diff --git a/examples/go.mod b/examples/go.mod index c4a9c9e76..91e485514 100644 --- a/examples/go.mod +++ b/examples/go.mod @@ -2,7 +2,7 @@ module github.com/pulumi/pulumi-azuread/examples/v5 go 1.21 -require github.com/pulumi/pulumi/pkg/v3 v3.104.2 +require github.com/pulumi/pulumi/pkg/v3 v3.105.0 require ( cloud.google.com/go v0.110.10 // indirect @@ -135,7 +135,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.6.2 // indirect - github.com/pulumi/pulumi/sdk/v3 v3.104.2 // indirect + github.com/pulumi/pulumi/sdk/v3 v3.105.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.11.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect diff --git a/examples/go.sum b/examples/go.sum index c01d8358a..e13fbdedc 100644 --- a/examples/go.sum +++ b/examples/go.sum @@ -1459,10 +1459,10 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.6.2 h1:+z+l8cuwIauLSwXQS0uoI3rqB+YG4SzsZYtHfNoXBvw= github.com/pulumi/esc v0.6.2/go.mod h1:jNnYNjzsOgVTjCp0LL24NsCk8ZJxq4IoLQdCT0X7l8k= -github.com/pulumi/pulumi/pkg/v3 v3.104.2 h1:pxioQCKuTrGyeCmdxkR2M03nFBrPMhPnuHMaaTfxY1Y= -github.com/pulumi/pulumi/pkg/v3 v3.104.2/go.mod h1:AvF18k2O6rZIV27fF9i0UueP/PjiqSJeRMiOi3cVgEM= -github.com/pulumi/pulumi/sdk/v3 v3.104.2 h1:aOwUkrlsyEWrL1jlHqn2/36zMSPQrVUYUyZPqstrmjc= -github.com/pulumi/pulumi/sdk/v3 v3.104.2/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= +github.com/pulumi/pulumi/pkg/v3 v3.105.0 h1:bJG1vUiYH2gDF1pfBKlIABDNoJD2LvU1LmjjL+EbvuM= +github.com/pulumi/pulumi/pkg/v3 v3.105.0/go.mod h1:eZAFEFOwE/skElTfwetfyTxPebmWr5vOS5NSU9XwlVw= +github.com/pulumi/pulumi/sdk/v3 v3.105.0 h1:OKEeubZigWyQVnZS6udnFnZHZ/8OWXuUYv9ir3OY+vs= +github.com/pulumi/pulumi/sdk/v3 v3.105.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/rakyll/embedmd v0.0.0-20171029212350-c8060a0752a2/go.mod h1:7jOTMgqac46PZcF54q6l2hkLEG8op93fZu61KmxWDV4= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= diff --git a/provider/cmd/pulumi-resource-azuread/schema.json b/provider/cmd/pulumi-resource-azuread/schema.json index e64446c6e..689ba8e51 100644 --- a/provider/cmd/pulumi-resource-azuread/schema.json +++ b/provider/cmd/pulumi-resource-azuread/schema.json @@ -2610,7 +2610,7 @@ }, "resources": { "azuread:index/accessPackage:AccessPackage": { - "description": "Manages an Access Package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAccess Packages can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages an Access Package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAccess Packages can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "catalogId": { "type": "string", @@ -2683,7 +2683,7 @@ } }, "azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy": { - "description": "Manages an assignment policy for an access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Identity Governance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"group-name\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\nconst exampleAccessPackageAssignmentPolicy = new azuread.AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\", {\n accessPackageId: exampleAccessPackage.id,\n displayName: \"assignment-policy\",\n description: \"My assignment policy\",\n durationInDays: 90,\n requestorSettings: {\n scopeType: \"AllExistingDirectoryMemberUsers\",\n },\n approvalSettings: {\n approvalRequired: true,\n approvalStages: [{\n approvalTimeoutInDays: 14,\n primaryApprovers: [{\n objectId: exampleGroup.objectId,\n subjectType: \"groupMembers\",\n }],\n }],\n },\n assignmentReviewSettings: {\n enabled: true,\n reviewFrequency: \"weekly\",\n durationInDays: 3,\n reviewType: \"Self\",\n accessReviewTimeoutBehavior: \"keepAccess\",\n },\n questions: [{\n text: {\n defaultText: \"hello, how are you?\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"group-name\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\nexample_access_package_assignment_policy = azuread.AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\",\n access_package_id=example_access_package.id,\n display_name=\"assignment-policy\",\n description=\"My assignment policy\",\n duration_in_days=90,\n requestor_settings=azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs(\n scope_type=\"AllExistingDirectoryMemberUsers\",\n ),\n approval_settings=azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs(\n approval_required=True,\n approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(\n approval_timeout_in_days=14,\n primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(\n object_id=example_group.object_id,\n subject_type=\"groupMembers\",\n )],\n )],\n ),\n assignment_review_settings=azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(\n enabled=True,\n review_frequency=\"weekly\",\n duration_in_days=3,\n review_type=\"Self\",\n access_review_timeout_behavior=\"keepAccess\",\n ),\n questions=[azuread.AccessPackageAssignmentPolicyQuestionArgs(\n text=azuread.AccessPackageAssignmentPolicyQuestionTextArgs(\n default_text=\"hello, how are you?\",\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"group-name\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n var exampleAccessPackageAssignmentPolicy = new AzureAD.AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\", new()\n {\n AccessPackageId = exampleAccessPackage.Id,\n DisplayName = \"assignment-policy\",\n Description = \"My assignment policy\",\n DurationInDays = 90,\n RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs\n {\n ScopeType = \"AllExistingDirectoryMemberUsers\",\n },\n ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs\n {\n ApprovalRequired = true,\n ApprovalStages = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs\n {\n ApprovalTimeoutInDays = 14,\n PrimaryApprovers = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs\n {\n ObjectId = exampleGroup.ObjectId,\n SubjectType = \"groupMembers\",\n },\n },\n },\n },\n },\n AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs\n {\n Enabled = true,\n ReviewFrequency = \"weekly\",\n DurationInDays = 3,\n ReviewType = \"Self\",\n AccessReviewTimeoutBehavior = \"keepAccess\",\n },\n Questions = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs\n {\n Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs\n {\n DefaultText = \"hello, how are you?\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"group-name\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackage, err := azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageAssignmentPolicy(ctx, \"exampleAccessPackageAssignmentPolicy\", \u0026azuread.AccessPackageAssignmentPolicyArgs{\n\t\t\tAccessPackageId: exampleAccessPackage.ID(),\n\t\t\tDisplayName: pulumi.String(\"assignment-policy\"),\n\t\t\tDescription: pulumi.String(\"My assignment policy\"),\n\t\t\tDurationInDays: pulumi.Int(90),\n\t\t\tRequestorSettings: \u0026azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{\n\t\t\t\tScopeType: pulumi.String(\"AllExistingDirectoryMemberUsers\"),\n\t\t\t},\n\t\t\tApprovalSettings: \u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{\n\t\t\t\tApprovalRequired: pulumi.Bool(true),\n\t\t\t\tApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{\n\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{\n\t\t\t\t\t\tApprovalTimeoutInDays: pulumi.Int(14),\n\t\t\t\t\t\tPrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{\n\t\t\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{\n\t\t\t\t\t\t\t\tObjectId: exampleGroup.ObjectId,\n\t\t\t\t\t\t\t\tSubjectType: pulumi.String(\"groupMembers\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAssignmentReviewSettings: \u0026azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tReviewFrequency: pulumi.String(\"weekly\"),\n\t\t\t\tDurationInDays: pulumi.Int(3),\n\t\t\t\tReviewType: pulumi.String(\"Self\"),\n\t\t\t\tAccessReviewTimeoutBehavior: pulumi.String(\"keepAccess\"),\n\t\t\t},\n\t\t\tQuestions: azuread.AccessPackageAssignmentPolicyQuestionArray{\n\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyQuestionArgs{\n\t\t\t\t\tText: \u0026azuread.AccessPackageAssignmentPolicyQuestionTextArgs{\n\t\t\t\t\t\tDefaultText: pulumi.String(\"hello, how are you?\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicy;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicyArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"group-name\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n var exampleAccessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\", AccessPackageAssignmentPolicyArgs.builder() \n .accessPackageId(exampleAccessPackage.id())\n .displayName(\"assignment-policy\")\n .description(\"My assignment policy\")\n .durationInDays(90)\n .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder()\n .scopeType(\"AllExistingDirectoryMemberUsers\")\n .build())\n .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder()\n .approvalRequired(true)\n .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder()\n .approvalTimeoutInDays(14)\n .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder()\n .objectId(exampleGroup.objectId())\n .subjectType(\"groupMembers\")\n .build())\n .build())\n .build())\n .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder()\n .enabled(true)\n .reviewFrequency(\"weekly\")\n .durationInDays(3)\n .reviewType(\"Self\")\n .accessReviewTimeoutBehavior(\"keepAccess\")\n .build())\n .questions(AccessPackageAssignmentPolicyQuestionArgs.builder()\n .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder()\n .defaultText(\"hello, how are you?\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: group-name\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n exampleAccessPackageAssignmentPolicy:\n type: azuread:AccessPackageAssignmentPolicy\n properties:\n accessPackageId: ${exampleAccessPackage.id}\n displayName: assignment-policy\n description: My assignment policy\n durationInDays: 90\n requestorSettings:\n scopeType: AllExistingDirectoryMemberUsers\n approvalSettings:\n approvalRequired: true\n approvalStages:\n - approvalTimeoutInDays: 14\n primaryApprovers:\n - objectId: ${exampleGroup.objectId}\n subjectType: groupMembers\n assignmentReviewSettings:\n enabled: true\n reviewFrequency: weekly\n durationInDays: 3\n reviewType: Self\n accessReviewTimeoutBehavior: keepAccess\n questions:\n - text:\n defaultText: hello, how are you?\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn access package assignment policy can be imported using the ID, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages an assignment policy for an access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Identity Governance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"group-name\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\nconst exampleAccessPackageAssignmentPolicy = new azuread.AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\", {\n accessPackageId: exampleAccessPackage.id,\n displayName: \"assignment-policy\",\n description: \"My assignment policy\",\n durationInDays: 90,\n requestorSettings: {\n scopeType: \"AllExistingDirectoryMemberUsers\",\n },\n approvalSettings: {\n approvalRequired: true,\n approvalStages: [{\n approvalTimeoutInDays: 14,\n primaryApprovers: [{\n objectId: exampleGroup.objectId,\n subjectType: \"groupMembers\",\n }],\n }],\n },\n assignmentReviewSettings: {\n enabled: true,\n reviewFrequency: \"weekly\",\n durationInDays: 3,\n reviewType: \"Self\",\n accessReviewTimeoutBehavior: \"keepAccess\",\n },\n questions: [{\n text: {\n defaultText: \"hello, how are you?\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"group-name\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\nexample_access_package_assignment_policy = azuread.AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\",\n access_package_id=example_access_package.id,\n display_name=\"assignment-policy\",\n description=\"My assignment policy\",\n duration_in_days=90,\n requestor_settings=azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs(\n scope_type=\"AllExistingDirectoryMemberUsers\",\n ),\n approval_settings=azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs(\n approval_required=True,\n approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(\n approval_timeout_in_days=14,\n primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(\n object_id=example_group.object_id,\n subject_type=\"groupMembers\",\n )],\n )],\n ),\n assignment_review_settings=azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(\n enabled=True,\n review_frequency=\"weekly\",\n duration_in_days=3,\n review_type=\"Self\",\n access_review_timeout_behavior=\"keepAccess\",\n ),\n questions=[azuread.AccessPackageAssignmentPolicyQuestionArgs(\n text=azuread.AccessPackageAssignmentPolicyQuestionTextArgs(\n default_text=\"hello, how are you?\",\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"group-name\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n var exampleAccessPackageAssignmentPolicy = new AzureAD.AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\", new()\n {\n AccessPackageId = exampleAccessPackage.Id,\n DisplayName = \"assignment-policy\",\n Description = \"My assignment policy\",\n DurationInDays = 90,\n RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs\n {\n ScopeType = \"AllExistingDirectoryMemberUsers\",\n },\n ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs\n {\n ApprovalRequired = true,\n ApprovalStages = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs\n {\n ApprovalTimeoutInDays = 14,\n PrimaryApprovers = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs\n {\n ObjectId = exampleGroup.ObjectId,\n SubjectType = \"groupMembers\",\n },\n },\n },\n },\n },\n AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs\n {\n Enabled = true,\n ReviewFrequency = \"weekly\",\n DurationInDays = 3,\n ReviewType = \"Self\",\n AccessReviewTimeoutBehavior = \"keepAccess\",\n },\n Questions = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs\n {\n Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs\n {\n DefaultText = \"hello, how are you?\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"group-name\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackage, err := azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageAssignmentPolicy(ctx, \"exampleAccessPackageAssignmentPolicy\", \u0026azuread.AccessPackageAssignmentPolicyArgs{\n\t\t\tAccessPackageId: exampleAccessPackage.ID(),\n\t\t\tDisplayName: pulumi.String(\"assignment-policy\"),\n\t\t\tDescription: pulumi.String(\"My assignment policy\"),\n\t\t\tDurationInDays: pulumi.Int(90),\n\t\t\tRequestorSettings: \u0026azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{\n\t\t\t\tScopeType: pulumi.String(\"AllExistingDirectoryMemberUsers\"),\n\t\t\t},\n\t\t\tApprovalSettings: \u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{\n\t\t\t\tApprovalRequired: pulumi.Bool(true),\n\t\t\t\tApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{\n\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{\n\t\t\t\t\t\tApprovalTimeoutInDays: pulumi.Int(14),\n\t\t\t\t\t\tPrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{\n\t\t\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{\n\t\t\t\t\t\t\t\tObjectId: exampleGroup.ObjectId,\n\t\t\t\t\t\t\t\tSubjectType: pulumi.String(\"groupMembers\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAssignmentReviewSettings: \u0026azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tReviewFrequency: pulumi.String(\"weekly\"),\n\t\t\t\tDurationInDays: pulumi.Int(3),\n\t\t\t\tReviewType: pulumi.String(\"Self\"),\n\t\t\t\tAccessReviewTimeoutBehavior: pulumi.String(\"keepAccess\"),\n\t\t\t},\n\t\t\tQuestions: azuread.AccessPackageAssignmentPolicyQuestionArray{\n\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyQuestionArgs{\n\t\t\t\t\tText: \u0026azuread.AccessPackageAssignmentPolicyQuestionTextArgs{\n\t\t\t\t\t\tDefaultText: pulumi.String(\"hello, how are you?