diff --git a/.pulumi-java-gen.version b/.pulumi-java-gen.version index 07feb8234..47d04a528 100644 --- a/.pulumi-java-gen.version +++ b/.pulumi-java-gen.version @@ -1 +1 @@ -0.17.0 \ No newline at end of file +0.18.0 \ No newline at end of file diff --git a/examples/go.mod b/examples/go.mod index 63d7beead..485fc3bb8 100644 --- a/examples/go.mod +++ b/examples/go.mod @@ -2,7 +2,7 @@ module github.com/pulumi/pulumi-azuread/examples/v6 go 1.21 -require github.com/pulumi/pulumi/pkg/v3 v3.140.0 +require github.com/pulumi/pulumi/pkg/v3 v3.142.0 require ( cloud.google.com/go v0.112.1 // indirect @@ -123,7 +123,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.10.0 // indirect - github.com/pulumi/pulumi/sdk/v3 v3.140.0 // indirect + github.com/pulumi/pulumi/sdk/v3 v3.142.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect diff --git a/examples/go.sum b/examples/go.sum index 3e0cabe37..ae5280dd6 100644 --- a/examples/go.sum +++ b/examples/go.sum @@ -337,10 +337,10 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.10.0 h1:jzBKzkLVW0mePeanDRfqSQoCJ5yrkux0jIwAkUxpRKE= github.com/pulumi/esc v0.10.0/go.mod h1:2Bfa+FWj/xl8CKqRTWbWgDX0SOD4opdQgvYSURTGK2c= -github.com/pulumi/pulumi/pkg/v3 v3.140.0 h1:/bvHa19HY/6qHWvuAOVII8qr72MDGGczBWlPYlPo3j0= -github.com/pulumi/pulumi/pkg/v3 v3.140.0/go.mod h1:rcTtSyisd7BzZTugNk/s9zlYgX9S0S10+pha3Tko6yM= -github.com/pulumi/pulumi/sdk/v3 v3.140.0 h1:+Z/RBvdYg7tBNkBwk4p/FzlV7niBT3TbLAICq/Y0LDU= -github.com/pulumi/pulumi/sdk/v3 v3.140.0/go.mod h1:PvKsX88co8XuwuPdzolMvew5lZV+4JmZfkeSjj7A6dI= +github.com/pulumi/pulumi/pkg/v3 v3.142.0 h1:UE8TFyXrlxvPrATpd3Kl3En34KrFIFWOxxNAodywPNU= +github.com/pulumi/pulumi/pkg/v3 v3.142.0/go.mod h1:3k6WwRIT7veiDnk3Yo2NtqEYX+4dgLCrMIFvEOnjQqI= +github.com/pulumi/pulumi/sdk/v3 v3.142.0 h1:SmcVddGuvwAh3g3XUVQQ5gVRQUKH1yZ6iETpDNHIHlw= +github.com/pulumi/pulumi/sdk/v3 v3.142.0/go.mod h1:PvKsX88co8XuwuPdzolMvew5lZV+4JmZfkeSjj7A6dI= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/provider/cmd/pulumi-resource-azuread/schema.json b/provider/cmd/pulumi-resource-azuread/schema.json index 08f53923c..4cd5693b7 100644 --- a/provider/cmd/pulumi-resource-azuread/schema.json +++ b/provider/cmd/pulumi-resource-azuread/schema.json @@ -3530,7 +3530,7 @@ } }, "azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment": { - "description": "Manages a single catalog role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `EntitlementManagement.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Identity Governance administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleGetAccessPackageCatalogRole = azuread.getAccessPackageCatalogRole({\n displayName: \"Catalog owner\",\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"example\", {\n displayName: \"example-access-package-catalog\",\n description: \"Example access package catalog\",\n});\nconst exampleAccessPackageCatalogRoleAssignment = new azuread.AccessPackageCatalogRoleAssignment(\"example\", {\n roleId: exampleGetAccessPackageCatalogRole.then(exampleGetAccessPackageCatalogRole =\u003e exampleGetAccessPackageCatalogRole.objectId),\n principalObjectId: example.then(example =\u003e example.objectId),\n catalogId: exampleAccessPackageCatalog.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_get_access_package_catalog_role = azuread.get_access_package_catalog_role(display_name=\"Catalog owner\")\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"example\",\n display_name=\"example-access-package-catalog\",\n description=\"Example access package catalog\")\nexample_access_package_catalog_role_assignment = azuread.AccessPackageCatalogRoleAssignment(\"example\",\n role_id=example_get_access_package_catalog_role.object_id,\n principal_object_id=example.object_id,\n catalog_id=example_access_package_catalog.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleGetAccessPackageCatalogRole = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n DisplayName = \"Catalog owner\",\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"example\", new()\n {\n DisplayName = \"example-access-package-catalog\",\n Description = \"Example access package catalog\",\n });\n\n var exampleAccessPackageCatalogRoleAssignment = new AzureAD.AccessPackageCatalogRoleAssignment(\"example\", new()\n {\n RoleId = exampleGetAccessPackageCatalogRole.Apply(getAccessPackageCatalogRoleResult =\u003e getAccessPackageCatalogRoleResult.ObjectId),\n PrincipalObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n CatalogId = exampleAccessPackageCatalog.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetAccessPackageCatalogRole, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Catalog owner\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"example\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-access-package-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example access package catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalogRoleAssignment(ctx, \"example\", \u0026azuread.AccessPackageCatalogRoleAssignmentArgs{\n\t\t\tRoleId: pulumi.String(exampleGetAccessPackageCatalogRole.ObjectId),\n\t\t\tPrincipalObjectId: pulumi.String(example.ObjectId),\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignment;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n final var exampleGetAccessPackageCatalogRole = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .displayName(\"Catalog owner\")\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder()\n .displayName(\"example-access-package-catalog\")\n .description(\"Example access package catalog\")\n .build());\n\n var exampleAccessPackageCatalogRoleAssignment = new AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", AccessPackageCatalogRoleAssignmentArgs.builder()\n .roleId(exampleGetAccessPackageCatalogRole.applyValue(getAccessPackageCatalogRoleResult -\u003e getAccessPackageCatalogRoleResult.objectId()))\n .principalObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .catalogId(exampleAccessPackageCatalog.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n name: example\n properties:\n displayName: example-access-package-catalog\n description: Example access package catalog\n exampleAccessPackageCatalogRoleAssignment:\n type: azuread:AccessPackageCatalogRoleAssignment\n name: example\n properties:\n roleId: ${exampleGetAccessPackageCatalogRole.objectId}\n principalObjectId: ${example.objectId}\n catalogId: ${exampleAccessPackageCatalog.id}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n exampleGetAccessPackageCatalogRole:\n fn::invoke:\n Function: azuread:getAccessPackageCatalogRole\n Arguments:\n displayName: Catalog owner\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCatalog role assignments can be imported using the ID of the assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000\n```\n\n", + "description": "Manages a single catalog role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `EntitlementManagement.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Identity Governance administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleGetAccessPackageCatalogRole = azuread.getAccessPackageCatalogRole({\n displayName: \"Catalog owner\",\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"example\", {\n displayName: \"example-access-package-catalog\",\n description: \"Example access package catalog\",\n});\nconst exampleAccessPackageCatalogRoleAssignment = new azuread.AccessPackageCatalogRoleAssignment(\"example\", {\n roleId: exampleGetAccessPackageCatalogRole.then(exampleGetAccessPackageCatalogRole =\u003e exampleGetAccessPackageCatalogRole.objectId),\n principalObjectId: example.then(example =\u003e example.objectId),\n catalogId: exampleAccessPackageCatalog.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_get_access_package_catalog_role = azuread.get_access_package_catalog_role(display_name=\"Catalog owner\")\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"example\",\n display_name=\"example-access-package-catalog\",\n description=\"Example access package catalog\")\nexample_access_package_catalog_role_assignment = azuread.AccessPackageCatalogRoleAssignment(\"example\",\n role_id=example_get_access_package_catalog_role.object_id,\n principal_object_id=example.object_id,\n catalog_id=example_access_package_catalog.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleGetAccessPackageCatalogRole = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n DisplayName = \"Catalog owner\",\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"example\", new()\n {\n DisplayName = \"example-access-package-catalog\",\n Description = \"Example access package catalog\",\n });\n\n var exampleAccessPackageCatalogRoleAssignment = new AzureAD.AccessPackageCatalogRoleAssignment(\"example\", new()\n {\n RoleId = exampleGetAccessPackageCatalogRole.Apply(getAccessPackageCatalogRoleResult =\u003e getAccessPackageCatalogRoleResult.ObjectId),\n PrincipalObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n CatalogId = exampleAccessPackageCatalog.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetAccessPackageCatalogRole, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Catalog owner\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"example\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-access-package-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example access package catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalogRoleAssignment(ctx, \"example\", \u0026azuread.AccessPackageCatalogRoleAssignmentArgs{\n\t\t\tRoleId: pulumi.String(exampleGetAccessPackageCatalogRole.ObjectId),\n\t\t\tPrincipalObjectId: pulumi.String(example.ObjectId),\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignment;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n final var exampleGetAccessPackageCatalogRole = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .displayName(\"Catalog owner\")\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder()\n .displayName(\"example-access-package-catalog\")\n .description(\"Example access package catalog\")\n .build());\n\n var exampleAccessPackageCatalogRoleAssignment = new AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", AccessPackageCatalogRoleAssignmentArgs.builder()\n .roleId(exampleGetAccessPackageCatalogRole.applyValue(getAccessPackageCatalogRoleResult -\u003e getAccessPackageCatalogRoleResult.objectId()))\n .principalObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .catalogId(exampleAccessPackageCatalog.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n name: example\n properties:\n displayName: example-access-package-catalog\n description: Example access package catalog\n exampleAccessPackageCatalogRoleAssignment:\n type: azuread:AccessPackageCatalogRoleAssignment\n name: example\n properties:\n roleId: ${exampleGetAccessPackageCatalogRole.objectId}\n principalObjectId: ${example.objectId}\n catalogId: ${exampleAccessPackageCatalog.id}\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n exampleGetAccessPackageCatalogRole:\n fn::invoke:\n function: azuread:getAccessPackageCatalogRole\n arguments:\n displayName: Catalog owner\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCatalog role assignments can be imported using the ID of the assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000\n```\n\n", "properties": { "catalogId": { "type": "string", @@ -3821,7 +3821,7 @@ } }, "azuread:index/administrativeUnitMember:AdministrativeUnitMember": { - "description": "Manages a single administrative unit membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.AdministrativeUnit` resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"example\", {displayName: \"Example-AU\"});\nconst exampleAdministrativeUnitMember = new azuread.AdministrativeUnitMember(\"example\", {\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: example.then(example =\u003e example.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"example\", display_name=\"Example-AU\")\nexample_administrative_unit_member = azuread.AdministrativeUnitMember(\"example\",\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"example\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleAdministrativeUnitMember = new AzureAD.AdministrativeUnitMember(\"example\", new()\n {\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"example\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitMember(ctx, \"example\", \u0026azuread.AdministrativeUnitMemberArgs{\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: pulumi.String(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.AdministrativeUnitMember;\nimport com.pulumi.azuread.AdministrativeUnitMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder()\n .displayName(\"Example-AU\")\n .build());\n\n var exampleAdministrativeUnitMember = new AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", AdministrativeUnitMemberArgs.builder()\n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n name: example\n properties:\n displayName: Example-AU\n exampleAdministrativeUnitMember:\n type: azuread:AdministrativeUnitMember\n name: example\n properties:\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${example.id}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAdministrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g.\n\n```sh\n$ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`.\n\n", + "description": "Manages a single administrative unit membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.AdministrativeUnit` resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"example\", {displayName: \"Example-AU\"});\nconst exampleAdministrativeUnitMember = new azuread.AdministrativeUnitMember(\"example\", {\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: example.then(example =\u003e example.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"example\", display_name=\"Example-AU\")\nexample_administrative_unit_member = azuread.AdministrativeUnitMember(\"example\",\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"example\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleAdministrativeUnitMember = new AzureAD.AdministrativeUnitMember(\"example\", new()\n {\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"example\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitMember(ctx, \"example\", \u0026azuread.AdministrativeUnitMemberArgs{\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: pulumi.String(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.AdministrativeUnitMember;\nimport com.pulumi.azuread.AdministrativeUnitMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder()\n .displayName(\"Example-AU\")\n .build());\n\n var exampleAdministrativeUnitMember = new AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", AdministrativeUnitMemberArgs.builder()\n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n name: example\n properties:\n displayName: Example-AU\n exampleAdministrativeUnitMember:\n type: azuread:AdministrativeUnitMember\n name: example\n properties:\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${example.id}\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAdministrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g.\n\n```sh\n$ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`.\n\n", "properties": { "administrativeUnitObjectId": { "type": "string", @@ -3862,7 +3862,7 @@ } }, "azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember": { - "description": "Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"example\", {displayName: \"Example-AU\"});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Security administrator\"});\nconst exampleAdministrativeUnitRoleMember = new azuread.AdministrativeUnitRoleMember(\"example\", {\n roleObjectId: exampleDirectoryRole.objectId,\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: example.then(example =\u003e example.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"example\", display_name=\"Example-AU\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Security administrator\")\nexample_administrative_unit_role_member = azuread.AdministrativeUnitRoleMember(\"example\",\n role_object_id=example_directory_role.object_id,\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"example\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleAdministrativeUnitRoleMember = new AzureAD.AdministrativeUnitRoleMember(\"example\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"example\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitRoleMember(ctx, \"example\", \u0026azuread.AdministrativeUnitRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: pulumi.String(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.AdministrativeUnitRoleMember;\nimport com.pulumi.azuread.AdministrativeUnitRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder()\n .displayName(\"Example-AU\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Security administrator\")\n .build());\n\n var exampleAdministrativeUnitRoleMember = new AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", AdministrativeUnitRoleMemberArgs.builder()\n .roleObjectId(exampleDirectoryRole.objectId())\n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n name: example\n properties:\n displayName: Example-AU\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Security administrator\n exampleAdministrativeUnitRoleMember:\n type: azuread:AdministrativeUnitRoleMember\n name: example\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${example.id}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAdministrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`.\n\n", + "description": "Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"example\", {displayName: \"Example-AU\"});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Security administrator\"});\nconst exampleAdministrativeUnitRoleMember = new azuread.AdministrativeUnitRoleMember(\"example\", {\n roleObjectId: exampleDirectoryRole.objectId,\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: example.then(example =\u003e example.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"example\", display_name=\"Example-AU\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Security administrator\")\nexample_administrative_unit_role_member = azuread.AdministrativeUnitRoleMember(\"example\",\n role_object_id=example_directory_role.object_id,\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"example\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleAdministrativeUnitRoleMember = new AzureAD.AdministrativeUnitRoleMember(\"example\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"example\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitRoleMember(ctx, \"example\", \u0026azuread.AdministrativeUnitRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: pulumi.String(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.AdministrativeUnitRoleMember;\nimport com.pulumi.azuread.AdministrativeUnitRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder()\n .displayName(\"Example-AU\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Security administrator\")\n .build());\n\n var exampleAdministrativeUnitRoleMember = new AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", AdministrativeUnitRoleMemberArgs.builder()\n .roleObjectId(exampleDirectoryRole.objectId())\n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n name: example\n properties:\n displayName: Example-AU\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Security administrator\n exampleAdministrativeUnitRoleMember:\n type: azuread:AdministrativeUnitRoleMember\n name: example\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${example.id}\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAdministrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`.\n\n", "properties": { "administrativeUnitObjectId": { "type": "string", @@ -3927,7 +3927,7 @@ } }, "azuread:index/appRoleAssignment:AppRoleAssignment": { - "description": "Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AppRoleAssignment.ReadWrite.All` and `Application.Read.All`, or `AppRoleAssignment.ReadWrite.All` and `Directory.Read.All`, or `Application.ReadWrite.All`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n## Example Usage\n\n*App role assignment for accessing Microsoft Graph*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"example\", {\n appRoleId: msgraph.appRoleIds[\"User.Read.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: msgraph.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"microsoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.app_role_ids[\"User.Read.All\"],\n \"type\": \"Role\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n \"type\": \"Scope\",\n },\n ],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"example\",\n app_role_id=msgraph.app_role_ids[\"User.Read.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=msgraph.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"example\", new()\n {\n AppRoleId = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = msgraph.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"example\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: msgraph.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder()\n .appRoleId(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(msgraph.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.microsoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n name: example\n properties:\n appRoleId: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${msgraph.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*App role assignment for internal application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internal = new azuread.Application(\"internal\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\"Application\"],\n description: \"Apps can query the database\",\n displayName: \"Query\",\n enabled: true,\n id: \"00000000-0000-0000-0000-111111111111\",\n value: \"Query.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internal\", {clientId: internal.clientId});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: internal.clientId,\n resourceAccesses: [{\n id: internalServicePrincipal.appRoleIds[\"Query.All\"],\n type: \"Role\",\n }],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"example\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Query.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal = azuread.Application(\"internal\",\n display_name=\"internal\",\n app_roles=[{\n \"allowed_member_types\": [\"Application\"],\n \"description\": \"Apps can query the database\",\n \"display_name\": \"Query\",\n \"enabled\": True,\n \"id\": \"00000000-0000-0000-0000-111111111111\",\n \"value\": \"Query.All\",\n }])\ninternal_service_principal = azuread.ServicePrincipal(\"internal\", client_id=internal.client_id)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": internal.client_id,\n \"resource_accesses\": [{\n \"id\": internal_service_principal.app_role_ids[\"Query.All\"],\n \"type\": \"Role\",\n }],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"example\",\n app_role_id=internal_service_principal.app_role_ids[\"Query.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new AzureAD.Application(\"internal\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n },\n Description = \"Apps can query the database\",\n DisplayName = \"Query\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-111111111111\",\n Value = \"Query.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internal\", new()\n {\n ClientId = @internal.ClientId,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = @internal.ClientId,\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n Type = \"Role\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"example\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := azuread.NewApplication(ctx, \"internal\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Apps can query the database\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Query\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-111111111111\"),\n\t\t\t\t\tValue: pulumi.String(\"Query.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: internal.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: internal.ClientId,\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"example\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Application(\"internal\", ApplicationArgs.builder()\n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"Application\")\n .description(\"Apps can query the database\")\n .displayName(\"Query\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-111111111111\")\n .value(\"Query.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(internal.clientId())\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(internal.clientId())\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .type(\"Role\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder()\n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n description: Apps can query the database\n displayName: Query\n enabled: true\n id: 00000000-0000-0000-0000-111111111111\n value: Query.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n name: internal\n properties:\n clientId: ${internal.clientId}\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${internal.clientId}\n resourceAccesses:\n - id: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n type: Role\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n name: example\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Assign a user and group to an internal application*\n\n## Import\n\nApp role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g.\n\n```sh\n$ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`.\n\n", + "description": "Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AppRoleAssignment.ReadWrite.All` and `Application.Read.All`, or `AppRoleAssignment.ReadWrite.All` and `Directory.Read.All`, or `Application.ReadWrite.All`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n## Example Usage\n\n*App role assignment for accessing Microsoft Graph*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"example\", {\n appRoleId: msgraph.appRoleIds[\"User.Read.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: msgraph.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"microsoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.app_role_ids[\"User.Read.All\"],\n \"type\": \"Role\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n \"type\": \"Scope\",\n },\n ],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"example\",\n app_role_id=msgraph.app_role_ids[\"User.Read.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=msgraph.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"example\", new()\n {\n AppRoleId = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = msgraph.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"example\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: msgraph.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder()\n .appRoleId(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(msgraph.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.microsoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n name: example\n properties:\n appRoleId: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${msgraph.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n function: azuread:getApplicationPublishedAppIds\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*App role assignment for internal application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internal = new azuread.Application(\"internal\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\"Application\"],\n description: \"Apps can query the database\",\n displayName: \"Query\",\n enabled: true,\n id: \"00000000-0000-0000-0000-111111111111\",\n value: \"Query.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internal\", {clientId: internal.clientId});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: internal.clientId,\n resourceAccesses: [{\n id: internalServicePrincipal.appRoleIds[\"Query.All\"],\n type: \"Role\",\n }],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"example\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Query.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal = azuread.Application(\"internal\",\n display_name=\"internal\",\n app_roles=[{\n \"allowed_member_types\": [\"Application\"],\n \"description\": \"Apps can query the database\",\n \"display_name\": \"Query\",\n \"enabled\": True,\n \"id\": \"00000000-0000-0000-0000-111111111111\",\n \"value\": \"Query.All\",\n }])\ninternal_service_principal = azuread.ServicePrincipal(\"internal\", client_id=internal.client_id)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": internal.client_id,\n \"resource_accesses\": [{\n \"id\": internal_service_principal.app_role_ids[\"Query.All\"],\n \"type\": \"Role\",\n }],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"example\",\n app_role_id=internal_service_principal.app_role_ids[\"Query.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new AzureAD.Application(\"internal\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n },\n Description = \"Apps can query the database\",\n DisplayName = \"Query\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-111111111111\",\n Value = \"Query.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internal\", new()\n {\n ClientId = @internal.ClientId,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = @internal.ClientId,\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n Type = \"Role\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"example\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := azuread.NewApplication(ctx, \"internal\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Apps can query the database\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Query\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-111111111111\"),\n\t\t\t\t\tValue: pulumi.String(\"Query.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: internal.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: internal.ClientId,\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"example\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Application(\"internal\", ApplicationArgs.builder()\n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"Application\")\n .description(\"Apps can query the database\")\n .displayName(\"Query\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-111111111111\")\n .value(\"Query.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(internal.clientId())\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(internal.clientId())\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .type(\"Role\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder()\n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n description: Apps can query the database\n displayName: Query\n enabled: true\n id: 00000000-0000-0000-0000-111111111111\n value: Query.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n name: internal\n properties:\n clientId: ${internal.clientId}\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${internal.clientId}\n resourceAccesses:\n - id: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n type: Role\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n name: example\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Assign a user and group to an internal application*\n\n## Import\n\nApp role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g.\n\n```sh\n$ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`.\n\n", "properties": { "appRoleId": { "type": "string", @@ -4019,7 +4019,7 @@ } }, "azuread:index/application:Application": { - "description": "## Example Usage\n\n*Create an application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n identifierUris: [\"api://example-app\"],\n logoImage: std.filebase64({\n input: \"/path/to/logo.png\",\n }).then(invoke =\u003e invoke.result),\n owners: [current.then(current =\u003e current.objectId)],\n signInAudience: \"AzureADMultipleOrgs\",\n api: {\n mappedClaimsEnabled: true,\n requestedAccessTokenVersion: 2,\n knownClientApplications: [\n known1.clientId,\n known2.clientId,\n ],\n oauth2PermissionScopes: [\n {\n adminConsentDescription: \"Allow the application to access example on behalf of the signed-in user.\",\n adminConsentDisplayName: \"Access example\",\n enabled: true,\n id: \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n type: \"User\",\n userConsentDescription: \"Allow the application to access example on your behalf.\",\n userConsentDisplayName: \"Access example\",\n value: \"user_impersonation\",\n },\n {\n adminConsentDescription: \"Administer the example application\",\n adminConsentDisplayName: \"Administer\",\n enabled: true,\n id: \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n type: \"Admin\",\n value: \"administer\",\n },\n ],\n },\n appRoles: [\n {\n allowedMemberTypes: [\n \"User\",\n \"Application\",\n ],\n description: \"Admins can manage roles and perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n value: \"admin\",\n },\n {\n allowedMemberTypes: [\"User\"],\n description: \"ReadOnly roles have limited query access\",\n displayName: \"ReadOnly\",\n enabled: true,\n id: \"497406e4-012a-4267-bf18-45a1cb148a01\",\n value: \"User\",\n },\n ],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n optionalClaims: {\n accessTokens: [\n {\n name: \"myclaim\",\n },\n {\n name: \"otherclaim\",\n },\n ],\n idTokens: [{\n name: \"userclaim\",\n source: \"user\",\n essential: true,\n additionalProperties: [\"emit_as_roles\"],\n }],\n saml2Tokens: [{\n name: \"samlexample\",\n }],\n },\n requiredResourceAccesses: [\n {\n resourceAppId: \"00000003-0000-0000-c000-000000000000\",\n resourceAccesses: [\n {\n id: \"df021288-bdef-4463-88db-98f22de89214\",\n type: \"Role\",\n },\n {\n id: \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n type: \"Scope\",\n },\n ],\n },\n {\n resourceAppId: \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n resourceAccesses: [{\n id: \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n type: \"Role\",\n }],\n },\n ],\n web: {\n homepageUrl: \"https://app.example.net\",\n logoutUrl: \"https://app.example.net/logout\",\n redirectUris: [\"https://app.example.net/account\"],\n implicitGrant: {\n accessTokenIssuanceEnabled: true,\n idTokenIssuanceEnabled: true,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n identifier_uris=[\"api://example-app\"],\n logo_image=std.filebase64(input=\"/path/to/logo.png\").result,\n owners=[current.object_id],\n sign_in_audience=\"AzureADMultipleOrgs\",\n api={\n \"mapped_claims_enabled\": True,\n \"requested_access_token_version\": 2,\n \"known_client_applications\": [\n known1[\"clientId\"],\n known2[\"clientId\"],\n ],\n \"oauth2_permission_scopes\": [\n {\n \"admin_consent_description\": \"Allow the application to access example on behalf of the signed-in user.\",\n \"admin_consent_display_name\": \"Access example\",\n \"enabled\": True,\n \"id\": \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n \"type\": \"User\",\n \"user_consent_description\": \"Allow the application to access example on your behalf.\",\n \"user_consent_display_name\": \"Access example\",\n \"value\": \"user_impersonation\",\n },\n {\n \"admin_consent_description\": \"Administer the example application\",\n \"admin_consent_display_name\": \"Administer\",\n \"enabled\": True,\n \"id\": \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n \"type\": \"Admin\",\n \"value\": \"administer\",\n },\n ],\n },\n app_roles=[\n {\n \"allowed_member_types\": [\n \"User\",\n \"Application\",\n ],\n \"description\": \"Admins can manage roles and perform all task actions\",\n \"display_name\": \"Admin\",\n \"enabled\": True,\n \"id\": \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n \"value\": \"admin\",\n },\n {\n \"allowed_member_types\": [\"User\"],\n \"description\": \"ReadOnly roles have limited query access\",\n \"display_name\": \"ReadOnly\",\n \"enabled\": True,\n \"id\": \"497406e4-012a-4267-bf18-45a1cb148a01\",\n \"value\": \"User\",\n },\n ],\n feature_tags=[{\n \"enterprise\": True,\n \"gallery\": True,\n }],\n optional_claims={\n \"access_tokens\": [\n {\n \"name\": \"myclaim\",\n },\n {\n \"name\": \"otherclaim\",\n },\n ],\n \"id_tokens\": [{\n \"name\": \"userclaim\",\n \"source\": \"user\",\n \"essential\": True,\n \"additional_properties\": [\"emit_as_roles\"],\n }],\n \"saml2_tokens\": [{\n \"name\": \"samlexample\",\n }],\n },\n required_resource_accesses=[\n {\n \"resource_app_id\": \"00000003-0000-0000-c000-000000000000\",\n \"resource_accesses\": [\n {\n \"id\": \"df021288-bdef-4463-88db-98f22de89214\",\n \"type\": \"Role\",\n },\n {\n \"id\": \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n \"type\": \"Scope\",\n },\n ],\n },\n {\n \"resource_app_id\": \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n \"resource_accesses\": [{\n \"id\": \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n \"type\": \"Role\",\n }],\n },\n ],\n web={\n \"homepage_url\": \"https://app.example.net\",\n \"logout_url\": \"https://app.example.net/logout\",\n \"redirect_uris\": [\"https://app.example.net/account\"],\n \"implicit_grant\": {\n \"access_token_issuance_enabled\": True,\n \"id_token_issuance_enabled\": True,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n IdentifierUris = new[]\n {\n \"api://example-app\",\n },\n LogoImage = Std.Filebase64.Invoke(new()\n {\n Input = \"/path/to/logo.png\",\n }).Apply(invoke =\u003e invoke.Result),\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SignInAudience = \"AzureADMultipleOrgs\",\n Api = new AzureAD.Inputs.ApplicationApiArgs\n {\n MappedClaimsEnabled = true,\n RequestedAccessTokenVersion = 2,\n KnownClientApplications = new[]\n {\n known1.ClientId,\n known2.ClientId,\n },\n Oauth2PermissionScopes = new[]\n {\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Allow the application to access example on behalf of the signed-in user.\",\n AdminConsentDisplayName = \"Access example\",\n Enabled = true,\n Id = \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n Type = \"User\",\n UserConsentDescription = \"Allow the application to access example on your behalf.