'
* system: example ticket system
* variables:
* primary:
* fn::invoke:
* Function: azure:core:getSubscription
* Arguments: {}
* example:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* exampleGetRoleDefinition:
* fn::invoke:
* Function: azure:authorization:getRoleDefinition
* Arguments:
* name: Reader
* ```
*
* ### Management Group)
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* import * as time from "@pulumiverse/time";
* const example = azure.core.getClientConfig({});
* const exampleGetRoleDefinition = azure.authorization.getRoleDefinition({
* name: "Reader",
* });
* const exampleGroup = new azure.management.Group("example", {name: "Example-Management-Group"});
* const exampleStatic = new time.Static("example", {});
* const exampleEligibleRoleAssignment = new azure.pim.EligibleRoleAssignment("example", {
* scope: exampleGroup.id,
* roleDefinitionId: exampleGetRoleDefinition.then(exampleGetRoleDefinition => exampleGetRoleDefinition.id),
* principalId: example.then(example => example.objectId),
* schedule: {
* startDateTime: exampleStatic.rfc3339,
* expiration: {
* durationHours: 8,
* },
* },
* justification: "Expiration Duration Set",
* ticket: {
* number: "1",
* system: "example ticket system",
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* import pulumiverse_time as time
* example = azure.core.get_client_config()
* example_get_role_definition = azure.authorization.get_role_definition(name="Reader")
* example_group = azure.management.Group("example", name="Example-Management-Group")
* example_static = time.Static("example")
* example_eligible_role_assignment = azure.pim.EligibleRoleAssignment("example",
* scope=example_group.id,
* role_definition_id=example_get_role_definition.id,
* principal_id=example.object_id,
* schedule={
* "start_date_time": example_static.rfc3339,
* "expiration": {
* "duration_hours": 8,
* },
* },
* justification="Expiration Duration Set",
* ticket={
* "number": "1",
* "system": "example ticket system",
* })
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* using Time = Pulumiverse.Time;
* return await Deployment.RunAsync(() =>
* {
* var example = Azure.Core.GetClientConfig.Invoke();
* var exampleGetRoleDefinition = Azure.Authorization.GetRoleDefinition.Invoke(new()
* {
* Name = "Reader",
* });
* var exampleGroup = new Azure.Management.Group("example", new()
* {
* Name = "Example-Management-Group",
* });
* var exampleStatic = new Time.Static("example");
* var exampleEligibleRoleAssignment = new Azure.Pim.EligibleRoleAssignment("example", new()
* {
* Scope = exampleGroup.Id,
* RoleDefinitionId = exampleGetRoleDefinition.Apply(getRoleDefinitionResult => getRoleDefinitionResult.Id),
* PrincipalId = example.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* Schedule = new Azure.Pim.Inputs.EligibleRoleAssignmentScheduleArgs
* {
* StartDateTime = exampleStatic.Rfc3339,
* Expiration = new Azure.Pim.Inputs.EligibleRoleAssignmentScheduleExpirationArgs
* {
* DurationHours = 8,
* },
* },
* Justification = "Expiration Duration Set",
* Ticket = new Azure.Pim.Inputs.EligibleRoleAssignmentTicketArgs
* {
* Number = "1",
* System = "example ticket system",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/management"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/pim"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* "github.com/pulumiverse/pulumi-time/sdk/go/time"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* exampleGetRoleDefinition, err := authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
* Name: pulumi.StringRef("Reader"),
* }, nil)
* if err != nil {
* return err
* }
* exampleGroup, err := management.NewGroup(ctx, "example", &management.GroupArgs{
* Name: pulumi.String("Example-Management-Group"),
* })
* if err != nil {
* return err
* }
* exampleStatic, err := time.NewStatic(ctx, "example", nil)
* if err != nil {
* return err
* }
* _, err = pim.NewEligibleRoleAssignment(ctx, "example", &pim.EligibleRoleAssignmentArgs{
* Scope: exampleGroup.ID(),
* RoleDefinitionId: pulumi.String(exampleGetRoleDefinition.Id),
* PrincipalId: pulumi.String(example.ObjectId),
* Schedule: &pim.EligibleRoleAssignmentScheduleArgs{
* StartDateTime: exampleStatic.Rfc3339,
* Expiration: &pim.EligibleRoleAssignmentScheduleExpirationArgs{
* DurationHours: pulumi.Int(8),
* },
* },
* Justification: pulumi.String("Expiration Duration Set"),
* Ticket: &pim.EligibleRoleAssignmentTicketArgs{
* Number: pulumi.String("1"),
* System: pulumi.String("example ticket system"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.authorization.AuthorizationFunctions;
* import com.pulumi.azure.authorization.inputs.GetRoleDefinitionArgs;
* import com.pulumi.azure.management.Group;
* import com.pulumi.azure.management.GroupArgs;
* import com.pulumi.time.Static;
* import com.pulumi.azure.pim.EligibleRoleAssignment;
* import com.pulumi.azure.pim.EligibleRoleAssignmentArgs;
* import com.pulumi.azure.pim.inputs.EligibleRoleAssignmentScheduleArgs;
* import com.pulumi.azure.pim.inputs.EligibleRoleAssignmentScheduleExpirationArgs;