\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicy;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicyArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"group-name\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n var exampleAccessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy(\"exampleAccessPackageAssignmentPolicy\", AccessPackageAssignmentPolicyArgs.builder() \n .accessPackageId(exampleAccessPackage.id())\n .displayName(\"assignment-policy\")\n .description(\"My assignment policy\")\n .durationInDays(90)\n .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder()\n .scopeType(\"AllExistingDirectoryMemberUsers\")\n .build())\n .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder()\n .approvalRequired(true)\n .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder()\n .approvalTimeoutInDays(14)\n .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder()\n .objectId(exampleGroup.objectId())\n .subjectType(\"groupMembers\")\n .build())\n .build())\n .build())\n .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder()\n .enabled(true)\n .reviewFrequency(\"weekly\")\n .durationInDays(3)\n .reviewType(\"Self\")\n .accessReviewTimeoutBehavior(\"keepAccess\")\n .build())\n .questions(AccessPackageAssignmentPolicyQuestionArgs.builder()\n .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder()\n .defaultText(\"hello, how are you?\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: group-name\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n exampleAccessPackageAssignmentPolicy:\n type: azuread:AccessPackageAssignmentPolicy\n properties:\n accessPackageId: ${exampleAccessPackage.id}\n displayName: assignment-policy\n description: My assignment policy\n durationInDays: 90\n requestorSettings:\n scopeType: AllExistingDirectoryMemberUsers\n approvalSettings:\n approvalRequired: true\n approvalStages:\n - approvalTimeoutInDays: 14\n primaryApprovers:\n - objectId: ${exampleGroup.objectId}\n subjectType: groupMembers\n assignmentReviewSettings:\n enabled: true\n reviewFrequency: weekly\n durationInDays: 3\n reviewType: Self\n accessReviewTimeoutBehavior: keepAccess\n questions:\n - text:\n defaultText: hello, how are you?\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn access package assignment policy can be imported using the ID, e.g.\n\n ```sh\n $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "accessPackageId": { "type": "string", @@ -2835,7 +2835,7 @@ } }, "azuread:index/accessPackageCatalog:AccessPackageCatalog": { - "description": "Manages an access package catalog within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AccessPackageCatalog(\"example\", {\n description: \"Example access package catalog\",\n displayName: \"example-access-package-catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AccessPackageCatalog(\"example\",\n description=\"Example access package catalog\",\n display_name=\"example-access-package-catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AccessPackageCatalog(\"example\", new()\n {\n Description = \"Example access package catalog\",\n DisplayName = \"example-access-package-catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAccessPackageCatalog(ctx, \"example\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDescription: pulumi.String(\"Example access package catalog\"),\n\t\t\tDisplayName: pulumi.String(\"example-access-package-catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessPackageCatalog(\"example\", AccessPackageCatalogArgs.builder() \n .description(\"Example access package catalog\")\n .displayName(\"example-access-package-catalog\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AccessPackageCatalog\n properties:\n description: Example access package catalog\n displayName: example-access-package-catalog\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn Access Package Catalog can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages an access package catalog within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Catalog creator` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AccessPackageCatalog(\"example\", {\n description: \"Example access package catalog\",\n displayName: \"example-access-package-catalog\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AccessPackageCatalog(\"example\",\n description=\"Example access package catalog\",\n display_name=\"example-access-package-catalog\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AccessPackageCatalog(\"example\", new()\n {\n Description = \"Example access package catalog\",\n DisplayName = \"example-access-package-catalog\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAccessPackageCatalog(ctx, \"example\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDescription: pulumi.String(\"Example access package catalog\"),\n\t\t\tDisplayName: pulumi.String(\"example-access-package-catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessPackageCatalog(\"example\", AccessPackageCatalogArgs.builder() \n .description(\"Example access package catalog\")\n .displayName(\"example-access-package-catalog\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AccessPackageCatalog\n properties:\n description: Example access package catalog\n displayName: example-access-package-catalog\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn Access Package Catalog can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "description": { "type": "string", @@ -2904,7 +2904,7 @@ } }, "azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment": { - "description": "Manages a single catalog role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `EntitlementManagement.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Identity Governance administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAccessPackageCatalogRole = azuread.getAccessPackageCatalogRole({\n displayName: \"Catalog owner\",\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-access-package-catalog\",\n description: \"Example access package catalog\",\n});\nconst exampleAccessPackageCatalogRoleAssignment = new azuread.AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", {\n roleId: exampleAccessPackageCatalogRole.then(exampleAccessPackageCatalogRole =\u003e exampleAccessPackageCatalogRole.objectId),\n principalObjectId: exampleUser.then(exampleUser =\u003e exampleUser.objectId),\n catalogId: exampleAccessPackageCatalog.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_access_package_catalog_role = azuread.get_access_package_catalog_role(display_name=\"Catalog owner\")\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-access-package-catalog\",\n description=\"Example access package catalog\")\nexample_access_package_catalog_role_assignment = azuread.AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\",\n role_id=example_access_package_catalog_role.object_id,\n principal_object_id=example_user.object_id,\n catalog_id=example_access_package_catalog.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAccessPackageCatalogRole = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n DisplayName = \"Catalog owner\",\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-access-package-catalog\",\n Description = \"Example access package catalog\",\n });\n\n var exampleAccessPackageCatalogRoleAssignment = new AzureAD.AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", new()\n {\n RoleId = exampleAccessPackageCatalogRole.Apply(getAccessPackageCatalogRoleResult =\u003e getAccessPackageCatalogRoleResult.ObjectId),\n PrincipalObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.ObjectId),\n CatalogId = exampleAccessPackageCatalog.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalogRole, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Catalog owner\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-access-package-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example access package catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalogRoleAssignment(ctx, \"exampleAccessPackageCatalogRoleAssignment\", \u0026azuread.AccessPackageCatalogRoleAssignmentArgs{\n\t\t\tRoleId: *pulumi.String(exampleAccessPackageCatalogRole.ObjectId),\n\t\t\tPrincipalObjectId: *pulumi.String(exampleUser.ObjectId),\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignment;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n final var exampleAccessPackageCatalogRole = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .displayName(\"Catalog owner\")\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-access-package-catalog\")\n .description(\"Example access package catalog\")\n .build());\n\n var exampleAccessPackageCatalogRoleAssignment = new AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", AccessPackageCatalogRoleAssignmentArgs.builder() \n .roleId(exampleAccessPackageCatalogRole.applyValue(getAccessPackageCatalogRoleResult -\u003e getAccessPackageCatalogRoleResult.objectId()))\n .principalObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .catalogId(exampleAccessPackageCatalog.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-access-package-catalog\n description: Example access package catalog\n exampleAccessPackageCatalogRoleAssignment:\n type: azuread:AccessPackageCatalogRoleAssignment\n properties:\n roleId: ${exampleAccessPackageCatalogRole.objectId}\n principalObjectId: ${exampleUser.objectId}\n catalogId: ${exampleAccessPackageCatalog.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n exampleAccessPackageCatalogRole:\n fn::invoke:\n Function: azuread:getAccessPackageCatalogRole\n Arguments:\n displayName: Catalog owner\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nCatalog role assignments can be imported using the ID of the assignment, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a single catalog role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `EntitlementManagement.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Identity Governance administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAccessPackageCatalogRole = azuread.getAccessPackageCatalogRole({\n displayName: \"Catalog owner\",\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-access-package-catalog\",\n description: \"Example access package catalog\",\n});\nconst exampleAccessPackageCatalogRoleAssignment = new azuread.AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", {\n roleId: exampleAccessPackageCatalogRole.then(exampleAccessPackageCatalogRole =\u003e exampleAccessPackageCatalogRole.objectId),\n principalObjectId: exampleUser.then(exampleUser =\u003e exampleUser.objectId),\n catalogId: exampleAccessPackageCatalog.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_access_package_catalog_role = azuread.get_access_package_catalog_role(display_name=\"Catalog owner\")\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-access-package-catalog\",\n description=\"Example access package catalog\")\nexample_access_package_catalog_role_assignment = azuread.AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\",\n role_id=example_access_package_catalog_role.object_id,\n principal_object_id=example_user.object_id,\n catalog_id=example_access_package_catalog.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAccessPackageCatalogRole = AzureAD.GetAccessPackageCatalogRole.Invoke(new()\n {\n DisplayName = \"Catalog owner\",\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-access-package-catalog\",\n Description = \"Example access package catalog\",\n });\n\n var exampleAccessPackageCatalogRoleAssignment = new AzureAD.AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", new()\n {\n RoleId = exampleAccessPackageCatalogRole.Apply(getAccessPackageCatalogRoleResult =\u003e getAccessPackageCatalogRoleResult.ObjectId),\n PrincipalObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.ObjectId),\n CatalogId = exampleAccessPackageCatalog.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalogRole, err := azuread.GetAccessPackageCatalogRole(ctx, \u0026azuread.GetAccessPackageCatalogRoleArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Catalog owner\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-access-package-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example access package catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalogRoleAssignment(ctx, \"exampleAccessPackageCatalogRoleAssignment\", \u0026azuread.AccessPackageCatalogRoleAssignmentArgs{\n\t\t\tRoleId: *pulumi.String(exampleAccessPackageCatalogRole.ObjectId),\n\t\t\tPrincipalObjectId: *pulumi.String(exampleUser.ObjectId),\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.inputs.GetAccessPackageCatalogRoleArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignment;\nimport com.pulumi.azuread.AccessPackageCatalogRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n final var exampleAccessPackageCatalogRole = AzureadFunctions.getAccessPackageCatalogRole(GetAccessPackageCatalogRoleArgs.builder()\n .displayName(\"Catalog owner\")\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-access-package-catalog\")\n .description(\"Example access package catalog\")\n .build());\n\n var exampleAccessPackageCatalogRoleAssignment = new AccessPackageCatalogRoleAssignment(\"exampleAccessPackageCatalogRoleAssignment\", AccessPackageCatalogRoleAssignmentArgs.builder() \n .roleId(exampleAccessPackageCatalogRole.applyValue(getAccessPackageCatalogRoleResult -\u003e getAccessPackageCatalogRoleResult.objectId()))\n .principalObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .catalogId(exampleAccessPackageCatalog.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-access-package-catalog\n description: Example access package catalog\n exampleAccessPackageCatalogRoleAssignment:\n type: azuread:AccessPackageCatalogRoleAssignment\n properties:\n roleId: ${exampleAccessPackageCatalogRole.objectId}\n principalObjectId: ${exampleUser.objectId}\n catalogId: ${exampleAccessPackageCatalog.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n exampleAccessPackageCatalogRole:\n fn::invoke:\n Function: azuread:getAccessPackageCatalogRole\n Arguments:\n displayName: Catalog owner\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nCatalog role assignments can be imported using the ID of the assignment, e.g.