\",\n UserConsentDisplayName = \"Access example\",\n Value = \"user_impersonation\",\n },\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Administer the example application\",\n AdminConsentDisplayName = \"Administer\",\n Enabled = true,\n Id = \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n Type = \"Admin\",\n Value = \"administer\",\n },\n },\n },\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n \"Application\",\n },\n Description = \"Admins can manage roles and perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n Value = \"admin\",\n },\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n },\n Description = \"ReadOnly roles have limited query access\",\n DisplayName = \"ReadOnly\",\n Enabled = true,\n Id = \"497406e4-012a-4267-bf18-45a1cb148a01\",\n Value = \"User\",\n },\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n OptionalClaims = new AzureAD.Inputs.ApplicationOptionalClaimsArgs\n {\n AccessTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"myclaim\",\n },\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"otherclaim\",\n },\n },\n IdTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsIdTokenArgs\n {\n Name = \"userclaim\",\n Source = \"user\",\n Essential = true,\n AdditionalProperties = new[]\n {\n \"emit_as_roles\",\n },\n },\n },\n Saml2Tokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsSaml2TokenArgs\n {\n Name = \"samlexample\",\n },\n },\n },\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"00000003-0000-0000-c000-000000000000\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"df021288-bdef-4463-88db-98f22de89214\",\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n Type = \"Scope\",\n },\n },\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n Type = \"Role\",\n },\n },\n },\n },\n Web = new AzureAD.Inputs.ApplicationWebArgs\n {\n HomepageUrl = \"https://app.example.net\",\n LogoutUrl = \"https://app.example.net/logout\",\n RedirectUris = new[]\n {\n \"https://app.example.net/account\",\n },\n ImplicitGrant = new AzureAD.Inputs.ApplicationWebImplicitGrantArgs\n {\n AccessTokenIssuanceEnabled = true,\n IdTokenIssuanceEnabled = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"/path/to/logo.png\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tIdentifierUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://example-app\"),\n\t\t\t},\n\t\t\tLogoImage: pulumi.String(invokeFilebase64.Result),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSignInAudience: pulumi.String(\"AzureADMultipleOrgs\"),\n\t\t\tApi: \u0026azuread.ApplicationApiArgs{\n\t\t\t\tMappedClaimsEnabled: pulumi.Bool(true),\n\t\t\t\tRequestedAccessTokenVersion: pulumi.Int(2),\n\t\t\t\tKnownClientApplications: pulumi.StringArray{\n\t\t\t\t\tknown1.ClientId,\n\t\t\t\t\tknown2.ClientId,\n\t\t\t\t},\n\t\t\t\tOauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Allow the application to access example on behalf of the signed-in user.\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"96183846-204b-4b43-82e1-5d2222eb4b9b\"),\n\t\t\t\t\t\tType: pulumi.String(\"User\"),\n\t\t\t\t\t\tUserConsentDescription: pulumi.String(\"Allow the application to access example on your behalf.\"),\n\t\t\t\t\t\tUserConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tValue: pulumi.String(\"user_impersonation\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Administer the example application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\"),\n\t\t\t\t\t\tType: pulumi.String(\"Admin\"),\n\t\t\t\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can manage roles and perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"1b19509b-32b1-4e9f-b71d-4992aa991967\"),\n\t\t\t\t\tValue: pulumi.String(\"admin\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"ReadOnly roles have limited query access\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"ReadOnly\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"497406e4-012a-4267-bf18-45a1cb148a01\"),\n\t\t\t\t\tValue: pulumi.String(\"User\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOptionalClaims: \u0026azuread.ApplicationOptionalClaimsTypeArgs{\n\t\t\t\tAccessTokens: azuread.ApplicationOptionalClaimsAccessTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"myclaim\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"otherclaim\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tIdTokens: azuread.ApplicationOptionalClaimsIdTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsIdTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"userclaim\"),\n\t\t\t\t\t\tSource: pulumi.String(\"user\"),\n\t\t\t\t\t\tEssential: pulumi.Bool(true),\n\t\t\t\t\t\tAdditionalProperties: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"emit_as_roles\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSaml2Tokens: azuread.ApplicationOptionalClaimsSaml2TokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsSaml2TokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"samlexample\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"00000003-0000-0000-c000-000000000000\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"df021288-bdef-4463-88db-98f22de89214\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"b4e74841-8e56-480b-be8b-910348b18b4c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"594c1fb6-4f81-4475-ae41-0c394909246c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tWeb: \u0026azuread.ApplicationWebArgs{\n\t\t\t\tHomepageUrl: pulumi.String(\"https://app.example.net\"),\n\t\t\t\tLogoutUrl: pulumi.String(\"https://app.example.net/logout\"),\n\t\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"https://app.example.net/account\"),\n\t\t\t\t},\n\t\t\t\tImplicitGrant: \u0026azuread.ApplicationWebImplicitGrantArgs{\n\t\t\t\t\tAccessTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t\tIdTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationApiArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebImplicitGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .identifierUris(\"api://example-app\")\n .logoImage(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"/path/to/logo.png\")\n .build()).result())\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .signInAudience(\"AzureADMultipleOrgs\")\n .api(ApplicationApiArgs.builder()\n .mappedClaimsEnabled(true)\n .requestedAccessTokenVersion(2)\n .knownClientApplications( \n known1.clientId(),\n known2.clientId())\n .oauth2PermissionScopes( \n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Allow the application to access example on behalf of the signed-in user.\")\n .adminConsentDisplayName(\"Access example\")\n .enabled(true)\n .id(\"96183846-204b-4b43-82e1-5d2222eb4b9b\")\n .type(\"User\")\n .userConsentDescription(\"Allow the application to access example on your behalf.\")\n .userConsentDisplayName(\"Access example\")\n .value(\"user_impersonation\")\n .build(),\n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Administer the example application\")\n .adminConsentDisplayName(\"Administer\")\n .enabled(true)\n .id(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\")\n .type(\"Admin\")\n .value(\"administer\")\n .build())\n .build())\n .appRoles( \n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"User\",\n \"Application\")\n .description(\"Admins can manage roles and perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"1b19509b-32b1-4e9f-b71d-4992aa991967\")\n .value(\"admin\")\n .build(),\n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"User\")\n .description(\"ReadOnly roles have limited query access\")\n .displayName(\"ReadOnly\")\n .enabled(true)\n .id(\"497406e4-012a-4267-bf18-45a1cb148a01\")\n .value(\"User\")\n .build())\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .optionalClaims(ApplicationOptionalClaimsArgs.builder()\n .accessTokens( \n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"myclaim\")\n .build(),\n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"otherclaim\")\n .build())\n .idTokens(ApplicationOptionalClaimsIdTokenArgs.builder()\n .name(\"userclaim\")\n .source(\"user\")\n .essential(true)\n .additionalProperties(\"emit_as_roles\")\n .build())\n .saml2Tokens(ApplicationOptionalClaimsSaml2TokenArgs.builder()\n .name(\"samlexample\")\n .build())\n .build())\n .requiredResourceAccesses( \n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"00000003-0000-0000-c000-000000000000\")\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"df021288-bdef-4463-88db-98f22de89214\")\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"b4e74841-8e56-480b-be8b-910348b18b4c\")\n .type(\"Scope\")\n .build())\n .build(),\n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\")\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"594c1fb6-4f81-4475-ae41-0c394909246c\")\n .type(\"Role\")\n .build())\n .build())\n .web(ApplicationWebArgs.builder()\n .homepageUrl(\"https://app.example.net\")\n .logoutUrl(\"https://app.example.net/logout\")\n .redirectUris(\"https://app.example.net/account\")\n .implicitGrant(ApplicationWebImplicitGrantArgs.builder()\n .accessTokenIssuanceEnabled(true)\n .idTokenIssuanceEnabled(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n identifierUris:\n - api://example-app\n logoImage:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: /path/to/logo.png\n Return: result\n owners:\n - ${current.objectId}\n signInAudience: AzureADMultipleOrgs\n api:\n mappedClaimsEnabled: true\n requestedAccessTokenVersion: 2\n knownClientApplications:\n - ${known1.clientId}\n - ${known2.clientId}\n oauth2PermissionScopes:\n - adminConsentDescription: Allow the application to access example on behalf of the signed-in user.\n adminConsentDisplayName: Access example\n enabled: true\n id: 96183846-204b-4b43-82e1-5d2222eb4b9b\n type: User\n userConsentDescription: Allow the application to access example on your behalf.\n userConsentDisplayName: Access example\n value: user_impersonation\n - adminConsentDescription: Administer the example application\n adminConsentDisplayName: Administer\n enabled: true\n id: be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\n type: Admin\n value: administer\n appRoles:\n - allowedMemberTypes:\n - User\n - Application\n description: Admins can manage roles and perform all task actions\n displayName: Admin\n enabled: true\n id: 1b19509b-32b1-4e9f-b71d-4992aa991967\n value: admin\n - allowedMemberTypes:\n - User\n description: ReadOnly roles have limited query access\n displayName: ReadOnly\n enabled: true\n id: 497406e4-012a-4267-bf18-45a1cb148a01\n value: User\n featureTags:\n - enterprise: true\n gallery: true\n optionalClaims:\n accessTokens:\n - name: myclaim\n - name: otherclaim\n idTokens:\n - name: userclaim\n source: user\n essential: true\n additionalProperties:\n - emit_as_roles\n saml2Tokens:\n - name: samlexample\n requiredResourceAccesses:\n - resourceAppId: 00000003-0000-0000-c000-000000000000\n resourceAccesses:\n - id: df021288-bdef-4463-88db-98f22de89214\n type: Role\n - id: b4e74841-8e56-480b-be8b-910348b18b4c\n type: Scope\n - resourceAppId: c5393580-f805-4401-95e8-94b7a6ef2fc2\n resourceAccesses:\n - id: 594c1fb6-4f81-4475-ae41-0c394909246c\n type: Role\n web:\n homepageUrl: https://app.example.net\n logoutUrl: https://app.example.net/logout\n redirectUris:\n - https://app.example.net/account\n implicitGrant:\n accessTokenIssuanceEnabled: true\n idTokenIssuanceEnabled: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Create application and generate a password*\n\n## Import\n\nApplications can be imported using the object ID of the application, in the following format.\n\n```sh\n$ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000\n```\n\n", + "description": "## Example Usage\n\n*Create an application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n identifierUris: [\"api://example-app\"],\n logoImage: std.filebase64({\n input: \"/path/to/logo.png\",\n }).then(invoke =\u003e invoke.result),\n owners: [current.then(current =\u003e current.objectId)],\n signInAudience: \"AzureADMultipleOrgs\",\n api: {\n mappedClaimsEnabled: true,\n requestedAccessTokenVersion: 2,\n knownClientApplications: [\n known1.clientId,\n known2.clientId,\n ],\n oauth2PermissionScopes: [\n {\n adminConsentDescription: \"Allow the application to access example on behalf of the signed-in user.\",\n adminConsentDisplayName: \"Access example\",\n enabled: true,\n id: \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n type: \"User\",\n userConsentDescription: \"Allow the application to access example on your behalf.\",\n userConsentDisplayName: \"Access example\",\n value: \"user_impersonation\",\n },\n {\n adminConsentDescription: \"Administer the example application\",\n adminConsentDisplayName: \"Administer\",\n enabled: true,\n id: \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n type: \"Admin\",\n value: \"administer\",\n },\n ],\n },\n appRoles: [\n {\n allowedMemberTypes: [\n \"User\",\n \"Application\",\n ],\n description: \"Admins can manage roles and perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n value: \"admin\",\n },\n {\n allowedMemberTypes: [\"User\"],\n description: \"ReadOnly roles have limited query access\",\n displayName: \"ReadOnly\",\n enabled: true,\n id: \"497406e4-012a-4267-bf18-45a1cb148a01\",\n value: \"User\",\n },\n ],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n optionalClaims: {\n accessTokens: [\n {\n name: \"myclaim\",\n },\n {\n name: \"otherclaim\",\n },\n ],\n idTokens: [{\n name: \"userclaim\",\n source: \"user\",\n essential: true,\n additionalProperties: [\"emit_as_roles\"],\n }],\n saml2Tokens: [{\n name: \"samlexample\",\n }],\n },\n requiredResourceAccesses: [\n {\n resourceAppId: \"00000003-0000-0000-c000-000000000000\",\n resourceAccesses: [\n {\n id: \"df021288-bdef-4463-88db-98f22de89214\",\n type: \"Role\",\n },\n {\n id: \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n type: \"Scope\",\n },\n ],\n },\n {\n resourceAppId: \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n resourceAccesses: [{\n id: \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n type: \"Role\",\n }],\n },\n ],\n web: {\n homepageUrl: \"https://app.example.net\",\n logoutUrl: \"https://app.example.net/logout\",\n redirectUris: [\"https://app.example.net/account\"],\n implicitGrant: {\n accessTokenIssuanceEnabled: true,\n idTokenIssuanceEnabled: true,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n identifier_uris=[\"api://example-app\"],\n logo_image=std.filebase64(input=\"/path/to/logo.png\").result,\n owners=[current.object_id],\n sign_in_audience=\"AzureADMultipleOrgs\",\n api={\n \"mapped_claims_enabled\": True,\n \"requested_access_token_version\": 2,\n \"known_client_applications\": [\n known1[\"clientId\"],\n known2[\"clientId\"],\n ],\n \"oauth2_permission_scopes\": [\n {\n \"admin_consent_description\": \"Allow the application to access example on behalf of the signed-in user.\",\n \"admin_consent_display_name\": \"Access example\",\n \"enabled\": True,\n \"id\": \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n \"type\": \"User\",\n \"user_consent_description\": \"Allow the application to access example on your behalf.\",\n \"user_consent_display_name\": \"Access example\",\n \"value\": \"user_impersonation\",\n },\n {\n \"admin_consent_description\": \"Administer the example application\",\n \"admin_consent_display_name\": \"Administer\",\n \"enabled\": True,\n \"id\": \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n \"type\": \"Admin\",\n \"value\": \"administer\",\n },\n ],\n },\n app_roles=[\n {\n \"allowed_member_types\": [\n \"User\",\n \"Application\",\n ],\n \"description\": \"Admins can manage roles and perform all task actions\",\n \"display_name\": \"Admin\",\n \"enabled\": True,\n \"id\": \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n \"value\": \"admin\",\n },\n {\n \"allowed_member_types\": [\"User\"],\n \"description\": \"ReadOnly roles have limited query access\",\n \"display_name\": \"ReadOnly\",\n \"enabled\": True,\n \"id\": \"497406e4-012a-4267-bf18-45a1cb148a01\",\n \"value\": \"User\",\n },\n ],\n feature_tags=[{\n \"enterprise\": True,\n \"gallery\": True,\n }],\n optional_claims={\n \"access_tokens\": [\n {\n \"name\": \"myclaim\",\n },\n {\n \"name\": \"otherclaim\",\n },\n ],\n \"id_tokens\": [{\n \"name\": \"userclaim\",\n \"source\": \"user\",\n \"essential\": True,\n \"additional_properties\": [\"emit_as_roles\"],\n }],\n \"saml2_tokens\": [{\n \"name\": \"samlexample\",\n }],\n },\n required_resource_accesses=[\n {\n \"resource_app_id\": \"00000003-0000-0000-c000-000000000000\",\n \"resource_accesses\": [\n {\n \"id\": \"df021288-bdef-4463-88db-98f22de89214\",\n \"type\": \"Role\",\n },\n {\n \"id\": \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n \"type\": \"Scope\",\n },\n ],\n },\n {\n \"resource_app_id\": \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n \"resource_accesses\": [{\n \"id\": \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n \"type\": \"Role\",\n }],\n },\n ],\n web={\n \"homepage_url\": \"https://app.example.net\",\n \"logout_url\": \"https://app.example.net/logout\",\n \"redirect_uris\": [\"https://app.example.net/account\"],\n \"implicit_grant\": {\n \"access_token_issuance_enabled\": True,\n \"id_token_issuance_enabled\": True,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n IdentifierUris = new[]\n {\n \"api://example-app\",\n },\n LogoImage = Std.Filebase64.Invoke(new()\n {\n Input = \"/path/to/logo.png\",\n }).Apply(invoke =\u003e invoke.Result),\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SignInAudience = \"AzureADMultipleOrgs\",\n Api = new AzureAD.Inputs.ApplicationApiArgs\n {\n MappedClaimsEnabled = true,\n RequestedAccessTokenVersion = 2,\n KnownClientApplications = new[]\n {\n known1.ClientId,\n known2.ClientId,\n },\n Oauth2PermissionScopes = new[]\n {\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Allow the application to access example on behalf of the signed-in user.\",\n AdminConsentDisplayName = \"Access example\",\n Enabled = true,\n Id = \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n Type = \"User\",\n UserConsentDescription = \"Allow the application to access example on your behalf.\",\n UserConsentDisplayName = \"Access example\",\n Value = \"user_impersonation\",\n },\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Administer the example application\",\n AdminConsentDisplayName = \"Administer\",\n Enabled = true,\n Id = \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n Type = \"Admin\",\n Value = \"administer\",\n },\n },\n },\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n \"Application\",\n },\n Description = \"Admins can manage roles and perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n Value = \"admin\",\n },\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n },\n Description = \"ReadOnly roles have limited query access\",\n DisplayName = \"ReadOnly\",\n Enabled = true,\n Id = \"497406e4-012a-4267-bf18-45a1cb148a01\",\n Value = \"User\",\n },\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n OptionalClaims = new AzureAD.Inputs.ApplicationOptionalClaimsArgs\n {\n AccessTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"myclaim\",\n },\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"otherclaim\",\n },\n },\n IdTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsIdTokenArgs\n {\n Name = \"userclaim\",\n Source = \"user\",\n Essential = true,\n AdditionalProperties = new[]\n {\n \"emit_as_roles\",\n },\n },\n },\n Saml2Tokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsSaml2TokenArgs\n {\n Name = \"samlexample\",\n },\n },\n },\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"00000003-0000-0000-c000-000000000000\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"df021288-bdef-4463-88db-98f22de89214\",\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n Type = \"Scope\",\n },\n },\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n Type = \"Role\",\n },\n },\n },\n },\n Web = new AzureAD.Inputs.ApplicationWebArgs\n {\n HomepageUrl = \"https://app.example.net\",\n LogoutUrl = \"https://app.example.net/logout\",\n RedirectUris = new[]\n {\n \"https://app.example.net/account\",\n },\n ImplicitGrant = new AzureAD.Inputs.ApplicationWebImplicitGrantArgs\n {\n AccessTokenIssuanceEnabled = true,\n IdTokenIssuanceEnabled = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"/path/to/logo.png\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tIdentifierUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://example-app\"),\n\t\t\t},\n\t\t\tLogoImage: pulumi.String(invokeFilebase64.Result),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSignInAudience: pulumi.String(\"AzureADMultipleOrgs\"),\n\t\t\tApi: \u0026azuread.ApplicationApiArgs{\n\t\t\t\tMappedClaimsEnabled: pulumi.Bool(true),\n\t\t\t\tRequestedAccessTokenVersion: pulumi.Int(2),\n\t\t\t\tKnownClientApplications: pulumi.StringArray{\n\t\t\t\t\tknown1.ClientId,\n\t\t\t\t\tknown2.ClientId,\n\t\t\t\t},\n\t\t\t\tOauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Allow the application to access example on behalf of the signed-in user.\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"96183846-204b-4b43-82e1-5d2222eb4b9b\"),\n\t\t\t\t\t\tType: pulumi.String(\"User\"),\n\t\t\t\t\t\tUserConsentDescription: pulumi.String(\"Allow the application to access example on your behalf.\"),\n\t\t\t\t\t\tUserConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tValue: pulumi.String(\"user_impersonation\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Administer the example application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\"),\n\t\t\t\t\t\tType: pulumi.String(\"Admin\"),\n\t\t\t\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can manage roles and perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"1b19509b-32b1-4e9f-b71d-4992aa991967\"),\n\t\t\t\t\tValue: pulumi.String(\"admin\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"ReadOnly roles have limited query access\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"ReadOnly\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"497406e4-012a-4267-bf18-45a1cb148a01\"),\n\t\t\t\t\tValue: pulumi.String(\"User\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOptionalClaims: \u0026azuread.ApplicationOptionalClaimsTypeArgs{\n\t\t\t\tAccessTokens: azuread.ApplicationOptionalClaimsAccessTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"myclaim\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"otherclaim\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tIdTokens: azuread.ApplicationOptionalClaimsIdTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsIdTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"userclaim\"),\n\t\t\t\t\t\tSource: pulumi.String(\"user\"),\n\t\t\t\t\t\tEssential: pulumi.Bool(true),\n\t\t\t\t\t\tAdditionalProperties: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"emit_as_roles\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSaml2Tokens: azuread.ApplicationOptionalClaimsSaml2TokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsSaml2TokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"samlexample\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"00000003-0000-0000-c000-000000000000\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"df021288-bdef-4463-88db-98f22de89214\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"b4e74841-8e56-480b-be8b-910348b18b4c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"594c1fb6-4f81-4475-ae41-0c394909246c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tWeb: \u0026azuread.ApplicationWebArgs{\n\t\t\t\tHomepageUrl: pulumi.String(\"https://app.example.net\"),\n\t\t\t\tLogoutUrl: pulumi.String(\"https://app.example.net/logout\"),\n\t\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"https://app.example.net/account\"),\n\t\t\t\t},\n\t\t\t\tImplicitGrant: \u0026azuread.ApplicationWebImplicitGrantArgs{\n\t\t\t\t\tAccessTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t\tIdTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationApiArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebImplicitGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .identifierUris(\"api://example-app\")\n .logoImage(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"/path/to/logo.png\")\n .build()).result())\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .signInAudience(\"AzureADMultipleOrgs\")\n .api(ApplicationApiArgs.builder()\n .mappedClaimsEnabled(true)\n .requestedAccessTokenVersion(2)\n .knownClientApplications( \n known1.clientId(),\n known2.clientId())\n .oauth2PermissionScopes( \n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Allow the application to access example on behalf of the signed-in user.\")\n .adminConsentDisplayName(\"Access example\")\n .enabled(true)\n .id(\"96183846-204b-4b43-82e1-5d2222eb4b9b\")\n .type(\"User\")\n .userConsentDescription(\"Allow the application to access example on your behalf.\")\n .userConsentDisplayName(\"Access example\")\n .value(\"user_impersonation\")\n .build(),\n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Administer the example application\")\n .adminConsentDisplayName(\"Administer\")\n .enabled(true)\n .id(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\")\n .type(\"Admin\")\n .value(\"administer\")\n .build())\n .build())\n .appRoles( \n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"User\",\n \"Application\")\n .description(\"Admins can manage roles and perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"1b19509b-32b1-4e9f-b71d-4992aa991967\")\n .value(\"admin\")\n .build(),\n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"User\")\n .description(\"ReadOnly roles have limited query access\")\n .displayName(\"ReadOnly\")\n .enabled(true)\n .id(\"497406e4-012a-4267-bf18-45a1cb148a01\")\n .value(\"User\")\n .build())\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .optionalClaims(ApplicationOptionalClaimsArgs.builder()\n .accessTokens( \n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"myclaim\")\n .build(),\n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"otherclaim\")\n .build())\n .idTokens(ApplicationOptionalClaimsIdTokenArgs.builder()\n .name(\"userclaim\")\n .source(\"user\")\n .essential(true)\n .additionalProperties(\"emit_as_roles\")\n .build())\n .saml2Tokens(ApplicationOptionalClaimsSaml2TokenArgs.builder()\n .name(\"samlexample\")\n .build())\n .build())\n .requiredResourceAccesses( \n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"00000003-0000-0000-c000-000000000000\")\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"df021288-bdef-4463-88db-98f22de89214\")\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"b4e74841-8e56-480b-be8b-910348b18b4c\")\n .type(\"Scope\")\n .build())\n .build(),\n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\")\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"594c1fb6-4f81-4475-ae41-0c394909246c\")\n .type(\"Role\")\n .build())\n .build())\n .web(ApplicationWebArgs.builder()\n .homepageUrl(\"https://app.example.net\")\n .logoutUrl(\"https://app.example.net/logout\")\n .redirectUris(\"https://app.example.net/account\")\n .implicitGrant(ApplicationWebImplicitGrantArgs.builder()\n .accessTokenIssuanceEnabled(true)\n .idTokenIssuanceEnabled(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n identifierUris:\n - api://example-app\n logoImage:\n fn::invoke:\n function: std:filebase64\n arguments:\n input: /path/to/logo.png\n return: result\n owners:\n - ${current.objectId}\n signInAudience: AzureADMultipleOrgs\n api:\n mappedClaimsEnabled: true\n requestedAccessTokenVersion: 2\n knownClientApplications:\n - ${known1.clientId}\n - ${known2.clientId}\n oauth2PermissionScopes:\n - adminConsentDescription: Allow the application to access example on behalf of the signed-in user.\n adminConsentDisplayName: Access example\n enabled: true\n id: 96183846-204b-4b43-82e1-5d2222eb4b9b\n type: User\n userConsentDescription: Allow the application to access example on your behalf.\n userConsentDisplayName: Access example\n value: user_impersonation\n - adminConsentDescription: Administer the example application\n adminConsentDisplayName: Administer\n enabled: true\n id: be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\n type: Admin\n value: administer\n appRoles:\n - allowedMemberTypes:\n - User\n - Application\n description: Admins can manage roles and perform all task actions\n displayName: Admin\n enabled: true\n id: 1b19509b-32b1-4e9f-b71d-4992aa991967\n value: admin\n - allowedMemberTypes:\n - User\n description: ReadOnly roles have limited query access\n displayName: ReadOnly\n enabled: true\n id: 497406e4-012a-4267-bf18-45a1cb148a01\n value: User\n featureTags:\n - enterprise: true\n gallery: true\n optionalClaims:\n accessTokens:\n - name: myclaim\n - name: otherclaim\n idTokens:\n - name: userclaim\n source: user\n essential: true\n additionalProperties:\n - emit_as_roles\n saml2Tokens:\n - name: samlexample\n requiredResourceAccesses:\n - resourceAppId: 00000003-0000-0000-c000-000000000000\n resourceAccesses:\n - id: df021288-bdef-4463-88db-98f22de89214\n type: Role\n - id: b4e74841-8e56-480b-be8b-910348b18b4c\n type: Scope\n - resourceAppId: c5393580-f805-4401-95e8-94b7a6ef2fc2\n resourceAccesses:\n - id: 594c1fb6-4f81-4475-ae41-0c394909246c\n type: Role\n web:\n homepageUrl: https://app.example.net\n logoutUrl: https://app.example.net/logout\n redirectUris:\n - https://app.example.net/account\n implicitGrant:\n accessTokenIssuanceEnabled: true\n idTokenIssuanceEnabled: true\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Create application and generate a password*\n\n## Import\n\nApplications can be imported using the object ID of the application, in the following format.\n\n```sh\n$ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000\n```\n\n", "properties": { "api": { "$ref": "#/types/azuread:index/ApplicationApi:ApplicationApi", @@ -4518,7 +4518,7 @@ } }, "azuread:index/applicationApiAccess:ApplicationApiAccess": { - "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = wellKnown.then(wellKnown =\u003e azuread.getServicePrincipal({\n clientId: wellKnown.result?.MicrosoftGraph,\n}));\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleMsgraph = new azuread.ApplicationApiAccess(\"example_msgraph\", {\n applicationId: example.id,\n apiClientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n roleIds: [\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"Group.Read.All\"]),\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"User.Read.All\"]),\n ],\n scopeIds: [msgraph.then(msgraph =\u003e msgraph.oauth2PermissionScopeIds?.[\"User.ReadWrite\"])],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.get_service_principal(client_id=well_known.result[\"MicrosoftGraph\"])\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_msgraph = azuread.ApplicationApiAccess(\"example_msgraph\",\n application_id=example.id,\n api_client_id=well_known.result[\"MicrosoftGraph\"],\n role_ids=[\n msgraph.app_role_ids[\"Group.Read.All\"],\n msgraph.app_role_ids[\"User.Read.All\"],\n ],\n scope_ids=[msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n });\n\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleMsgraph = new AzureAD.ApplicationApiAccess(\"example_msgraph\", new()\n {\n ApplicationId = example.Id,\n ApiClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n RoleIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.Group_Read_All),\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.User_Read_All),\n },\n ScopeIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Oauth2PermissionScopeIds?.User_ReadWrite),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tClientId: pulumi.StringRef(wellKnown.Result.MicrosoftGraph),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"example_msgraph\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tApiClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tRoleIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(msgraph.AppRoleIds.Group.Read.All),\n\t\t\t\tpulumi.String(msgraph.AppRoleIds.User.Read.All),\n\t\t\t},\n\t\t\tScopeIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(msgraph.Oauth2PermissionScopeIds.User.ReadWrite),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n final var msgraph = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .build());\n\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleMsgraph = new ApplicationApiAccess(\"exampleMsgraph\", ApplicationApiAccessArgs.builder()\n .applicationId(example.id())\n .apiClientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .roleIds( \n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().Group.Read.All()),\n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().User.Read.All()))\n .scopeIds(msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.oauth2PermissionScopeIds().User.ReadWrite()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleMsgraph:\n type: azuread:ApplicationApiAccess\n name: example_msgraph\n properties:\n applicationId: ${example.id}\n apiClientId: ${wellKnown.result.MicrosoftGraph}\n roleIds:\n - ${msgraph.appRoleIds\"Group.Read.All\"[%!s(MISSING)]}\n - ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n scopeIds:\n - ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n msgraph:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n clientId: ${wellKnown.result.MicrosoftGraph}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Tip** For managing permissions for an additional API, create another instance of this resource\n\n*Usage with azuread.Application resource*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleApplicationApiAccess = new azuread.ApplicationApiAccess(\"example\", {applicationId: example.id});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_application_api_access = azuread.ApplicationApiAccess(\"example\", application_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationApiAccess = new AzureAD.ApplicationApiAccess(\"example\", new()\n {\n ApplicationId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"example\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleApplicationApiAccess = new ApplicationApiAccess(\"exampleApplicationApiAccess\", ApplicationApiAccessArgs.builder()\n .applicationId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationApiAccess:\n type: azuread:ApplicationApiAccess\n name: example\n properties:\n applicationId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nApplication API Access can be imported using the object ID of the application and the client ID of the API, in the following format.\n\n```sh\n$ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111\n```\n\n", + "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = wellKnown.then(wellKnown =\u003e azuread.getServicePrincipal({\n clientId: wellKnown.result?.MicrosoftGraph,\n}));\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleMsgraph = new azuread.ApplicationApiAccess(\"example_msgraph\", {\n applicationId: example.id,\n apiClientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n roleIds: [\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"Group.Read.All\"]),\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"User.Read.All\"]),\n ],\n scopeIds: [msgraph.then(msgraph =\u003e msgraph.oauth2PermissionScopeIds?.[\"User.ReadWrite\"])],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.get_service_principal(client_id=well_known.result[\"MicrosoftGraph\"])\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_msgraph = azuread.ApplicationApiAccess(\"example_msgraph\",\n application_id=example.id,\n api_client_id=well_known.result[\"MicrosoftGraph\"],\n role_ids=[\n msgraph.app_role_ids[\"Group.Read.All\"],\n msgraph.app_role_ids[\"User.Read.All\"],\n ],\n scope_ids=[msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n });\n\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleMsgraph = new AzureAD.ApplicationApiAccess(\"example_msgraph\", new()\n {\n ApplicationId = example.Id,\n ApiClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n RoleIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.Group_Read_All),\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.User_Read_All),\n },\n ScopeIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Oauth2PermissionScopeIds?.User_ReadWrite),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tClientId: pulumi.StringRef(wellKnown.Result.MicrosoftGraph),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"example_msgraph\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tApiClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tRoleIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(msgraph.AppRoleIds.Group.Read.All),\n\t\t\t\tpulumi.String(msgraph.AppRoleIds.User.Read.All),\n\t\t\t},\n\t\t\tScopeIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(msgraph.Oauth2PermissionScopeIds.User.ReadWrite),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n final var msgraph = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .build());\n\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleMsgraph = new ApplicationApiAccess(\"exampleMsgraph\", ApplicationApiAccessArgs.builder()\n .applicationId(example.id())\n .apiClientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .roleIds( \n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().Group.Read.All()),\n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().User.Read.All()))\n .scopeIds(msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.oauth2PermissionScopeIds().User.ReadWrite()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleMsgraph:\n type: azuread:ApplicationApiAccess\n name: example_msgraph\n properties:\n applicationId: ${example.id}\n apiClientId: ${wellKnown.result.MicrosoftGraph}\n roleIds:\n - ${msgraph.appRoleIds\"Group.Read.All\"[%!s(MISSING)]}\n - ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n scopeIds:\n - ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\nvariables:\n wellKnown:\n fn::invoke:\n function: azuread:getApplicationPublishedAppIds\n arguments: {}\n msgraph:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n clientId: ${wellKnown.result.MicrosoftGraph}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Tip** For managing permissions for an additional API, create another instance of this resource\n\n*Usage with azuread.Application resource*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleApplicationApiAccess = new azuread.ApplicationApiAccess(\"example\", {applicationId: example.id});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_application_api_access = azuread.ApplicationApiAccess(\"example\", application_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationApiAccess = new AzureAD.ApplicationApiAccess(\"example\", new()\n {\n ApplicationId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"example\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleApplicationApiAccess = new ApplicationApiAccess(\"exampleApplicationApiAccess\", ApplicationApiAccessArgs.builder()\n .applicationId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationApiAccess:\n type: azuread:ApplicationApiAccess\n name: example\n properties:\n applicationId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nApplication API Access can be imported using the object ID of the application and the client ID of the API, in the following format.\n\n```sh\n$ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111\n```\n\n", "properties": { "apiClientId": { "type": "string", @@ -4721,7 +4721,7 @@ } }, "azuread:index/applicationCertificate:ApplicationCertificate": { - "description": "## Example Usage\n\n*Using a PEM certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleApplicationCertificate = new azuread.ApplicationCertificate(\"example\", {\n applicationId: example.id,\n type: \"AsymmetricX509Cert\",\n value: std.file({\n input: \"cert.pem\",\n }).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_application_certificate = azuread.ApplicationCertificate(\"example\",\n application_id=example.id,\n type=\"AsymmetricX509Cert\",\n value=std.file(input=\"cert.pem\").result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationCertificate = new AzureAD.ApplicationCertificate(\"example\", new()\n {\n ApplicationId = example.Id,\n Type = \"AsymmetricX509Cert\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"cert.