* import com.pulumi.azure.pim.inputs.EligibleRoleAssignmentTicketArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var example = CoreFunctions.getClientConfig();
* final var exampleGetRoleDefinition = AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
* .name("Reader")
* .build());
* var exampleGroup = new Group("exampleGroup", GroupArgs.builder()
* .name("Example-Management-Group")
* .build());
* var exampleStatic = new Static("exampleStatic");
* var exampleEligibleRoleAssignment = new EligibleRoleAssignment("exampleEligibleRoleAssignment", EligibleRoleAssignmentArgs.builder()
* .scope(exampleGroup.id())
* .roleDefinitionId(exampleGetRoleDefinition.applyValue(getRoleDefinitionResult -> getRoleDefinitionResult.id()))
* .principalId(example.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .schedule(EligibleRoleAssignmentScheduleArgs.builder()
* .startDateTime(exampleStatic.rfc3339())
* .expiration(EligibleRoleAssignmentScheduleExpirationArgs.builder()
* .durationHours(8)
* .build())
* .build())
* .justification("Expiration Duration Set")
* .ticket(EligibleRoleAssignmentTicketArgs.builder()
* .number("1")
* .system("example ticket system")
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* exampleGroup:
* type: azure:management:Group
* name: example
* properties:
* name: Example-Management-Group
* exampleStatic:
* type: time:Static
* name: example
* exampleEligibleRoleAssignment:
* type: azure:pim:EligibleRoleAssignment
* name: example
* properties:
* scope: ${exampleGroup.id}
* roleDefinitionId: ${exampleGetRoleDefinition.id}
* principalId: ${example.objectId}
* schedule:
* startDateTime: ${exampleStatic.rfc3339}
* expiration:
* durationHours: 8
* justification: Expiration Duration Set
* ticket:
* number: '1'
* system: example ticket system
* variables:
* example:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* exampleGetRoleDefinition:
* fn::invoke:
* Function: azure:authorization:getRoleDefinition
* Arguments:
* name: Reader
* ```
*
* ## Import
* PIM Eligible Role Assignments can be imported using the following composite resource ID, e.g.
* ```sh
* $ pulumi import azure:pim/eligibleRoleAssignment:EligibleRoleAssignment example /subscriptions/00000000-0000-0000-0000-000000000000|/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/00000000-0000-0000-0000-000000000000|00000000-0000-0000-0000-000000000000
* ```
*/
public class EligibleRoleAssignment internal constructor(
override val javaResource: com.pulumi.azure.pim.EligibleRoleAssignment,
) : KotlinCustomResource(javaResource, EligibleRoleAssignmentMapper) {
/**
* The justification of the role assignment. Changing this forces a new resource to be created.
*/
public val justification: Output
get() = javaResource.justification().applyValue({ args0 -> args0 })
/**
* Object ID of the principal for this eligible role assignment. Changing this forces a new resource to be created.
*/
public val principalId: Output
get() = javaResource.principalId().applyValue({ args0 -> args0 })
/**
* Type of principal to which the role will be assigned.
*/
public val principalType: Output
get() = javaResource.principalType().applyValue({ args0 -> args0 })
/**
* The role definition ID for this eligible role assignment. Changing this forces a new resource to be created.
*/
public val roleDefinitionId: Output
get() = javaResource.roleDefinitionId().applyValue({ args0 -> args0 })
/**
* A `schedule` block as defined below. Changing this forces a new resource to be created.
*/
public val schedule: Output
get() = javaResource.schedule().applyValue({ args0 ->
args0.let({ args0 ->
eligibleRoleAssignmentScheduleToKotlin(args0)
})
})
/**
* The scope for this eligible role assignment, should be a valid resource ID. Changing this forces a new resource to be created.
*/
public val scope: Output
get() = javaResource.scope().applyValue({ args0 -> args0 })
/**
* A `ticket` block as defined below. Changing this forces a new resource to be created.
*/
public val ticket: Output
get() = javaResource.ticket().applyValue({ args0 ->
args0.let({ args0 ->
eligibleRoleAssignmentTicketToKotlin(args0)
})
})
}
public object EligibleRoleAssignmentMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.pim.EligibleRoleAssignment::class == javaResource::class
override fun map(javaResource: Resource): EligibleRoleAssignment =
EligibleRoleAssignment(javaResource as com.pulumi.azure.pim.EligibleRoleAssignment)
}
/**
* @see [EligibleRoleAssignment].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [EligibleRoleAssignment].
*/
public suspend fun eligibleRoleAssignment(
name: String,
block: suspend EligibleRoleAssignmentResourceBuilder.() -> Unit,
): EligibleRoleAssignment {
val builder = EligibleRoleAssignmentResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [EligibleRoleAssignment].
* @param name The _unique_ name of the resulting resource.
*/
public fun eligibleRoleAssignment(name: String): EligibleRoleAssignment {
val builder = EligibleRoleAssignmentResourceBuilder()
builder.name(name)
return builder.build()
}