\n\n ```sh\n $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "catalogId": { "type": "string", @@ -2969,7 +2969,7 @@ } }, "azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation": { - "description": "Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example-group\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", {\n catalogId: azuread_access_package_catalog.example_catalog.id,\n resourceOriginId: azuread_group.example_group.object_id,\n resourceOriginSystem: \"AadGroup\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example-group\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"],\n resource_origin_id=azuread_group[\"example_group\"][\"object_id\"],\n resource_origin_system=\"AadGroup\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example-group\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", new()\n {\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n ResourceOriginId = azuread_group.Example_group.Object_id,\n ResourceOriginSystem = \"AadGroup\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example-group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageResourceCatalogAssociation(ctx, \"exampleAccessPackageResourceCatalogAssociation\", \u0026azuread.AccessPackageResourceCatalogAssociationArgs{\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t\tResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id),\n\t\t\tResourceOriginSystem: pulumi.String(\"AadGroup\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociation;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example-group\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", AccessPackageResourceCatalogAssociationArgs.builder() \n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .resourceOriginId(azuread_group.example_group().object_id())\n .resourceOriginSystem(\"AadGroup\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example-group\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackageResourceCatalogAssociation:\n type: azuread:AccessPackageResourceCatalogAssociation\n properties:\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n resourceOriginId: ${azuread_group.example_group.object_id}\n resourceOriginSystem: AadGroup\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. ", + "description": "Manages the resources added to access package catalogs within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner` or `Global Administrator`\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example-group\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", {\n catalogId: azuread_access_package_catalog.example_catalog.id,\n resourceOriginId: azuread_group.example_group.object_id,\n resourceOriginSystem: \"AadGroup\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example-group\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"],\n resource_origin_id=azuread_group[\"example_group\"][\"object_id\"],\n resource_origin_system=\"AadGroup\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example-group\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", new()\n {\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n ResourceOriginId = azuread_group.Example_group.Object_id,\n ResourceOriginSystem = \"AadGroup\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example-group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageResourceCatalogAssociation(ctx, \"exampleAccessPackageResourceCatalogAssociation\", \u0026azuread.AccessPackageResourceCatalogAssociationArgs{\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t\tResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id),\n\t\t\tResourceOriginSystem: pulumi.String(\"AadGroup\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociation;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example-group\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", AccessPackageResourceCatalogAssociationArgs.builder() \n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .resourceOriginId(azuread_group.example_group().object_id())\n .resourceOriginSystem(\"AadGroup\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example-group\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackageResourceCatalogAssociation:\n type: azuread:AccessPackageResourceCatalogAssociation\n properties:\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n resourceOriginId: ${azuread_group.example_group.object_id}\n resourceOriginSystem: AadGroup\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g.\n\n ```sh\n $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`.\n\n ", "properties": { "catalogId": { "type": "string", @@ -3034,7 +3034,7 @@ } }, "azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation": { - "description": "Manages the resources added to access packages within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example-group\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", {\n catalogId: azuread_access_package_catalog.example_catalog.id,\n resourceOriginId: azuread_group.example_group.object_id,\n resourceOriginSystem: \"AadGroup\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n displayName: \"example-package\",\n description: \"Example Package\",\n catalogId: azuread_access_package_catalog.example_catalog.id,\n});\nconst exampleAccessPackageResourcePackageAssociation = new azuread.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", {\n accessPackageId: exampleAccessPackage.id,\n catalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example-group\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"],\n resource_origin_id=azuread_group[\"example_group\"][\"object_id\"],\n resource_origin_system=\"AadGroup\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n display_name=\"example-package\",\n description=\"Example Package\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"])\nexample_access_package_resource_package_association = azuread.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\",\n access_package_id=example_access_package.id,\n catalog_resource_association_id=example_access_package_resource_catalog_association.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example-group\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", new()\n {\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n ResourceOriginId = azuread_group.Example_group.Object_id,\n ResourceOriginSystem = \"AadGroup\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n DisplayName = \"example-package\",\n Description = \"Example Package\",\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n });\n\n var exampleAccessPackageResourcePackageAssociation = new AzureAD.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", new()\n {\n AccessPackageId = exampleAccessPackage.Id,\n CatalogResourceAssociationId = exampleAccessPackageResourceCatalogAssociation.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example-group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageResourceCatalogAssociation, err := azuread.NewAccessPackageResourceCatalogAssociation(ctx, \"exampleAccessPackageResourceCatalogAssociation\", \u0026azuread.AccessPackageResourceCatalogAssociationArgs{\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t\tResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id),\n\t\t\tResourceOriginSystem: pulumi.String(\"AadGroup\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackage, err := azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tDisplayName: pulumi.String(\"example-package\"),\n\t\t\tDescription: pulumi.String(\"Example Package\"),\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageResourcePackageAssociation(ctx, \"exampleAccessPackageResourcePackageAssociation\", \u0026azuread.AccessPackageResourcePackageAssociationArgs{\n\t\t\tAccessPackageId: exampleAccessPackage.ID(),\n\t\t\tCatalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociation;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageResourcePackageAssociation;\nimport com.pulumi.azuread.AccessPackageResourcePackageAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example-group\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", AccessPackageResourceCatalogAssociationArgs.builder() \n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .resourceOriginId(azuread_group.example_group().object_id())\n .resourceOriginSystem(\"AadGroup\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .displayName(\"example-package\")\n .description(\"Example Package\")\n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .build());\n\n var exampleAccessPackageResourcePackageAssociation = new AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", AccessPackageResourcePackageAssociationArgs.builder() \n .accessPackageId(exampleAccessPackage.id())\n .catalogResourceAssociationId(exampleAccessPackageResourceCatalogAssociation.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example-group\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackageResourceCatalogAssociation:\n type: azuread:AccessPackageResourceCatalogAssociation\n properties:\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n resourceOriginId: ${azuread_group.example_group.object_id}\n resourceOriginSystem: AadGroup\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n displayName: example-package\n description: Example Package\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n exampleAccessPackageResourcePackageAssociation:\n type: azuread:AccessPackageResourcePackageAssociation\n properties:\n accessPackageId: ${exampleAccessPackage.id}\n catalogResourceAssociationId: ${exampleAccessPackageResourceCatalogAssociation.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`. ", + "description": "Manages the resources added to access packages within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Catalog owner`, `Access package manager` or `Global Administrator`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example-group\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackageResourceCatalogAssociation = new azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", {\n catalogId: azuread_access_package_catalog.example_catalog.id,\n resourceOriginId: azuread_group.example_group.object_id,\n resourceOriginSystem: \"AadGroup\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n displayName: \"example-package\",\n description: \"Example Package\",\n catalogId: azuread_access_package_catalog.example_catalog.id,\n});\nconst exampleAccessPackageResourcePackageAssociation = new azuread.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", {\n accessPackageId: exampleAccessPackage.id,\n catalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example-group\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package_resource_catalog_association = azuread.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"],\n resource_origin_id=azuread_group[\"example_group\"][\"object_id\"],\n resource_origin_system=\"AadGroup\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n display_name=\"example-package\",\n description=\"Example Package\",\n catalog_id=azuread_access_package_catalog[\"example_catalog\"][\"id\"])\nexample_access_package_resource_package_association = azuread.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\",\n access_package_id=example_access_package.id,\n catalog_resource_association_id=example_access_package_resource_catalog_association.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example-group\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackageResourceCatalogAssociation = new AzureAD.AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", new()\n {\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n ResourceOriginId = azuread_group.Example_group.Object_id,\n ResourceOriginSystem = \"AadGroup\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n DisplayName = \"example-package\",\n Description = \"Example Package\",\n CatalogId = azuread_access_package_catalog.Example_catalog.Id,\n });\n\n var exampleAccessPackageResourcePackageAssociation = new AzureAD.AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", new()\n {\n AccessPackageId = exampleAccessPackage.Id,\n CatalogResourceAssociationId = exampleAccessPackageResourceCatalogAssociation.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example-group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageResourceCatalogAssociation, err := azuread.NewAccessPackageResourceCatalogAssociation(ctx, \"exampleAccessPackageResourceCatalogAssociation\", \u0026azuread.AccessPackageResourceCatalogAssociationArgs{\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t\tResourceOriginId: pulumi.Any(azuread_group.Example_group.Object_id),\n\t\t\tResourceOriginSystem: pulumi.String(\"AadGroup\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackage, err := azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tDisplayName: pulumi.String(\"example-package\"),\n\t\t\tDescription: pulumi.String(\"Example Package\"),\n\t\t\tCatalogId: pulumi.Any(azuread_access_package_catalog.Example_catalog.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageResourcePackageAssociation(ctx, \"exampleAccessPackageResourcePackageAssociation\", \u0026azuread.AccessPackageResourcePackageAssociationArgs{\n\t\t\tAccessPackageId: exampleAccessPackage.ID(),\n\t\t\tCatalogResourceAssociationId: exampleAccessPackageResourceCatalogAssociation.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociation;\nimport com.pulumi.azuread.AccessPackageResourceCatalogAssociationArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageResourcePackageAssociation;\nimport com.pulumi.azuread.AccessPackageResourcePackageAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example-group\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackageResourceCatalogAssociation = new AccessPackageResourceCatalogAssociation(\"exampleAccessPackageResourceCatalogAssociation\", AccessPackageResourceCatalogAssociationArgs.builder() \n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .resourceOriginId(azuread_group.example_group().object_id())\n .resourceOriginSystem(\"AadGroup\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .displayName(\"example-package\")\n .description(\"Example Package\")\n .catalogId(azuread_access_package_catalog.example_catalog().id())\n .build());\n\n var exampleAccessPackageResourcePackageAssociation = new AccessPackageResourcePackageAssociation(\"exampleAccessPackageResourcePackageAssociation\", AccessPackageResourcePackageAssociationArgs.builder() \n .accessPackageId(exampleAccessPackage.id())\n .catalogResourceAssociationId(exampleAccessPackageResourceCatalogAssociation.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example-group\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackageResourceCatalogAssociation:\n type: azuread:AccessPackageResourceCatalogAssociation\n properties:\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n resourceOriginId: ${azuread_group.example_group.object_id}\n resourceOriginSystem: AadGroup\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n displayName: example-package\n description: Example Package\n catalogId: ${azuread_access_package_catalog.example_catalog.id}\n exampleAccessPackageResourcePackageAssociation:\n type: azuread:AccessPackageResourcePackageAssociation\n properties:\n accessPackageId: ${exampleAccessPackage.id}\n catalogResourceAssociationId: ${exampleAccessPackageResourceCatalogAssociation.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g.\n\n ```sh\n $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`.\n\n ", "properties": { "accessPackageId": { "type": "string", @@ -3097,7 +3097,7 @@ } }, "azuread:index/administrativeUnit:AdministrativeUnit": { - "description": "Manages an Administrative Unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AdministrativeUnit(\"example\", {\n description: \"Just an example\",\n displayName: \"Example-AU\",\n hiddenMembershipEnabled: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AdministrativeUnit(\"example\",\n description=\"Just an example\",\n display_name=\"Example-AU\",\n hidden_membership_enabled=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AdministrativeUnit(\"example\", new()\n {\n Description = \"Just an example\",\n DisplayName = \"Example-AU\",\n HiddenMembershipEnabled = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAdministrativeUnit(ctx, \"example\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDescription: pulumi.String(\"Just an example\"),\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t\tHiddenMembershipEnabled: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AdministrativeUnit(\"example\", AdministrativeUnitArgs.builder() \n .description(\"Just an example\")\n .displayName(\"Example-AU\")\n .hiddenMembershipEnabled(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AdministrativeUnit\n properties:\n description: Just an example\n displayName: Example-AU\n hiddenMembershipEnabled: false\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative units can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages an Administrative Unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AdministrativeUnit(\"example\", {\n description: \"Just an example\",\n displayName: \"Example-AU\",\n hiddenMembershipEnabled: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AdministrativeUnit(\"example\",\n description=\"Just an example\",\n display_name=\"Example-AU\",\n hidden_membership_enabled=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AdministrativeUnit(\"example\", new()\n {\n Description = \"Just an example\",\n DisplayName = \"Example-AU\",\n HiddenMembershipEnabled = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAdministrativeUnit(ctx, \"example\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDescription: pulumi.String(\"Just an example\"),\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t\tHiddenMembershipEnabled: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AdministrativeUnit(\"example\", AdministrativeUnitArgs.builder() \n .description(\"Just an example\")\n .displayName(\"Example-AU\")\n .hiddenMembershipEnabled(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AdministrativeUnit\n properties:\n description: Just an example\n displayName: Example-AU\n hiddenMembershipEnabled: false\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative units can be imported using their object ID, e.g.