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationCertificate(ctx, \"example\", \u0026azuread.ApplicationCertificateArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tValue: pulumi.String(invokeFile.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationCertificate;\nimport com.pulumi.azuread.ApplicationCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleApplicationCertificate = new ApplicationCertificate(\"exampleApplicationCertificate\", ApplicationCertificateArgs.builder()\n .applicationId(example.id())\n .type(\"AsymmetricX509Cert\")\n .value(StdFunctions.file(FileArgs.builder()\n .input(\"cert.pem\")\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationCertificate:\n type: azuread:ApplicationCertificate\n name: example\n properties:\n applicationId: ${example.id}\n type: AsymmetricX509Cert\n value:\n fn::invoke:\n Function: std:file\n Arguments:\n input: cert.pem\n Return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Using a DER certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleApplicationCertificate = new azuread.ApplicationCertificate(\"example\", {\n applicationId: example.id,\n type: \"AsymmetricX509Cert\",\n encoding: \"base64\",\n value: std.file({\n input: \"cert.der\",\n }).then(invoke =\u003e std.base64encode({\n input: invoke.result,\n })).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_application_certificate = azuread.ApplicationCertificate(\"example\",\n application_id=example.id,\n type=\"AsymmetricX509Cert\",\n encoding=\"base64\",\n value=std.base64encode(input=std.file(input=\"cert.der\").result).result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationCertificate = new AzureAD.ApplicationCertificate(\"example\", new()\n {\n ApplicationId = example.Id,\n Type = \"AsymmetricX509Cert\",\n Encoding = \"base64\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.der\",\n }).Apply(invoke =\u003e Std.Base64encode.Invoke(new()\n {\n Input = invoke.Result,\n })).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: std.File(ctx, \u0026std.FileArgs{\n\t\t\t\tInput: \"cert.der\",\n\t\t\t}, nil).Result,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationCertificate(ctx, \"example\", \u0026azuread.ApplicationCertificateArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tEncoding: pulumi.String(\"base64\"),\n\t\t\tValue: pulumi.String(invokeBase64encode.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationCertificate;\nimport com.pulumi.azuread.ApplicationCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleApplicationCertificate = new ApplicationCertificate(\"exampleApplicationCertificate\", ApplicationCertificateArgs.builder()\n .applicationId(example.id())\n .type(\"AsymmetricX509Cert\")\n .encoding(\"base64\")\n .value(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(StdFunctions.file(FileArgs.builder()\n .input(\"cert.der\")\n .build()).result())\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationCertificate:\n type: azuread:ApplicationCertificate\n name: example\n properties:\n applicationId: ${example.id}\n type: AsymmetricX509Cert\n encoding: base64\n value:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input:\n fn::invoke:\n Function: std:file\n Arguments:\n input: cert.der\n Return: result\n Return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using a certificate from Azure Key Vault\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"example\", {displayName: \"example\"});\nconst example = new azure.keyvault.Certificate(\"example\", {\n name: \"generated-cert\",\n keyVaultId: exampleAzurermKeyVault.id,\n certificatePolicy: {\n issuerParameters: {\n name: \"Self\",\n },\n keyProperties: {\n exportable: true,\n keySize: 2048,\n keyType: \"RSA\",\n reuseKey: true,\n },\n lifetimeActions: [{\n action: {\n actionType: \"AutoRenew\",\n },\n trigger: {\n daysBeforeExpiry: 30,\n },\n }],\n secretProperties: {\n contentType: \"application/x-pkcs12\",\n },\n x509CertificateProperties: {\n extendedKeyUsages: [\"1.3.6.1.5.5.7.3.2\"],\n keyUsages: [\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subjectAlternativeNames: {\n dnsNames: [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n subject: `CN=${exampleApplication.name}`,\n validityInMonths: 12,\n },\n },\n});\nconst exampleApplicationCertificate = new azuread.ApplicationCertificate(\"example\", {\n applicationId: exampleApplication.id,\n type: \"AsymmetricX509Cert\",\n encoding: \"hex\",\n value: example.certificateData,\n endDate: example.certificateAttributes.apply(certificateAttributes =\u003e certificateAttributes[0].expires),\n startDate: example.certificateAttributes.apply(certificateAttributes =\u003e certificateAttributes[0].notBefore),\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"example\", display_name=\"example\")\nexample = azure.keyvault.Certificate(\"example\",\n name=\"generated-cert\",\n key_vault_id=example_azurerm_key_vault[\"id\"],\n certificate_policy={\n \"issuer_parameters\": {\n \"name\": \"Self\",\n },\n \"key_properties\": {\n \"exportable\": True,\n \"key_size\": 2048,\n \"key_type\": \"RSA\",\n \"reuse_key\": True,\n },\n \"lifetime_actions\": [{\n \"action\": {\n \"action_type\": \"AutoRenew\",\n },\n \"trigger\": {\n \"days_before_expiry\": 30,\n },\n }],\n \"secret_properties\": {\n \"content_type\": \"application/x-pkcs12\",\n },\n \"x509_certificate_properties\": {\n \"extended_key_usages\": [\"1.3.6.1.5.5.7.3.2\"],\n \"key_usages\": [\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n \"subject_alternative_names\": {\n \"dns_names\": [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n \"subject\": f\"CN={example_application.name}\",\n \"validity_in_months\": 12,\n },\n })\nexample_application_certificate = azuread.ApplicationCertificate(\"example\",\n application_id=example_application.id,\n type=\"AsymmetricX509Cert\",\n encoding=\"hex\",\n value=example.certificate_data,\n end_date=example.certificate_attributes[0].expires,\n start_date=example.certificate_attributes[0].not_before)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var example = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"generated-cert\",\n KeyVaultId = exampleAzurermKeyVault.Id,\n CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs\n {\n IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs\n {\n Name = \"Self\",\n },\n KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs\n {\n Exportable = true,\n KeySize = 2048,\n KeyType = \"RSA\",\n ReuseKey = true,\n },\n LifetimeActions = new[]\n {\n new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs\n {\n Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs\n {\n ActionType = \"AutoRenew\",\n },\n Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs\n {\n DaysBeforeExpiry = 30,\n },\n },\n },\n SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs\n {\n ContentType = \"application/x-pkcs12\",\n },\n X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs\n {\n ExtendedKeyUsages = new[]\n {\n \"1.3.6.1.5.5.7.3.2\",\n },\n KeyUsages = new[]\n {\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\",\n },\n SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs\n {\n DnsNames = new[]\n {\n \"internal.contoso.com\",\n \"domain.hello.world\",\n },\n },\n Subject = $\"CN={exampleApplication.Name}\",\n ValidityInMonths = 12,\n },\n },\n });\n\n var exampleApplicationCertificate = new AzureAD.ApplicationCertificate(\"example\", new()\n {\n ApplicationId = exampleApplication.Id,\n Type = \"AsymmetricX509Cert\",\n Encoding = \"hex\",\n Value = example.CertificateData,\n EndDate = example.CertificateAttributes.Apply(certificateAttributes =\u003e certificateAttributes[0].Expires),\n StartDate = example.CertificateAttributes.Apply(certificateAttributes =\u003e certificateAttributes[0].NotBefore),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"generated-cert\"),\n\t\t\tKeyVaultId: pulumi.Any(exampleAzurermKeyVault.Id),\n\t\t\tCertificatePolicy: \u0026keyvault.CertificateCertificatePolicyArgs{\n\t\t\t\tIssuerParameters: \u0026keyvault.CertificateCertificatePolicyIssuerParametersArgs{\n\t\t\t\t\tName: pulumi.String(\"Self\"),\n\t\t\t\t},\n\t\t\t\tKeyProperties: \u0026keyvault.CertificateCertificatePolicyKeyPropertiesArgs{\n\t\t\t\t\tExportable: pulumi.Bool(true),\n\t\t\t\t\tKeySize: pulumi.Int(2048),\n\t\t\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\t\t\tReuseKey: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tLifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{\n\t\t\t\t\t\u0026keyvault.CertificateCertificatePolicyLifetimeActionArgs{\n\t\t\t\t\t\tAction: \u0026keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{\n\t\t\t\t\t\t\tActionType: pulumi.String(\"AutoRenew\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTrigger: \u0026keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{\n\t\t\t\t\t\t\tDaysBeforeExpiry: pulumi.Int(30),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecretProperties: \u0026keyvault.CertificateCertificatePolicySecretPropertiesArgs{\n\t\t\t\t\tContentType: pulumi.String(\"application/x-pkcs12\"),\n\t\t\t\t},\n\t\t\t\tX509CertificateProperties: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{\n\t\t\t\t\tExtendedKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"1.3.6.1.5.5.7.3.2\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"dataEncipherment\"),\n\t\t\t\t\t\tpulumi.String(\"digitalSignature\"),\n\t\t\t\t\t\tpulumi.String(\"keyCertSign\"),\n\t\t\t\t\t\tpulumi.String(\"keyEncipherment\"),\n\t\t\t\t\t},\n\t\t\t\t\tSubjectAlternativeNames: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{\n\t\t\t\t\t\tDnsNames: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"internal.contoso.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"domain.hello.world\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tSubject: pulumi.Sprintf(\"CN=%v\", exampleApplication.Name),\n\t\t\t\t\tValidityInMonths: pulumi.Int(12),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationCertificate(ctx, \"example\", \u0026azuread.ApplicationCertificateArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tEncoding: pulumi.String(\"hex\"),\n\t\t\tValue: example.CertificateData,\n\t\t\tEndDate: pulumi.String(example.CertificateAttributes.ApplyT(func(certificateAttributes []keyvault.CertificateCertificateAttribute) (*string, error) {\n\t\t\t\treturn \u0026certificateAttributes[0].Expires, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tStartDate: pulumi.String(example.CertificateAttributes.ApplyT(func(certificateAttributes []keyvault.CertificateCertificateAttribute) (*string, error) {\n\t\t\t\treturn \u0026certificateAttributes[0].NotBefore, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;\nimport com.pulumi.azuread.ApplicationCertificate;\nimport com.pulumi.azuread.ApplicationCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var example = new Certificate(\"example\", CertificateArgs.builder()\n .name(\"generated-cert\")\n .keyVaultId(exampleAzurermKeyVault.id())\n .certificatePolicy(CertificateCertificatePolicyArgs.builder()\n .issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()\n .name(\"Self\")\n .build())\n .keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()\n .exportable(true)\n .keySize(2048)\n .keyType(\"RSA\")\n .reuseKey(true)\n .build())\n .lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()\n .action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()\n .actionType(\"AutoRenew\")\n .build())\n .trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()\n .daysBeforeExpiry(30)\n .build())\n .build())\n .secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()\n .contentType(\"application/x-pkcs12\")\n .build())\n .x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()\n .extendedKeyUsages(\"1.3.6.1.5.5.7.3.2\")\n .keyUsages( \n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\")\n .subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()\n .dnsNames( \n \"internal.contoso.com\",\n \"domain.hello.world\")\n .build())\n .subject(String.format(\"CN=%s\", exampleApplication.name()))\n .validityInMonths(12)\n .build())\n .build())\n .build());\n\n var exampleApplicationCertificate = new ApplicationCertificate(\"exampleApplicationCertificate\", ApplicationCertificateArgs.builder()\n .applicationId(exampleApplication.id())\n .type(\"AsymmetricX509Cert\")\n .encoding(\"hex\")\n .value(example.certificateData())\n .endDate(example.certificateAttributes().applyValue(certificateAttributes -\u003e certificateAttributes[0].expires()))\n .startDate(example.certificateAttributes().applyValue(certificateAttributes -\u003e certificateAttributes[0].notBefore()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:keyvault:Certificate\n properties:\n name: generated-cert\n keyVaultId: ${exampleAzurermKeyVault.id}\n certificatePolicy:\n issuerParameters:\n name: Self\n keyProperties:\n exportable: true\n keySize: 2048\n keyType: RSA\n reuseKey: true\n lifetimeActions:\n - action:\n actionType: AutoRenew\n trigger:\n daysBeforeExpiry: 30\n secretProperties:\n contentType: application/x-pkcs12\n x509CertificateProperties:\n extendedKeyUsages:\n - 1.3.6.1.5.5.7.3.2\n keyUsages:\n - dataEncipherment\n - digitalSignature\n - keyCertSign\n - keyEncipherment\n subjectAlternativeNames:\n dnsNames:\n - internal.contoso.com\n - domain.hello.world\n subject: CN=${exampleApplication.name}\n validityInMonths: 12\n exampleApplication:\n type: azuread:Application\n name: example\n properties:\n displayName: example\n exampleApplicationCertificate:\n type: azuread:ApplicationCertificate\n name: example\n properties:\n applicationId: ${exampleApplication.id}\n type: AsymmetricX509Cert\n encoding: hex\n value: ${example.certificateData}\n endDate: ${example.certificateAttributes[0].expires}\n startDate: ${example.certificateAttributes[0].notBefore}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCertificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g.\n\n```sh\n$ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the application's object ID, the string \"certificate\" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`.\n\n", + "description": "## Example Usage\n\n*Using a PEM certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleApplicationCertificate = new azuread.ApplicationCertificate(\"example\", {\n applicationId: example.id,\n type: \"AsymmetricX509Cert\",\n value: std.file({\n input: \"cert.pem\",\n }).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_application_certificate = azuread.ApplicationCertificate(\"example\",\n application_id=example.id,\n type=\"AsymmetricX509Cert\",\n value=std.file(input=\"cert.pem\").result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationCertificate = new AzureAD.ApplicationCertificate(\"example\", new()\n {\n ApplicationId = example.Id,\n Type = \"AsymmetricX509Cert\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"cert.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationCertificate(ctx, \"example\", \u0026azuread.ApplicationCertificateArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tValue: pulumi.String(invokeFile.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationCertificate;\nimport com.pulumi.azuread.ApplicationCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleApplicationCertificate = new ApplicationCertificate(\"exampleApplicationCertificate\", ApplicationCertificateArgs.builder()\n .applicationId(example.id())\n .type(\"AsymmetricX509Cert\")\n .value(StdFunctions.file(FileArgs.builder()\n .input(\"cert.pem\")\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationCertificate:\n type: azuread:ApplicationCertificate\n name: example\n properties:\n applicationId: ${example.id}\n type: AsymmetricX509Cert\n value:\n fn::invoke:\n function: std:file\n arguments:\n input: cert.pem\n return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Using a DER certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleApplicationCertificate = new azuread.ApplicationCertificate(\"example\", {\n applicationId: example.id,\n type: \"AsymmetricX509Cert\",\n encoding: \"base64\",\n value: std.file({\n input: \"cert.der\",\n }).then(invoke =\u003e std.base64encode({\n input: invoke.result,\n })).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_application_certificate = azuread.ApplicationCertificate(\"example\",\n application_id=example.id,\n type=\"AsymmetricX509Cert\",\n encoding=\"base64\",\n value=std.base64encode(input=std.file(input=\"cert.der\").result).result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationCertificate = new AzureAD.ApplicationCertificate(\"example\", new()\n {\n ApplicationId = example.Id,\n Type = \"AsymmetricX509Cert\",\n Encoding = \"base64\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.der\",\n }).Apply(invoke =\u003e Std.Base64encode.Invoke(new()\n {\n Input = invoke.Result,\n })).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: std.File(ctx, \u0026std.FileArgs{\n\t\t\t\tInput: \"cert.der\",\n\t\t\t}, nil).Result,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationCertificate(ctx, \"example\", \u0026azuread.ApplicationCertificateArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tEncoding: pulumi.String(\"base64\"),\n\t\t\tValue: pulumi.String(invokeBase64encode.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationCertificate;\nimport com.pulumi.azuread.ApplicationCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleApplicationCertificate = new ApplicationCertificate(\"exampleApplicationCertificate\", ApplicationCertificateArgs.builder()\n .applicationId(example.id())\n .type(\"AsymmetricX509Cert\")\n .encoding(\"base64\")\n .value(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(StdFunctions.file(FileArgs.builder()\n .input(\"cert.der\")\n .build()).result())\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationCertificate:\n type: azuread:ApplicationCertificate\n name: example\n properties:\n applicationId: ${example.id}\n type: AsymmetricX509Cert\n encoding: base64\n value:\n fn::invoke:\n function: std:base64encode\n arguments:\n input:\n fn::invoke:\n function: std:file\n arguments:\n input: cert.der\n return: result\n return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using a certificate from Azure Key Vault\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"example\", {displayName: \"example\"});\nconst example = new azure.keyvault.Certificate(\"example\", {\n name: \"generated-cert\",\n keyVaultId: exampleAzurermKeyVault.id,\n certificatePolicy: {\n issuerParameters: {\n name: \"Self\",\n },\n keyProperties: {\n exportable: true,\n keySize: 2048,\n keyType: \"RSA\",\n reuseKey: true,\n },\n lifetimeActions: [{\n action: {\n actionType: \"AutoRenew\",\n },\n trigger: {\n daysBeforeExpiry: 30,\n },\n }],\n secretProperties: {\n contentType: \"application/x-pkcs12\",\n },\n x509CertificateProperties: {\n extendedKeyUsages: [\"1.3.6.1.5.5.7.3.2\"],\n keyUsages: [\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subjectAlternativeNames: {\n dnsNames: [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n subject: `CN=${exampleApplication.name}`,\n validityInMonths: 12,\n },\n },\n});\nconst exampleApplicationCertificate = new azuread.ApplicationCertificate(\"example\", {\n applicationId: exampleApplication.id,\n type: \"AsymmetricX509Cert\",\n encoding: \"hex\",\n value: example.certificateData,\n endDate: example.certificateAttributes.apply(certificateAttributes =\u003e certificateAttributes[0].expires),\n startDate: example.certificateAttributes.apply(certificateAttributes =\u003e certificateAttributes[0].notBefore),\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"example\", display_name=\"example\")\nexample = azure.keyvault.Certificate(\"example\",\n name=\"generated-cert\",\n key_vault_id=example_azurerm_key_vault[\"id\"],\n certificate_policy={\n \"issuer_parameters\": {\n \"name\": \"Self\",\n },\n \"key_properties\": {\n \"exportable\": True,\n \"key_size\": 2048,\n \"key_type\": \"RSA\",\n \"reuse_key\": True,\n },\n \"lifetime_actions\": [{\n \"action\": {\n \"action_type\": \"AutoRenew\",\n },\n \"trigger\": {\n \"days_before_expiry\": 30,\n },\n }],\n \"secret_properties\": {\n \"content_type\": \"application/x-pkcs12\",\n },\n \"x509_certificate_properties\": {\n \"extended_key_usages\": [\"1.3.6.1.5.5.7.3.2\"],\n \"key_usages\": [\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n \"subject_alternative_names\": {\n \"dns_names\": [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n \"subject\": f\"CN={example_application.name}\",\n \"validity_in_months\": 12,\n },\n })\nexample_application_certificate = azuread.ApplicationCertificate(\"example\",\n application_id=example_application.id,\n type=\"AsymmetricX509Cert\",\n encoding=\"hex\",\n value=example.certificate_data,\n end_date=example.certificate_attributes[0].expires,\n start_date=example.certificate_attributes[0].not_before)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var example = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"generated-cert\",\n KeyVaultId = exampleAzurermKeyVault.Id,\n CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs\n {\n IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs\n {\n Name = \"Self\",\n },\n KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs\n {\n Exportable = true,\n KeySize = 2048,\n KeyType = \"RSA\",\n ReuseKey = true,\n },\n LifetimeActions = new[]\n {\n new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs\n {\n Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs\n {\n ActionType = \"AutoRenew\",\n },\n Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs\n {\n DaysBeforeExpiry = 30,\n },\n },\n },\n SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs\n {\n ContentType = \"application/x-pkcs12\",\n },\n X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs\n {\n ExtendedKeyUsages = new[]\n {\n \"1.3.6.1.5.5.7.3.2\",\n },\n KeyUsages = new[]\n {\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\",\n },\n SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs\n {\n DnsNames = new[]\n {\n \"internal.contoso.com\",\n \"domain.hello.world\",\n },\n },\n Subject = $\"CN={exampleApplication.Name}\",\n ValidityInMonths = 12,\n },\n },\n });\n\n var exampleApplicationCertificate = new AzureAD.ApplicationCertificate(\"example\", new()\n {\n ApplicationId = exampleApplication.Id,\n Type = \"AsymmetricX509Cert\",\n Encoding = \"hex\",\n Value = example.CertificateData,\n EndDate = example.CertificateAttributes.Apply(certificateAttributes =\u003e certificateAttributes[0].Expires),\n StartDate = example.CertificateAttributes.Apply(certificateAttributes =\u003e certificateAttributes[0].NotBefore),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"generated-cert\"),\n\t\t\tKeyVaultId: pulumi.Any(exampleAzurermKeyVault.Id),\n\t\t\tCertificatePolicy: \u0026keyvault.CertificateCertificatePolicyArgs{\n\t\t\t\tIssuerParameters: \u0026keyvault.CertificateCertificatePolicyIssuerParametersArgs{\n\t\t\t\t\tName: pulumi.String(\"Self\"),\n\t\t\t\t},\n\t\t\t\tKeyProperties: \u0026keyvault.CertificateCertificatePolicyKeyPropertiesArgs{\n\t\t\t\t\tExportable: pulumi.Bool(true),\n\t\t\t\t\tKeySize: pulumi.Int(2048),\n\t\t\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\t\t\tReuseKey: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tLifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{\n\t\t\t\t\t\u0026keyvault.CertificateCertificatePolicyLifetimeActionArgs{\n\t\t\t\t\t\tAction: \u0026keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{\n\t\t\t\t\t\t\tActionType: pulumi.String(\"AutoRenew\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTrigger: \u0026keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{\n\t\t\t\t\t\t\tDaysBeforeExpiry: pulumi.Int(30),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecretProperties: \u0026keyvault.CertificateCertificatePolicySecretPropertiesArgs{\n\t\t\t\t\tContentType: pulumi.String(\"application/x-pkcs12\"),\n\t\t\t\t},\n\t\t\t\tX509CertificateProperties: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{\n\t\t\t\t\tExtendedKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"1.3.6.1.5.5.7.3.2\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"dataEncipherment\"),\n\t\t\t\t\t\tpulumi.String(\"digitalSignature\"),\n\t\t\t\t\t\tpulumi.String(\"keyCertSign\"),\n\t\t\t\t\t\tpulumi.String(\"keyEncipherment\"),\n\t\t\t\t\t},\n\t\t\t\t\tSubjectAlternativeNames: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{\n\t\t\t\t\t\tDnsNames: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"internal.contoso.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"domain.hello.world\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tSubject: pulumi.Sprintf(\"CN=%v\", exampleApplication.Name),\n\t\t\t\t\tValidityInMonths: pulumi.Int(12),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationCertificate(ctx, \"example\", \u0026azuread.ApplicationCertificateArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tEncoding: pulumi.String(\"hex\"),\n\t\t\tValue: example.CertificateData,\n\t\t\tEndDate: pulumi.String(example.CertificateAttributes.ApplyT(func(certificateAttributes []keyvault.CertificateCertificateAttribute) (*string, error) {\n\t\t\t\treturn \u0026certificateAttributes[0].Expires, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tStartDate: pulumi.String(example.CertificateAttributes.ApplyT(func(certificateAttributes []keyvault.CertificateCertificateAttribute) (*string, error) {\n\t\t\t\treturn \u0026certificateAttributes[0].NotBefore, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;\nimport com.pulumi.azuread.ApplicationCertificate;\nimport com.pulumi.azuread.ApplicationCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var example = new Certificate(\"example\", CertificateArgs.builder()\n .name(\"generated-cert\")\n .keyVaultId(exampleAzurermKeyVault.id())\n .certificatePolicy(CertificateCertificatePolicyArgs.builder()\n .issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()\n .name(\"Self\")\n .build())\n .keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()\n .exportable(true)\n .keySize(2048)\n .keyType(\"RSA\")\n .reuseKey(true)\n .build())\n .lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()\n .action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()\n .actionType(\"AutoRenew\")\n .build())\n .trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()\n .daysBeforeExpiry(30)\n .build())\n .build())\n .secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()\n .contentType(\"application/x-pkcs12\")\n .build())\n .x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()\n .extendedKeyUsages(\"1.3.6.1.5.5.7.3.2\")\n .keyUsages( \n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyCertSign\",\n \"keyEncipherment\")\n .subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()\n .dnsNames( \n \"internal.contoso.com\",\n \"domain.hello.world\")\n .build())\n .subject(String.format(\"CN=%s\", exampleApplication.name()))\n .validityInMonths(12)\n .build())\n .build())\n .build());\n\n var exampleApplicationCertificate = new ApplicationCertificate(\"exampleApplicationCertificate\", ApplicationCertificateArgs.builder()\n .applicationId(exampleApplication.id())\n .type(\"AsymmetricX509Cert\")\n .encoding(\"hex\")\n .value(example.certificateData())\n .endDate(example.certificateAttributes().applyValue(certificateAttributes -\u003e certificateAttributes[0].expires()))\n .startDate(example.certificateAttributes().applyValue(certificateAttributes -\u003e certificateAttributes[0].notBefore()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:keyvault:Certificate\n properties:\n name: generated-cert\n keyVaultId: ${exampleAzurermKeyVault.id}\n certificatePolicy:\n issuerParameters:\n name: Self\n keyProperties:\n exportable: true\n keySize: 2048\n keyType: RSA\n reuseKey: true\n lifetimeActions:\n - action:\n actionType: AutoRenew\n trigger:\n daysBeforeExpiry: 30\n secretProperties:\n contentType: application/x-pkcs12\n x509CertificateProperties:\n extendedKeyUsages:\n - 1.3.6.1.5.5.7.3.2\n keyUsages:\n - dataEncipherment\n - digitalSignature\n - keyCertSign\n - keyEncipherment\n subjectAlternativeNames:\n dnsNames:\n - internal.contoso.com\n - domain.hello.world\n subject: CN=${exampleApplication.name}\n validityInMonths: 12\n exampleApplication:\n type: azuread:Application\n name: example\n properties:\n displayName: example\n exampleApplicationCertificate:\n type: azuread:ApplicationCertificate\n name: example\n properties:\n applicationId: ${exampleApplication.id}\n type: AsymmetricX509Cert\n encoding: hex\n value: ${example.certificateData}\n endDate: ${example.certificateAttributes[0].expires}\n startDate: ${example.certificateAttributes[0].notBefore}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCertificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g.\n\n```sh\n$ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the application's object ID, the string \"certificate\" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`.\n\n", "properties": { "applicationId": { "type": "string", @@ -5031,7 +5031,7 @@ } }, "azuread:index/applicationFromTemplate:ApplicationFromTemplate": { - "description": "Creates an application registration and associated service principal from a gallery template.\n\n\u003e The azuread.Application resource can also be used to instantiate a gallery application, however unlike the `azuread.Application` resource, this resource does not attempt to manage any properties of the resulting application.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"Example Application\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetApplication = azuread.getApplicationOutput({\n objectId: exampleApplicationFromTemplate.applicationObjectId,\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Marketo\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"Example Application\",\n template_id=example.template_id)\nexample_get_application = azuread.get_application_output(object_id=example_application_from_template.application_object_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"Example Application\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetApplication = AzureAD.GetApplication.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ApplicationObjectId,\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"Example Application\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = azuread.LookupApplicationOutput(ctx, azuread.GetApplicationOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ApplicationObjectId,\n\t\t}, nil)\n\t\t_ = azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetApplicationArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"Example Application\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetApplication = AzureadFunctions.getApplication(GetApplicationArgs.builder()\n .objectId(exampleApplicationFromTemplate.applicationObjectId())\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: Example Application\n templateId: ${example.templateId}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n exampleGetApplication:\n fn::invoke:\n Function: azuread:getApplication\n Arguments:\n objectId: ${exampleApplicationFromTemplate.applicationObjectId}\n exampleGetServicePrincipal:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nTemplated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format.\n\n```sh\n$ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222\n```\n\n", + "description": "Creates an application registration and associated service principal from a gallery template.\n\n\u003e The azuread.Application resource can also be used to instantiate a gallery application, however unlike the `azuread.Application` resource, this resource does not attempt to manage any properties of the resulting application.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"Example Application\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetApplication = azuread.getApplicationOutput({\n objectId: exampleApplicationFromTemplate.applicationObjectId,\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Marketo\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"Example Application\",\n template_id=example.template_id)\nexample_get_application = azuread.get_application_output(object_id=example_application_from_template.application_object_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"Example Application\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetApplication = AzureAD.GetApplication.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ApplicationObjectId,\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"Example Application\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = azuread.LookupApplicationOutput(ctx, azuread.GetApplicationOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ApplicationObjectId,\n\t\t}, nil)\n\t\t_ = azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetApplicationArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"Example Application\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetApplication = AzureadFunctions.getApplication(GetApplicationArgs.builder()\n .objectId(exampleApplicationFromTemplate.applicationObjectId())\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: Example Application\n templateId: ${example.templateId}\nvariables:\n example:\n fn::invoke:\n function: azuread:getApplicationTemplate\n arguments:\n displayName: Marketo\n exampleGetApplication:\n fn::invoke:\n function: azuread:getApplication\n arguments:\n objectId: ${exampleApplicationFromTemplate.applicationObjectId}\n exampleGetServicePrincipal:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nTemplated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format.\n\n```sh\n$ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222\n```\n\n", "properties": { "applicationId": { "type": "string", @@ -6137,7 +6137,7 @@ } }, "azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy": { - "description": "## Example Usage\n\n### All users except guests or external users\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n signInRiskLevels: [\"medium\"],\n userRiskLevels: [\"medium\"],\n applications: {\n includedApplications: [\"All\"],\n excludedApplications: [],\n },\n devices: {\n filter: {\n mode: \"exclude\",\n rule: \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n locations: {\n includedLocations: [\"All\"],\n excludedLocations: [\"AllTrusted\"],\n },\n platforms: {\n includedPlatforms: [\"android\"],\n excludedPlatforms: [\"iOS\"],\n },\n users: {\n includedUsers: [\"All\"],\n excludedUsers: [\"GuestsOrExternalUsers\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"mfa\"],\n },\n sessionControls: {\n applicationEnforcedRestrictionsEnabled: true,\n disableResilienceDefaults: false,\n signInFrequency: 10,\n signInFrequencyPeriod: \"hours\",\n cloudAppSecurityPolicy: \"monitorOnly\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions={\n \"client_app_types\": [\"all\"],\n \"sign_in_risk_levels\": [\"medium\"],\n \"user_risk_levels\": [\"medium\"],\n \"applications\": {\n \"included_applications\": [\"All\"],\n \"excluded_applications\": [],\n },\n \"devices\": {\n \"filter\": {\n \"mode\": \"exclude\",\n \"rule\": \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n \"locations\": {\n \"included_locations\": [\"All\"],\n \"excluded_locations\": [\"AllTrusted\"],\n },\n \"platforms\": {\n \"included_platforms\": [\"android\"],\n \"excluded_platforms\": [\"iOS\"],\n },\n \"users\": {\n \"included_users\": [\"All\"],\n \"excluded_users\": [\"GuestsOrExternalUsers\"],\n },\n },\n grant_controls={\n \"operator\": \"OR\",\n \"built_in_controls\": [\"mfa\"],\n },\n session_controls={\n \"application_enforced_restrictions_enabled\": True,\n \"disable_resilience_defaults\": False,\n \"sign_in_frequency\": 10,\n \"sign_in_frequency_period\": \"hours\",\n \"cloud_app_security_policy\": \"monitorOnly\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n SignInRiskLevels = new[]\n {\n \"medium\",\n },\n UserRiskLevels = new[]\n {\n \"medium\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n ExcludedApplications = new() { },\n },\n Devices = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesArgs\n {\n Filter = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs\n {\n Mode = \"exclude\",\n Rule = \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n Locations = new AzureAD.Inputs.ConditionalAccessPolicyConditionsLocationsArgs\n {\n IncludedLocations = new[]\n {\n \"All\",\n },\n ExcludedLocations = new[]\n {\n \"AllTrusted\",\n },\n },\n Platforms = new AzureAD.Inputs.ConditionalAccessPolicyConditionsPlatformsArgs\n {\n IncludedPlatforms = new[]\n {\n \"android\",\n },\n ExcludedPlatforms = new[]\n {\n \"iOS\",\n },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"All\",\n },\n ExcludedUsers = new[]\n {\n \"GuestsOrExternalUsers\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"mfa\",\n },\n },\n SessionControls = new AzureAD.Inputs.ConditionalAccessPolicySessionControlsArgs\n {\n ApplicationEnforcedRestrictionsEnabled = true,\n DisableResilienceDefaults = false,\n SignInFrequency = 10,\n SignInFrequencyPeriod = \"hours\",\n CloudAppSecurityPolicy = \"monitorOnly\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tSignInRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUserRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedApplications: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t\tDevices: \u0026azuread.ConditionalAccessPolicyConditionsDevicesArgs{\n\t\t\t\t\tFilter: \u0026azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs{\n\t\t\t\t\t\tMode: pulumi.String(\"exclude\"),\n\t\t\t\t\t\tRule: pulumi.String(\"device.operatingSystem eq \\\"Doors\\\"\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLocations: \u0026azuread.ConditionalAccessPolicyConditionsLocationsArgs{\n\t\t\t\t\tIncludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AllTrusted\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tPlatforms: \u0026azuread.ConditionalAccessPolicyConditionsPlatformsArgs{\n\t\t\t\t\tIncludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"android\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"iOS\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GuestsOrExternalUsers\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"mfa\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSessionControls: \u0026azuread.ConditionalAccessPolicySessionControlsArgs{\n\t\t\t\tApplicationEnforcedRestrictionsEnabled: pulumi.Bool(true),\n\t\t\t\tDisableResilienceDefaults: pulumi.Bool(false),\n\t\t\t\tSignInFrequency: pulumi.Int(10),\n\t\t\t\tSignInFrequencyPeriod: pulumi.String(\"hours\"),\n\t\t\t\tCloudAppSecurityPolicy: pulumi.String(\"monitorOnly\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsLocationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsPlatformsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicySessionControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder()\n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .signInRiskLevels(\"medium\")\n .userRiskLevels(\"medium\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .excludedApplications()\n .build())\n .devices(ConditionalAccessPolicyConditionsDevicesArgs.builder()\n .filter(ConditionalAccessPolicyConditionsDevicesFilterArgs.builder()\n .mode(\"exclude\")\n .rule(\"device.operatingSystem eq \\\"Doors\\\"\")\n .build())\n .build())\n .locations(ConditionalAccessPolicyConditionsLocationsArgs.builder()\n .includedLocations(\"All\")\n .excludedLocations(\"AllTrusted\")\n .build())\n .platforms(ConditionalAccessPolicyConditionsPlatformsArgs.builder()\n .includedPlatforms(\"android\")\n .excludedPlatforms(\"iOS\")\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"All\")\n .excludedUsers(\"GuestsOrExternalUsers\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"mfa\")\n .build())\n .sessionControls(ConditionalAccessPolicySessionControlsArgs.builder()\n .applicationEnforcedRestrictionsEnabled(true)\n .disableResilienceDefaults(false)\n .signInFrequency(10)\n .signInFrequencyPeriod(\"hours\")\n .cloudAppSecurityPolicy(\"monitorOnly\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n signInRiskLevels:\n - medium\n userRiskLevels:\n - medium\n applications:\n includedApplications:\n - All\n excludedApplications: []\n devices:\n filter:\n mode: exclude\n rule: device.operatingSystem eq \"Doors\"\n locations:\n includedLocations:\n - All\n excludedLocations:\n - AllTrusted\n platforms:\n includedPlatforms:\n - android\n excludedPlatforms:\n - iOS\n users:\n includedUsers:\n - All\n excludedUsers:\n - GuestsOrExternalUsers\n grantControls:\n operator: OR\n builtInControls:\n - mfa\n sessionControls:\n applicationEnforcedRestrictionsEnabled: true\n disableResilienceDefaults: false\n signInFrequency: 10\n signInFrequencyPeriod: hours\n cloudAppSecurityPolicy: monitorOnly\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Included client applications / service principals\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [current.then(current =\u003e current.objectId)],\n excludedServicePrincipals: [],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions={\n \"client_app_types\": [\"all\"],\n \"applications\": {\n \"included_applications\": [\"All\"],\n },\n \"client_applications\": {\n \"included_service_principals\": [current.object_id],\n \"excluded_service_principals\": [],\n },\n \"users\": {\n \"included_users\": [\"None\"],\n },\n },\n grant_controls={\n \"operator\": \"OR\",\n \"built_in_controls\": [\"block\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n ExcludedServicePrincipals = new() { },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder()\n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .excludedServicePrincipals()\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ${current.objectId}\n excludedServicePrincipals: []\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Excluded client applications / service principals\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [\"ServicePrincipalsInMyTenant\"],\n excludedServicePrincipals: [current.then(current =\u003e current.objectId)],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions={\n \"client_app_types\": [\"all\"],\n \"applications\": {\n \"included_applications\": [\"All\"],\n },\n \"client_applications\": {\n \"included_service_principals\": [\"ServicePrincipalsInMyTenant\"],\n \"excluded_service_principals\": [current.object_id],\n },\n \"users\": {\n \"included_users\": [\"None\"],\n },\n },\n grant_controls={\n \"operator\": \"OR\",\n \"built_in_controls\": [\"block\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n \"ServicePrincipalsInMyTenant\",\n },\n ExcludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ServicePrincipalsInMyTenant\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder()\n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(\"ServicePrincipalsInMyTenant\")\n .excludedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ServicePrincipalsInMyTenant\n excludedServicePrincipals:\n - ${current.objectId}\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nConditional Access Policies can be imported using the `id`, e.g.\n\n```sh\n$ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000\n```\n\n", + "description": "## Example Usage\n\n### All users except guests or external users\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n signInRiskLevels: [\"medium\"],\n userRiskLevels: [\"medium\"],\n applications: {\n includedApplications: [\"All\"],\n excludedApplications: [],\n },\n devices: {\n filter: {\n mode: \"exclude\",\n rule: \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n locations: {\n includedLocations: [\"All\"],\n excludedLocations: [\"AllTrusted\"],\n },\n platforms: {\n includedPlatforms: [\"android\"],\n excludedPlatforms: [\"iOS\"],\n },\n users: {\n includedUsers: [\"All\"],\n excludedUsers: [\"GuestsOrExternalUsers\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"mfa\"],\n },\n sessionControls: {\n applicationEnforcedRestrictionsEnabled: true,\n disableResilienceDefaults: false,\n signInFrequency: 10,\n signInFrequencyPeriod: \"hours\",\n cloudAppSecurityPolicy: \"monitorOnly\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions={\n \"client_app_types\": [\"all\"],\n \"sign_in_risk_levels\": [\"medium\"],\n \"user_risk_levels\": [\"medium\"],\n \"applications\": {\n \"included_applications\": [\"All\"],\n \"excluded_applications\": [],\n },\n \"devices\": {\n \"filter\": {\n \"mode\": \"exclude\",\n \"rule\": \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n \"locations\": {\n \"included_locations\": [\"All\"],\n \"excluded_locations\": [\"AllTrusted\"],\n },\n \"platforms\": {\n \"included_platforms\": [\"android\"],\n \"excluded_platforms\": [\"iOS\"],\n },\n \"users\": {\n \"included_users\": [\"All\"],\n \"excluded_users\": [\"GuestsOrExternalUsers\"],\n },\n },\n grant_controls={\n \"operator\": \"OR\",\n \"built_in_controls\": [\"mfa\"],\n },\n session_controls={\n \"application_enforced_restrictions_enabled\": True,\n \"disable_resilience_defaults\": False,\n \"sign_in_frequency\": 10,\n \"sign_in_frequency_period\": \"hours\",\n \"cloud_app_security_policy\": \"monitorOnly\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n SignInRiskLevels = new[]\n {\n \"medium\",\n },\n UserRiskLevels = new[]\n {\n \"medium\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n ExcludedApplications = new() { },\n },\n Devices = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesArgs\n {\n Filter = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs\n {\n Mode = \"exclude\",\n Rule = \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n Locations = new AzureAD.Inputs.ConditionalAccessPolicyConditionsLocationsArgs\n {\n IncludedLocations = new[]\n {\n \"All\",\n },\n ExcludedLocations = new[]\n {\n \"AllTrusted\",\n },\n },\n Platforms = new AzureAD.Inputs.ConditionalAccessPolicyConditionsPlatformsArgs\n {\n IncludedPlatforms = new[]\n {\n \"android\",\n },\n ExcludedPlatforms = new[]\n {\n \"iOS\",\n },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"All\",\n },\n ExcludedUsers = new[]\n {\n \"GuestsOrExternalUsers\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"mfa\",\n },\n },\n SessionControls = new AzureAD.Inputs.ConditionalAccessPolicySessionControlsArgs\n {\n ApplicationEnforcedRestrictionsEnabled = true,\n DisableResilienceDefaults = false,\n SignInFrequency = 10,\n SignInFrequencyPeriod = \"hours\",\n CloudAppSecurityPolicy = \"monitorOnly\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tSignInRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUserRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedApplications: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t\tDevices: \u0026azuread.ConditionalAccessPolicyConditionsDevicesArgs{\n\t\t\t\t\tFilter: \u0026azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs{\n\t\t\t\t\t\tMode: pulumi.String(\"exclude\"),\n\t\t\t\t\t\tRule: pulumi.String(\"device.operatingSystem eq \\\"Doors\\\"\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLocations: \u0026azuread.ConditionalAccessPolicyConditionsLocationsArgs{\n\t\t\t\t\tIncludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AllTrusted\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tPlatforms: \u0026azuread.ConditionalAccessPolicyConditionsPlatformsArgs{\n\t\t\t\t\tIncludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"android\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"iOS\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GuestsOrExternalUsers\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"mfa\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSessionControls: \u0026azuread.ConditionalAccessPolicySessionControlsArgs{\n\t\t\t\tApplicationEnforcedRestrictionsEnabled: pulumi.Bool(true),\n\t\t\t\tDisableResilienceDefaults: pulumi.Bool(false),\n\t\t\t\tSignInFrequency: pulumi.Int(10),\n\t\t\t\tSignInFrequencyPeriod: pulumi.String(\"hours\"),\n\t\t\t\tCloudAppSecurityPolicy: pulumi.String(\"monitorOnly\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsLocationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsPlatformsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicySessionControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder()\n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .signInRiskLevels(\"medium\")\n .userRiskLevels(\"medium\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .excludedApplications()\n .build())\n .devices(ConditionalAccessPolicyConditionsDevicesArgs.builder()\n .filter(ConditionalAccessPolicyConditionsDevicesFilterArgs.builder()\n .mode(\"exclude\")\n .rule(\"device.operatingSystem eq \\\"Doors\\\"\")\n .build())\n .build())\n .locations(ConditionalAccessPolicyConditionsLocationsArgs.builder()\n .includedLocations(\"All\")\n .excludedLocations(\"AllTrusted\")\n .build())\n .platforms(ConditionalAccessPolicyConditionsPlatformsArgs.builder()\n .includedPlatforms(\"android\")\n .excludedPlatforms(\"iOS\")\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"All\")\n .excludedUsers(\"GuestsOrExternalUsers\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"mfa\")\n .build())\n .sessionControls(ConditionalAccessPolicySessionControlsArgs.builder()\n .applicationEnforcedRestrictionsEnabled(true)\n .disableResilienceDefaults(false)\n .signInFrequency(10)\n .signInFrequencyPeriod(\"hours\")\n .cloudAppSecurityPolicy(\"monitorOnly\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n signInRiskLevels:\n - medium\n userRiskLevels:\n - medium\n applications:\n includedApplications:\n - All\n excludedApplications: []\n devices:\n filter:\n mode: exclude\n rule: device.operatingSystem eq \"Doors\"\n locations:\n includedLocations:\n - All\n excludedLocations:\n - AllTrusted\n platforms:\n includedPlatforms:\n - android\n excludedPlatforms:\n - iOS\n users:\n includedUsers:\n - All\n excludedUsers:\n - GuestsOrExternalUsers\n grantControls:\n operator: OR\n builtInControls:\n - mfa\n sessionControls:\n applicationEnforcedRestrictionsEnabled: true\n disableResilienceDefaults: false\n signInFrequency: 10\n signInFrequencyPeriod: hours\n cloudAppSecurityPolicy: monitorOnly\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Included client applications / service principals\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [current.then(current =\u003e current.objectId)],\n excludedServicePrincipals: [],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions={\n \"client_app_types\": [\"all\"],\n \"applications\": {\n \"included_applications\": [\"All\"],\n },\n \"client_applications\": {\n \"included_service_principals\": [current.object_id],\n \"excluded_service_principals\": [],\n },\n \"users\": {\n \"included_users\": [\"None\"],\n },\n },\n grant_controls={\n \"operator\": \"OR\",\n \"built_in_controls\": [\"block\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n ExcludedServicePrincipals = new() { },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder()\n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .excludedServicePrincipals()\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ${current.objectId}\n excludedServicePrincipals: []\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Excluded client applications / service principals\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [\"ServicePrincipalsInMyTenant\"],\n excludedServicePrincipals: [current.then(current =\u003e current.objectId)],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions={\n \"client_app_types\": [\"all\"],\n \"applications\": {\n \"included_applications\": [\"All\"],\n },\n \"client_applications\": {\n \"included_service_principals\": [\"ServicePrincipalsInMyTenant\"],\n \"excluded_service_principals\": [current.object_id],\n },\n \"users\": {\n \"included_users\": [\"None\"],\n },\n },\n grant_controls={\n \"operator\": \"OR\",\n \"built_in_controls\": [\"block\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n \"ServicePrincipalsInMyTenant\",\n },\n ExcludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ServicePrincipalsInMyTenant\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder()\n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(\"ServicePrincipalsInMyTenant\")\n .excludedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ServicePrincipalsInMyTenant\n excludedServicePrincipals:\n - ${current.objectId}\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nConditional Access Policies can be imported using the `id`, e.g.\n\n```sh\n$ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000\n```\n\n", "properties": { "conditions": { "$ref": "#/types/azuread:index/ConditionalAccessPolicyConditions:ConditionalAccessPolicyConditions", @@ -6410,7 +6410,7 @@ } }, "azuread:index/directoryRoleAssignment:DirectoryRoleAssignment": { - "description": "Manages a single directory role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n*Assignment for a built-in role*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Security administrator\"});\nconst exampleDirectoryRoleAssignment = new azuread.DirectoryRoleAssignment(\"example\", {\n roleId: exampleDirectoryRole.templateId,\n principalObjectId: example.then(example =\u003e example.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Security administrator\")\nexample_directory_role_assignment = azuread.DirectoryRoleAssignment(\"example\",\n role_id=example_directory_role.template_id,\n principal_object_id=example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleDirectoryRoleAssignment = new AzureAD.DirectoryRoleAssignment(\"example\", new()\n {\n RoleId = exampleDirectoryRole.TemplateId,\n PrincipalObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleAssignment(ctx, \"example\", \u0026azuread.DirectoryRoleAssignmentArgs{\n\t\t\tRoleId: exampleDirectoryRole.TemplateId,\n\t\t\tPrincipalObjectId: pulumi.String(example.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleAssignment;\nimport com.pulumi.azuread.DirectoryRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Security administrator\")\n .build());\n\n var exampleDirectoryRoleAssignment = new DirectoryRoleAssignment(\"exampleDirectoryRoleAssignment\", DirectoryRoleAssignmentArgs.builder()\n .roleId(exampleDirectoryRole.templateId())\n .principalObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Security administrator\n exampleDirectoryRoleAssignment:\n type: azuread:DirectoryRoleAssignment\n name: example\n properties:\n roleId: ${exampleDirectoryRole.templateId}\n principalObjectId: ${example.objectId}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e Note the use of the `template_id` attribute when referencing built-in roles.\n\n*Assignment for a custom role*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleCustomDirectoryRole = new azuread.CustomDirectoryRole(\"example\", {\n displayName: \"My Custom Role\",\n enabled: true,\n version: \"1.0\",\n permissions: [{\n allowedResourceActions: [\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\",\n ],\n }],\n});\nconst exampleDirectoryRoleAssignment = new azuread.DirectoryRoleAssignment(\"example\", {\n roleId: exampleCustomDirectoryRole.objectId,\n principalObjectId: example.then(example =\u003e example.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_custom_directory_role = azuread.CustomDirectoryRole(\"example\",\n display_name=\"My Custom Role\",\n enabled=True,\n version=\"1.0\",\n permissions=[{\n \"allowed_resource_actions\": [\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\",\n ],\n }])\nexample_directory_role_assignment = azuread.DirectoryRoleAssignment(\"example\",\n role_id=example_custom_directory_role.object_id,\n principal_object_id=example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleCustomDirectoryRole = new AzureAD.CustomDirectoryRole(\"example\", new()\n {\n DisplayName = \"My Custom Role\",\n Enabled = true,\n Version = \"1.0\",\n Permissions = new[]\n {\n new AzureAD.Inputs.CustomDirectoryRolePermissionArgs\n {\n AllowedResourceActions = new[]\n {\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\",\n },\n },\n },\n });\n\n var exampleDirectoryRoleAssignment = new AzureAD.DirectoryRoleAssignment(\"example\", new()\n {\n RoleId = exampleCustomDirectoryRole.ObjectId,\n PrincipalObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomDirectoryRole, err := azuread.NewCustomDirectoryRole(ctx, \"example\", \u0026azuread.CustomDirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"My Custom Role\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t\tPermissions: azuread.CustomDirectoryRolePermissionArray{\n\t\t\t\t\u0026azuread.CustomDirectoryRolePermissionArgs{\n\t\t\t\t\tAllowedResourceActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/basic/update\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/standard/read\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleAssignment(ctx, \"example\", \u0026azuread.DirectoryRoleAssignmentArgs{\n\t\t\tRoleId: exampleCustomDirectoryRole.ObjectId,\n\t\t\tPrincipalObjectId: pulumi.String(example.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.CustomDirectoryRole;\nimport com.pulumi.azuread.CustomDirectoryRoleArgs;\nimport com.pulumi.azuread.inputs.CustomDirectoryRolePermissionArgs;\nimport com.pulumi.azuread.DirectoryRoleAssignment;\nimport com.pulumi.azuread.DirectoryRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleCustomDirectoryRole = new CustomDirectoryRole(\"exampleCustomDirectoryRole\", CustomDirectoryRoleArgs.builder()\n .displayName(\"My Custom Role\")\n .enabled(true)\n .version(\"1.0\")\n .permissions(CustomDirectoryRolePermissionArgs.builder()\n .allowedResourceActions( \n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\")\n .build())\n .build());\n\n var exampleDirectoryRoleAssignment = new DirectoryRoleAssignment(\"exampleDirectoryRoleAssignment\", DirectoryRoleAssignmentArgs.builder()\n .roleId(exampleCustomDirectoryRole.objectId())\n .principalObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCustomDirectoryRole:\n type: azuread:CustomDirectoryRole\n name: example\n properties:\n displayName: My Custom Role\n enabled: true\n version: '1.0'\n permissions:\n - allowedResourceActions:\n - microsoft.directory/applications/basic/update\n - microsoft.directory/applications/standard/read\n exampleDirectoryRoleAssignment:\n type: azuread:DirectoryRoleAssignment\n name: example\n properties:\n roleId: ${exampleCustomDirectoryRole.objectId}\n principalObjectId: ${example.objectId}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Scoped assignment for an application*\n\n## Import\n\nDirectory role assignments can be imported using the ID of the assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1\n```\n\n", + "description": "Manages a single directory role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n*Assignment for a built-in role*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Security administrator\"});\nconst exampleDirectoryRoleAssignment = new azuread.DirectoryRoleAssignment(\"example\", {\n roleId: exampleDirectoryRole.templateId,\n principalObjectId: example.then(example =\u003e example.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Security administrator\")\nexample_directory_role_assignment = azuread.DirectoryRoleAssignment(\"example\",\n role_id=example_directory_role.template_id,\n principal_object_id=example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleDirectoryRoleAssignment = new AzureAD.DirectoryRoleAssignment(\"example\", new()\n {\n RoleId = exampleDirectoryRole.TemplateId,\n PrincipalObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleAssignment(ctx, \"example\", \u0026azuread.DirectoryRoleAssignmentArgs{\n\t\t\tRoleId: exampleDirectoryRole.TemplateId,\n\t\t\tPrincipalObjectId: pulumi.String(example.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleAssignment;\nimport com.pulumi.azuread.DirectoryRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Security administrator\")\n .build());\n\n var exampleDirectoryRoleAssignment = new DirectoryRoleAssignment(\"exampleDirectoryRoleAssignment\", DirectoryRoleAssignmentArgs.builder()\n .roleId(exampleDirectoryRole.templateId())\n .principalObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Security administrator\n exampleDirectoryRoleAssignment:\n type: azuread:DirectoryRoleAssignment\n name: example\n properties:\n roleId: ${exampleDirectoryRole.templateId}\n principalObjectId: ${example.objectId}\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e Note the use of the `template_id` attribute when referencing built-in roles.\n\n*Assignment for a custom role*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleCustomDirectoryRole = new azuread.CustomDirectoryRole(\"example\", {\n displayName: \"My Custom Role\",\n enabled: true,\n version: \"1.0\",\n permissions: [{\n allowedResourceActions: [\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\",\n ],\n }],\n});\nconst exampleDirectoryRoleAssignment = new azuread.DirectoryRoleAssignment(\"example\", {\n roleId: exampleCustomDirectoryRole.objectId,\n principalObjectId: example.then(example =\u003e example.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_custom_directory_role = azuread.CustomDirectoryRole(\"example\",\n display_name=\"My Custom Role\",\n enabled=True,\n version=\"1.0\",\n permissions=[{\n \"allowed_resource_actions\": [\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\",\n ],\n }])\nexample_directory_role_assignment = azuread.DirectoryRoleAssignment(\"example\",\n role_id=example_custom_directory_role.object_id,\n principal_object_id=example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleCustomDirectoryRole = new AzureAD.CustomDirectoryRole(\"example\", new()\n {\n DisplayName = \"My Custom Role\",\n Enabled = true,\n Version = \"1.0\",\n Permissions = new[]\n {\n new AzureAD.Inputs.CustomDirectoryRolePermissionArgs\n {\n AllowedResourceActions = new[]\n {\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\",\n },\n },\n },\n });\n\n var exampleDirectoryRoleAssignment = new AzureAD.DirectoryRoleAssignment(\"example\", new()\n {\n RoleId = exampleCustomDirectoryRole.ObjectId,\n PrincipalObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomDirectoryRole, err := azuread.NewCustomDirectoryRole(ctx, \"example\", \u0026azuread.CustomDirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"My Custom Role\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t\tPermissions: azuread.CustomDirectoryRolePermissionArray{\n\t\t\t\t\u0026azuread.CustomDirectoryRolePermissionArgs{\n\t\t\t\t\tAllowedResourceActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/basic/update\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/standard/read\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleAssignment(ctx, \"example\", \u0026azuread.DirectoryRoleAssignmentArgs{\n\t\t\tRoleId: exampleCustomDirectoryRole.ObjectId,\n\t\t\tPrincipalObjectId: pulumi.String(example.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.CustomDirectoryRole;\nimport com.pulumi.azuread.CustomDirectoryRoleArgs;\nimport com.pulumi.azuread.inputs.CustomDirectoryRolePermissionArgs;\nimport com.pulumi.azuread.DirectoryRoleAssignment;\nimport com.pulumi.azuread.DirectoryRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleCustomDirectoryRole = new CustomDirectoryRole(\"exampleCustomDirectoryRole\", CustomDirectoryRoleArgs.builder()\n .displayName(\"My Custom Role\")\n .enabled(true)\n .version(\"1.0\")\n .permissions(CustomDirectoryRolePermissionArgs.builder()\n .allowedResourceActions( \n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/standard/read\")\n .build())\n .build());\n\n var exampleDirectoryRoleAssignment = new DirectoryRoleAssignment(\"exampleDirectoryRoleAssignment\", DirectoryRoleAssignmentArgs.builder()\n .roleId(exampleCustomDirectoryRole.objectId())\n .principalObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCustomDirectoryRole:\n type: azuread:CustomDirectoryRole\n name: example\n properties:\n displayName: My Custom Role\n enabled: true\n version: '1.0'\n permissions:\n - allowedResourceActions:\n - microsoft.directory/applications/basic/update\n - microsoft.directory/applications/standard/read\n exampleDirectoryRoleAssignment:\n type: azuread:DirectoryRoleAssignment\n name: example\n properties:\n roleId: ${exampleCustomDirectoryRole.objectId}\n principalObjectId: ${example.objectId}\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Scoped assignment for an application*\n\n## Import\n\nDirectory role assignments can be imported using the ID of the assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1\n```\n\n", "properties": { "appScopeId": { "type": "string", @@ -6489,7 +6489,7 @@ } }, "azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest": { - "description": "Manages a single directory role eligibility schedule request within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nThe calling principal requires one of the following application roles: `RoleEligibilitySchedule.ReadWrite.Directory` or `RoleManagement.ReadWrite.Directory`.\n\nThe calling principal requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Application Administrator\"});\nconst exampleDirectoryRoleEligibilityScheduleRequest = new azuread.DirectoryRoleEligibilityScheduleRequest(\"example\", {\n roleDefinitionId: exampleDirectoryRole.templateId,\n principalId: exampleAzureadUser.objectId,\n directoryScopeId: \"/\",\n justification: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Application Administrator\")\nexample_directory_role_eligibility_schedule_request = azuread.DirectoryRoleEligibilityScheduleRequest(\"example\",\n role_definition_id=example_directory_role.template_id,\n principal_id=example_azuread_user[\"objectId\"],\n directory_scope_id=\"/\",\n justification=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Application Administrator\",\n });\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new AzureAD.DirectoryRoleEligibilityScheduleRequest(\"example\", new()\n {\n RoleDefinitionId = exampleDirectoryRole.TemplateId,\n PrincipalId = exampleAzureadUser.ObjectId,\n DirectoryScopeId = \"/\",\n Justification = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Application Administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleEligibilityScheduleRequest(ctx, \"example\", \u0026azuread.DirectoryRoleEligibilityScheduleRequestArgs{\n\t\t\tRoleDefinitionId: exampleDirectoryRole.TemplateId,\n\t\t\tPrincipalId: pulumi.Any(exampleAzureadUser.ObjectId),\n\t\t\tDirectoryScopeId: pulumi.String(\"/\"),\n\t\t\tJustification: pulumi.String(\"Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequest;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequestArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Application Administrator\")\n .build());\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", DirectoryRoleEligibilityScheduleRequestArgs.builder()\n .roleDefinitionId(exampleDirectoryRole.templateId())\n .principalId(exampleAzureadUser.objectId())\n .directoryScopeId(\"/\")\n .justification(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Application Administrator\n exampleDirectoryRoleEligibilityScheduleRequest:\n type: azuread:DirectoryRoleEligibilityScheduleRequest\n name: example\n properties:\n roleDefinitionId: ${exampleDirectoryRole.templateId}\n principalId: ${exampleAzureadUser.objectId}\n directoryScopeId: /\n justification: Example\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e Note the use of the `template_id` attribute when referencing built-in roles.\n\n## Import\n\nDirectory role eligibility schedule requests can be imported using the ID of the assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522\n```\n\n", + "description": "Manages a single directory role eligibility schedule request within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nThe calling principal requires one of the following application roles: `RoleEligibilitySchedule.ReadWrite.Directory` or `RoleManagement.ReadWrite.Directory`.\n\nThe calling principal requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Application Administrator\"});\nconst exampleDirectoryRoleEligibilityScheduleRequest = new azuread.DirectoryRoleEligibilityScheduleRequest(\"example\", {\n roleDefinitionId: exampleDirectoryRole.templateId,\n principalId: exampleAzureadUser.objectId,\n directoryScopeId: \"/\",\n justification: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Application Administrator\")\nexample_directory_role_eligibility_schedule_request = azuread.DirectoryRoleEligibilityScheduleRequest(\"example\",\n role_definition_id=example_directory_role.template_id,\n principal_id=example_azuread_user[\"objectId\"],\n directory_scope_id=\"/\",\n justification=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Application Administrator\",\n });\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new AzureAD.DirectoryRoleEligibilityScheduleRequest(\"example\", new()\n {\n RoleDefinitionId = exampleDirectoryRole.TemplateId,\n PrincipalId = exampleAzureadUser.ObjectId,\n DirectoryScopeId = \"/\",\n Justification = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Application Administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleEligibilityScheduleRequest(ctx, \"example\", \u0026azuread.DirectoryRoleEligibilityScheduleRequestArgs{\n\t\t\tRoleDefinitionId: exampleDirectoryRole.TemplateId,\n\t\t\tPrincipalId: pulumi.Any(exampleAzureadUser.ObjectId),\n\t\t\tDirectoryScopeId: pulumi.String(\"/\"),\n\t\t\tJustification: pulumi.String(\"Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequest;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequestArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Application Administrator\")\n .build());\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", DirectoryRoleEligibilityScheduleRequestArgs.builder()\n .roleDefinitionId(exampleDirectoryRole.templateId())\n .principalId(exampleAzureadUser.objectId())\n .directoryScopeId(\"/\")\n .justification(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Application Administrator\n exampleDirectoryRoleEligibilityScheduleRequest:\n type: azuread:DirectoryRoleEligibilityScheduleRequest\n name: example\n properties:\n roleDefinitionId: ${exampleDirectoryRole.templateId}\n principalId: ${exampleAzureadUser.objectId}\n directoryScopeId: /\n justification: Example\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e Note the use of the `template_id` attribute when referencing built-in roles.\n\n## Import\n\nDirectory role eligibility schedule requests can be imported using the ID of the assignment, e.g.\n\n```sh\n$ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522\n```\n\n", "properties": { "directoryScopeId": { "type": "string", @@ -6570,7 +6570,7 @@ } }, "azuread:index/directoryRoleMember:DirectoryRoleMember": { - "description": "Manages a single directory role membership (assignment) within Azure Active Directory.\n\n\u003e **Deprecation Warning:** This resource has been superseded by the azuread.DirectoryRoleAssignment resource and will be removed in version 3.0 of the AzureAD provider\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Security administrator\"});\nconst exampleDirectoryRoleMember = new azuread.DirectoryRoleMember(\"example\", {\n roleObjectId: exampleDirectoryRole.objectId,\n memberObjectId: example.then(example =\u003e example.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Security administrator\")\nexample_directory_role_member = azuread.DirectoryRoleMember(\"example\",\n role_object_id=example_directory_role.object_id,\n member_object_id=example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleDirectoryRoleMember = new AzureAD.DirectoryRoleMember(\"example\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleMember(ctx, \"example\", \u0026azuread.DirectoryRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tMemberObjectId: pulumi.String(example.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleMember;\nimport com.pulumi.azuread.DirectoryRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Security administrator\")\n .build());\n\n var exampleDirectoryRoleMember = new DirectoryRoleMember(\"exampleDirectoryRoleMember\", DirectoryRoleMemberArgs.builder()\n .roleObjectId(exampleDirectoryRole.objectId())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Security administrator\n exampleDirectoryRoleMember:\n type: azuread:DirectoryRoleMember\n name: example\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n memberObjectId: ${example.objectId}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nDirectory role members can be imported using the object ID of the role and the object ID of the member, e.g.\n\n```sh\n$ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`.\n\n", + "description": "Manages a single directory role membership (assignment) within Azure Active Directory.\n\n\u003e **Deprecation Warning:** This resource has been superseded by the azuread.DirectoryRoleAssignment resource and will be removed in version 3.0 of the AzureAD provider\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"example\", {displayName: \"Security administrator\"});\nconst exampleDirectoryRoleMember = new azuread.DirectoryRoleMember(\"example\", {\n roleObjectId: exampleDirectoryRole.objectId,\n memberObjectId: example.then(example =\u003e example.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"example\", display_name=\"Security administrator\")\nexample_directory_role_member = azuread.DirectoryRoleMember(\"example\",\n role_object_id=example_directory_role.object_id,\n member_object_id=example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleDirectoryRoleMember = new AzureAD.DirectoryRoleMember(\"example\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleMember(ctx, \"example\", \u0026azuread.DirectoryRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tMemberObjectId: pulumi.String(example.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleMember;\nimport com.pulumi.azuread.DirectoryRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder()\n .displayName(\"Security administrator\")\n .build());\n\n var exampleDirectoryRoleMember = new DirectoryRoleMember(\"exampleDirectoryRoleMember\", DirectoryRoleMemberArgs.builder()\n .roleObjectId(exampleDirectoryRole.objectId())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n name: example\n properties:\n displayName: Security administrator\n exampleDirectoryRoleMember:\n type: azuread:DirectoryRoleMember\n name: example\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n memberObjectId: ${example.objectId}\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nDirectory role members can be imported using the object ID of the role and the object ID of the member, e.g.\n\n```sh\n$ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`.\n\n", "properties": { "memberObjectId": { "type": "string", @@ -6611,7 +6611,7 @@ } }, "azuread:index/group:Group": { - "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nAlternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`.\n\nIf using the `assignable_to_role` property, this resource additionally requires the `RoleManagement.ReadWrite.Directory` application role.\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\nWhen creating this resource in administrative units exclusively, the role `Groups Administrator` is required to be scoped on any administrative unit used.\n\nThe `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Microsoft 365 group*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"group_owner\", {\n userPrincipalName: \"example-group-owner@example.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"group_owner\",\n user_principal_name=\"example-group-owner@example.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var groupOwner = new AzureAD.User(\"group_owner\", new()\n {\n UserPrincipalName = \"example-group-owner@example.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = new[]\n {\n \"Unified\",\n },\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n groupOwner.ObjectId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"group_owner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@example.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var groupOwner = new User(\"groupOwner\", UserArgs.builder()\n .userPrincipalName(\"example-group-owner@example.com\")\n .displayName(\"Group Owner\")\n .mailNickname(\"example-group-owner\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"example\")\n .mailEnabled(true)\n .mailNickname(\"ExampleGroup\")\n .securityEnabled(true)\n .types(\"Unified\")\n .owners( \n current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()),\n groupOwner.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groupOwner:\n type: azuread:User\n name: group_owner\n properties:\n userPrincipalName: example-group-owner@example.com\n displayName: Group Owner\n mailNickname: example-group-owner\n password: SecretP@sswd99!\n example:\n type: azuread:Group\n properties:\n displayName: example\n mailEnabled: true\n mailNickname: ExampleGroup\n securityEnabled: true\n types:\n - Unified\n owners:\n - ${current.objectId}\n - ${groupOwner.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Group with members*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: azuread:User\n properties:\n displayName: J Doe\n owners:\n - ${current.objectId}\n password: notSecure123\n userPrincipalName: jdoe@example.com\n exampleGroup:\n type: azuread:Group\n name: example\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n members:\n - ${example.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Group with dynamic membership*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership={\n \"enabled\": True,\n \"rule\": \"user.department -eq \\\"Sales\\\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"MyGroup\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n Types = new[]\n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026azuread.GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GroupDynamicMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .types(\"DynamicMembership\")\n .dynamicMembership(GroupDynamicMembershipArgs.builder()\n .enabled(true)\n .rule(\"user.department -eq \\\"Sales\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n types:\n - DynamicMembership\n dynamicMembership:\n enabled: true\n rule: user.department -eq \"Sales\"\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n```sh\n$ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n", + "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nAlternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`.