\n\n ```sh\n $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "description": { "type": "string", @@ -3195,7 +3195,7 @@ } }, "azuread:index/administrativeUnitMember:AdministrativeUnitMember": { - "description": "Manages a single administrative unit membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.AdministrativeUnit` resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", {displayName: \"Example-AU\"});\nconst exampleAdministrativeUnitMember = new azuread.AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", {\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", display_name=\"Example-AU\")\nexample_administrative_unit_member = azuread.AdministrativeUnitMember(\"exampleAdministrativeUnitMember\",\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"exampleAdministrativeUnit\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleAdministrativeUnitMember = new AzureAD.AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", new()\n {\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"exampleAdministrativeUnit\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitMember(ctx, \"exampleAdministrativeUnitMember\", \u0026azuread.AdministrativeUnitMemberArgs{\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.AdministrativeUnitMember;\nimport com.pulumi.azuread.AdministrativeUnitMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder() \n .displayName(\"Example-AU\")\n .build());\n\n var exampleAdministrativeUnitMember = new AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", AdministrativeUnitMemberArgs.builder() \n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n properties:\n displayName: Example-AU\n exampleAdministrativeUnitMember:\n type: azuread:AdministrativeUnitMember\n properties:\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g.\n\n```sh\n $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`. ", + "description": "Manages a single administrative unit membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.AdministrativeUnit` resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", {displayName: \"Example-AU\"});\nconst exampleAdministrativeUnitMember = new azuread.AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", {\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", display_name=\"Example-AU\")\nexample_administrative_unit_member = azuread.AdministrativeUnitMember(\"exampleAdministrativeUnitMember\",\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"exampleAdministrativeUnit\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleAdministrativeUnitMember = new AzureAD.AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", new()\n {\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"exampleAdministrativeUnit\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitMember(ctx, \"exampleAdministrativeUnitMember\", \u0026azuread.AdministrativeUnitMemberArgs{\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.AdministrativeUnitMember;\nimport com.pulumi.azuread.AdministrativeUnitMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder() \n .displayName(\"Example-AU\")\n .build());\n\n var exampleAdministrativeUnitMember = new AdministrativeUnitMember(\"exampleAdministrativeUnitMember\", AdministrativeUnitMemberArgs.builder() \n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n properties:\n displayName: Example-AU\n exampleAdministrativeUnitMember:\n type: azuread:AdministrativeUnitMember\n properties:\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g.\n\n ```sh\n $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`.\n\n ", "properties": { "administrativeUnitObjectId": { "type": "string", @@ -3236,7 +3236,7 @@ } }, "azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember": { - "description": "Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", {displayName: \"Example-AU\"});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"exampleDirectoryRole\", {displayName: \"Security administrator\"});\nconst exampleAdministrativeUnitRoleMember = new azuread.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", {\n roleObjectId: exampleDirectoryRole.objectId,\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", display_name=\"Example-AU\")\nexample_directory_role = azuread.DirectoryRole(\"exampleDirectoryRole\", display_name=\"Security administrator\")\nexample_administrative_unit_role_member = azuread.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\",\n role_object_id=example_directory_role.object_id,\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"exampleAdministrativeUnit\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"exampleDirectoryRole\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleAdministrativeUnitRoleMember = new AzureAD.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"exampleAdministrativeUnit\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"exampleDirectoryRole\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitRoleMember(ctx, \"exampleAdministrativeUnitRoleMember\", \u0026azuread.AdministrativeUnitRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.AdministrativeUnitRoleMember;\nimport com.pulumi.azuread.AdministrativeUnitRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder() \n .displayName(\"Example-AU\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder() \n .displayName(\"Security administrator\")\n .build());\n\n var exampleAdministrativeUnitRoleMember = new AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", AdministrativeUnitRoleMemberArgs.builder() \n .roleObjectId(exampleDirectoryRole.objectId())\n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n properties:\n displayName: Example-AU\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n properties:\n displayName: Security administrator\n exampleAdministrativeUnitRoleMember:\n type: azuread:AdministrativeUnitRoleMember\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g.\n\n```sh\n $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. ", + "description": "Manages a single directory role assignment scoped to an administrative unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` and `RoleManagement.ReadWrite.Directory`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleAdministrativeUnit = new azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", {displayName: \"Example-AU\"});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"exampleDirectoryRole\", {displayName: \"Security administrator\"});\nconst exampleAdministrativeUnitRoleMember = new azuread.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", {\n roleObjectId: exampleDirectoryRole.objectId,\n administrativeUnitObjectId: exampleAdministrativeUnit.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_administrative_unit = azuread.AdministrativeUnit(\"exampleAdministrativeUnit\", display_name=\"Example-AU\")\nexample_directory_role = azuread.DirectoryRole(\"exampleDirectoryRole\", display_name=\"Security administrator\")\nexample_administrative_unit_role_member = azuread.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\",\n role_object_id=example_directory_role.object_id,\n administrative_unit_object_id=example_administrative_unit.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleAdministrativeUnit = new AzureAD.AdministrativeUnit(\"exampleAdministrativeUnit\", new()\n {\n DisplayName = \"Example-AU\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"exampleDirectoryRole\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleAdministrativeUnitRoleMember = new AzureAD.AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n AdministrativeUnitObjectId = exampleAdministrativeUnit.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrativeUnit, err := azuread.NewAdministrativeUnit(ctx, \"exampleAdministrativeUnit\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"exampleDirectoryRole\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAdministrativeUnitRoleMember(ctx, \"exampleAdministrativeUnitRoleMember\", \u0026azuread.AdministrativeUnitRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tAdministrativeUnitObjectId: exampleAdministrativeUnit.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.AdministrativeUnitRoleMember;\nimport com.pulumi.azuread.AdministrativeUnitRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleAdministrativeUnit = new AdministrativeUnit(\"exampleAdministrativeUnit\", AdministrativeUnitArgs.builder() \n .displayName(\"Example-AU\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder() \n .displayName(\"Security administrator\")\n .build());\n\n var exampleAdministrativeUnitRoleMember = new AdministrativeUnitRoleMember(\"exampleAdministrativeUnitRoleMember\", AdministrativeUnitRoleMemberArgs.builder() \n .roleObjectId(exampleDirectoryRole.objectId())\n .administrativeUnitObjectId(exampleAdministrativeUnit.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAdministrativeUnit:\n type: azuread:AdministrativeUnit\n properties:\n displayName: Example-AU\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n properties:\n displayName: Security administrator\n exampleAdministrativeUnitRoleMember:\n type: azuread:AdministrativeUnitRoleMember\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n administrativeUnitObjectId: ${exampleAdministrativeUnit.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g.\n\n ```sh\n $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`.\n\n ", "properties": { "administrativeUnitObjectId": { "type": "string", @@ -3301,7 +3301,7 @@ } }, "azuread:index/appRoleAssignment:AppRoleAssignment": { - "description": "Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AppRoleAssignment.ReadWrite.All` and `Application.Read.All`, or `AppRoleAssignment.ReadWrite.All` and `Directory.Read.All`, or `Application.ReadWrite.All`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*App role assignment for accessing Microsoft Graph*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: msgraph.appRoleIds[\"User.Read.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: msgraph.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.app_role_ids[\"User.Read.All\"],\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=msgraph.app_role_ids[\"User.Read.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=msgraph.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = msgraph.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: msgraph.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(msgraph.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${msgraph.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*App role assignment for internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\"Application\"],\n description: \"Apps can query the database\",\n displayName: \"Query\",\n enabled: true,\n id: \"00000000-0000-0000-0000-111111111111\",\n value: \"Query.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: internalApplication.applicationId,\n resourceAccesses: [{\n id: internalServicePrincipal.appRoleIds[\"Query.All\"],\n type: \"Role\",\n }],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Query.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\"Application\"],\n description=\"Apps can query the database\",\n display_name=\"Query\",\n enabled=True,\n id=\"00000000-0000-0000-0000-111111111111\",\n value=\"Query.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=internal_application.application_id,\n resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=internal_service_principal.app_role_ids[\"Query.All\"],\n type=\"Role\",\n )],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Query.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n },\n Description = \"Apps can query the database\",\n DisplayName = \"Query\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-111111111111\",\n Value = \"Query.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = internalApplication.ApplicationId,\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n Type = \"Role\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Apps can query the database\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Query\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-111111111111\"),\n\t\t\t\t\tValue: pulumi.String(\"Query.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: internalApplication.ApplicationId,\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"Application\")\n .description(\"Apps can query the database\")\n .displayName(\"Query\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-111111111111\")\n .value(\"Query.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(internalApplication.applicationId())\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .type(\"Role\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n description: Apps can query the database\n displayName: Query\n enabled: true\n id: 00000000-0000-0000-0000-111111111111\n value: Query.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${internalApplication.applicationId}\n resourceAccesses:\n - id: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n type: Role\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n\n*Assign a user and group to an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleDomains = azuread.getDomains({\n onlyInitial: true,\n});\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\n \"Application\",\n \"User\",\n ],\n description: \"Admins can perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"00000000-0000-0000-0000-222222222222\",\n value: \"Admin.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"D. Duck\",\n password: \"SecretP@sswd99!\",\n userPrincipalName: exampleDomains.then(exampleDomains =\u003e `d.duck@${exampleDomains.domains?.[0]?.domainName}`),\n});\nconst exampleIndex_appRoleAssignmentAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleUser.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_domains = azuread.get_domains(only_initial=True)\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\n \"Application\",\n \"User\",\n ],\n description=\"Admins can perform all task actions\",\n display_name=\"Admin\",\n enabled=True,\n id=\"00000000-0000-0000-0000-222222222222\",\n value=\"Admin.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"D. Duck\",\n password=\"SecretP@sswd99!\",\n user_principal_name=f\"d.duck@{example_domains.domains[0].domain_name}\")\nexample_index_app_role_assignment_app_role_assignment = azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_user.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomains = AzureAD.GetDomains.Invoke(new()\n {\n OnlyInitial = true,\n });\n\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n \"User\",\n },\n Description = \"Admins can perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-222222222222\",\n Value = \"Admin.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"D. Duck\",\n Password = \"SecretP@sswd99!\",\n UserPrincipalName = $\"d.duck@{exampleDomains.Apply(getDomainsResult =\u003e getDomainsResult.Domains[0]?.DomainName)}\",\n });\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleUser.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomains, err := azuread.GetDomains(ctx, \u0026azuread.GetDomainsArgs{\n\t\t\tOnlyInitial: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-222222222222\"),\n\t\t\t\t\tValue: pulumi.String(\"Admin.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"D. Duck\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t\tUserPrincipalName: pulumi.String(fmt.Sprintf(\"d.duck@%v\", exampleDomains.Domains[0].DomainName)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleIndex/appRoleAssignmentAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleUser.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetDomainsArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleDomains = AzureadFunctions.getDomains(GetDomainsArgs.builder()\n .onlyInitial(true)\n .build());\n\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"Application\",\n \"User\")\n .description(\"Admins can perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-222222222222\")\n .value(\"Admin.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"D. Duck\")\n .password(\"SecretP@sswd99!\")\n .userPrincipalName(String.format(\"d.duck@%s\", exampleDomains.applyValue(getDomainsResult -\u003e getDomainsResult.domains()[0].domainName())))\n .build());\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleUser.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n - User\n description: Admins can perform all task actions\n displayName: Admin\n enabled: true\n id: 00000000-0000-0000-0000-222222222222\n value: Admin.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: D. Duck\n password: SecretP@sswd99!\n userPrincipalName: d.duck@${exampleDomains.domains[0].domainName}\n exampleIndex/appRoleAssignmentAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleUser.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\nvariables:\n exampleDomains:\n fn::invoke:\n Function: azuread:getDomains\n Arguments:\n onlyInitial: true\n```\n\n*Assign a group to the default app role for an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {displayName: \"internal\"});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: \"00000000-0000-0000-0000-000000000000\",\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\", display_name=\"internal\")\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=\"00000000-0000-0000-0000-000000000000\",\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = \"00000000-0000-0000-0000-000000000000\",\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(\"00000000-0000-0000-0000-000000000000\")\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: 00000000-0000-0000-0000-000000000000\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApp role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g.\n\n```sh\n $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. ", + "description": "Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AppRoleAssignment.ReadWrite.All` and `Application.Read.All`, or `AppRoleAssignment.ReadWrite.All` and `Directory.Read.All`, or `Application.ReadWrite.All`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*App role assignment for accessing Microsoft Graph*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: msgraph.appRoleIds[\"User.Read.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: msgraph.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.app_role_ids[\"User.Read.All\"],\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=msgraph.app_role_ids[\"User.Read.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=msgraph.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = msgraph.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: msgraph.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(msgraph.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${msgraph.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*App role assignment for internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\"Application\"],\n description: \"Apps can query the database\",\n displayName: \"Query\",\n enabled: true,\n id: \"00000000-0000-0000-0000-111111111111\",\n value: \"Query.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: internalApplication.applicationId,\n resourceAccesses: [{\n id: internalServicePrincipal.appRoleIds[\"Query.All\"],\n type: \"Role\",\n }],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Query.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\"Application\"],\n description=\"Apps can query the database\",\n display_name=\"Query\",\n enabled=True,\n id=\"00000000-0000-0000-0000-111111111111\",\n value=\"Query.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=internal_application.application_id,\n resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=internal_service_principal.app_role_ids[\"Query.All\"],\n type=\"Role\",\n )],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Query.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n },\n Description = \"Apps can query the database\",\n DisplayName = \"Query\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-111111111111\",\n Value = \"Query.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = internalApplication.ApplicationId,\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n Type = \"Role\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Apps can query the database\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Query\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-111111111111\"),\n\t\t\t\t\tValue: pulumi.String(\"Query.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: internalApplication.ApplicationId,\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"Application\")\n .description(\"Apps can query the database\")\n .displayName(\"Query\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-111111111111\")\n .value(\"Query.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(internalApplication.applicationId())\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .type(\"Role\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n description: Apps can query the database\n displayName: Query\n enabled: true\n id: 00000000-0000-0000-0000-111111111111\n value: Query.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${internalApplication.applicationId}\n resourceAccesses:\n - id: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n type: Role\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n\n*Assign a user and group to an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleDomains = azuread.getDomains({\n onlyInitial: true,\n});\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\n \"Application\",\n \"User\",\n ],\n description: \"Admins can perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"00000000-0000-0000-0000-222222222222\",\n value: \"Admin.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"D. Duck\",\n password: \"SecretP@sswd99!\",\n userPrincipalName: exampleDomains.then(exampleDomains =\u003e `d.duck@${exampleDomains.domains?.[0]?.domainName}`),\n});\nconst exampleIndex_appRoleAssignmentAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleUser.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_domains = azuread.get_domains(only_initial=True)\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\n \"Application\",\n \"User\",\n ],\n description=\"Admins can perform all task actions\",\n display_name=\"Admin\",\n enabled=True,\n id=\"00000000-0000-0000-0000-222222222222\",\n value=\"Admin.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"D. Duck\",\n password=\"SecretP@sswd99!\",\n user_principal_name=f\"d.duck@{example_domains.domains[0].domain_name}\")\nexample_index_app_role_assignment_app_role_assignment = azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_user.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomains = AzureAD.GetDomains.Invoke(new()\n {\n OnlyInitial = true,\n });\n\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n \"User\",\n },\n Description = \"Admins can perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-222222222222\",\n Value = \"Admin.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"D. Duck\",\n Password = \"SecretP@sswd99!\",\n UserPrincipalName = $\"d.duck@{exampleDomains.Apply(getDomainsResult =\u003e getDomainsResult.Domains[0]?.DomainName)}\",\n });\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleUser.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomains, err := azuread.GetDomains(ctx, \u0026azuread.GetDomainsArgs{\n\t\t\tOnlyInitial: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-222222222222\"),\n\t\t\t\t\tValue: pulumi.String(\"Admin.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"D. Duck\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t\tUserPrincipalName: pulumi.String(fmt.Sprintf(\"d.duck@%v\", exampleDomains.Domains[0].DomainName)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleIndex/appRoleAssignmentAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleUser.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetDomainsArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleDomains = AzureadFunctions.getDomains(GetDomainsArgs.builder()\n .onlyInitial(true)\n .build());\n\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"Application\",\n \"User\")\n .description(\"Admins can perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-222222222222\")\n .value(\"Admin.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"D. Duck\")\n .password(\"SecretP@sswd99!\")\n .userPrincipalName(String.format(\"d.duck@%s\", exampleDomains.applyValue(getDomainsResult -\u003e getDomainsResult.domains()[0].domainName())))\n .build());\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleUser.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n - User\n description: Admins can perform all task actions\n displayName: Admin\n enabled: true\n id: 00000000-0000-0000-0000-222222222222\n value: Admin.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: D. Duck\n password: SecretP@sswd99!\n userPrincipalName: d.duck@${exampleDomains.domains[0].domainName}\n exampleIndex/appRoleAssignmentAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleUser.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\nvariables:\n exampleDomains:\n fn::invoke:\n Function: azuread:getDomains\n Arguments:\n onlyInitial: true\n```\n\n*Assign a group to the default app role for an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {displayName: \"internal\"});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: \"00000000-0000-0000-0000-000000000000\",\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\", display_name=\"internal\")\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=\"00000000-0000-0000-0000-000000000000\",\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = \"00000000-0000-0000-0000-000000000000\",\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(\"00000000-0000-0000-0000-000000000000\")\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: 00000000-0000-0000-0000-000000000000\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApp role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g.\n\n ```sh\n $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`.\n\n ", "properties": { "appRoleId": { "type": "string", @@ -3393,7 +3393,7 @@ } }, "azuread:index/application:Application": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Create an application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as fs from \"fs\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n identifierUris: [\"api://example-app\"],\n logoImage: fs.readFileSync(\"/path/to/logo.png\", { encoding: \"base64\" }),\n owners: [current.then(current =\u003e current.objectId)],\n signInAudience: \"AzureADMultipleOrgs\",\n api: {\n mappedClaimsEnabled: true,\n requestedAccessTokenVersion: 2,\n knownClientApplications: [\n azuread_application.known1.application_id,\n azuread_application.known2.application_id,\n ],\n oauth2PermissionScopes: [\n {\n adminConsentDescription: \"Allow the application to access example on behalf of the signed-in user.\",\n adminConsentDisplayName: \"Access example\",\n enabled: true,\n id: \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n type: \"User\",\n userConsentDescription: \"Allow the application to access example on your behalf.\",\n userConsentDisplayName: \"Access example\",\n value: \"user_impersonation\",\n },\n {\n adminConsentDescription: \"Administer the example application\",\n adminConsentDisplayName: \"Administer\",\n enabled: true,\n id: \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n type: \"Admin\",\n value: \"administer\",\n },\n ],\n },\n appRoles: [\n {\n allowedMemberTypes: [\n \"User\",\n \"Application\",\n ],\n description: \"Admins can manage roles and perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n value: \"admin\",\n },\n {\n allowedMemberTypes: [\"User\"],\n description: \"ReadOnly roles have limited query access\",\n displayName: \"ReadOnly\",\n enabled: true,\n id: \"497406e4-012a-4267-bf18-45a1cb148a01\",\n value: \"User\",\n },\n ],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n optionalClaims: {\n accessTokens: [\n {\n name: \"myclaim\",\n },\n {\n name: \"otherclaim\",\n },\n ],\n idTokens: [{\n name: \"userclaim\",\n source: \"user\",\n essential: true,\n additionalProperties: [\"emit_as_roles\"],\n }],\n saml2Tokens: [{\n name: \"samlexample\",\n }],\n },\n requiredResourceAccesses: [\n {\n resourceAppId: \"00000003-0000-0000-c000-000000000000\",\n resourceAccesses: [\n {\n id: \"df021288-bdef-4463-88db-98f22de89214\",\n type: \"Role\",\n },\n {\n id: \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n type: \"Scope\",\n },\n ],\n },\n {\n resourceAppId: \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n resourceAccesses: [{\n id: \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n type: \"Role\",\n }],\n },\n ],\n web: {\n homepageUrl: \"https://app.example.net\",\n logoutUrl: \"https://app.example.net/logout\",\n redirectUris: [\"https://app.example.net/account\"],\n implicitGrant: {\n accessTokenIssuanceEnabled: true,\n idTokenIssuanceEnabled: true,\n },\n },\n});\n```\n```python\nimport pulumi\nimport base64\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n identifier_uris=[\"api://example-app\"],\n logo_image=(lambda path: base64.b64encode(open(path).read().encode()).decode())(\"/path/to/logo.png\"),\n owners=[current.object_id],\n sign_in_audience=\"AzureADMultipleOrgs\",\n api=azuread.ApplicationApiArgs(\n mapped_claims_enabled=True,\n requested_access_token_version=2,\n known_client_applications=[\n azuread_application[\"known1\"][\"application_id\"],\n azuread_application[\"known2\"][\"application_id\"],\n ],\n oauth2_permission_scopes=[\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Allow the application to access example on behalf of the signed-in user.\",\n admin_consent_display_name=\"Access example\",\n enabled=True,\n id=\"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n type=\"User\",\n user_consent_description=\"Allow the application to access example on your behalf.