\n\nIf using the `assignable_to_role` property, this resource additionally requires the `RoleManagement.ReadWrite.Directory` application role.\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\nWhen creating this resource in administrative units exclusively, the role `Groups Administrator` is required to be scoped on any administrative unit used.\n\nThe `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Microsoft 365 group*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"group_owner\", {\n userPrincipalName: \"example-group-owner@example.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"group_owner\",\n user_principal_name=\"example-group-owner@example.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var groupOwner = new AzureAD.User(\"group_owner\", new()\n {\n UserPrincipalName = \"example-group-owner@example.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = new[]\n {\n \"Unified\",\n },\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n groupOwner.ObjectId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"group_owner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@example.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var groupOwner = new User(\"groupOwner\", UserArgs.builder()\n .userPrincipalName(\"example-group-owner@example.com\")\n .displayName(\"Group Owner\")\n .mailNickname(\"example-group-owner\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"example\")\n .mailEnabled(true)\n .mailNickname(\"ExampleGroup\")\n .securityEnabled(true)\n .types(\"Unified\")\n .owners( \n current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()),\n groupOwner.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groupOwner:\n type: azuread:User\n name: group_owner\n properties:\n userPrincipalName: example-group-owner@example.com\n displayName: Group Owner\n mailNickname: example-group-owner\n password: SecretP@sswd99!\n example:\n type: azuread:Group\n properties:\n displayName: example\n mailEnabled: true\n mailNickname: ExampleGroup\n securityEnabled: true\n types:\n - Unified\n owners:\n - ${current.objectId}\n - ${groupOwner.objectId}\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Group with members*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: azuread:User\n properties:\n displayName: J Doe\n owners:\n - ${current.objectId}\n password: notSecure123\n userPrincipalName: jdoe@example.com\n exampleGroup:\n type: azuread:Group\n name: example\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n members:\n - ${example.objectId}\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Group with dynamic membership*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership={\n \"enabled\": True,\n \"rule\": \"user.department -eq \\\"Sales\\\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"MyGroup\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n Types = new[]\n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026azuread.GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GroupDynamicMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .types(\"DynamicMembership\")\n .dynamicMembership(GroupDynamicMembershipArgs.builder()\n .enabled(true)\n .rule(\"user.department -eq \\\"Sales\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n types:\n - DynamicMembership\n dynamicMembership:\n enabled: true\n rule: user.department -eq \"Sales\"\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n```sh\n$ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n", "properties": { "administrativeUnitIds": { "type": "array", @@ -7054,7 +7054,7 @@ } }, "azuread:index/groupMember:GroupMember": { - "description": "Manages a single group membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.Group` resource for the same group. Doing so will cause a conflict and group members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nHowever, if the authenticated service principal is an owner of the group being managed, an application role is not required.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleGroup = new azuread.Group(\"example\", {\n displayName: \"my_group\",\n securityEnabled: true,\n});\nconst exampleGroupMember = new azuread.GroupMember(\"example\", {\n groupObjectId: exampleGroup.id,\n memberObjectId: example.then(example =\u003e example.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_group = azuread.Group(\"example\",\n display_name=\"my_group\",\n security_enabled=True)\nexample_group_member = azuread.GroupMember(\"example\",\n group_object_id=example_group.id,\n member_object_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleGroup = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"my_group\",\n SecurityEnabled = true,\n });\n\n var exampleGroupMember = new AzureAD.GroupMember(\"example\", new()\n {\n GroupObjectId = exampleGroup.Id,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"my_group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroupMember(ctx, \"example\", \u0026azuread.GroupMemberArgs{\n\t\t\tGroupObjectId: exampleGroup.ID(),\n\t\t\tMemberObjectId: pulumi.String(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.GroupMember;\nimport com.pulumi.azuread.GroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .displayName(\"my_group\")\n .securityEnabled(true)\n .build());\n\n var exampleGroupMember = new GroupMember(\"exampleGroupMember\", GroupMemberArgs.builder()\n .groupObjectId(exampleGroup.id())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n name: example\n properties:\n displayName: my_group\n securityEnabled: true\n exampleGroupMember:\n type: azuread:GroupMember\n name: example\n properties:\n groupObjectId: ${exampleGroup.id}\n memberObjectId: ${example.id}\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGroup members can be imported using the object ID of the group and the object ID of the member, e.g.\n\n```sh\n$ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`.\n\n", + "description": "Manages a single group membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.Group` resource for the same group. Doing so will cause a conflict and group members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nHowever, if the authenticated service principal is an owner of the group being managed, an application role is not required.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleGroup = new azuread.Group(\"example\", {\n displayName: \"my_group\",\n securityEnabled: true,\n});\nconst exampleGroupMember = new azuread.GroupMember(\"example\", {\n groupObjectId: exampleGroup.id,\n memberObjectId: example.then(example =\u003e example.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_group = azuread.Group(\"example\",\n display_name=\"my_group\",\n security_enabled=True)\nexample_group_member = azuread.GroupMember(\"example\",\n group_object_id=example_group.id,\n member_object_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleGroup = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"my_group\",\n SecurityEnabled = true,\n });\n\n var exampleGroupMember = new AzureAD.GroupMember(\"example\", new()\n {\n GroupObjectId = exampleGroup.Id,\n MemberObjectId = example.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"my_group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroupMember(ctx, \"example\", \u0026azuread.GroupMemberArgs{\n\t\t\tGroupObjectId: exampleGroup.ID(),\n\t\t\tMemberObjectId: pulumi.String(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.GroupMember;\nimport com.pulumi.azuread.GroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .displayName(\"my_group\")\n .securityEnabled(true)\n .build());\n\n var exampleGroupMember = new GroupMember(\"exampleGroupMember\", GroupMemberArgs.builder()\n .groupObjectId(exampleGroup.id())\n .memberObjectId(example.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n name: example\n properties:\n displayName: my_group\n securityEnabled: true\n exampleGroupMember:\n type: azuread:GroupMember\n name: example\n properties:\n groupObjectId: ${exampleGroup.id}\n memberObjectId: ${example.id}\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: jdoe@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGroup members can be imported using the object ID of the group and the object ID of the member, e.g.\n\n```sh\n$ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`.\n\n", "properties": { "groupObjectId": { "type": "string", @@ -7712,7 +7712,7 @@ } }, "azuread:index/servicePrincipal:ServicePrincipal": { - "description": "## Example Usage\n\n*Create a service principal for an application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {\n clientId: example.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"example\",\n client_id=example.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Create a service principal for an enterprise application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {\n clientId: example.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"example\",\n client_id=example.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id],\n feature_tags=[{\n \"enterprise\": True,\n \"gallery\": True,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ServicePrincipalFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tFeatureTags: azuread.ServicePrincipalFeatureTagArray{\n\t\t\t\t\u0026azuread.ServicePrincipalFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ServicePrincipalFeatureTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .featureTags(ServicePrincipalFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\n featureTags:\n - enterprise: true\n gallery: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Manage a service principal for a first-party Microsoft application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Create a service principal for an application created from a gallery template*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplication = new azuread.Application(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {\n clientId: exampleApplication.clientId,\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Marketo\")\nexample_application = azuread.Application(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_service_principal = azuread.ServicePrincipal(\"example\",\n client_id=example_application.client_id,\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplication = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = exampleApplication.ClientId,\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(exampleApplication.clientId())\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${exampleApplication.clientId}\n useExisting: true\nvariables:\n example:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nService principals can be imported using their object ID, e.g.\n\n```sh\n$ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000\n```\n\n", + "description": "## Example Usage\n\n*Create a service principal for an application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {\n clientId: example.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"example\",\n client_id=example.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Create a service principal for an enterprise application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {\n clientId: example.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"example\",\n client_id=example.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id],\n feature_tags=[{\n \"enterprise\": True,\n \"gallery\": True,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ServicePrincipalFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tFeatureTags: azuread.ServicePrincipalFeatureTagArray{\n\t\t\t\t\u0026azuread.ServicePrincipalFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ServicePrincipalFeatureTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .featureTags(ServicePrincipalFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\n featureTags:\n - enterprise: true\n gallery: true\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Manage a service principal for a first-party Microsoft application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\nvariables:\n wellKnown:\n fn::invoke:\n function: azuread:getApplicationPublishedAppIds\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Create a service principal for an application created from a gallery template*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplication = new azuread.Application(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {\n clientId: exampleApplication.clientId,\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Marketo\")\nexample_application = azuread.Application(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_service_principal = azuread.ServicePrincipal(\"example\",\n client_id=example_application.client_id,\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplication = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = exampleApplication.ClientId,\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(exampleApplication.clientId())\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${exampleApplication.clientId}\n useExisting: true\nvariables:\n example:\n fn::invoke:\n function: azuread:getApplicationTemplate\n arguments:\n displayName: Marketo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nService principals can be imported using their object ID, e.g.\n\n```sh\n$ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000\n```\n\n", "properties": { "accountEnabled": { "type": "boolean", @@ -8135,7 +8135,7 @@ } }, "azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate": { - "description": "## Example Usage\n\n*Using a PEM certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleServicePrincipalCertificate = new azuread.ServicePrincipalCertificate(\"example\", {\n servicePrincipalId: exampleServicePrincipal.id,\n type: \"AsymmetricX509Cert\",\n value: std.file({\n input: \"cert.pem\",\n }).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_service_principal_certificate = azuread.ServicePrincipalCertificate(\"example\",\n service_principal_id=example_service_principal.id,\n type=\"AsymmetricX509Cert\",\n value=std.file(input=\"cert.pem\").result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleServicePrincipalCertificate = new AzureAD.ServicePrincipalCertificate(\"example\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Type = \"AsymmetricX509Cert\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"cert.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalCertificate(ctx, \"example\", \u0026azuread.ServicePrincipalCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tValue: pulumi.String(invokeFile.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalCertificate;\nimport com.pulumi.azuread.ServicePrincipalCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleServicePrincipalCertificate = new ServicePrincipalCertificate(\"exampleServicePrincipalCertificate\", ServicePrincipalCertificateArgs.builder()\n .servicePrincipalId(exampleServicePrincipal.id())\n .type(\"AsymmetricX509Cert\")\n .value(StdFunctions.file(FileArgs.builder()\n .input(\"cert.pem\")\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleServicePrincipalCertificate:\n type: azuread:ServicePrincipalCertificate\n name: example\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n type: AsymmetricX509Cert\n value:\n fn::invoke:\n Function: std:file\n Arguments:\n input: cert.pem\n Return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Using a DER certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleServicePrincipalCertificate = new azuread.ServicePrincipalCertificate(\"example\", {\n servicePrincipalId: exampleServicePrincipal.id,\n type: \"AsymmetricX509Cert\",\n encoding: \"base64\",\n value: std.file({\n input: \"cert.der\",\n }).then(invoke =\u003e std.base64encode({\n input: invoke.result,\n })).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_service_principal_certificate = azuread.ServicePrincipalCertificate(\"example\",\n service_principal_id=example_service_principal.id,\n type=\"AsymmetricX509Cert\",\n encoding=\"base64\",\n value=std.base64encode(input=std.file(input=\"cert.der\").result).result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleServicePrincipalCertificate = new AzureAD.ServicePrincipalCertificate(\"example\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Type = \"AsymmetricX509Cert\",\n Encoding = \"base64\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.der\",\n }).Apply(invoke =\u003e Std.Base64encode.Invoke(new()\n {\n Input = invoke.Result,\n })).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: std.File(ctx, \u0026std.FileArgs{\n\t\t\t\tInput: \"cert.der\",\n\t\t\t}, nil).Result,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalCertificate(ctx, \"example\", \u0026azuread.ServicePrincipalCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tEncoding: pulumi.String(\"base64\"),\n\t\t\tValue: pulumi.String(invokeBase64encode.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalCertificate;\nimport com.pulumi.azuread.ServicePrincipalCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleServicePrincipalCertificate = new ServicePrincipalCertificate(\"exampleServicePrincipalCertificate\", ServicePrincipalCertificateArgs.builder()\n .servicePrincipalId(exampleServicePrincipal.id())\n .type(\"AsymmetricX509Cert\")\n .encoding(\"base64\")\n .value(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(StdFunctions.file(FileArgs.builder()\n .input(\"cert.der\")\n .build()).result())\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleServicePrincipalCertificate:\n type: azuread:ServicePrincipalCertificate\n name: example\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n type: AsymmetricX509Cert\n encoding: base64\n value:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input:\n fn::invoke:\n Function: std:file\n Arguments:\n input: cert.der\n Return: result\n Return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCertificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g.\n\n```sh\n$ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the service principal's object ID, the string \"certificate\" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`.\n\n", + "description": "## Example Usage\n\n*Using a PEM certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleServicePrincipalCertificate = new azuread.ServicePrincipalCertificate(\"example\", {\n servicePrincipalId: exampleServicePrincipal.id,\n type: \"AsymmetricX509Cert\",\n value: std.file({\n input: \"cert.pem\",\n }).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_service_principal_certificate = azuread.ServicePrincipalCertificate(\"example\",\n service_principal_id=example_service_principal.id,\n type=\"AsymmetricX509Cert\",\n value=std.file(input=\"cert.pem\").result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleServicePrincipalCertificate = new AzureAD.ServicePrincipalCertificate(\"example\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Type = \"AsymmetricX509Cert\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"cert.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalCertificate(ctx, \"example\", \u0026azuread.ServicePrincipalCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tValue: pulumi.String(invokeFile.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalCertificate;\nimport com.pulumi.azuread.ServicePrincipalCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleServicePrincipalCertificate = new ServicePrincipalCertificate(\"exampleServicePrincipalCertificate\", ServicePrincipalCertificateArgs.builder()\n .servicePrincipalId(exampleServicePrincipal.id())\n .type(\"AsymmetricX509Cert\")\n .value(StdFunctions.file(FileArgs.builder()\n .input(\"cert.pem\")\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleServicePrincipalCertificate:\n type: azuread:ServicePrincipalCertificate\n name: example\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n type: AsymmetricX509Cert\n value:\n fn::invoke:\n function: std:file\n arguments:\n input: cert.pem\n return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Using a DER certificate*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleServicePrincipalCertificate = new azuread.ServicePrincipalCertificate(\"example\", {\n servicePrincipalId: exampleServicePrincipal.id,\n type: \"AsymmetricX509Cert\",\n encoding: \"base64\",\n value: std.file({\n input: \"cert.der\",\n }).then(invoke =\u003e std.base64encode({\n input: invoke.result,\n })).then(invoke =\u003e invoke.result),\n endDate: \"2021-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_std as std\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_service_principal_certificate = azuread.ServicePrincipalCertificate(\"example\",\n service_principal_id=example_service_principal.id,\n type=\"AsymmetricX509Cert\",\n encoding=\"base64\",\n value=std.base64encode(input=std.file(input=\"cert.der\").result).result,\n end_date=\"2021-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleServicePrincipalCertificate = new AzureAD.ServicePrincipalCertificate(\"example\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Type = \"AsymmetricX509Cert\",\n Encoding = \"base64\",\n Value = Std.File.Invoke(new()\n {\n Input = \"cert.der\",\n }).Apply(invoke =\u003e Std.Base64encode.Invoke(new()\n {\n Input = invoke.Result,\n })).Apply(invoke =\u003e invoke.Result),\n EndDate = \"2021-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: std.File(ctx, \u0026std.FileArgs{\n\t\t\t\tInput: \"cert.der\",\n\t\t\t}, nil).Result,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalCertificate(ctx, \"example\", \u0026azuread.ServicePrincipalCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tType: pulumi.String(\"AsymmetricX509Cert\"),\n\t\t\tEncoding: pulumi.String(\"base64\"),\n\t\t\tValue: pulumi.String(invokeBase64encode.Result),\n\t\t\tEndDate: pulumi.String(\"2021-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalCertificate;\nimport com.pulumi.azuread.ServicePrincipalCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleServicePrincipalCertificate = new ServicePrincipalCertificate(\"exampleServicePrincipalCertificate\", ServicePrincipalCertificateArgs.builder()\n .servicePrincipalId(exampleServicePrincipal.id())\n .type(\"AsymmetricX509Cert\")\n .encoding(\"base64\")\n .value(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(StdFunctions.file(FileArgs.builder()\n .input(\"cert.der\")\n .build()).result())\n .build()).result())\n .endDate(\"2021-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleServicePrincipalCertificate:\n type: azuread:ServicePrincipalCertificate\n name: example\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n type: AsymmetricX509Cert\n encoding: base64\n value:\n fn::invoke:\n function: std:base64encode\n arguments:\n input:\n fn::invoke:\n function: std:file\n arguments:\n input: cert.der\n return: result\n return: result\n endDate: 2021-05-01T01:02:03Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCertificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g.\n\n```sh\n$ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the service principal's object ID, the string \"certificate\" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`.\n\n", "properties": { "encoding": { "type": "string", @@ -8326,7 +8326,7 @@ } }, "azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant": { - "description": "Manages a delegated permission grant for a service principal, on behalf of a single user, or all users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one the following directory role: `Global Administrator`\n\n## Example Usage\n\n*Delegated permission grant for all users*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"example\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"microsoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"openid\"],\n \"type\": \"Scope\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n \"type\": \"Scope\",\n },\n ],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"example\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"example\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"example\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder()\n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.microsoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n name: example\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Delegated permission grant for a single user*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleUser = new azuread.User(\"example\", {\n displayName: \"J. Doe\",\n userPrincipalName: \"jdoe@example.com\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"example\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n userObjectId: exampleUser.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"microsoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"openid\"],\n \"type\": \"Scope\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n \"type\": \"Scope\",\n },\n ],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_user = azuread.User(\"example\",\n display_name=\"J. Doe\",\n user_principal_name=\"jdoe@example.com\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\")\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"example\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ],\n user_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleUser = new AzureAD.User(\"example\", new()\n {\n DisplayName = \"J. Doe\",\n UserPrincipalName = \"jdoe@example.com\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"example\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n UserObjectId = exampleUser.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"example\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@example.com\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"example\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t\tUserObjectId: exampleUser.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .displayName(\"J. Doe\")\n .userPrincipalName(\"jdoe@example.com\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder()\n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .userObjectId(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.microsoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleUser:\n type: azuread:User\n name: example\n properties:\n displayName: J. Doe\n userPrincipalName: jdoe@example.com\n mailNickname: jdoe\n password: SecretP@sswd99!\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n name: example\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\n userObjectId: ${exampleUser.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nDelegated permission grants can be imported using their ID, e.g.\n\n```sh\n$ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n", + "description": "Manages a delegated permission grant for a service principal, on behalf of a single user, or all users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one the following directory role: `Global Administrator`\n\n## Example Usage\n\n*Delegated permission grant for all users*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"example\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"microsoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"openid\"],\n \"type\": \"Scope\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n \"type\": \"Scope\",\n },\n ],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"example\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"example\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"example\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder()\n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.microsoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n name: example\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\nvariables:\n wellKnown:\n fn::invoke:\n function: azuread:getApplicationPublishedAppIds\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Delegated permission grant for a single user*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.microsoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"example\", {clientId: example.clientId});\nconst exampleUser = new azuread.User(\"example\", {\n displayName: \"J. Doe\",\n userPrincipalName: \"jdoe@example.com\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"example\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n userObjectId: exampleUser.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"microsoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"microsoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"openid\"],\n \"type\": \"Scope\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n \"type\": \"Scope\",\n },\n ],\n }])\nexample_service_principal = azuread.ServicePrincipal(\"example\", client_id=example.client_id)\nexample_user = azuread.User(\"example\",\n display_name=\"J. Doe\",\n user_principal_name=\"jdoe@example.com\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\")\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"example\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ],\n user_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"example\", new()\n {\n ClientId = example.ClientId,\n });\n\n var exampleUser = new AzureAD.User(\"example\", new()\n {\n DisplayName = \"J. Doe\",\n UserPrincipalName = \"jdoe@example.com\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"example\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n UserObjectId = exampleUser.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"example\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: example.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"example\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@example.com\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"example\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t\tUserObjectId: exampleUser.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().microsoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder()\n .clientId(example.clientId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .displayName(\"J. Doe\")\n .userPrincipalName(\"jdoe@example.com\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder()\n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .userObjectId(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.microsoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.microsoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n name: example\n properties:\n clientId: ${example.clientId}\n exampleUser:\n type: azuread:User\n name: example\n properties:\n displayName: J. Doe\n userPrincipalName: jdoe@example.com\n mailNickname: jdoe\n password: SecretP@sswd99!\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n name: example\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\n userObjectId: ${exampleUser.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n function: azuread:getApplicationPublishedAppIds\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nDelegated permission grants can be imported using their ID, e.g.\n\n```sh\n$ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n", "properties": { "claimValues": { "type": "array", @@ -8651,7 +8651,7 @@ } }, "azuread:index/synchronizationJob:SynchronizationJob": { - "description": "Manages a synchronization job associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\nconst exampleSynchronizationJob = new azuread.SynchronizationJob(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n templateId: \"dataBricks\",\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"example\",\n service_principal_id=example_get_service_principal.id,\n credentials=[\n {\n \"key\": \"BaseAddress\",\n \"value\": \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n \"key\": \"SecretToken\",\n \"value\": \"some-token\",\n },\n ])\nexample_synchronization_job = azuread.SynchronizationJob(\"example\",\n service_principal_id=example_get_service_principal.id,\n template_id=\"dataBricks\",\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n var exampleSynchronizationJob = new AzureAD.SynchronizationJob(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n TemplateId = \"dataBricks\",\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetServicePrincipal := azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"example\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationJob(ctx, \"example\", \u0026azuread.SynchronizationJobArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tTemplateId: pulumi.String(\"dataBricks\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport com.pulumi.azuread.SynchronizationJob;\nimport com.pulumi.azuread.SynchronizationJobArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n var exampleSynchronizationJob = new SynchronizationJob(\"exampleSynchronizationJob\", SynchronizationJobArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .templateId(\"dataBricks\")\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: https://adb-example.azuredatabricks.net/api/2.0/preview/scim\n - key: SecretToken\n value: some-token\n exampleSynchronizationJob:\n type: azuread:SynchronizationJob\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n templateId: dataBricks\n enabled: true\nvariables:\n example:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n exampleGetServicePrincipal:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSynchronization jobs can be imported using the `id`, e.g.\n\n```sh\n$ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`.\n\n", + "description": "Manages a synchronization job associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\nconst exampleSynchronizationJob = new azuread.SynchronizationJob(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n templateId: \"dataBricks\",\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"example\",\n service_principal_id=example_get_service_principal.id,\n credentials=[\n {\n \"key\": \"BaseAddress\",\n \"value\": \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n \"key\": \"SecretToken\",\n \"value\": \"some-token\",\n },\n ])\nexample_synchronization_job = azuread.SynchronizationJob(\"example\",\n service_principal_id=example_get_service_principal.id,\n template_id=\"dataBricks\",\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n var exampleSynchronizationJob = new AzureAD.SynchronizationJob(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n TemplateId = \"dataBricks\",\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetServicePrincipal := azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"example\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationJob(ctx, \"example\", \u0026azuread.SynchronizationJobArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tTemplateId: pulumi.String(\"dataBricks\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport com.pulumi.azuread.SynchronizationJob;\nimport com.pulumi.azuread.SynchronizationJobArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n var exampleSynchronizationJob = new SynchronizationJob(\"exampleSynchronizationJob\", SynchronizationJobArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .templateId(\"dataBricks\")\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: https://adb-example.azuredatabricks.net/api/2.0/preview/scim\n - key: SecretToken\n value: some-token\n exampleSynchronizationJob:\n type: azuread:SynchronizationJob\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n templateId: dataBricks\n enabled: true\nvariables:\n example:\n fn::invoke:\n function: azuread:getApplicationTemplate\n arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n exampleGetServicePrincipal:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSynchronization jobs can be imported using the `id`, e.g.\n\n```sh\n$ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5\n```\n\n-\u003e This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`.\n\n", "properties": { "enabled": { "type": "boolean", @@ -8727,7 +8727,7 @@ } }, "azuread:index/synchronizationJobProvisionOnDemand:SynchronizationJobProvisionOnDemand": { - "description": "Manages synchronization job on demand provisioning associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Synchronization.ReadWrite.All`\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleGroup = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\nconst example = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\nconst exampleSynchronizationJob = new azuread.SynchronizationJob(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n templateId: \"dataBricks\",\n enabled: true,\n});\nconst exampleSynchronizationJobProvisionOnDemand = new azuread.SynchronizationJobProvisionOnDemand(\"example\", {\n servicePrincipalId: exampleSynchronizationJob.servicePrincipalId,\n synchronizationJobId: exampleSynchronizationJob.id,\n parameters: [{\n ruleId: \"\",\n subjects: [{\n objectId: exampleGroup.objectId,\n objectTypeName: \"Group\",\n }],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample_group = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\nexample = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"example\",\n service_principal_id=example_get_service_principal.id,\n credentials=[\n {\n \"key\": \"BaseAddress\",\n \"value\": \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n \"key\": \"SecretToken\",\n \"value\": \"some-token\",\n },\n ])\nexample_synchronization_job = azuread.SynchronizationJob(\"example\",\n service_principal_id=example_get_service_principal.id,\n template_id=\"dataBricks\",\n enabled=True)\nexample_synchronization_job_provision_on_demand = azuread.SynchronizationJobProvisionOnDemand(\"example\",\n service_principal_id=example_synchronization_job.service_principal_id,\n synchronization_job_id=example_synchronization_job.id,\n parameters=[{\n \"rule_id\": \"\",\n \"subjects\": [{\n \"object_id\": example_group.object_id,\n \"object_type_name\": \"Group\",\n }],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var exampleGroup = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n var exampleSynchronizationJob = new AzureAD.SynchronizationJob(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n TemplateId = \"dataBricks\",\n Enabled = true,\n });\n\n var exampleSynchronizationJobProvisionOnDemand = new AzureAD.SynchronizationJobProvisionOnDemand(\"example\", new()\n {\n ServicePrincipalId = exampleSynchronizationJob.ServicePrincipalId,\n SynchronizationJobId = exampleSynchronizationJob.Id,\n Parameters = new[]\n {\n new AzureAD.Inputs.SynchronizationJobProvisionOnDemandParameterArgs\n {\n RuleId = \"\",\n Subjects = new[]\n {\n new AzureAD.Inputs.SynchronizationJobProvisionOnDemandParameterSubjectArgs\n {\n ObjectId = exampleGroup.ObjectId,\n ObjectTypeName = \"Group\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetServicePrincipal := azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"example\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSynchronizationJob, err := azuread.NewSynchronizationJob(ctx, \"example\", \u0026azuread.SynchronizationJobArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tTemplateId: pulumi.String(\"dataBricks\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationJobProvisionOnDemand(ctx, \"example\", \u0026azuread.SynchronizationJobProvisionOnDemandArgs{\n\t\t\tServicePrincipalId: exampleSynchronizationJob.ServicePrincipalId,\n\t\t\tSynchronizationJobId: exampleSynchronizationJob.ID(),\n\t\t\tParameters: azuread.SynchronizationJobProvisionOnDemandParameterArray{\n\t\t\t\t\u0026azuread.SynchronizationJobProvisionOnDemandParameterArgs{\n\t\t\t\t\tRuleId: pulumi.String(\"\"),\n\t\t\t\t\tSubjects: azuread.SynchronizationJobProvisionOnDemandParameterSubjectArray{\n\t\t\t\t\t\t\u0026azuread.SynchronizationJobProvisionOnDemandParameterSubjectArgs{\n\t\t\t\t\t\t\tObjectId: exampleGroup.ObjectId,\n\t\t\t\t\t\t\tObjectTypeName: pulumi.String(\"Group\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport com.pulumi.azuread.SynchronizationJob;\nimport com.pulumi.azuread.SynchronizationJobArgs;\nimport com.pulumi.azuread.SynchronizationJobProvisionOnDemand;\nimport com.pulumi.azuread.SynchronizationJobProvisionOnDemandArgs;\nimport com.pulumi.azuread.inputs.SynchronizationJobProvisionOnDemandParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n var exampleSynchronizationJob = new SynchronizationJob(\"exampleSynchronizationJob\", SynchronizationJobArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .templateId(\"dataBricks\")\n .enabled(true)\n .build());\n\n var exampleSynchronizationJobProvisionOnDemand = new SynchronizationJobProvisionOnDemand(\"exampleSynchronizationJobProvisionOnDemand\", SynchronizationJobProvisionOnDemandArgs.builder()\n .servicePrincipalId(exampleSynchronizationJob.servicePrincipalId())\n .synchronizationJobId(exampleSynchronizationJob.id())\n .parameters(SynchronizationJobProvisionOnDemandParameterArgs.builder()\n .ruleId(\"\")\n .subjects(SynchronizationJobProvisionOnDemandParameterSubjectArgs.builder()\n .objectId(exampleGroup.objectId())\n .objectTypeName(\"Group\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n name: example\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: https://adb-example.azuredatabricks.net/api/2.0/preview/scim\n - key: SecretToken\n value: some-token\n exampleSynchronizationJob:\n type: azuread:SynchronizationJob\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n templateId: dataBricks\n enabled: true\n exampleSynchronizationJobProvisionOnDemand:\n type: azuread:SynchronizationJobProvisionOnDemand\n name: example\n properties:\n servicePrincipalId: ${exampleSynchronizationJob.servicePrincipalId}\n synchronizationJobId: ${exampleSynchronizationJob.id}\n parameters:\n - ruleId:\n subjects:\n - objectId: ${exampleGroup.objectId}\n objectTypeName: Group\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n example:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n exampleGetServicePrincipal:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nThis resource does not support importing.\n\n", + "description": "Manages synchronization job on demand provisioning associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Synchronization.ReadWrite.All`\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleGroup = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\nconst example = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\nconst exampleSynchronizationJob = new azuread.SynchronizationJob(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n templateId: \"dataBricks\",\n enabled: true,\n});\nconst exampleSynchronizationJobProvisionOnDemand = new azuread.SynchronizationJobProvisionOnDemand(\"example\", {\n servicePrincipalId: exampleSynchronizationJob.servicePrincipalId,\n synchronizationJobId: exampleSynchronizationJob.id,\n parameters: [{\n ruleId: \"\",\n subjects: [{\n objectId: exampleGroup.objectId,\n objectTypeName: \"Group\",\n }],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample_group = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\nexample = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"example\",\n service_principal_id=example_get_service_principal.id,\n credentials=[\n {\n \"key\": \"BaseAddress\",\n \"value\": \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n \"key\": \"SecretToken\",\n \"value\": \"some-token\",\n },\n ])\nexample_synchronization_job = azuread.SynchronizationJob(\"example\",\n service_principal_id=example_get_service_principal.id,\n template_id=\"dataBricks\",\n enabled=True)\nexample_synchronization_job_provision_on_demand = azuread.SynchronizationJobProvisionOnDemand(\"example\",\n service_principal_id=example_synchronization_job.service_principal_id,\n synchronization_job_id=example_synchronization_job.id,\n parameters=[{\n \"rule_id\": \"\",\n \"subjects\": [{\n \"object_id\": example_group.object_id,\n \"object_type_name\": \"Group\",\n }],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var exampleGroup = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n var exampleSynchronizationJob = new AzureAD.SynchronizationJob(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n TemplateId = \"dataBricks\",\n Enabled = true,\n });\n\n var exampleSynchronizationJobProvisionOnDemand = new AzureAD.SynchronizationJobProvisionOnDemand(\"example\", new()\n {\n ServicePrincipalId = exampleSynchronizationJob.ServicePrincipalId,\n SynchronizationJobId = exampleSynchronizationJob.Id,\n Parameters = new[]\n {\n new AzureAD.Inputs.SynchronizationJobProvisionOnDemandParameterArgs\n {\n RuleId = \"\",\n Subjects = new[]\n {\n new AzureAD.Inputs.SynchronizationJobProvisionOnDemandParameterSubjectArgs\n {\n ObjectId = exampleGroup.ObjectId,\n ObjectTypeName = \"Group\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetServicePrincipal := azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"example\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSynchronizationJob, err := azuread.NewSynchronizationJob(ctx, \"example\", \u0026azuread.SynchronizationJobArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tTemplateId: pulumi.String(\"dataBricks\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationJobProvisionOnDemand(ctx, \"example\", \u0026azuread.SynchronizationJobProvisionOnDemandArgs{\n\t\t\tServicePrincipalId: exampleSynchronizationJob.ServicePrincipalId,\n\t\t\tSynchronizationJobId: exampleSynchronizationJob.ID(),\n\t\t\tParameters: azuread.SynchronizationJobProvisionOnDemandParameterArray{\n\t\t\t\t\u0026azuread.SynchronizationJobProvisionOnDemandParameterArgs{\n\t\t\t\t\tRuleId: pulumi.String(\"\"),\n\t\t\t\t\tSubjects: azuread.SynchronizationJobProvisionOnDemandParameterSubjectArray{\n\t\t\t\t\t\t\u0026azuread.SynchronizationJobProvisionOnDemandParameterSubjectArgs{\n\t\t\t\t\t\t\tObjectId: exampleGroup.ObjectId,\n\t\t\t\t\t\t\tObjectTypeName: pulumi.String(\"Group\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport com.pulumi.azuread.SynchronizationJob;\nimport com.pulumi.azuread.SynchronizationJobArgs;\nimport com.pulumi.azuread.SynchronizationJobProvisionOnDemand;\nimport com.pulumi.azuread.SynchronizationJobProvisionOnDemandArgs;\nimport com.pulumi.azuread.inputs.SynchronizationJobProvisionOnDemandParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n var exampleSynchronizationJob = new SynchronizationJob(\"exampleSynchronizationJob\", SynchronizationJobArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .templateId(\"dataBricks\")\n .enabled(true)\n .build());\n\n var exampleSynchronizationJobProvisionOnDemand = new SynchronizationJobProvisionOnDemand(\"exampleSynchronizationJobProvisionOnDemand\", SynchronizationJobProvisionOnDemandArgs.builder()\n .servicePrincipalId(exampleSynchronizationJob.servicePrincipalId())\n .synchronizationJobId(exampleSynchronizationJob.id())\n .parameters(SynchronizationJobProvisionOnDemandParameterArgs.builder()\n .ruleId(\"\")\n .subjects(SynchronizationJobProvisionOnDemandParameterSubjectArgs.builder()\n .objectId(exampleGroup.objectId())\n .objectTypeName(\"Group\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n name: example\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: https://adb-example.azuredatabricks.net/api/2.0/preview/scim\n - key: SecretToken\n value: some-token\n exampleSynchronizationJob:\n type: azuread:SynchronizationJob\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n templateId: dataBricks\n enabled: true\n exampleSynchronizationJobProvisionOnDemand:\n type: azuread:SynchronizationJobProvisionOnDemand\n name: example\n properties:\n servicePrincipalId: ${exampleSynchronizationJob.servicePrincipalId}\n synchronizationJobId: ${exampleSynchronizationJob.id}\n parameters:\n - ruleId: \"\"\n subjects:\n - objectId: ${exampleGroup.objectId}\n objectTypeName: Group\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\n example:\n fn::invoke:\n function: azuread:getApplicationTemplate\n arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n exampleGetServicePrincipal:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nThis resource does not support importing.\n\n", "properties": { "parameters": { "type": "array", @@ -8821,7 +8821,7 @@ } }, "azuread:index/synchronizationSecret:SynchronizationSecret": { - "description": "Manages synchronization secrets associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"abc\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"example\",\n service_principal_id=example_get_service_principal.id,\n credentials=[\n {\n \"key\": \"BaseAddress\",\n \"value\": \"abc\",\n },\n {\n \"key\": \"SecretToken\",\n \"value\": \"some-token\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"abc\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetServicePrincipal := azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"example\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"abc\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"abc\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: abc\n - key: SecretToken\n value: some-token\nvariables:\n example:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n exampleGetServicePrincipal:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nThis resource does not support importing.\n\n", + "description": "Manages synchronization secrets associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n## Example Usage\n\n*Basic example*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"example\", {\n displayName: \"example\",\n templateId: example.then(example =\u003e example.templateId),\n});\nconst exampleGetServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"example\", {\n servicePrincipalId: exampleGetServicePrincipal.apply(exampleGetServicePrincipal =\u003e exampleGetServicePrincipal.id),\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"abc\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"example\",\n display_name=\"example\",\n template_id=example.template_id)\nexample_get_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"example\",\n service_principal_id=example_get_service_principal.id,\n credentials=[\n {\n \"key\": \"BaseAddress\",\n \"value\": \"abc\",\n },\n {\n \"key\": \"SecretToken\",\n \"value\": \"some-token\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"example\", new()\n {\n DisplayName = \"example\",\n TemplateId = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleGetServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"example\", new()\n {\n ServicePrincipalId = exampleGetServicePrincipal.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Id),\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"abc\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"example\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: pulumi.String(example.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetServicePrincipal := azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"example\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: pulumi.String(exampleGetServicePrincipal.ApplyT(func(exampleGetServicePrincipal azuread.GetServicePrincipalResult) (*string, error) {\n\t\t\t\treturn \u0026exampleGetServicePrincipal.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"abc\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder()\n .displayName(\"example\")\n .templateId(example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleGetServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder()\n .servicePrincipalId(exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult).applyValue(exampleGetServicePrincipal -\u003e exampleGetServicePrincipal.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.id())))\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"abc\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n name: example\n properties:\n displayName: example\n templateId: ${example.templateId}\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n name: example\n properties:\n servicePrincipalId: ${exampleGetServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: abc\n - key: SecretToken\n value: some-token\nvariables:\n example:\n fn::invoke:\n function: azuread:getApplicationTemplate\n arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n exampleGetServicePrincipal:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nThis resource does not support importing.\n\n", "properties": { "credentials": { "type": "array", @@ -9545,7 +9545,7 @@ }, "functions": { "azuread:index/getAccessPackage:getAccessPackage": { - "description": "Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`.\n\n## Example Usage\n\n*Look up by ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackage({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackage.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackage(ctx, \u0026azuread.LookupAccessPackageArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackage\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by DisplayName*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackage({\n catalogId: \"00000000-0000-0000-0000-000000000000\",\n displayName: \"My access package Catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package(catalog_id=\"00000000-0000-0000-0000-000000000000\",\n display_name=\"My access package Catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackage.Invoke(new()\n {\n CatalogId = \"00000000-0000-0000-0000-000000000000\",\n DisplayName = \"My access package Catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackage(ctx, \u0026azuread.LookupAccessPackageArgs{\n\t\t\tCatalogId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tDisplayName: pulumi.StringRef(\"My access package Catalog\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder()\n .catalogId(\"00000000-0000-0000-0000-000000000000\")\n .displayName(\"My access package Catalog\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackage\n Arguments:\n catalogId: 00000000-0000-0000-0000-000000000000\n displayName: My access package Catalog\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Access package manager`, `Global Reader`, or `Global Administrator`.\n\n## Example Usage\n\n*Look up by ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackage({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackage.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackage(ctx, \u0026azuread.LookupAccessPackageArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAccessPackage\n arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by DisplayName*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackage({\n catalogId: \"00000000-0000-0000-0000-000000000000\",\n displayName: \"My access package Catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package(catalog_id=\"00000000-0000-0000-0000-000000000000\",\n display_name=\"My access package Catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackage.Invoke(new()\n {\n CatalogId = \"00000000-0000-0000-0000-000000000000\",\n DisplayName = \"My access package Catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackage(ctx, \u0026azuread.LookupAccessPackageArgs{\n\t\t\tCatalogId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tDisplayName: pulumi.StringRef(\"My access package Catalog\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackage(GetAccessPackageArgs.builder()\n .catalogId(\"00000000-0000-0000-0000-000000000000\")\n .displayName(\"My access package Catalog\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAccessPackage\n arguments:\n catalogId: 00000000-0000-0000-0000-000000000000\n displayName: My access package Catalog\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccessPackage.\n", "properties": { @@ -9600,7 +9600,7 @@ } }, "azuread:index/getAccessPackageCatalog:getAccessPackageCatalog": { - "description": "i\nUse this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`.\n\n## Example Usage\n\n*Look up by ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalog({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalog.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackageCatalog(ctx, \u0026azuread.LookupAccessPackageCatalogArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackageCatalog\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by DisplayName*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalog({\n displayName: \"My access package Catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog(display_name=\"My access package Catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalog.Invoke(new()\n {\n DisplayName = \"My access package Catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackageCatalog(ctx, \u0026azuread.LookupAccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"My access package Catalog\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder()\n .displayName(\"My access package Catalog\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackageCatalog\n Arguments:\n displayName: My access package Catalog\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "i\nUse this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All`, or `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this data source requires one of the following directory roles: `Catalog owner`, `Catalog reader`, `Global Reader`, or `Global Administrator`.\n\n## Example Usage\n\n*Look up by ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalog({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalog.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackageCatalog(ctx, \u0026azuread.LookupAccessPackageCatalogArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAccessPackageCatalog\n arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by DisplayName*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalog({\n displayName: \"My access package Catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog(display_name=\"My access package Catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalog.Invoke(new()\n {\n DisplayName = \"My access package Catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAccessPackageCatalog(ctx, \u0026azuread.LookupAccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"My access package Catalog\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalog(GetAccessPackageCatalogArgs.builder()\n .displayName(\"My access package Catalog\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAccessPackageCatalog\n arguments:\n displayName: My access package Catalog\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccessPackageCatalog.\n", "properties": { @@ -9653,7 +9653,7 @@ } }, "azuread:index/getAccessPackageCatalogRole:getAccessPackageCatalogRole": { - "description": "Gets information about an access package catalog role.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n### By Group Display Name)\n\n*Look up by display name*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalogRole({\n displayName: \"Catalog owner\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog_role(display_name=\"Catalog owner\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n DisplayName = \"Catalog owner\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Catalog owner\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .displayName(\"Catalog owner\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackageCatalogRole\n Arguments:\n displayName: Catalog owner\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by object ID*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalogRole({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog_role(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAccessPackageCatalogRole\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets information about an access package catalog role.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `EntitlementManagement.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n### By Group Display Name)\n\n*Look up by display name*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalogRole({\n displayName: \"Catalog owner\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog_role(display_name=\"Catalog owner\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n DisplayName = \"Catalog owner\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Catalog owner\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .displayName(\"Catalog owner\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAccessPackageCatalogRole\n arguments:\n displayName: Catalog owner\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by object ID*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAccessPackageCatalogRole({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_access_package_catalog_role(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAccessPackageCatalogRole\n arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccessPackageCatalogRole.\n", "properties": { @@ -9703,7 +9703,7 @@ } }, "azuread:index/getAdministrativeUnit:getAdministrativeUnit": { - "description": "Gets information about an adminisrative unit in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `AdministrativeUnit.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n### By Group Display Name)\n\n*Look up by display name*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAdministrativeUnit({\n displayName: \"Example-AU\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_administrative_unit(display_name=\"Example-AU\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAdministrativeUnit.Invoke(new()\n {\n DisplayName = \"Example-AU\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAdministrativeUnit(ctx, \u0026azuread.LookupAdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Example-AU\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAdministrativeUnit(GetAdministrativeUnitArgs.builder()\n .displayName(\"Example-AU\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAdministrativeUnit\n Arguments:\n displayName: Example-AU\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by object ID*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAdministrativeUnit({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_administrative_unit(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAdministrativeUnit.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAdministrativeUnit(ctx, \u0026azuread.LookupAdministrativeUnitArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAdministrativeUnit(GetAdministrativeUnitArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getAdministrativeUnit\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets information about an adminisrative unit in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `AdministrativeUnit.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n### By Group Display Name)\n\n*Look up by display name*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAdministrativeUnit({\n displayName: \"Example-AU\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_administrative_unit(display_name=\"Example-AU\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAdministrativeUnit.Invoke(new()\n {\n DisplayName = \"Example-AU\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAdministrativeUnit(ctx, \u0026azuread.LookupAdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Example-AU\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAdministrativeUnit(GetAdministrativeUnitArgs.builder()\n .displayName(\"Example-AU\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAdministrativeUnit\n arguments:\n displayName: Example-AU\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by object ID*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getAdministrativeUnit({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_administrative_unit(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetAdministrativeUnit.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupAdministrativeUnit(ctx, \u0026azuread.LookupAdministrativeUnitArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetAdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getAdministrativeUnit(GetAdministrativeUnitArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getAdministrativeUnit\n arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAdministrativeUnit.\n", "properties": { @@ -9761,7 +9761,7 @@ } }, "azuread:index/getApplication:getApplication": { - "description": "Use this data source to access information about an existing Application within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Application.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplication({\n displayName: \"My First AzureAD Application\",\n});\nexport const applicationObjectId = example.then(example =\u003e example.objectId);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application(display_name=\"My First AzureAD Application\")\npulumi.export(\"applicationObjectId\", example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplication.Invoke(new()\n {\n DisplayName = \"My First AzureAD Application\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"applicationObjectId\"] = example.Apply(getApplicationResult =\u003e getApplicationResult.ObjectId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupApplication(ctx, \u0026azuread.LookupApplicationArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"My First AzureAD Application\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"applicationObjectId\", example.ObjectId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplication(GetApplicationArgs.builder()\n .displayName(\"My First AzureAD Application\")\n .build());\n\n ctx.export(\"applicationObjectId\", example.applyValue(getApplicationResult -\u003e getApplicationResult.objectId()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getApplication\n Arguments:\n displayName: My First AzureAD Application\noutputs:\n applicationObjectId: ${example.objectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Use this data source to access information about an existing Application within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Application.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplication({\n displayName: \"My First AzureAD Application\",\n});\nexport const applicationObjectId = example.then(example =\u003e example.objectId);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application(display_name=\"My First AzureAD Application\")\npulumi.export(\"applicationObjectId\", example.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplication.Invoke(new()\n {\n DisplayName = \"My First AzureAD Application\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"applicationObjectId\"] = example.Apply(getApplicationResult =\u003e getApplicationResult.ObjectId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.LookupApplication(ctx, \u0026azuread.LookupApplicationArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"My First AzureAD Application\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"applicationObjectId\", example.ObjectId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplication(GetApplicationArgs.builder()\n .displayName(\"My First AzureAD Application\")\n .build());\n\n ctx.export(\"applicationObjectId\", example.applyValue(getApplicationResult -\u003e getApplicationResult.objectId()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getApplication\n arguments:\n displayName: My First AzureAD Application\noutputs:\n applicationObjectId: ${example.objectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApplication.\n", "properties": { @@ -10000,7 +10000,7 @@ } }, "azuread:index/getApplicationPublishedAppIds:getApplicationPublishedAppIds": { - "description": "## Example Usage\n\n*Listing well-known application IDs*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nexport const publishedAppIds = wellKnown.then(wellKnown =\u003e wellKnown.result);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\npulumi.export(\"publishedAppIds\", well_known.result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"publishedAppIds\"] = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"publishedAppIds\", wellKnown.Result)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n ctx.export(\"publishedAppIds\", wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result()));\n }\n}\n```\n```yaml\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\noutputs:\n publishedAppIds: ${wellKnown.result}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Granting access to an application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"MicrosoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.app_role_ids[\"User.Read.All\"],\n \"type\": \"Role\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n \"type\": \"Scope\",\n },\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "## Example Usage\n\n*Listing well-known application IDs*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nexport const publishedAppIds = wellKnown.then(wellKnown =\u003e wellKnown.result);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\npulumi.export(\"publishedAppIds\", well_known.result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"publishedAppIds\"] = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"publishedAppIds\", wellKnown.Result)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n ctx.export(\"publishedAppIds\", wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result()));\n }\n}\n```\n```yaml\nvariables:\n wellKnown:\n fn::invoke:\n function: azuread:getApplicationPublishedAppIds\n arguments: {}\noutputs:\n publishedAppIds: ${wellKnown.result}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Granting access to an application*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[{\n \"resource_app_id\": well_known.result[\"MicrosoftGraph\"],\n \"resource_accesses\": [\n {\n \"id\": msgraph.app_role_ids[\"User.Read.All\"],\n \"type\": \"Role\",\n },\n {\n \"id\": msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n \"type\": \"Scope\",\n },\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\nvariables:\n wellKnown:\n fn::invoke:\n function: azuread:getApplicationPublishedAppIds\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getApplicationPublishedAppIds.\n", "properties": { @@ -10024,7 +10024,7 @@ } }, "azuread:index/getApplicationTemplate:getApplicationTemplate": { - "description": "Use this data source to access information about an Application Template from the [Azure AD App Gallery](https://azuremarketplace.microsoft.com/en-US/marketplace/apps/category/azure-active-directory-apps).\n\n## API Permissions\n\nThis data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nexport const applicationTemplateId = example.then(example =\u003e example.templateId);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Marketo\")\npulumi.export(\"applicationTemplateId\", example.template_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"applicationTemplateId\"] = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"applicationTemplateId\", example.TemplateId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n ctx.export(\"applicationTemplateId\", example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\noutputs:\n applicationTemplateId: ${example.templateId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Use this data source to access information about an Application Template from the [Azure AD App Gallery](https://azuremarketplace.microsoft.com/en-US/marketplace/apps/category/azure-active-directory-apps).\n\n## API Permissions\n\nThis data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nexport const applicationTemplateId = example.then(example =\u003e example.templateId);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_application_template(display_name=\"Marketo\")\npulumi.export(\"applicationTemplateId\", example.template_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"applicationTemplateId\"] = example.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"applicationTemplateId\", example.TemplateId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n ctx.export(\"applicationTemplateId\", example.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getApplicationTemplate\n arguments:\n displayName: Marketo\noutputs:\n applicationTemplateId: ${example.templateId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApplicationTemplate.\n", "properties": { @@ -10103,7 +10103,7 @@ } }, "azuread:index/getClientConfig:getClientConfig": { - "description": "Use this data source to access the configuration of the AzureAD provider.\n\n## API Permissions\n\nNo additional roles are required to use this data source.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nexport const objectId = current.then(current =\u003e current.objectId);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\npulumi.export(\"objectId\", current.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"objectId\"] = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"objectId\", current.ObjectId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n ctx.export(\"objectId\", current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\noutputs:\n objectId: ${current.objectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Use this data source to access the configuration of the AzureAD provider.\n\n## API Permissions\n\nNo additional roles are required to use this data source.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nexport const objectId = current.then(current =\u003e current.objectId);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\npulumi.export(\"objectId\", current.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"objectId\"] = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"objectId\", current.ObjectId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n ctx.export(\"objectId\", current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n function: azuread:getClientConfig\n arguments: {}\noutputs:\n objectId: ${current.objectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getClientConfig.\n", "properties": { @@ -10134,7 +10134,7 @@ } }, "azuread:index/getDirectoryObject:getDirectoryObject": { - "description": "Retrieves the OData type for a generic directory object having the provided object ID.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires either `User.Read.All`, `Group.Read.All` or `Directory.Read.All`, depending on the type of object being queried.\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up and output type of object by ID*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getDirectoryObject({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\nexport const objectType = example.then(example =\u003e example.type);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_directory_object(object_id=\"00000000-0000-0000-0000-000000000000\")\npulumi.export(\"objectType\", example.type)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetDirectoryObject.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"objectType\"] = example.Apply(getDirectoryObjectResult =\u003e getDirectoryObjectResult.Type),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetDirectoryObject(ctx, \u0026azuread.GetDirectoryObjectArgs{\n\t\t\tObjectId: \"00000000-0000-0000-0000-000000000000\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"objectType\", example.Type)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetDirectoryObjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getDirectoryObject(GetDirectoryObjectArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n ctx.export(\"objectType\", example.applyValue(getDirectoryObjectResult -\u003e getDirectoryObjectResult.type()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getDirectoryObject\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\noutputs:\n objectType: ${example.type}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Attributes Reference \n\nThe following attributes are exported:\n\n*`object_id` - The object ID of the directory object.\n*`type` - The shortened OData type of the directory object. Possible values include: `Group`, `User` or `ServicePrincipal`.\n", + "description": "Retrieves the OData type for a generic directory object having the provided object ID.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires either `User.Read.All`, `Group.Read.All` or `Directory.Read.All`, depending on the type of object being queried.\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up and output type of object by ID*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getDirectoryObject({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\nexport const objectType = example.then(example =\u003e example.type);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_directory_object(object_id=\"00000000-0000-0000-0000-000000000000\")\npulumi.export(\"objectType\", example.type)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetDirectoryObject.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"objectType\"] = example.Apply(getDirectoryObjectResult =\u003e getDirectoryObjectResult.Type),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.GetDirectoryObject(ctx, \u0026azuread.GetDirectoryObjectArgs{\n\t\t\tObjectId: \"00000000-0000-0000-0000-000000000000\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"objectType\", example.Type)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetDirectoryObjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getDirectoryObject(GetDirectoryObjectArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n ctx.export(\"objectType\", example.applyValue(getDirectoryObjectResult -\u003e getDirectoryObjectResult.type()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getDirectoryObject\n arguments:\n objectId: 00000000-0000-0000-0000-000000000000\noutputs:\n objectType: ${example.type}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Attributes Reference \n\nThe following attributes are exported:\n\n*`object_id` - The object ID of the directory object.\n*`type` - The shortened OData type of the directory object. Possible values include: `Group`, `User` or `ServicePrincipal`.