\",\n user_consent_display_name=\"Access example\",\n value=\"user_impersonation\",\n ),\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Administer the example application\",\n admin_consent_display_name=\"Administer\",\n enabled=True,\n id=\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n type=\"Admin\",\n value=\"administer\",\n ),\n ],\n ),\n app_roles=[\n azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\n \"User\",\n \"Application\",\n ],\n description=\"Admins can manage roles and perform all task actions\",\n display_name=\"Admin\",\n enabled=True,\n id=\"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n value=\"admin\",\n ),\n azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\"User\"],\n description=\"ReadOnly roles have limited query access\",\n display_name=\"ReadOnly\",\n enabled=True,\n id=\"497406e4-012a-4267-bf18-45a1cb148a01\",\n value=\"User\",\n ),\n ],\n feature_tags=[azuread.ApplicationFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )],\n optional_claims=azuread.ApplicationOptionalClaimsArgs(\n access_tokens=[\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"myclaim\",\n ),\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"otherclaim\",\n ),\n ],\n id_tokens=[azuread.ApplicationOptionalClaimsIdTokenArgs(\n name=\"userclaim\",\n source=\"user\",\n essential=True,\n additional_properties=[\"emit_as_roles\"],\n )],\n saml2_tokens=[azuread.ApplicationOptionalClaimsSaml2TokenArgs(\n name=\"samlexample\",\n )],\n ),\n required_resource_accesses=[\n azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=\"00000003-0000-0000-c000-000000000000\",\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=\"df021288-bdef-4463-88db-98f22de89214\",\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=\"b4e74841-8e56-480b-be8b-910348b18b4c\",\n type=\"Scope\",\n ),\n ],\n ),\n azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=\"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=\"594c1fb6-4f81-4475-ae41-0c394909246c\",\n type=\"Role\",\n )],\n ),\n ],\n web=azuread.ApplicationWebArgs(\n homepage_url=\"https://app.example.net\",\n logout_url=\"https://app.example.net/logout\",\n redirect_uris=[\"https://app.example.net/account\"],\n implicit_grant=azuread.ApplicationWebImplicitGrantArgs(\n access_token_issuance_enabled=True,\n id_token_issuance_enabled=True,\n ),\n ))\n```\n```csharp\nusing System;\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\n\t\nstring ReadFileBase64(string path) \n{\n return Convert.ToBase64String(Encoding.UTF8.GetBytes(File.ReadAllText(path)));\n}\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n IdentifierUris = new[]\n {\n \"api://example-app\",\n },\n LogoImage = ReadFileBase64(\"/path/to/logo.png\"),\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SignInAudience = \"AzureADMultipleOrgs\",\n Api = new AzureAD.Inputs.ApplicationApiArgs\n {\n MappedClaimsEnabled = true,\n RequestedAccessTokenVersion = 2,\n KnownClientApplications = new[]\n {\n azuread_application.Known1.Application_id,\n azuread_application.Known2.Application_id,\n },\n Oauth2PermissionScopes = new[]\n {\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Allow the application to access example on behalf of the signed-in user.\",\n AdminConsentDisplayName = \"Access example\",\n Enabled = true,\n Id = \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n Type = \"User\",\n UserConsentDescription = \"Allow the application to access example on your behalf.\",\n UserConsentDisplayName = \"Access example\",\n Value = \"user_impersonation\",\n },\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Administer the example application\",\n AdminConsentDisplayName = \"Administer\",\n Enabled = true,\n Id = \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n Type = \"Admin\",\n Value = \"administer\",\n },\n },\n },\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n \"Application\",\n },\n Description = \"Admins can manage roles and perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n Value = \"admin\",\n },\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n },\n Description = \"ReadOnly roles have limited query access\",\n DisplayName = \"ReadOnly\",\n Enabled = true,\n Id = \"497406e4-012a-4267-bf18-45a1cb148a01\",\n Value = \"User\",\n },\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n OptionalClaims = new AzureAD.Inputs.ApplicationOptionalClaimsArgs\n {\n AccessTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"myclaim\",\n },\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"otherclaim\",\n },\n },\n IdTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsIdTokenArgs\n {\n Name = \"userclaim\",\n Source = \"user\",\n Essential = true,\n AdditionalProperties = new[]\n {\n \"emit_as_roles\",\n },\n },\n },\n Saml2Tokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsSaml2TokenArgs\n {\n Name = \"samlexample\",\n },\n },\n },\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"00000003-0000-0000-c000-000000000000\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"df021288-bdef-4463-88db-98f22de89214\",\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n Type = \"Scope\",\n },\n },\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n Type = \"Role\",\n },\n },\n },\n },\n Web = new AzureAD.Inputs.ApplicationWebArgs\n {\n HomepageUrl = \"https://app.example.net\",\n LogoutUrl = \"https://app.example.net/logout\",\n RedirectUris = new[]\n {\n \"https://app.example.net/account\",\n },\n ImplicitGrant = new AzureAD.Inputs.ApplicationWebImplicitGrantArgs\n {\n AccessTokenIssuanceEnabled = true,\n IdTokenIssuanceEnabled = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/base64\"\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc filebase64OrPanic(path string) string {\n\tif fileData, err := os.ReadFile(path); err == nil {\n\t\treturn base64.StdEncoding.EncodeToString(fileData[:])\n\t} else {\n\t\tpanic(err.Error())\n\t}\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tIdentifierUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://example-app\"),\n\t\t\t},\n\t\t\tLogoImage: filebase64OrPanic(\"/path/to/logo.png\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSignInAudience: pulumi.String(\"AzureADMultipleOrgs\"),\n\t\t\tApi: \u0026azuread.ApplicationApiArgs{\n\t\t\t\tMappedClaimsEnabled: pulumi.Bool(true),\n\t\t\t\tRequestedAccessTokenVersion: pulumi.Int(2),\n\t\t\t\tKnownClientApplications: pulumi.StringArray{\n\t\t\t\t\tazuread_application.Known1.Application_id,\n\t\t\t\t\tazuread_application.Known2.Application_id,\n\t\t\t\t},\n\t\t\t\tOauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Allow the application to access example on behalf of the signed-in user.\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"96183846-204b-4b43-82e1-5d2222eb4b9b\"),\n\t\t\t\t\t\tType: pulumi.String(\"User\"),\n\t\t\t\t\t\tUserConsentDescription: pulumi.String(\"Allow the application to access example on your behalf.\"),\n\t\t\t\t\t\tUserConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tValue: pulumi.String(\"user_impersonation\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Administer the example application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\"),\n\t\t\t\t\t\tType: pulumi.String(\"Admin\"),\n\t\t\t\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can manage roles and perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"1b19509b-32b1-4e9f-b71d-4992aa991967\"),\n\t\t\t\t\tValue: pulumi.String(\"admin\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"ReadOnly roles have limited query access\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"ReadOnly\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"497406e4-012a-4267-bf18-45a1cb148a01\"),\n\t\t\t\t\tValue: pulumi.String(\"User\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOptionalClaims: \u0026azuread.ApplicationOptionalClaimsTypeArgs{\n\t\t\t\tAccessTokens: azuread.ApplicationOptionalClaimsAccessTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"myclaim\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"otherclaim\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tIdTokens: azuread.ApplicationOptionalClaimsIdTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsIdTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"userclaim\"),\n\t\t\t\t\t\tSource: pulumi.String(\"user\"),\n\t\t\t\t\t\tEssential: pulumi.Bool(true),\n\t\t\t\t\t\tAdditionalProperties: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"emit_as_roles\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSaml2Tokens: azuread.ApplicationOptionalClaimsSaml2TokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsSaml2TokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"samlexample\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"00000003-0000-0000-c000-000000000000\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"df021288-bdef-4463-88db-98f22de89214\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"b4e74841-8e56-480b-be8b-910348b18b4c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"594c1fb6-4f81-4475-ae41-0c394909246c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tWeb: \u0026azuread.ApplicationWebArgs{\n\t\t\t\tHomepageUrl: pulumi.String(\"https://app.example.net\"),\n\t\t\t\tLogoutUrl: pulumi.String(\"https://app.example.net/logout\"),\n\t\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"https://app.example.net/account\"),\n\t\t\t\t},\n\t\t\t\tImplicitGrant: \u0026azuread.ApplicationWebImplicitGrantArgs{\n\t\t\t\t\tAccessTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t\tIdTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationApiArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebImplicitGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder() \n .displayName(\"example\")\n .identifierUris(\"api://example-app\")\n .logoImage(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get(\"/path/to/logo.png\"))))\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .signInAudience(\"AzureADMultipleOrgs\")\n .api(ApplicationApiArgs.builder()\n .mappedClaimsEnabled(true)\n .requestedAccessTokenVersion(2)\n .knownClientApplications( \n azuread_application.known1().application_id(),\n azuread_application.known2().application_id())\n .oauth2PermissionScopes( \n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Allow the application to access example on behalf of the signed-in user.\")\n .adminConsentDisplayName(\"Access example\")\n .enabled(true)\n .id(\"96183846-204b-4b43-82e1-5d2222eb4b9b\")\n .type(\"User\")\n .userConsentDescription(\"Allow the application to access example on your behalf.\")\n .userConsentDisplayName(\"Access example\")\n .value(\"user_impersonation\")\n .build(),\n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Administer the example application\")\n .adminConsentDisplayName(\"Administer\")\n .enabled(true)\n .id(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\")\n .type(\"Admin\")\n .value(\"administer\")\n .build())\n .build())\n .appRoles( \n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"User\",\n \"Application\")\n .description(\"Admins can manage roles and perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"1b19509b-32b1-4e9f-b71d-4992aa991967\")\n .value(\"admin\")\n .build(),\n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"User\")\n .description(\"ReadOnly roles have limited query access\")\n .displayName(\"ReadOnly\")\n .enabled(true)\n .id(\"497406e4-012a-4267-bf18-45a1cb148a01\")\n .value(\"User\")\n .build())\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .optionalClaims(ApplicationOptionalClaimsArgs.builder()\n .accessTokens( \n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"myclaim\")\n .build(),\n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"otherclaim\")\n .build())\n .idTokens(ApplicationOptionalClaimsIdTokenArgs.builder()\n .name(\"userclaim\")\n .source(\"user\")\n .essential(true)\n .additionalProperties(\"emit_as_roles\")\n .build())\n .saml2Tokens(ApplicationOptionalClaimsSaml2TokenArgs.builder()\n .name(\"samlexample\")\n .build())\n .build())\n .requiredResourceAccesses( \n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"00000003-0000-0000-c000-000000000000\")\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"df021288-bdef-4463-88db-98f22de89214\")\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"b4e74841-8e56-480b-be8b-910348b18b4c\")\n .type(\"Scope\")\n .build())\n .build(),\n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\")\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"594c1fb6-4f81-4475-ae41-0c394909246c\")\n .type(\"Role\")\n .build())\n .build())\n .web(ApplicationWebArgs.builder()\n .homepageUrl(\"https://app.example.net\")\n .logoutUrl(\"https://app.example.net/logout\")\n .redirectUris(\"https://app.example.net/account\")\n .implicitGrant(ApplicationWebImplicitGrantArgs.builder()\n .accessTokenIssuanceEnabled(true)\n .idTokenIssuanceEnabled(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n\n*Create application from a gallery template*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n applicationId: exampleApplication.applicationId,\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Marketo\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id)\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n application_id=example_application.application_id,\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n useExisting: true\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplications can be imported using the object ID of the application, in the following format.\n\n```sh\n $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Create an application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as fs from \"fs\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n identifierUris: [\"api://example-app\"],\n logoImage: fs.readFileSync(\"/path/to/logo.png\", { encoding: \"base64\" }),\n owners: [current.then(current =\u003e current.objectId)],\n signInAudience: \"AzureADMultipleOrgs\",\n api: {\n mappedClaimsEnabled: true,\n requestedAccessTokenVersion: 2,\n knownClientApplications: [\n azuread_application.known1.application_id,\n azuread_application.known2.application_id,\n ],\n oauth2PermissionScopes: [\n {\n adminConsentDescription: \"Allow the application to access example on behalf of the signed-in user.\",\n adminConsentDisplayName: \"Access example\",\n enabled: true,\n id: \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n type: \"User\",\n userConsentDescription: \"Allow the application to access example on your behalf.\",\n userConsentDisplayName: \"Access example\",\n value: \"user_impersonation\",\n },\n {\n adminConsentDescription: \"Administer the example application\",\n adminConsentDisplayName: \"Administer\",\n enabled: true,\n id: \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n type: \"Admin\",\n value: \"administer\",\n },\n ],\n },\n appRoles: [\n {\n allowedMemberTypes: [\n \"User\",\n \"Application\",\n ],\n description: \"Admins can manage roles and perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n value: \"admin\",\n },\n {\n allowedMemberTypes: [\"User\"],\n description: \"ReadOnly roles have limited query access\",\n displayName: \"ReadOnly\",\n enabled: true,\n id: \"497406e4-012a-4267-bf18-45a1cb148a01\",\n value: \"User\",\n },\n ],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n optionalClaims: {\n accessTokens: [\n {\n name: \"myclaim\",\n },\n {\n name: \"otherclaim\",\n },\n ],\n idTokens: [{\n name: \"userclaim\",\n source: \"user\",\n essential: true,\n additionalProperties: [\"emit_as_roles\"],\n }],\n saml2Tokens: [{\n name: \"samlexample\",\n }],\n },\n requiredResourceAccesses: [\n {\n resourceAppId: \"00000003-0000-0000-c000-000000000000\",\n resourceAccesses: [\n {\n id: \"df021288-bdef-4463-88db-98f22de89214\",\n type: \"Role\",\n },\n {\n id: \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n type: \"Scope\",\n },\n ],\n },\n {\n resourceAppId: \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n resourceAccesses: [{\n id: \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n type: \"Role\",\n }],\n },\n ],\n web: {\n homepageUrl: \"https://app.example.net\",\n logoutUrl: \"https://app.example.net/logout\",\n redirectUris: [\"https://app.example.net/account\"],\n implicitGrant: {\n accessTokenIssuanceEnabled: true,\n idTokenIssuanceEnabled: true,\n },\n },\n});\n```\n```python\nimport pulumi\nimport base64\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n identifier_uris=[\"api://example-app\"],\n logo_image=(lambda path: base64.b64encode(open(path).read().encode()).decode())(\"/path/to/logo.png\"),\n owners=[current.object_id],\n sign_in_audience=\"AzureADMultipleOrgs\",\n api=azuread.ApplicationApiArgs(\n mapped_claims_enabled=True,\n requested_access_token_version=2,\n known_client_applications=[\n azuread_application[\"known1\"][\"application_id\"],\n azuread_application[\"known2\"][\"application_id\"],\n ],\n oauth2_permission_scopes=[\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Allow the application to access example on behalf of the signed-in user.\",\n admin_consent_display_name=\"Access example\",\n enabled=True,\n id=\"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n type=\"User\",\n user_consent_description=\"Allow the application to access example on your behalf.\",\n user_consent_display_name=\"Access example\",\n value=\"user_impersonation\",\n ),\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Administer the example application\",\n admin_consent_display_name=\"Administer\",\n enabled=True,\n id=\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n type=\"Admin\",\n value=\"administer\",\n ),\n ],\n ),\n app_roles=[\n azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\n \"User\",\n \"Application\",\n ],\n description=\"Admins can manage roles and perform all task actions\",\n display_name=\"Admin\",\n enabled=True,\n id=\"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n value=\"admin\",\n ),\n azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\"User\"],\n description=\"ReadOnly roles have limited query access\",\n display_name=\"ReadOnly\",\n enabled=True,\n id=\"497406e4-012a-4267-bf18-45a1cb148a01\",\n value=\"User\",\n ),\n ],\n feature_tags=[azuread.ApplicationFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )],\n optional_claims=azuread.ApplicationOptionalClaimsArgs(\n access_tokens=[\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"myclaim\",\n ),\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"otherclaim\",\n ),\n ],\n id_tokens=[azuread.ApplicationOptionalClaimsIdTokenArgs(\n name=\"userclaim\",\n source=\"user\",\n essential=True,\n additional_properties=[\"emit_as_roles\"],\n )],\n saml2_tokens=[azuread.ApplicationOptionalClaimsSaml2TokenArgs(\n name=\"samlexample\",\n )],\n ),\n required_resource_accesses=[\n azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=\"00000003-0000-0000-c000-000000000000\",\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=\"df021288-bdef-4463-88db-98f22de89214\",\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=\"b4e74841-8e56-480b-be8b-910348b18b4c\",\n type=\"Scope\",\n ),\n ],\n ),\n azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=\"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=\"594c1fb6-4f81-4475-ae41-0c394909246c\",\n type=\"Role\",\n )],\n ),\n ],\n web=azuread.ApplicationWebArgs(\n homepage_url=\"https://app.example.net\",\n logout_url=\"https://app.example.net/logout\",\n redirect_uris=[\"https://app.example.net/account\"],\n implicit_grant=azuread.ApplicationWebImplicitGrantArgs(\n access_token_issuance_enabled=True,\n id_token_issuance_enabled=True,\n ),\n ))\n```\n```csharp\nusing System;\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\n\t\nstring ReadFileBase64(string path) \n{\n return Convert.ToBase64String(Encoding.UTF8.GetBytes(File.ReadAllText(path)));\n}\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n IdentifierUris = new[]\n {\n \"api://example-app\",\n },\n LogoImage = ReadFileBase64(\"/path/to/logo.png\"),\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SignInAudience = \"AzureADMultipleOrgs\",\n Api = new AzureAD.Inputs.ApplicationApiArgs\n {\n MappedClaimsEnabled = true,\n RequestedAccessTokenVersion = 2,\n KnownClientApplications = new[]\n {\n azuread_application.Known1.Application_id,\n azuread_application.Known2.Application_id,\n },\n Oauth2PermissionScopes = new[]\n {\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Allow the application to access example on behalf of the signed-in user.\",\n AdminConsentDisplayName = \"Access example\",\n Enabled = true,\n Id = \"96183846-204b-4b43-82e1-5d2222eb4b9b\",\n Type = \"User\",\n UserConsentDescription = \"Allow the application to access example on your behalf.\",\n UserConsentDisplayName = \"Access example\",\n Value = \"user_impersonation\",\n },\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Administer the example application\",\n AdminConsentDisplayName = \"Administer\",\n Enabled = true,\n Id = \"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\",\n Type = \"Admin\",\n Value = \"administer\",\n },\n },\n },\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n \"Application\",\n },\n Description = \"Admins can manage roles and perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"1b19509b-32b1-4e9f-b71d-4992aa991967\",\n Value = \"admin\",\n },\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"User\",\n },\n Description = \"ReadOnly roles have limited query access\",\n DisplayName = \"ReadOnly\",\n Enabled = true,\n Id = \"497406e4-012a-4267-bf18-45a1cb148a01\",\n Value = \"User\",\n },\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n OptionalClaims = new AzureAD.Inputs.ApplicationOptionalClaimsArgs\n {\n AccessTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"myclaim\",\n },\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"otherclaim\",\n },\n },\n IdTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsIdTokenArgs\n {\n Name = \"userclaim\",\n Source = \"user\",\n Essential = true,\n AdditionalProperties = new[]\n {\n \"emit_as_roles\",\n },\n },\n },\n Saml2Tokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsSaml2TokenArgs\n {\n Name = \"samlexample\",\n },\n },\n },\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"00000003-0000-0000-c000-000000000000\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"df021288-bdef-4463-88db-98f22de89214\",\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"b4e74841-8e56-480b-be8b-910348b18b4c\",\n Type = \"Scope\",\n },\n },\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = \"c5393580-f805-4401-95e8-94b7a6ef2fc2\",\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = \"594c1fb6-4f81-4475-ae41-0c394909246c\",\n Type = \"Role\",\n },\n },\n },\n },\n Web = new AzureAD.Inputs.ApplicationWebArgs\n {\n HomepageUrl = \"https://app.example.net\",\n LogoutUrl = \"https://app.example.net/logout\",\n RedirectUris = new[]\n {\n \"https://app.example.net/account\",\n },\n ImplicitGrant = new AzureAD.Inputs.ApplicationWebImplicitGrantArgs\n {\n AccessTokenIssuanceEnabled = true,\n IdTokenIssuanceEnabled = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/base64\"\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc filebase64OrPanic(path string) string {\n\tif fileData, err := os.ReadFile(path); err == nil {\n\t\treturn base64.StdEncoding.EncodeToString(fileData[:])\n\t} else {\n\t\tpanic(err.Error())\n\t}\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tIdentifierUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://example-app\"),\n\t\t\t},\n\t\t\tLogoImage: filebase64OrPanic(\"/path/to/logo.png\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSignInAudience: pulumi.String(\"AzureADMultipleOrgs\"),\n\t\t\tApi: \u0026azuread.ApplicationApiArgs{\n\t\t\t\tMappedClaimsEnabled: pulumi.Bool(true),\n\t\t\t\tRequestedAccessTokenVersion: pulumi.Int(2),\n\t\t\t\tKnownClientApplications: pulumi.StringArray{\n\t\t\t\t\tazuread_application.Known1.Application_id,\n\t\t\t\t\tazuread_application.Known2.Application_id,\n\t\t\t\t},\n\t\t\t\tOauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Allow the application to access example on behalf of the signed-in user.\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"96183846-204b-4b43-82e1-5d2222eb4b9b\"),\n\t\t\t\t\t\tType: pulumi.String(\"User\"),\n\t\t\t\t\t\tUserConsentDescription: pulumi.String(\"Allow the application to access example on your behalf.\"),\n\t\t\t\t\t\tUserConsentDisplayName: pulumi.String(\"Access example\"),\n\t\t\t\t\t\tValue: pulumi.String(\"user_impersonation\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Administer the example application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\"),\n\t\t\t\t\t\tType: pulumi.String(\"Admin\"),\n\t\t\t\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAppRoles: azuread.ApplicationAppRoleTypeArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can manage roles and perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"1b19509b-32b1-4e9f-b71d-4992aa991967\"),\n\t\t\t\t\tValue: pulumi.String(\"admin\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationAppRoleTypeArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"ReadOnly roles have limited query access\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"ReadOnly\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"497406e4-012a-4267-bf18-45a1cb148a01\"),\n\t\t\t\t\tValue: pulumi.String(\"User\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOptionalClaims: \u0026azuread.ApplicationOptionalClaimsTypeArgs{\n\t\t\t\tAccessTokens: azuread.ApplicationOptionalClaimsAccessTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"myclaim\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"otherclaim\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tIdTokens: azuread.ApplicationOptionalClaimsIdTokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsIdTokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"userclaim\"),\n\t\t\t\t\t\tSource: pulumi.String(\"user\"),\n\t\t\t\t\t\tEssential: pulumi.Bool(true),\n\t\t\t\t\t\tAdditionalProperties: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"emit_as_roles\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSaml2Tokens: azuread.ApplicationOptionalClaimsSaml2TokenArray{\n\t\t\t\t\t\u0026azuread.ApplicationOptionalClaimsSaml2TokenArgs{\n\t\t\t\t\t\tName: pulumi.String(\"samlexample\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"00000003-0000-0000-c000-000000000000\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"df021288-bdef-4463-88db-98f22de89214\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"b4e74841-8e56-480b-be8b-910348b18b4c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: pulumi.String(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\"),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: pulumi.String(\"594c1fb6-4f81-4475-ae41-0c394909246c\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tWeb: \u0026azuread.ApplicationWebArgs{\n\t\t\t\tHomepageUrl: pulumi.String(\"https://app.example.net\"),\n\t\t\t\tLogoutUrl: pulumi.String(\"https://app.example.net/logout\"),\n\t\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"https://app.example.net/account\"),\n\t\t\t\t},\n\t\t\t\tImplicitGrant: \u0026azuread.ApplicationWebImplicitGrantArgs{\n\t\t\t\t\tAccessTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t\tIdTokenIssuanceEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationApiArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebArgs;\nimport com.pulumi.azuread.inputs.ApplicationWebImplicitGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Application(\"example\", ApplicationArgs.builder() \n .displayName(\"example\")\n .identifierUris(\"api://example-app\")\n .logoImage(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get(\"/path/to/logo.png\"))))\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .signInAudience(\"AzureADMultipleOrgs\")\n .api(ApplicationApiArgs.builder()\n .mappedClaimsEnabled(true)\n .requestedAccessTokenVersion(2)\n .knownClientApplications( \n azuread_application.known1().application_id(),\n azuread_application.known2().application_id())\n .oauth2PermissionScopes( \n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Allow the application to access example on behalf of the signed-in user.\")\n .adminConsentDisplayName(\"Access example\")\n .enabled(true)\n .id(\"96183846-204b-4b43-82e1-5d2222eb4b9b\")\n .type(\"User\")\n .userConsentDescription(\"Allow the application to access example on your behalf.\")\n .userConsentDisplayName(\"Access example\")\n .value(\"user_impersonation\")\n .build(),\n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Administer the example application\")\n .adminConsentDisplayName(\"Administer\")\n .enabled(true)\n .id(\"be98fa3e-ab5b-4b11-83d9-04ba2b7946bc\")\n .type(\"Admin\")\n .value(\"administer\")\n .build())\n .build())\n .appRoles( \n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"User\",\n \"Application\")\n .description(\"Admins can manage roles and perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"1b19509b-32b1-4e9f-b71d-4992aa991967\")\n .value(\"admin\")\n .build(),\n ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"User\")\n .description(\"ReadOnly roles have limited query access\")\n .displayName(\"ReadOnly\")\n .enabled(true)\n .id(\"497406e4-012a-4267-bf18-45a1cb148a01\")\n .value(\"User\")\n .build())\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .optionalClaims(ApplicationOptionalClaimsArgs.builder()\n .accessTokens( \n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"myclaim\")\n .build(),\n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"otherclaim\")\n .build())\n .idTokens(ApplicationOptionalClaimsIdTokenArgs.builder()\n .name(\"userclaim\")\n .source(\"user\")\n .essential(true)\n .additionalProperties(\"emit_as_roles\")\n .build())\n .saml2Tokens(ApplicationOptionalClaimsSaml2TokenArgs.builder()\n .name(\"samlexample\")\n .build())\n .build())\n .requiredResourceAccesses( \n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"00000003-0000-0000-c000-000000000000\")\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"df021288-bdef-4463-88db-98f22de89214\")\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"b4e74841-8e56-480b-be8b-910348b18b4c\")\n .type(\"Scope\")\n .build())\n .build(),\n ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(\"c5393580-f805-4401-95e8-94b7a6ef2fc2\")\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(\"594c1fb6-4f81-4475-ae41-0c394909246c\")\n .type(\"Role\")\n .build())\n .build())\n .web(ApplicationWebArgs.builder()\n .homepageUrl(\"https://app.example.net\")\n .logoutUrl(\"https://app.example.net/logout\")\n .redirectUris(\"https://app.example.net/account\")\n .implicitGrant(ApplicationWebImplicitGrantArgs.builder()\n .accessTokenIssuanceEnabled(true)\n .idTokenIssuanceEnabled(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n\n*Create application from a gallery template*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n applicationId: exampleApplication.applicationId,\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Marketo\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id)\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n application_id=example_application.application_id,\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n useExisting: true\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplications can be imported using the object ID of the application, in the following format.\n\n ```sh\n $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "api": { "$ref": "#/types/azuread:index/ApplicationApi:ApplicationApi", @@ -3890,7 +3890,7 @@ } }, "azuread:index/applicationApiAccess:ApplicationApiAccess": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = wellKnown.then(wellKnown =\u003e azuread.getServicePrincipal({\n clientId: wellKnown.result?.MicrosoftGraph,\n}));\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleMsgraph = new azuread.ApplicationApiAccess(\"exampleMsgraph\", {\n applicationId: example.id,\n apiClientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n roleIds: [\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"Group.Read.All\"]),\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"User.Read.All\"]),\n ],\n scopeIds: [msgraph.then(msgraph =\u003e msgraph.oauth2PermissionScopeIds?.