\n", "inputs": { "description": "A collection of arguments for invoking getDirectoryObject.\n", "properties": { @@ -10171,7 +10171,7 @@ } }, "azuread:index/getDirectoryRoleTemplates:getDirectoryRoleTemplates": { - "description": "Use this data source to access information about directory role templates within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.Read.Directory` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getDirectoryRoleTemplates({});\nexport const roles = current.then(current =\u003e current.objectIds);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_directory_role_templates()\npulumi.export(\"roles\", current.object_ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetDirectoryRoleTemplates.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"roles\"] = current.Apply(getDirectoryRoleTemplatesResult =\u003e getDirectoryRoleTemplatesResult.ObjectIds),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetDirectoryRoleTemplates(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"roles\", current.ObjectIds)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getDirectoryRoleTemplates();\n\n ctx.export(\"roles\", current.applyValue(getDirectoryRoleTemplatesResult -\u003e getDirectoryRoleTemplatesResult.objectIds()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: azuread:getDirectoryRoleTemplates\n Arguments: {}\noutputs:\n roles: ${current.objectIds}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Use this data source to access information about directory role templates within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.Read.Directory` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getDirectoryRoleTemplates({});\nexport const roles = current.then(current =\u003e current.objectIds);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_directory_role_templates()\npulumi.export(\"roles\", current.object_ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetDirectoryRoleTemplates.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"roles\"] = current.Apply(getDirectoryRoleTemplatesResult =\u003e getDirectoryRoleTemplatesResult.ObjectIds),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetDirectoryRoleTemplates(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"roles\", current.ObjectIds)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getDirectoryRoleTemplates();\n\n ctx.export(\"roles\", current.applyValue(getDirectoryRoleTemplatesResult -\u003e getDirectoryRoleTemplatesResult.objectIds()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n function: azuread:getDirectoryRoleTemplates\n arguments: {}\noutputs:\n roles: ${current.objectIds}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getDirectoryRoleTemplates.\n", "properties": { @@ -10203,7 +10203,7 @@ } }, "azuread:index/getDirectoryRoles:getDirectoryRoles": { - "description": "Use this data source to access information about activated directory roles within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.Read.Directory` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getDirectoryRoles({});\nexport const roles = current.then(current =\u003e current.objectIds);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_directory_roles()\npulumi.export(\"roles\", current.object_ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetDirectoryRoles.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"roles\"] = current.Apply(getDirectoryRolesResult =\u003e getDirectoryRolesResult.ObjectIds),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetDirectoryRoles(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"roles\", current.ObjectIds)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getDirectoryRoles();\n\n ctx.export(\"roles\", current.applyValue(getDirectoryRolesResult -\u003e getDirectoryRolesResult.objectIds()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: azuread:getDirectoryRoles\n Arguments: {}\noutputs:\n roles: ${current.objectIds}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Use this data source to access information about activated directory roles within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.Read.Directory` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getDirectoryRoles({});\nexport const roles = current.then(current =\u003e current.objectIds);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_directory_roles()\npulumi.export(\"roles\", current.object_ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetDirectoryRoles.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"roles\"] = current.Apply(getDirectoryRolesResult =\u003e getDirectoryRolesResult.ObjectIds),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetDirectoryRoles(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"roles\", current.ObjectIds)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getDirectoryRoles();\n\n ctx.export(\"roles\", current.applyValue(getDirectoryRolesResult -\u003e getDirectoryRolesResult.objectIds()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n function: azuread:getDirectoryRoles\n arguments: {}\noutputs:\n roles: ${current.objectIds}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getDirectoryRoles.\n", "properties": { @@ -10322,7 +10322,7 @@ } }, "azuread:index/getGroup:getGroup": { - "description": "Gets information about an Azure Active Directory group.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Group.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n### By Group Display Name)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getGroup({\n displayName: \"MyGroupName\",\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_group(display_name=\"MyGroupName\",\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetGroup.Invoke(new()\n {\n DisplayName = \"MyGroupName\",\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupGroup(ctx, \u0026azuread.LookupGroupArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"MyGroupName\"),\n\t\t\tSecurityEnabled: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getGroup(GetGroupArgs.builder()\n .displayName(\"MyGroupName\")\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getGroup\n Arguments:\n displayName: MyGroupName\n securityEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets information about an Azure Active Directory group.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Group.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n### By Group Display Name)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getGroup({\n displayName: \"MyGroupName\",\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_group(display_name=\"MyGroupName\",\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetGroup.Invoke(new()\n {\n DisplayName = \"MyGroupName\",\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupGroup(ctx, \u0026azuread.LookupGroupArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"MyGroupName\"),\n\t\t\tSecurityEnabled: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getGroup(GetGroupArgs.builder()\n .displayName(\"MyGroupName\")\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getGroup\n arguments:\n displayName: MyGroupName\n securityEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { @@ -10537,7 +10537,7 @@ } }, "azuread:index/getGroupRoleManagementPolicy:getGroupRoleManagementPolicy": { - "description": "Use this data source to retrieve a role policy for an Azure AD group.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the `RoleManagementPolicy.Read.AzureADGroup` Microsoft Graph API permissions.\n\nWhen authenticated with a user principal, this resource requires `Global Administrator` directory role, or the `Privileged Role Administrator` role in Identity Governance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Group(\"example\", {\n displayName: \"group-name\",\n securityEnabled: true,\n});\nconst ownersPolicy = azuread.getGroupRoleManagementPolicyOutput({\n groupId: example.id,\n roleId: \"owner\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Group(\"example\",\n display_name=\"group-name\",\n security_enabled=True)\nowners_policy = azuread.get_group_role_management_policy_output(group_id=example.id,\n role_id=\"owner\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"group-name\",\n SecurityEnabled = true,\n });\n\n var ownersPolicy = AzureAD.GetGroupRoleManagementPolicy.Invoke(new()\n {\n GroupId = example.Id,\n RoleId = \"owner\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"group-name\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = azuread.LookupGroupRoleManagementPolicyOutput(ctx, azuread.GetGroupRoleManagementPolicyOutputArgs{\n\t\t\tGroupId: example.ID(),\n\t\t\tRoleId: pulumi.String(\"owner\"),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupRoleManagementPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"group-name\")\n .securityEnabled(true)\n .build());\n\n final var ownersPolicy = AzureadFunctions.getGroupRoleManagementPolicy(GetGroupRoleManagementPolicyArgs.builder()\n .groupId(example.id())\n .roleId(\"owner\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: group-name\n securityEnabled: true\nvariables:\n ownersPolicy:\n fn::invoke:\n Function: azuread:getGroupRoleManagementPolicy\n Arguments:\n groupId: ${example.id}\n roleId: owner\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Use this data source to retrieve a role policy for an Azure AD group.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the `RoleManagementPolicy.Read.AzureADGroup` Microsoft Graph API permissions.\n\nWhen authenticated with a user principal, this resource requires `Global Administrator` directory role, or the `Privileged Role Administrator` role in Identity Governance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Group(\"example\", {\n displayName: \"group-name\",\n securityEnabled: true,\n});\nconst ownersPolicy = azuread.getGroupRoleManagementPolicyOutput({\n groupId: example.id,\n roleId: \"owner\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Group(\"example\",\n display_name=\"group-name\",\n security_enabled=True)\nowners_policy = azuread.get_group_role_management_policy_output(group_id=example.id,\n role_id=\"owner\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"group-name\",\n SecurityEnabled = true,\n });\n\n var ownersPolicy = AzureAD.GetGroupRoleManagementPolicy.Invoke(new()\n {\n GroupId = example.Id,\n RoleId = \"owner\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"group-name\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = azuread.LookupGroupRoleManagementPolicyOutput(ctx, azuread.GetGroupRoleManagementPolicyOutputArgs{\n\t\t\tGroupId: example.ID(),\n\t\t\tRoleId: pulumi.String(\"owner\"),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupRoleManagementPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Group(\"example\", GroupArgs.builder()\n .displayName(\"group-name\")\n .securityEnabled(true)\n .build());\n\n final var ownersPolicy = AzureadFunctions.getGroupRoleManagementPolicy(GetGroupRoleManagementPolicyArgs.builder()\n .groupId(example.id())\n .roleId(\"owner\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: group-name\n securityEnabled: true\nvariables:\n ownersPolicy:\n fn::invoke:\n function: azuread:getGroupRoleManagementPolicy\n arguments:\n groupId: ${example.id}\n roleId: owner\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroupRoleManagementPolicy.\n", "properties": { @@ -10589,7 +10589,7 @@ } }, "azuread:index/getGroups:getGroups": { - "description": "Gets Object IDs or Display Names for multiple Azure Active Directory groups.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Group.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up by group name*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getGroups({\n displayNames: [\n \"group-a\",\n \"group-b\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_groups(display_names=[\n \"group-a\",\n \"group-b\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetGroups.Invoke(new()\n {\n DisplayNames = new[]\n {\n \"group-a\",\n \"group-b\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tDisplayNames: []string{\n\t\t\t\t\"group-a\",\n\t\t\t\t\"group-b\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .displayNames( \n \"group-a\",\n \"group-b\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getGroups\n Arguments:\n displayNames:\n - group-a\n - group-b\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by display name prefix*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst sales = azuread.getGroups({\n displayNamePrefix: \"sales-\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nsales = azuread.get_groups(display_name_prefix=\"sales-\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sales = AzureAD.GetGroups.Invoke(new()\n {\n DisplayNamePrefix = \"sales-\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tDisplayNamePrefix: pulumi.StringRef(\"sales-\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var sales = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .displayNamePrefix(\"sales-\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n sales:\n fn::invoke:\n Function: azuread:getGroups\n Arguments:\n displayNamePrefix: sales-\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up all groups*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst all = azuread.getGroups({\n returnAll: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nall = azuread.get_groups(return_all=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var all = AzureAD.GetGroups.Invoke(new()\n {\n ReturnAll = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tReturnAll: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var all = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .returnAll(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n all:\n fn::invoke:\n Function: azuread:getGroups\n Arguments:\n returnAll: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up all mail-enabled groups*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst mailEnabled = azuread.getGroups({\n mailEnabled: true,\n returnAll: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nmail_enabled = azuread.get_groups(mail_enabled=True,\n return_all=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mailEnabled = AzureAD.GetGroups.Invoke(new()\n {\n MailEnabled = true,\n ReturnAll = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tMailEnabled: pulumi.BoolRef(true),\n\t\t\tReturnAll: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var mailEnabled = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .mailEnabled(true)\n .returnAll(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n mailEnabled:\n fn::invoke:\n Function: azuread:getGroups\n Arguments:\n mailEnabled: true\n returnAll: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up all security-enabled groups that are not mail-enabled*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst securityOnly = azuread.getGroups({\n mailEnabled: false,\n returnAll: true,\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nsecurity_only = azuread.get_groups(mail_enabled=False,\n return_all=True,\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var securityOnly = AzureAD.GetGroups.Invoke(new()\n {\n MailEnabled = false,\n ReturnAll = true,\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tMailEnabled: pulumi.BoolRef(false),\n\t\t\tReturnAll: pulumi.BoolRef(true),\n\t\t\tSecurityEnabled: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var securityOnly = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .mailEnabled(false)\n .returnAll(true)\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n securityOnly:\n fn::invoke:\n Function: azuread:getGroups\n Arguments:\n mailEnabled: false\n returnAll: true\n securityEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets Object IDs or Display Names for multiple Azure Active Directory groups.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Group.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up by group name*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getGroups({\n displayNames: [\n \"group-a\",\n \"group-b\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_groups(display_names=[\n \"group-a\",\n \"group-b\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetGroups.Invoke(new()\n {\n DisplayNames = new[]\n {\n \"group-a\",\n \"group-b\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tDisplayNames: []string{\n\t\t\t\t\"group-a\",\n\t\t\t\t\"group-b\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .displayNames( \n \"group-a\",\n \"group-b\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getGroups\n arguments:\n displayNames:\n - group-a\n - group-b\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by display name prefix*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst sales = azuread.getGroups({\n displayNamePrefix: \"sales-\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nsales = azuread.get_groups(display_name_prefix=\"sales-\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sales = AzureAD.GetGroups.Invoke(new()\n {\n DisplayNamePrefix = \"sales-\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tDisplayNamePrefix: pulumi.StringRef(\"sales-\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var sales = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .displayNamePrefix(\"sales-\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n sales:\n fn::invoke:\n function: azuread:getGroups\n arguments:\n displayNamePrefix: sales-\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up all groups*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst all = azuread.getGroups({\n returnAll: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nall = azuread.get_groups(return_all=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var all = AzureAD.GetGroups.Invoke(new()\n {\n ReturnAll = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tReturnAll: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var all = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .returnAll(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n all:\n fn::invoke:\n function: azuread:getGroups\n arguments:\n returnAll: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up all mail-enabled groups*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst mailEnabled = azuread.getGroups({\n mailEnabled: true,\n returnAll: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nmail_enabled = azuread.get_groups(mail_enabled=True,\n return_all=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mailEnabled = AzureAD.GetGroups.Invoke(new()\n {\n MailEnabled = true,\n ReturnAll = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tMailEnabled: pulumi.BoolRef(true),\n\t\t\tReturnAll: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var mailEnabled = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .mailEnabled(true)\n .returnAll(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n mailEnabled:\n fn::invoke:\n function: azuread:getGroups\n arguments:\n mailEnabled: true\n returnAll: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up all security-enabled groups that are not mail-enabled*\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst securityOnly = azuread.getGroups({\n mailEnabled: false,\n returnAll: true,\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nsecurity_only = azuread.get_groups(mail_enabled=False,\n return_all=True,\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var securityOnly = AzureAD.GetGroups.Invoke(new()\n {\n MailEnabled = false,\n ReturnAll = true,\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetGroups(ctx, \u0026azuread.GetGroupsArgs{\n\t\t\tMailEnabled: pulumi.BoolRef(false),\n\t\t\tReturnAll: pulumi.BoolRef(true),\n\t\t\tSecurityEnabled: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var securityOnly = AzureadFunctions.getGroups(GetGroupsArgs.builder()\n .mailEnabled(false)\n .returnAll(true)\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n securityOnly:\n fn::invoke:\n function: azuread:getGroups\n arguments:\n mailEnabled: false\n returnAll: true\n securityEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroups.\n", "properties": { @@ -10679,7 +10679,7 @@ } }, "azuread:index/getNamedLocation:getNamedLocation": { - "description": "Gets information about a Named Location within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Reader`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getNamedLocation({\n displayName: \"My Named Location\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_named_location(display_name=\"My Named Location\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetNamedLocation.Invoke(new()\n {\n DisplayName = \"My Named Location\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupNamedLocation(ctx, \u0026azuread.LookupNamedLocationArgs{\n\t\t\tDisplayName: \"My Named Location\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetNamedLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getNamedLocation(GetNamedLocationArgs.builder()\n .displayName(\"My Named Location\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getNamedLocation\n Arguments:\n displayName: My Named Location\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Attributes Reference \n\nThe following attributes are exported:\n\n* `country` - A `country` block as documented below, which describes a country-based named location.\n* `id` - The ID of the named location.\n* `ip` - An `ip` block as documented below, which describes an IP-based named location.\n* \n---\n\n`country` block exports the following:\n\n* `countries_and_regions` - List of countries and/or regions in two-letter format specified by ISO 3166-2.\n* `include_unknown_countries_and_regions` - Whether IP addresses that don't map to a country or region are included in the named location.\n\n---\n\n`ip` block exports the following:\n\n* `ip_ranges` - List of IP address ranges in IPv4 CIDR format (e.g. `1.2.3.4/32`) or any allowable IPv6 format from IETF RFC596.\n* `trusted` - Whether the named location is trusted.\n", + "description": "Gets information about a Named Location within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Reader`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getNamedLocation({\n displayName: \"My Named Location\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_named_location(display_name=\"My Named Location\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetNamedLocation.Invoke(new()\n {\n DisplayName = \"My Named Location\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupNamedLocation(ctx, \u0026azuread.LookupNamedLocationArgs{\n\t\t\tDisplayName: \"My Named Location\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetNamedLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getNamedLocation(GetNamedLocationArgs.builder()\n .displayName(\"My Named Location\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getNamedLocation\n arguments:\n displayName: My Named Location\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Attributes Reference \n\nThe following attributes are exported:\n\n* `country` - A `country` block as documented below, which describes a country-based named location.\n* `id` - The ID of the named location.\n* `ip` - An `ip` block as documented below, which describes an IP-based named location.\n* \n---\n\n`country` block exports the following:\n\n* `countries_and_regions` - List of countries and/or regions in two-letter format specified by ISO 3166-2.\n* `include_unknown_countries_and_regions` - Whether IP addresses that don't map to a country or region are included in the named location.\n\n---\n\n`ip` block exports the following:\n\n* `ip_ranges` - List of IP address ranges in IPv4 CIDR format (e.g. `1.2.3.4/32`) or any allowable IPv6 format from IETF RFC596.\n* `trusted` - Whether the named location is trusted.\n", "inputs": { "description": "A collection of arguments for invoking getNamedLocation.\n", "properties": { @@ -10726,7 +10726,7 @@ } }, "azuread:index/getServicePrincipal:getServicePrincipal": { - "description": "Gets information about an existing service principal associated with an application within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Application.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up by application display name*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipal({\n displayName: \"my-awesome-application\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principal(display_name=\"my-awesome-application\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipal.Invoke(new()\n {\n DisplayName = \"my-awesome-application\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"my-awesome-application\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .displayName(\"my-awesome-application\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n displayName: my-awesome-application\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by client ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipal({\n clientId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principal(client_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ClientId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tClientId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .clientId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n clientId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by service principal object ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipal({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principal(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets information about an existing service principal associated with an application within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Application.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up by application display name*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipal({\n displayName: \"my-awesome-application\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principal(display_name=\"my-awesome-application\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipal.Invoke(new()\n {\n DisplayName = \"my-awesome-application\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"my-awesome-application\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .displayName(\"my-awesome-application\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n displayName: my-awesome-application\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by client ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipal({\n clientId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principal(client_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ClientId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tClientId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .clientId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n clientId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by service principal object ID*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipal({\n objectId: \"00000000-0000-0000-0000-000000000000\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principal(object_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tObjectId: pulumi.StringRef(\"00000000-0000-0000-0000-000000000000\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getServicePrincipal\n arguments:\n objectId: 00000000-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServicePrincipal.\n", "properties": { @@ -10931,7 +10931,7 @@ } }, "azuread:index/getServicePrincipals:getServicePrincipals": { - "description": "Gets basic information for multiple Azure Active Directory service principals.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Application.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up by application display names*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipals({\n displayNames: [\n \"example-app\",\n \"another-app\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principals(display_names=[\n \"example-app\",\n \"another-app\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipals.Invoke(new()\n {\n DisplayNames = new[]\n {\n \"example-app\",\n \"another-app\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetServicePrincipals(ctx, \u0026azuread.GetServicePrincipalsArgs{\n\t\t\tDisplayNames: []string{\n\t\t\t\t\"example-app\",\n\t\t\t\t\"another-app\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()\n .displayNames( \n \"example-app\",\n \"another-app\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getServicePrincipals\n Arguments:\n displayNames:\n - example-app\n - another-app\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by application IDs (client IDs)*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipals({\n clientIds: [\n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principals(client_ids=[\n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipals.Invoke(new()\n {\n ClientIds = new[]\n {\n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetServicePrincipals(ctx, \u0026azuread.GetServicePrincipalsArgs{\n\t\t\tClientIds: []string{\n\t\t\t\t\"11111111-0000-0000-0000-000000000000\",\n\t\t\t\t\"22222222-0000-0000-0000-000000000000\",\n\t\t\t\t\"33333333-0000-0000-0000-000000000000\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()\n .clientIds( \n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getServicePrincipals\n Arguments:\n clientIds:\n - 11111111-0000-0000-0000-000000000000\n - 22222222-0000-0000-0000-000000000000\n - 33333333-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by service principal object IDs*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipals({\n objectIds: [\n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principals(object_ids=[\n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipals.Invoke(new()\n {\n ObjectIds = new[]\n {\n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetServicePrincipals(ctx, \u0026azuread.GetServicePrincipalsArgs{\n\t\t\tObjectIds: []string{\n\t\t\t\t\"00000000-0000-0000-0000-000000000000\",\n\t\t\t\t\"00000000-0000-0000-0000-111111111111\",\n\t\t\t\t\"00000000-0000-0000-0000-222222222222\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()\n .objectIds( \n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getServicePrincipals\n Arguments:\n objectIds:\n - 00000000-0000-0000-0000-000000000000\n - 00000000-0000-0000-0000-111111111111\n - 00000000-0000-0000-0000-222222222222\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets basic information for multiple Azure Active Directory service principals.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `Application.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n*Look up by application display names*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipals({\n displayNames: [\n \"example-app\",\n \"another-app\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principals(display_names=[\n \"example-app\",\n \"another-app\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipals.Invoke(new()\n {\n DisplayNames = new[]\n {\n \"example-app\",\n \"another-app\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetServicePrincipals(ctx, \u0026azuread.GetServicePrincipalsArgs{\n\t\t\tDisplayNames: []string{\n\t\t\t\t\"example-app\",\n\t\t\t\t\"another-app\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()\n .displayNames( \n \"example-app\",\n \"another-app\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getServicePrincipals\n arguments:\n displayNames:\n - example-app\n - another-app\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by application IDs (client IDs)*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipals({\n clientIds: [\n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principals(client_ids=[\n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipals.Invoke(new()\n {\n ClientIds = new[]\n {\n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetServicePrincipals(ctx, \u0026azuread.GetServicePrincipalsArgs{\n\t\t\tClientIds: []string{\n\t\t\t\t\"11111111-0000-0000-0000-000000000000\",\n\t\t\t\t\"22222222-0000-0000-0000-000000000000\",\n\t\t\t\t\"33333333-0000-0000-0000-000000000000\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()\n .clientIds( \n \"11111111-0000-0000-0000-000000000000\",\n \"22222222-0000-0000-0000-000000000000\",\n \"33333333-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getServicePrincipals\n arguments:\n clientIds:\n - 11111111-0000-0000-0000-000000000000\n - 22222222-0000-0000-0000-000000000000\n - 33333333-0000-0000-0000-000000000000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n*Look up by service principal object IDs*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getServicePrincipals({\n objectIds: [\n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_service_principals(object_ids=[\n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetServicePrincipals.Invoke(new()\n {\n ObjectIds = new[]\n {\n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetServicePrincipals(ctx, \u0026azuread.GetServicePrincipalsArgs{\n\t\t\tObjectIds: []string{\n\t\t\t\t\"00000000-0000-0000-0000-000000000000\",\n\t\t\t\t\"00000000-0000-0000-0000-111111111111\",\n\t\t\t\t\"00000000-0000-0000-0000-222222222222\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()\n .objectIds( \n \"00000000-0000-0000-0000-000000000000\",\n \"00000000-0000-0000-0000-111111111111\",\n \"00000000-0000-0000-0000-222222222222\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getServicePrincipals\n arguments:\n objectIds:\n - 00000000-0000-0000-0000-000000000000\n - 00000000-0000-0000-0000-111111111111\n - 00000000-0000-0000-0000-222222222222\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServicePrincipals.\n", "properties": { @@ -11020,7 +11020,7 @@ } }, "azuread:index/getUser:getUser": { - "description": "Gets information about an Azure Active Directory user.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `User.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"user@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"user@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"user@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"user@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"user@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: user@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets information about an Azure Active Directory user.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `User.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = azuread.getUser({\n userPrincipalName: \"user@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.get_user(user_principal_name=\"user@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"user@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"user@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"user@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: azuread:getUser\n arguments:\n userPrincipalName: user@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { @@ -11289,7 +11289,7 @@ } }, "azuread:index/getUsers:getUsers": { - "description": "Gets basic information for multiple Azure Active Directory users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `User.ReadBasic.All`, `User.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst users = azuread.getUsers({\n userPrincipalNames: [\n \"kat@example.com\",\n \"byte@example.com\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nusers = azuread.get_users(user_principal_names=[\n \"kat@example.com\",\n \"byte@example.com\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var users = AzureAD.GetUsers.Invoke(new()\n {\n UserPrincipalNames = new[]\n {\n \"kat@example.com\",\n \"byte@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetUsers(ctx, \u0026azuread.GetUsersArgs{\n\t\t\tUserPrincipalNames: []string{\n\t\t\t\t\"kat@example.com\",\n\t\t\t\t\"byte@example.com\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUsersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var users = AzureadFunctions.getUsers(GetUsersArgs.builder()\n .userPrincipalNames( \n \"kat@example.com\",\n \"byte@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n users:\n fn::invoke:\n Function: azuread:getUsers\n Arguments:\n userPrincipalNames:\n - kat@example.com\n - byte@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Gets basic information for multiple Azure Active Directory users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this data source.\n\nWhen authenticated with a service principal, this data source requires one of the following application roles: `User.ReadBasic.All`, `User.Read.All` or `Directory.Read.All`\n\nWhen authenticated with a user principal, this data source does not require any additional roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst users = azuread.getUsers({\n userPrincipalNames: [\n \"kat@example.com\",\n \"byte@example.com\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nusers = azuread.get_users(user_principal_names=[\n \"kat@example.com\",\n \"byte@example.com\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var users = AzureAD.GetUsers.Invoke(new()\n {\n UserPrincipalNames = new[]\n {\n \"kat@example.com\",\n \"byte@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.GetUsers(ctx, \u0026azuread.GetUsersArgs{\n\t\t\tUserPrincipalNames: []string{\n\t\t\t\t\"kat@example.com\",\n\t\t\t\t\"byte@example.com\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUsersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var users = AzureadFunctions.getUsers(GetUsersArgs.builder()\n .userPrincipalNames( \n \"kat@example.com\",\n \"byte@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n users:\n fn::invoke:\n function: azuread:getUsers\n arguments:\n userPrincipalNames:\n - kat@example.com\n - byte@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUsers.\n", "properties": { diff --git a/provider/go.mod b/provider/go.mod index a9137b461..cd0060712 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -8,8 +8,8 @@ require ( github.com/hashicorp/go-azure-sdk/sdk v0.20240927.1005214 github.com/hashicorp/terraform-provider-azuread/shim v0.0.0 github.com/pulumi/providertest v0.1.3 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.96.0 - github.com/pulumi/pulumi/sdk/v3 v3.140.0 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.97.0 + github.com/pulumi/pulumi/sdk/v3 v3.142.0 github.com/stretchr/testify v1.9.0 ) @@ -189,9 +189,9 @@ require ( github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.10.0 // indirect github.com/pulumi/inflector v0.1.1 // indirect - github.com/pulumi/pulumi-java/pkg v0.17.0 // indirect - github.com/pulumi/pulumi-yaml v1.11.2 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.140.0 // indirect + github.com/pulumi/pulumi-java/pkg v0.18.0 // indirect + github.com/pulumi/pulumi-yaml v1.12.0 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.142.0 // indirect github.com/pulumi/schema-tools v0.1.2 // indirect github.com/pulumi/terraform-diff-reader v0.0.2 // indirect github.com/rivo/uniseg v0.4.7 // indirect diff --git a/provider/go.sum b/provider/go.sum index fc28c1678..a75a1ee7f 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -1945,16 +1945,16 @@ github.com/pulumi/inflector v0.1.1 h1:dvlxlWtXwOJTUUtcYDvwnl6Mpg33prhK+7mzeF+Sob github.com/pulumi/inflector v0.1.1/go.mod h1:HUFCjcPTz96YtTuUlwG3i3EZG4WlniBvR9bd+iJxCUY= github.com/pulumi/providertest v0.1.3 h1:GpNKRy/haNjRHiUA9bi4diU4Op2zf3axYXbga5AepHg= github.com/pulumi/providertest v0.1.3/go.mod h1:GcsqEGgSngwaNOD+kICJPIUQlnA911fGBU8HDlJvVL0= -github.com/pulumi/pulumi-java/pkg v0.17.0 h1:KmaVLrVmlkzShOfaJNJDlckorbFm8dM/C7L4hj6LX8U= -github.com/pulumi/pulumi-java/pkg v0.17.0/go.mod h1:ji4U4H7t81X4aaE88D9+z5CmKH/QoLwQi9N1iGl+2KQ= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.96.0 h1:uJB3tM1j+9SKeXLCAx3DBVHsYk4ddXNrVoiqpgXal2Q= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.96.0/go.mod h1:WnOTAfdtm5+kW3rIU0rLhxFSEHtJIMf19FdOU6NFXG0= -github.com/pulumi/pulumi-yaml v1.11.2 h1:MU7TTNbruGCSgNHhaBygjIbLWm3WSbd1q98GpMIgQzE= -github.com/pulumi/pulumi-yaml v1.11.2/go.mod h1:RdXRBupRGGAD1kbYNG1V1h6pyFnXisvQsl0AANvVjGI= -github.com/pulumi/pulumi/pkg/v3 v3.140.0 h1:/bvHa19HY/6qHWvuAOVII8qr72MDGGczBWlPYlPo3j0= -github.com/pulumi/pulumi/pkg/v3 v3.140.0/go.mod h1:rcTtSyisd7BzZTugNk/s9zlYgX9S0S10+pha3Tko6yM= -github.com/pulumi/pulumi/sdk/v3 v3.140.0 h1:+Z/RBvdYg7tBNkBwk4p/FzlV7niBT3TbLAICq/Y0LDU= -github.com/pulumi/pulumi/sdk/v3 v3.140.0/go.mod h1:PvKsX88co8XuwuPdzolMvew5lZV+4JmZfkeSjj7A6dI= +github.com/pulumi/pulumi-java/pkg v0.18.0 h1:3PApc5YegH69n6oubB63mqI97pF+oQywWr7ii4082Mw= +github.com/pulumi/pulumi-java/pkg v0.18.0/go.mod h1:YKYYFEb3Jvzf/dDJo0xOeEkIfBAMkkkdhXulauvEjmc= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.97.0 h1:/Y/9hffZp2CFUfInVbv/9rWnZETiiOgKju1Ua512Ke8= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.97.0/go.mod h1:B/Auryr+yVUkLOMzgpFe7HLwKAtXc6YJwpAXfNGyLPk= +github.com/pulumi/pulumi-yaml v1.12.0 h1:ThJP+EBqeJyCnS6w6/PwcEFOT5o112qv0lObhefmFCk= +github.com/pulumi/pulumi-yaml v1.12.0/go.mod h1:EhZd1XDfuLa15O51qVVE16U6r8ldK9mLIBclqWCX27Y= +github.com/pulumi/pulumi/pkg/v3 v3.142.0 h1:UE8TFyXrlxvPrATpd3Kl3En34KrFIFWOxxNAodywPNU= +github.com/pulumi/pulumi/pkg/v3 v3.142.0/go.mod h1:3k6WwRIT7veiDnk3Yo2NtqEYX+4dgLCrMIFvEOnjQqI= +github.com/pulumi/pulumi/sdk/v3 v3.142.0 h1:SmcVddGuvwAh3g3XUVQQ5gVRQUKH1yZ6iETpDNHIHlw= +github.com/pulumi/pulumi/sdk/v3 v3.142.0/go.mod h1:PvKsX88co8XuwuPdzolMvew5lZV+4JmZfkeSjj7A6dI= github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= diff --git a/sdk/go.mod b/sdk/go.mod index da8c11894..e689b453f 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/blang/semver v3.5.1+incompatible - github.com/pulumi/pulumi/sdk/v3 v3.140.0 + github.com/pulumi/pulumi/sdk/v3 v3.142.0 ) require ( diff --git a/sdk/go.sum b/sdk/go.sum index 7fb5b0795..129c0aa4d 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -150,8 +150,8 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.9.1 h1:HH5eEv8sgyxSpY5a8yePyqFXzA8cvBvapfH8457+mIs= github.com/pulumi/esc v0.9.1/go.mod h1:oEJ6bOsjYlQUpjf70GiX+CXn3VBmpwFDxUTlmtUN84c= -github.com/pulumi/pulumi/sdk/v3 v3.140.0 h1:+Z/RBvdYg7tBNkBwk4p/FzlV7niBT3TbLAICq/Y0LDU= -github.com/pulumi/pulumi/sdk/v3 v3.140.0/go.mod h1:PvKsX88co8XuwuPdzolMvew5lZV+4JmZfkeSjj7A6dI= +github.com/pulumi/pulumi/sdk/v3 v3.142.0 h1:SmcVddGuvwAh3g3XUVQQ5gVRQUKH1yZ6iETpDNHIHlw= +github.com/pulumi/pulumi/sdk/v3 v3.142.0/go.mod h1:PvKsX88co8XuwuPdzolMvew5lZV+4JmZfkeSjj7A6dI= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/sdk/java/build.gradle b/sdk/java/build.gradle index af3b17777..19f13a12a 100644 --- a/sdk/java/build.gradle +++ b/sdk/java/build.gradle @@ -5,7 +5,7 @@ plugins { id("signing") id("java-library") id("maven-publish") - id("io.github.gradle-nexus.publish-plugin") version "1.1.0" + id("io.github.gradle-nexus.publish-plugin") version "2.0.0" } group = "com.pulumi" @@ -44,7 +44,7 @@ repositories { dependencies { implementation("com.google.code.findbugs:jsr305:3.0.2") implementation("com.google.code.gson:gson:2.8.9") - implementation("com.pulumi:pulumi:0.17.0") + implementation("com.pulumi:pulumi:0.18.0") } task sourcesJar(type: Jar) { diff --git a/sdk/nodejs/getAccessPackage.ts b/sdk/nodejs/getAccessPackage.ts index 4dde24c99..2c219b594 100644 --- a/sdk/nodejs/getAccessPackage.ts +++ b/sdk/nodejs/getAccessPackage.ts @@ -126,7 +126,7 @@ export interface GetAccessPackageResult { * }); * ``` */ -export function getAccessPackageOutput(args?: GetAccessPackageOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getAccessPackageOutput(args?: GetAccessPackageOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getAccessPackage:getAccessPackage", { diff --git a/sdk/nodejs/getAccessPackageCatalog.ts b/sdk/nodejs/getAccessPackageCatalog.ts index 1e79fa402..bbaa7fb93 100644 --- a/sdk/nodejs/getAccessPackageCatalog.ts +++ b/sdk/nodejs/getAccessPackageCatalog.ts @@ -124,7 +124,7 @@ export interface GetAccessPackageCatalogResult { * }); * ``` */ -export function getAccessPackageCatalogOutput(args?: GetAccessPackageCatalogOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getAccessPackageCatalogOutput(args?: GetAccessPackageCatalogOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getAccessPackageCatalog:getAccessPackageCatalog", { diff --git a/sdk/nodejs/getAccessPackageCatalogRole.ts b/sdk/nodejs/getAccessPackageCatalogRole.ts index 8267f5fa9..c785b7949 100644 --- a/sdk/nodejs/getAccessPackageCatalogRole.ts +++ b/sdk/nodejs/getAccessPackageCatalogRole.ts @@ -124,7 +124,7 @@ export interface GetAccessPackageCatalogRoleResult { * }); * ``` */ -export function getAccessPackageCatalogRoleOutput(args?: GetAccessPackageCatalogRoleOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getAccessPackageCatalogRoleOutput(args?: GetAccessPackageCatalogRoleOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getAccessPackageCatalogRole:getAccessPackageCatalogRole", { diff --git a/sdk/nodejs/getAdministrativeUnit.ts b/sdk/nodejs/getAdministrativeUnit.ts index 93013a82e..68718e345 100644 --- a/sdk/nodejs/getAdministrativeUnit.ts +++ b/sdk/nodejs/getAdministrativeUnit.ts @@ -128,7 +128,7 @@ export interface GetAdministrativeUnitResult { * }); * ``` */ -export function getAdministrativeUnitOutput(args?: GetAdministrativeUnitOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getAdministrativeUnitOutput(args?: GetAdministrativeUnitOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getAdministrativeUnit:getAdministrativeUnit", { diff --git a/sdk/nodejs/getApplication.ts b/sdk/nodejs/getApplication.ts index 3672e1482..5248d3fca 100644 --- a/sdk/nodejs/getApplication.ts +++ b/sdk/nodejs/getApplication.ts @@ -221,7 +221,7 @@ export interface GetApplicationResult { * export const applicationObjectId = example.then(example => example.objectId); * ``` */ -export function getApplicationOutput(args?: GetApplicationOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getApplicationOutput(args?: GetApplicationOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getApplication:getApplication", { diff --git a/sdk/nodejs/getApplicationPublishedAppIds.ts b/sdk/nodejs/getApplicationPublishedAppIds.ts index 15113b6b0..87f4bd563 100644 --- a/sdk/nodejs/getApplicationPublishedAppIds.ts +++ b/sdk/nodejs/getApplicationPublishedAppIds.ts @@ -107,7 +107,7 @@ export interface GetApplicationPublishedAppIdsResult { * }); * ``` */ -export function getApplicationPublishedAppIdsOutput(opts?: pulumi.InvokeOptions): pulumi.Output { +export function getApplicationPublishedAppIdsOutput(opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getApplicationPublishedAppIds:getApplicationPublishedAppIds", { }, opts); diff --git a/sdk/nodejs/getApplicationTemplate.ts b/sdk/nodejs/getApplicationTemplate.ts index 898e7f0df..65d5a3ca4 100644 --- a/sdk/nodejs/getApplicationTemplate.ts +++ b/sdk/nodejs/getApplicationTemplate.ts @@ -108,7 +108,7 @@ export interface GetApplicationTemplateResult { * export const applicationTemplateId = example.then(example => example.templateId); * ``` */ -export function getApplicationTemplateOutput(args?: GetApplicationTemplateOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getApplicationTemplateOutput(args?: GetApplicationTemplateOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getApplicationTemplate:getApplicationTemplate", { diff --git a/sdk/nodejs/getClientConfig.ts b/sdk/nodejs/getClientConfig.ts index 4d7963ffa..3c2444d99 100644 --- a/sdk/nodejs/getClientConfig.ts +++ b/sdk/nodejs/getClientConfig.ts @@ -65,7 +65,7 @@ export interface GetClientConfigResult { * export const objectId = current.then(current => current.objectId); * ``` */ -export function getClientConfigOutput(opts?: pulumi.InvokeOptions): pulumi.Output { +export function getClientConfigOutput(opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getClientConfig:getClientConfig", { }, opts); diff --git a/sdk/nodejs/getDirectoryObject.ts b/sdk/nodejs/getDirectoryObject.ts index 7ccee2b2a..8d45281f5 100644 --- a/sdk/nodejs/getDirectoryObject.ts +++ b/sdk/nodejs/getDirectoryObject.ts @@ -94,7 +94,7 @@ export interface GetDirectoryObjectResult { * *`objectId` - The object ID of the directory object. * *`type` - The shortened OData type of the directory object. Possible values include: `Group`, `User` or `ServicePrincipal`. */ -export function getDirectoryObjectOutput(args: GetDirectoryObjectOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getDirectoryObjectOutput(args: GetDirectoryObjectOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getDirectoryObject:getDirectoryObject", { "objectId": args.objectId, diff --git a/sdk/nodejs/getDirectoryRoleTemplates.ts b/sdk/nodejs/getDirectoryRoleTemplates.ts index bcf2375cb..39f5c054f 100644 --- a/sdk/nodejs/getDirectoryRoleTemplates.ts +++ b/sdk/nodejs/getDirectoryRoleTemplates.ts @@ -71,7 +71,7 @@ export interface GetDirectoryRoleTemplatesResult { * export const roles = current.then(current => current.objectIds); * ``` */ -export function getDirectoryRoleTemplatesOutput(opts?: pulumi.InvokeOptions): pulumi.Output { +export function getDirectoryRoleTemplatesOutput(opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getDirectoryRoleTemplates:getDirectoryRoleTemplates", { }, opts); diff --git a/sdk/nodejs/getDirectoryRoles.ts b/sdk/nodejs/getDirectoryRoles.ts index 40cf15dc4..52a59b602 100644 --- a/sdk/nodejs/getDirectoryRoles.ts +++ b/sdk/nodejs/getDirectoryRoles.ts @@ -75,7 +75,7 @@ export interface GetDirectoryRolesResult { * export const roles = current.then(current => current.objectIds); * ``` */ -export function getDirectoryRolesOutput(opts?: pulumi.InvokeOptions): pulumi.Output { +export function getDirectoryRolesOutput(opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getDirectoryRoles:getDirectoryRoles", { }, opts); diff --git a/sdk/nodejs/getDomains.ts b/sdk/nodejs/getDomains.ts index 9b4a3e34f..f43c42d9b 100644 --- a/sdk/nodejs/getDomains.ts +++ b/sdk/nodejs/getDomains.ts @@ -115,7 +115,7 @@ export interface GetDomainsResult { * export const domainNames = aadDomains.then(aadDomains => aadDomains.domains.map(__item => __item.domainName)); * ``` */ -export function getDomainsOutput(args?: GetDomainsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getDomainsOutput(args?: GetDomainsOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getDomains:getDomains", { diff --git a/sdk/nodejs/getGroup.ts b/sdk/nodejs/getGroup.ts index 524955c55..f27e2915d 100644 --- a/sdk/nodejs/getGroup.ts +++ b/sdk/nodejs/getGroup.ts @@ -227,7 +227,7 @@ export interface GetGroupResult { * }); * ``` */ -export function getGroupOutput(args?: GetGroupOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getGroupOutput(args?: GetGroupOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getGroup:getGroup", { diff --git a/sdk/nodejs/getGroupRoleManagementPolicy.ts b/sdk/nodejs/getGroupRoleManagementPolicy.ts index c6fbd1e06..53979380d 100644 --- a/sdk/nodejs/getGroupRoleManagementPolicy.ts +++ b/sdk/nodejs/getGroupRoleManagementPolicy.ts @@ -99,7 +99,7 @@ export interface GetGroupRoleManagementPolicyResult { * }); * ``` */ -export function getGroupRoleManagementPolicyOutput(args: GetGroupRoleManagementPolicyOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getGroupRoleManagementPolicyOutput(args: GetGroupRoleManagementPolicyOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getGroupRoleManagementPolicy:getGroupRoleManagementPolicy", { "groupId": args.groupId, diff --git a/sdk/nodejs/getGroups.ts b/sdk/nodejs/getGroups.ts index fd97d33dd..139194b40 100644 --- a/sdk/nodejs/getGroups.ts +++ b/sdk/nodejs/getGroups.ts @@ -214,7 +214,7 @@ export interface GetGroupsResult { * }); * ``` */ -export function getGroupsOutput(args?: GetGroupsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getGroupsOutput(args?: GetGroupsOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getGroups:getGroups", { diff --git a/sdk/nodejs/getNamedLocation.ts b/sdk/nodejs/getNamedLocation.ts index 4f92a313a..2425a5b9f 100644 --- a/sdk/nodejs/getNamedLocation.ts +++ b/sdk/nodejs/getNamedLocation.ts @@ -123,7 +123,7 @@ export interface GetNamedLocationResult { * * `ipRanges` - List of IP address ranges in IPv4 CIDR format (e.g. `1.2.3.4/32`) or any allowable IPv6 format from IETF RFC596. * * `trusted` - Whether the named location is trusted. */ -export function getNamedLocationOutput(args: GetNamedLocationOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getNamedLocationOutput(args: GetNamedLocationOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getNamedLocation:getNamedLocation", { "displayName": args.displayName, diff --git a/sdk/nodejs/getServicePrincipal.ts b/sdk/nodejs/getServicePrincipal.ts index f3b95831c..a47183c56 100644 --- a/sdk/nodejs/getServicePrincipal.ts +++ b/sdk/nodejs/getServicePrincipal.ts @@ -244,7 +244,7 @@ export interface GetServicePrincipalResult { * }); * ``` */ -export function getServicePrincipalOutput(args?: GetServicePrincipalOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getServicePrincipalOutput(args?: GetServicePrincipalOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getServicePrincipal:getServicePrincipal", { diff --git a/sdk/nodejs/getServicePrincipals.ts b/sdk/nodejs/getServicePrincipals.ts index eca3a0dd4..d9aca89a3 100644 --- a/sdk/nodejs/getServicePrincipals.ts +++ b/sdk/nodejs/getServicePrincipals.ts @@ -187,7 +187,7 @@ export interface GetServicePrincipalsResult { * }); * ``` */ -export function getServicePrincipalsOutput(args?: GetServicePrincipalsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getServicePrincipalsOutput(args?: GetServicePrincipalsOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getServicePrincipals:getServicePrincipals", { diff --git a/sdk/nodejs/getUser.ts b/sdk/nodejs/getUser.ts index d191b95a7..d9ad164aa 100644 --- a/sdk/nodejs/getUser.ts +++ b/sdk/nodejs/getUser.ts @@ -269,7 +269,7 @@ export interface GetUserResult { * }); * ``` */ -export function getUserOutput(args?: GetUserOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getUserOutput(args?: GetUserOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getUser:getUser", { diff --git a/sdk/nodejs/getUsers.ts b/sdk/nodejs/getUsers.ts index eab5a2a39..86236a46d 100644 --- a/sdk/nodejs/getUsers.ts +++ b/sdk/nodejs/getUsers.ts @@ -141,7 +141,7 @@ export interface GetUsersResult { * }); * ``` */ -export function getUsersOutput(args?: GetUsersOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { +export function getUsersOutput(args?: GetUsersOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("azuread:index/getUsers:getUsers", { diff --git a/sdk/python/pulumi_azuread/get_access_package.py b/sdk/python/pulumi_azuread/get_access_package.py index e4b85b7bb..c85374159 100644 --- a/sdk/python/pulumi_azuread/get_access_package.py +++ b/sdk/python/pulumi_azuread/get_access_package.py @@ -160,7 +160,7 @@ def get_access_package(catalog_id: Optional[str] = None, def get_access_package_output(catalog_id: Optional[pulumi.Input[Optional[str]]] = None, display_name: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessPackageResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetAccessPackageResult]: """ Use this data source to retrieve information for an existing access package within Identity Governance in Azure Active Directory. @@ -204,7 +204,7 @@ def get_access_package_output(catalog_id: Optional[pulumi.Input[Optional[str]]] __args__['catalogId'] = catalog_id __args__['displayName'] = display_name __args__['objectId'] = object_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getAccessPackage:getAccessPackage', __args__, opts=opts, typ=GetAccessPackageResult) return __ret__.apply(lambda __response__: GetAccessPackageResult( catalog_id=pulumi.get(__response__, 'catalog_id'), diff --git a/sdk/python/pulumi_azuread/get_access_package_catalog.py b/sdk/python/pulumi_azuread/get_access_package_catalog.py index 6e013bb2f..6c64020d8 100644 --- a/sdk/python/pulumi_azuread/get_access_package_catalog.py +++ b/sdk/python/pulumi_azuread/get_access_package_catalog.py @@ -159,7 +159,7 @@ def get_access_package_catalog(display_name: Optional[str] = None, published=pulumi.get(__ret__, 'published')) def get_access_package_catalog_output(display_name: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessPackageCatalogResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetAccessPackageCatalogResult]: """ i Use this resource to retrieve information for an existing access package catalog within Identity Governance in Azure Active Directory. @@ -201,7 +201,7 @@ def get_access_package_catalog_output(display_name: Optional[pulumi.Input[Option __args__ = dict() __args__['displayName'] = display_name __args__['objectId'] = object_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getAccessPackageCatalog:getAccessPackageCatalog', __args__, opts=opts, typ=GetAccessPackageCatalogResult) return __ret__.apply(lambda __response__: GetAccessPackageCatalogResult( description=pulumi.get(__response__, 'description'), diff --git a/sdk/python/pulumi_azuread/get_access_package_catalog_role.py b/sdk/python/pulumi_azuread/get_access_package_catalog_role.py index 71039fabf..5aec32ec0 100644 --- a/sdk/python/pulumi_azuread/get_access_package_catalog_role.py +++ b/sdk/python/pulumi_azuread/get_access_package_catalog_role.py @@ -151,7 +151,7 @@ def get_access_package_catalog_role(display_name: Optional[str] = None, template_id=pulumi.get(__ret__, 'template_id')) def get_access_package_catalog_role_output(display_name: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAccessPackageCatalogRoleResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetAccessPackageCatalogRoleResult]: """ Gets information about an access package catalog role. @@ -192,7 +192,7 @@ def get_access_package_catalog_role_output(display_name: Optional[pulumi.Input[O __args__ = dict() __args__['displayName'] = display_name __args__['objectId'] = object_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getAccessPackageCatalogRole:getAccessPackageCatalogRole', __args__, opts=opts, typ=GetAccessPackageCatalogRoleResult) return __ret__.apply(lambda __response__: GetAccessPackageCatalogRoleResult( description=pulumi.get(__response__, 'description'), diff --git a/sdk/python/pulumi_azuread/get_administrative_unit.py b/sdk/python/pulumi_azuread/get_administrative_unit.py index 4b6f4a15f..d5e51b26d 100644 --- a/sdk/python/pulumi_azuread/get_administrative_unit.py +++ b/sdk/python/pulumi_azuread/get_administrative_unit.py @@ -164,7 +164,7 @@ def get_administrative_unit(display_name: Optional[str] = None, visibility=pulumi.get(__ret__, 'visibility')) def get_administrative_unit_output(display_name: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAdministrativeUnitResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetAdministrativeUnitResult]: """ Gets information about an adminisrative unit in Azure Active Directory. @@ -205,7 +205,7 @@ def get_administrative_unit_output(display_name: Optional[pulumi.Input[Optional[ __args__ = dict() __args__['displayName'] = display_name __args__['objectId'] = object_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getAdministrativeUnit:getAdministrativeUnit', __args__, opts=opts, typ=GetAdministrativeUnitResult) return __ret__.apply(lambda __response__: GetAdministrativeUnitResult( description=pulumi.get(__response__, 'description'), diff --git a/sdk/python/pulumi_azuread/get_application.py b/sdk/python/pulumi_azuread/get_application.py index 2eb6f4484..394cfc7d2 100644 --- a/sdk/python/pulumi_azuread/get_application.py +++ b/sdk/python/pulumi_azuread/get_application.py @@ -511,7 +511,7 @@ def get_application_output(client_id: Optional[pulumi.Input[Optional[str]]] = No display_name: Optional[pulumi.Input[Optional[str]]] = None, identifier_uri: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetApplicationResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetApplicationResult]: """ Use this data source to access information about an existing Application within Azure Active Directory. @@ -546,7 +546,7 @@ def get_application_output(client_id: Optional[pulumi.Input[Optional[str]]] = No __args__['displayName'] = display_name __args__['identifierUri'] = identifier_uri __args__['objectId'] = object_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getApplication:getApplication', __args__, opts=opts, typ=GetApplicationResult) return __ret__.apply(lambda __response__: GetApplicationResult( apis=pulumi.get(__response__, 'apis'), diff --git a/sdk/python/pulumi_azuread/get_application_published_app_ids.py b/sdk/python/pulumi_azuread/get_application_published_app_ids.py index 9fbcfdbd8..76312e846 100644 --- a/sdk/python/pulumi_azuread/get_application_published_app_ids.py +++ b/sdk/python/pulumi_azuread/get_application_published_app_ids.py @@ -109,7 +109,7 @@ def get_application_published_app_ids(opts: Optional[pulumi.InvokeOptions] = Non return AwaitableGetApplicationPublishedAppIdsResult( id=pulumi.get(__ret__, 'id'), result=pulumi.get(__ret__, 'result')) -def get_application_published_app_ids_output(opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetApplicationPublishedAppIdsResult]: +def get_application_published_app_ids_output(opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetApplicationPublishedAppIdsResult]: """ ## Example Usage @@ -151,7 +151,7 @@ def get_application_published_app_ids_output(opts: Optional[pulumi.InvokeOptions ``` """ __args__ = dict() - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getApplicationPublishedAppIds:getApplicationPublishedAppIds', __args__, opts=opts, typ=GetApplicationPublishedAppIdsResult) return __ret__.apply(lambda __response__: GetApplicationPublishedAppIdsResult( id=pulumi.get(__response__, 'id'), diff --git a/sdk/python/pulumi_azuread/get_application_template.py b/sdk/python/pulumi_azuread/get_application_template.py index a65cec7c2..508459530 100644 --- a/sdk/python/pulumi_azuread/get_application_template.py +++ b/sdk/python/pulumi_azuread/get_application_template.py @@ -189,7 +189,7 @@ def get_application_template(display_name: Optional[str] = None, template_id=pulumi.get(__ret__, 'template_id')) def get_application_template_output(display_name: Optional[pulumi.Input[Optional[str]]] = None, template_id: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetApplicationTemplateResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetApplicationTemplateResult]: """ Use this data source to access information about an Application Template from the [Azure AD App Gallery](https://azuremarketplace.microsoft.com/en-US/marketplace/apps/category/azure-active-directory-apps). @@ -216,7 +216,7 @@ def get_application_template_output(display_name: Optional[pulumi.Input[Optional __args__ = dict() __args__['displayName'] = display_name __args__['templateId'] = template_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getApplicationTemplate:getApplicationTemplate', __args__, opts=opts, typ=GetApplicationTemplateResult) return __ret__.apply(lambda __response__: GetApplicationTemplateResult( categories=pulumi.get(__response__, 'categories'), diff --git a/sdk/python/pulumi_azuread/get_client_config.py b/sdk/python/pulumi_azuread/get_client_config.py index ff0a0ef10..d8bd98cae 100644 --- a/sdk/python/pulumi_azuread/get_client_config.py +++ b/sdk/python/pulumi_azuread/get_client_config.py @@ -112,7 +112,7 @@ def get_client_config(opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableG id=pulumi.get(__ret__, 'id'), object_id=pulumi.get(__ret__, 'object_id'), tenant_id=pulumi.get(__ret__, 'tenant_id')) -def get_client_config_output(opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetClientConfigResult]: +def get_client_config_output(opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetClientConfigResult]: """ Use this data source to access the configuration of the AzureAD provider. @@ -131,7 +131,7 @@ def get_client_config_output(opts: Optional[pulumi.InvokeOptions] = None) -> pul ``` """ __args__ = dict() - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getClientConfig:getClientConfig', __args__, opts=opts, typ=GetClientConfigResult) return __ret__.apply(lambda __response__: GetClientConfigResult( client_id=pulumi.get(__response__, 'client_id'), diff --git a/sdk/python/pulumi_azuread/get_directory_object.py b/sdk/python/pulumi_azuread/get_directory_object.py index a1aaa4028..7b90ff11f 100644 --- a/sdk/python/pulumi_azuread/get_directory_object.py +++ b/sdk/python/pulumi_azuread/get_directory_object.py @@ -111,7 +111,7 @@ def get_directory_object(object_id: Optional[str] = None, object_id=pulumi.get(__ret__, 'object_id'), type=pulumi.get(__ret__, 'type')) def get_directory_object_output(object_id: Optional[pulumi.Input[str]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetDirectoryObjectResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetDirectoryObjectResult]: """ Retrieves the OData type for a generic directory object having the provided object ID. @@ -146,7 +146,7 @@ def get_directory_object_output(object_id: Optional[pulumi.Input[str]] = None, """ __args__ = dict() __args__['objectId'] = object_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getDirectoryObject:getDirectoryObject', __args__, opts=opts, typ=GetDirectoryObjectResult) return __ret__.apply(lambda __response__: GetDirectoryObjectResult( id=pulumi.get(__response__, 'id'), diff --git a/sdk/python/pulumi_azuread/get_directory_role_templates.py b/sdk/python/pulumi_azuread/get_directory_role_templates.py index e76e83390..3dda889cd 100644 --- a/sdk/python/pulumi_azuread/get_directory_role_templates.py +++ b/sdk/python/pulumi_azuread/get_directory_role_templates.py @@ -104,7 +104,7 @@ def get_directory_role_templates(opts: Optional[pulumi.InvokeOptions] = None) -> id=pulumi.get(__ret__, 'id'), object_ids=pulumi.get(__ret__, 'object_ids'), role_templates=pulumi.get(__ret__, 'role_templates')) -def get_directory_role_templates_output(opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetDirectoryRoleTemplatesResult]: +def get_directory_role_templates_output(opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetDirectoryRoleTemplatesResult]: """ Use this data source to access information about directory role templates within Azure Active Directory. @@ -127,7 +127,7 @@ def get_directory_role_templates_output(opts: Optional[pulumi.InvokeOptions] = N ``` """ __args__ = dict() - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getDirectoryRoleTemplates:getDirectoryRoleTemplates', __args__, opts=opts, typ=GetDirectoryRoleTemplatesResult) return __ret__.apply(lambda __response__: GetDirectoryRoleTemplatesResult( id=pulumi.get(__response__, 'id'), diff --git a/sdk/python/pulumi_azuread/get_directory_roles.py b/sdk/python/pulumi_azuread/get_directory_roles.py index 9abae96c0..96441d098 100644 --- a/sdk/python/pulumi_azuread/get_directory_roles.py +++ b/sdk/python/pulumi_azuread/get_directory_roles.py @@ -117,7 +117,7 @@ def get_directory_roles(opts: Optional[pulumi.InvokeOptions] = None) -> Awaitabl object_ids=pulumi.get(__ret__, 'object_ids'), roles=pulumi.get(__ret__, 'roles'), template_ids=pulumi.get(__ret__, 'template_ids')) -def get_directory_roles_output(opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetDirectoryRolesResult]: +def get_directory_roles_output(opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetDirectoryRolesResult]: """ Use this data source to access information about activated directory roles within Azure Active Directory. @@ -140,7 +140,7 @@ def get_directory_roles_output(opts: Optional[pulumi.InvokeOptions] = None) -> p ``` """ __args__ = dict() - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getDirectoryRoles:getDirectoryRoles', __args__, opts=opts, typ=GetDirectoryRolesResult) return __ret__.apply(lambda __response__: GetDirectoryRolesResult( id=pulumi.get(__response__, 'id'), diff --git a/sdk/python/pulumi_azuread/get_domains.py b/sdk/python/pulumi_azuread/get_domains.py index 389f46f66..7fc77c8e8 100644 --- a/sdk/python/pulumi_azuread/get_domains.py +++ b/sdk/python/pulumi_azuread/get_domains.py @@ -182,7 +182,7 @@ def get_domains_output(admin_managed: Optional[pulumi.Input[Optional[bool]]] = N only_initial: Optional[pulumi.Input[Optional[bool]]] = None, only_root: Optional[pulumi.Input[Optional[bool]]] = None, supports_services: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetDomainsResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetDomainsResult]: """ Use this data source to access information about existing Domains within Azure Active Directory. @@ -221,7 +221,7 @@ def get_domains_output(admin_managed: Optional[pulumi.Input[Optional[bool]]] = N __args__['onlyInitial'] = only_initial __args__['onlyRoot'] = only_root __args__['supportsServices'] = supports_services - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getDomains:getDomains', __args__, opts=opts, typ=GetDomainsResult) return __ret__.apply(lambda __response__: GetDomainsResult( admin_managed=pulumi.get(__response__, 'admin_managed'), diff --git a/sdk/python/pulumi_azuread/get_group.py b/sdk/python/pulumi_azuread/get_group.py index 9fa1aa925..28225b3dc 100644 --- a/sdk/python/pulumi_azuread/get_group.py +++ b/sdk/python/pulumi_azuread/get_group.py @@ -495,7 +495,7 @@ def get_group_output(display_name: Optional[pulumi.Input[Optional[str]]] = None, mail_nickname: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, security_enabled: Optional[pulumi.Input[Optional[bool]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetGroupResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetGroupResult]: """ Gets information about an Azure Active Directory group. @@ -536,7 +536,7 @@ def get_group_output(display_name: Optional[pulumi.Input[Optional[str]]] = None, __args__['mailNickname'] = mail_nickname __args__['objectId'] = object_id __args__['securityEnabled'] = security_enabled - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getGroup:getGroup', __args__, opts=opts, typ=GetGroupResult) return __ret__.apply(lambda __response__: GetGroupResult( assignable_to_role=pulumi.get(__response__, 'assignable_to_role'), diff --git a/sdk/python/pulumi_azuread/get_group_role_management_policy.py b/sdk/python/pulumi_azuread/get_group_role_management_policy.py index 88c5bb8e2..6d612a8e9 100644 --- a/sdk/python/pulumi_azuread/get_group_role_management_policy.py +++ b/sdk/python/pulumi_azuread/get_group_role_management_policy.py @@ -136,7 +136,7 @@ def get_group_role_management_policy(group_id: Optional[str] = None, role_id=pulumi.get(__ret__, 'role_id')) def get_group_role_management_policy_output(group_id: Optional[pulumi.Input[str]] = None, role_id: Optional[pulumi.Input[str]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetGroupRoleManagementPolicyResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetGroupRoleManagementPolicyResult]: """ Use this data source to retrieve a role policy for an Azure AD group. @@ -168,7 +168,7 @@ def get_group_role_management_policy_output(group_id: Optional[pulumi.Input[str] __args__ = dict() __args__['groupId'] = group_id __args__['roleId'] = role_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getGroupRoleManagementPolicy:getGroupRoleManagementPolicy', __args__, opts=opts, typ=GetGroupRoleManagementPolicyResult) return __ret__.apply(lambda __response__: GetGroupRoleManagementPolicyResult( description=pulumi.get(__response__, 'description'), diff --git a/sdk/python/pulumi_azuread/get_groups.py b/sdk/python/pulumi_azuread/get_groups.py index d2b73153f..ee92de212 100644 --- a/sdk/python/pulumi_azuread/get_groups.py +++ b/sdk/python/pulumi_azuread/get_groups.py @@ -223,7 +223,7 @@ def get_groups_output(display_name_prefix: Optional[pulumi.Input[Optional[str]]] object_ids: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, return_all: Optional[pulumi.Input[Optional[bool]]] = None, security_enabled: Optional[pulumi.Input[Optional[bool]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetGroupsResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetGroupsResult]: """ Gets Object IDs or Display Names for multiple Azure Active Directory groups. @@ -302,7 +302,7 @@ def get_groups_output(display_name_prefix: Optional[pulumi.Input[Optional[str]]] __args__['objectIds'] = object_ids __args__['returnAll'] = return_all __args__['securityEnabled'] = security_enabled - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getGroups:getGroups', __args__, opts=opts, typ=GetGroupsResult) return __ret__.apply(lambda __response__: GetGroupsResult( display_name_prefix=pulumi.get(__response__, 'display_name_prefix'), diff --git a/sdk/python/pulumi_azuread/get_named_location.py b/sdk/python/pulumi_azuread/get_named_location.py index 02512daca..a47defb55 100644 --- a/sdk/python/pulumi_azuread/get_named_location.py +++ b/sdk/python/pulumi_azuread/get_named_location.py @@ -135,7 +135,7 @@ def get_named_location(display_name: Optional[str] = None, id=pulumi.get(__ret__, 'id'), ips=pulumi.get(__ret__, 'ips')) def get_named_location_output(display_name: Optional[pulumi.Input[str]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetNamedLocationResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetNamedLocationResult]: """ Gets information about a Named Location within Azure Active Directory. @@ -183,7 +183,7 @@ def get_named_location_output(display_name: Optional[pulumi.Input[str]] = None, """ __args__ = dict() __args__['displayName'] = display_name - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getNamedLocation:getNamedLocation', __args__, opts=opts, typ=GetNamedLocationResult) return __ret__.apply(lambda __response__: GetNamedLocationResult( countries=pulumi.get(__response__, 'countries'), diff --git a/sdk/python/pulumi_azuread/get_service_principal.py b/sdk/python/pulumi_azuread/get_service_principal.py index 8645eee56..36218a1ce 100644 --- a/sdk/python/pulumi_azuread/get_service_principal.py +++ b/sdk/python/pulumi_azuread/get_service_principal.py @@ -462,7 +462,7 @@ def get_service_principal(client_id: Optional[str] = None, def get_service_principal_output(client_id: Optional[pulumi.Input[Optional[str]]] = None, display_name: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetServicePrincipalResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetServicePrincipalResult]: """ Gets information about an existing service principal associated with an application within Azure Active Directory. @@ -514,7 +514,7 @@ def get_service_principal_output(client_id: Optional[pulumi.Input[Optional[str]] __args__['clientId'] = client_id __args__['displayName'] = display_name __args__['objectId'] = object_id - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getServicePrincipal:getServicePrincipal', __args__, opts=opts, typ=GetServicePrincipalResult) return __ret__.apply(lambda __response__: GetServicePrincipalResult( account_enabled=pulumi.get(__response__, 'account_enabled'), diff --git a/sdk/python/pulumi_azuread/get_service_principals.py b/sdk/python/pulumi_azuread/get_service_principals.py index 008272c3d..2b7363745 100644 --- a/sdk/python/pulumi_azuread/get_service_principals.py +++ b/sdk/python/pulumi_azuread/get_service_principals.py @@ -204,7 +204,7 @@ def get_service_principals_output(client_ids: Optional[pulumi.Input[Optional[Seq ignore_missing: Optional[pulumi.Input[Optional[bool]]] = None, object_ids: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, return_all: Optional[pulumi.Input[Optional[bool]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetServicePrincipalsResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetServicePrincipalsResult]: """ Gets basic information for multiple Azure Active Directory service principals. @@ -271,7 +271,7 @@ def get_service_principals_output(client_ids: Optional[pulumi.Input[Optional[Seq __args__['ignoreMissing'] = ignore_missing __args__['objectIds'] = object_ids __args__['returnAll'] = return_all - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getServicePrincipals:getServicePrincipals', __args__, opts=opts, typ=GetServicePrincipalsResult) return __ret__.apply(lambda __response__: GetServicePrincipalsResult( client_ids=pulumi.get(__response__, 'client_ids'), diff --git a/sdk/python/pulumi_azuread/get_user.py b/sdk/python/pulumi_azuread/get_user.py index 499e85037..080dd4da4 100644 --- a/sdk/python/pulumi_azuread/get_user.py +++ b/sdk/python/pulumi_azuread/get_user.py @@ -659,7 +659,7 @@ def get_user_output(employee_id: Optional[pulumi.Input[Optional[str]]] = None, mail_nickname: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, user_principal_name: Optional[pulumi.Input[Optional[str]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetUserResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetUserResult]: """ Gets information about an Azure Active Directory user. @@ -695,7 +695,7 @@ def get_user_output(employee_id: Optional[pulumi.Input[Optional[str]]] = None, __args__['mailNickname'] = mail_nickname __args__['objectId'] = object_id __args__['userPrincipalName'] = user_principal_name - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getUser:getUser', __args__, opts=opts, typ=GetUserResult) return __ret__.apply(lambda __response__: GetUserResult( account_enabled=pulumi.get(__response__, 'account_enabled'), diff --git a/sdk/python/pulumi_azuread/get_users.py b/sdk/python/pulumi_azuread/get_users.py index 769a4de94..e4f319335 100644 --- a/sdk/python/pulumi_azuread/get_users.py +++ b/sdk/python/pulumi_azuread/get_users.py @@ -210,7 +210,7 @@ def get_users_output(employee_ids: Optional[pulumi.Input[Optional[Sequence[str]] object_ids: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, return_all: Optional[pulumi.Input[Optional[bool]]] = None, user_principal_names: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, - opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetUsersResult]: + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetUsersResult]: """ Gets basic information for multiple Azure Active Directory users. @@ -253,7 +253,7 @@ def get_users_output(employee_ids: Optional[pulumi.Input[Optional[Sequence[str]] __args__['objectIds'] = object_ids __args__['returnAll'] = return_all __args__['userPrincipalNames'] = user_principal_names - opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('azuread:index/getUsers:getUsers', __args__, opts=opts, typ=GetUsersResult) return __ret__.apply(lambda __response__: GetUsersResult( employee_ids=pulumi.get(__response__, 'employee_ids'),