[\"User.ReadWrite\"])],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.get_service_principal(client_id=well_known.result[\"MicrosoftGraph\"])\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_msgraph = azuread.ApplicationApiAccess(\"exampleMsgraph\",\n application_id=example.id,\n api_client_id=well_known.result[\"MicrosoftGraph\"],\n role_ids=[\n msgraph.app_role_ids[\"Group.Read.All\"],\n msgraph.app_role_ids[\"User.Read.All\"],\n ],\n scope_ids=[msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n });\n\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleMsgraph = new AzureAD.ApplicationApiAccess(\"exampleMsgraph\", new()\n {\n ApplicationId = example.Id,\n ApiClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n RoleIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.Group_Read_All),\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.User_Read_All),\n },\n ScopeIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Oauth2PermissionScopeIds?.User_ReadWrite),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tClientId: pulumi.StringRef(wellKnown.Result.MicrosoftGraph),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"exampleMsgraph\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tApiClientId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tRoleIds: pulumi.StringArray{\n\t\t\t\t*pulumi.String(msgraph.AppRoleIds.Group.Read.All),\n\t\t\t\t*pulumi.String(msgraph.AppRoleIds.User.Read.All),\n\t\t\t},\n\t\t\tScopeIds: pulumi.StringArray{\n\t\t\t\t*pulumi.String(msgraph.Oauth2PermissionScopeIds.User.ReadWrite),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n final var msgraph = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .build());\n\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleMsgraph = new ApplicationApiAccess(\"exampleMsgraph\", ApplicationApiAccessArgs.builder() \n .applicationId(example.id())\n .apiClientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .roleIds( \n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().Group.Read.All()),\n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().User.Read.All()))\n .scopeIds(msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.oauth2PermissionScopeIds().User.ReadWrite()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleMsgraph:\n type: azuread:ApplicationApiAccess\n properties:\n applicationId: ${example.id}\n apiClientId: ${wellKnown.result.MicrosoftGraph}\n roleIds:\n - ${msgraph.appRoleIds\"Group.Read.All\"[%!s(MISSING)]}\n - ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n scopeIds:\n - ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n msgraph:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n clientId: ${wellKnown.result.MicrosoftGraph}\n```\n\n\u003e **Tip** For managing permissions for an additional API, create another instance of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleApplicationApiAccess = new azuread.ApplicationApiAccess(\"exampleApplicationApiAccess\", {applicationId: exampleApplication.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_application_api_access = azuread.ApplicationApiAccess(\"exampleApplicationApiAccess\", application_id=example_application.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationApiAccess = new AzureAD.ApplicationApiAccess(\"exampleApplicationApiAccess\", new()\n {\n ApplicationId = exampleApplication.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"exampleApplicationApiAccess\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationApiAccess = new ApplicationApiAccess(\"exampleApplicationApiAccess\", ApplicationApiAccessArgs.builder() \n .applicationId(exampleApplication.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationApiAccess:\n type: azuread:ApplicationApiAccess\n properties:\n applicationId: ${exampleApplication.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication API Access can be imported using the object ID of the application and the client ID of the API, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = wellKnown.then(wellKnown =\u003e azuread.getServicePrincipal({\n clientId: wellKnown.result?.MicrosoftGraph,\n}));\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleMsgraph = new azuread.ApplicationApiAccess(\"exampleMsgraph\", {\n applicationId: example.id,\n apiClientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n roleIds: [\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"Group.Read.All\"]),\n msgraph.then(msgraph =\u003e msgraph.appRoleIds?.[\"User.Read.All\"]),\n ],\n scopeIds: [msgraph.then(msgraph =\u003e msgraph.oauth2PermissionScopeIds?.[\"User.ReadWrite\"])],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.get_service_principal(client_id=well_known.result[\"MicrosoftGraph\"])\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_msgraph = azuread.ApplicationApiAccess(\"exampleMsgraph\",\n application_id=example.id,\n api_client_id=well_known.result[\"MicrosoftGraph\"],\n role_ids=[\n msgraph.app_role_ids[\"Group.Read.All\"],\n msgraph.app_role_ids[\"User.Read.All\"],\n ],\n scope_ids=[msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n });\n\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleMsgraph = new AzureAD.ApplicationApiAccess(\"exampleMsgraph\", new()\n {\n ApplicationId = example.Id,\n ApiClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n RoleIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.Group_Read_All),\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.AppRoleIds?.User_Read_All),\n },\n ScopeIds = new[]\n {\n msgraph.Apply(getServicePrincipalResult =\u003e getServicePrincipalResult.Oauth2PermissionScopeIds?.User_ReadWrite),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.LookupServicePrincipal(ctx, \u0026azuread.LookupServicePrincipalArgs{\n\t\t\tClientId: pulumi.StringRef(wellKnown.Result.MicrosoftGraph),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"exampleMsgraph\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tApiClientId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tRoleIds: pulumi.StringArray{\n\t\t\t\t*pulumi.String(msgraph.AppRoleIds.Group.Read.All),\n\t\t\t\t*pulumi.String(msgraph.AppRoleIds.User.Read.All),\n\t\t\t},\n\t\t\tScopeIds: pulumi.StringArray{\n\t\t\t\t*pulumi.String(msgraph.Oauth2PermissionScopeIds.User.ReadWrite),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n final var msgraph = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .build());\n\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleMsgraph = new ApplicationApiAccess(\"exampleMsgraph\", ApplicationApiAccessArgs.builder() \n .applicationId(example.id())\n .apiClientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .roleIds( \n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().Group.Read.All()),\n msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.appRoleIds().User.Read.All()))\n .scopeIds(msgraph.applyValue(getServicePrincipalResult -\u003e getServicePrincipalResult.oauth2PermissionScopeIds().User.ReadWrite()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleMsgraph:\n type: azuread:ApplicationApiAccess\n properties:\n applicationId: ${example.id}\n apiClientId: ${wellKnown.result.MicrosoftGraph}\n roleIds:\n - ${msgraph.appRoleIds\"Group.Read.All\"[%!s(MISSING)]}\n - ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n scopeIds:\n - ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n msgraph:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n clientId: ${wellKnown.result.MicrosoftGraph}\n```\n\n\u003e **Tip** For managing permissions for an additional API, create another instance of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleApplicationApiAccess = new azuread.ApplicationApiAccess(\"exampleApplicationApiAccess\", {applicationId: exampleApplication.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_application_api_access = azuread.ApplicationApiAccess(\"exampleApplicationApiAccess\", application_id=example_application.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationApiAccess = new AzureAD.ApplicationApiAccess(\"exampleApplicationApiAccess\", new()\n {\n ApplicationId = exampleApplication.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationApiAccess(ctx, \"exampleApplicationApiAccess\", \u0026azuread.ApplicationApiAccessArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationApiAccess;\nimport com.pulumi.azuread.ApplicationApiAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationApiAccess = new ApplicationApiAccess(\"exampleApplicationApiAccess\", ApplicationApiAccessArgs.builder() \n .applicationId(exampleApplication.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationApiAccess:\n type: azuread:ApplicationApiAccess\n properties:\n applicationId: ${exampleApplication.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication API Access can be imported using the object ID of the application and the client ID of the API, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111\n```\n\n ", "properties": { "apiClientId": { "type": "string", @@ -3981,7 +3981,7 @@ } }, "azuread:index/applicationAppRole:ApplicationAppRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as random from \"@pulumi/random\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleAdministrator = new random.RandomUuid(\"exampleAdministrator\", {});\nconst exampleAdminister = new azuread.ApplicationAppRole(\"exampleAdminister\", {\n applicationId: example.id,\n roleId: exampleAdministrator.id,\n allowedMemberTypes: [\"User\"],\n description: \"My role description\",\n displayName: \"Administer\",\n value: \"admin\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_random as random\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_administrator = random.RandomUuid(\"exampleAdministrator\")\nexample_administer = azuread.ApplicationAppRole(\"exampleAdminister\",\n application_id=example.id,\n role_id=example_administrator.id,\n allowed_member_types=[\"User\"],\n description=\"My role description\",\n display_name=\"Administer\",\n value=\"admin\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleAdministrator = new Random.RandomUuid(\"exampleAdministrator\");\n\n var exampleAdminister = new AzureAD.ApplicationAppRole(\"exampleAdminister\", new()\n {\n ApplicationId = example.Id,\n RoleId = exampleAdministrator.Id,\n AllowedMemberTypes = new[]\n {\n \"User\",\n },\n Description = \"My role description\",\n DisplayName = \"Administer\",\n Value = \"admin\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrator, err := random.NewRandomUuid(ctx, \"exampleAdministrator\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationAppRole(ctx, \"exampleAdminister\", \u0026azuread.ApplicationAppRoleArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tRoleId: exampleAdministrator.ID(),\n\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"User\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"My role description\"),\n\t\t\tDisplayName: pulumi.String(\"Administer\"),\n\t\t\tValue: pulumi.String(\"admin\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.random.RandomUuid;\nimport com.pulumi.azuread.ApplicationAppRole;\nimport com.pulumi.azuread.ApplicationAppRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleAdministrator = new RandomUuid(\"exampleAdministrator\");\n\n var exampleAdminister = new ApplicationAppRole(\"exampleAdminister\", ApplicationAppRoleArgs.builder() \n .applicationId(example.id())\n .roleId(exampleAdministrator.id())\n .allowedMemberTypes(\"User\")\n .description(\"My role description\")\n .displayName(\"Administer\")\n .value(\"admin\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleAdministrator:\n type: random:RandomUuid\n exampleAdminister:\n type: azuread:ApplicationAppRole\n properties:\n applicationId: ${example.id}\n roleId: ${exampleAdministrator.id}\n allowedMemberTypes:\n - User\n description: My role description\n displayName: Administer\n value: admin\n```\n\n\u003e **Tip** For managing more app roles, create additional instances of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleAdminister = new azuread.ApplicationAppRole(\"exampleAdminister\", {applicationId: example.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_administer = azuread.ApplicationAppRole(\"exampleAdminister\", application_id=example.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleAdminister = new AzureAD.ApplicationAppRole(\"exampleAdminister\", new()\n {\n ApplicationId = example.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationAppRole(ctx, \"exampleAdminister\", \u0026azuread.ApplicationAppRoleArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationAppRole;\nimport com.pulumi.azuread.ApplicationAppRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleAdminister = new ApplicationAppRole(\"exampleAdminister\", ApplicationAppRoleArgs.builder() \n .applicationId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleAdminister:\n type: azuread:ApplicationAppRole\n properties:\n applicationId: ${example.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication App Roles can be imported using the object ID of the application and the ID of the app role, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as random from \"@pulumi/random\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst exampleAdministrator = new random.RandomUuid(\"exampleAdministrator\", {});\nconst exampleAdminister = new azuread.ApplicationAppRole(\"exampleAdminister\", {\n applicationId: example.id,\n roleId: exampleAdministrator.id,\n allowedMemberTypes: [\"User\"],\n description: \"My role description\",\n displayName: \"Administer\",\n value: \"admin\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_random as random\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_administrator = random.RandomUuid(\"exampleAdministrator\")\nexample_administer = azuread.ApplicationAppRole(\"exampleAdminister\",\n application_id=example.id,\n role_id=example_administrator.id,\n allowed_member_types=[\"User\"],\n description=\"My role description\",\n display_name=\"Administer\",\n value=\"admin\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleAdministrator = new Random.RandomUuid(\"exampleAdministrator\");\n\n var exampleAdminister = new AzureAD.ApplicationAppRole(\"exampleAdminister\", new()\n {\n ApplicationId = example.Id,\n RoleId = exampleAdministrator.Id,\n AllowedMemberTypes = new[]\n {\n \"User\",\n },\n Description = \"My role description\",\n DisplayName = \"Administer\",\n Value = \"admin\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdministrator, err := random.NewRandomUuid(ctx, \"exampleAdministrator\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationAppRole(ctx, \"exampleAdminister\", \u0026azuread.ApplicationAppRoleArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tRoleId: exampleAdministrator.ID(),\n\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"User\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"My role description\"),\n\t\t\tDisplayName: pulumi.String(\"Administer\"),\n\t\t\tValue: pulumi.String(\"admin\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.random.RandomUuid;\nimport com.pulumi.azuread.ApplicationAppRole;\nimport com.pulumi.azuread.ApplicationAppRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleAdministrator = new RandomUuid(\"exampleAdministrator\");\n\n var exampleAdminister = new ApplicationAppRole(\"exampleAdminister\", ApplicationAppRoleArgs.builder() \n .applicationId(example.id())\n .roleId(exampleAdministrator.id())\n .allowedMemberTypes(\"User\")\n .description(\"My role description\")\n .displayName(\"Administer\")\n .value(\"admin\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleAdministrator:\n type: random:RandomUuid\n exampleAdminister:\n type: azuread:ApplicationAppRole\n properties:\n applicationId: ${example.id}\n roleId: ${exampleAdministrator.id}\n allowedMemberTypes:\n - User\n description: My role description\n displayName: Administer\n value: admin\n```\n\n\u003e **Tip** For managing more app roles, create additional instances of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Application(\"example\", {displayName: \"example\"});\nconst exampleAdminister = new azuread.ApplicationAppRole(\"exampleAdminister\", {applicationId: example.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Application(\"example\", display_name=\"example\")\nexample_administer = azuread.ApplicationAppRole(\"exampleAdminister\", application_id=example.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleAdminister = new AzureAD.ApplicationAppRole(\"exampleAdminister\", new()\n {\n ApplicationId = example.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationAppRole(ctx, \"exampleAdminister\", \u0026azuread.ApplicationAppRoleArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationAppRole;\nimport com.pulumi.azuread.ApplicationAppRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleAdminister = new ApplicationAppRole(\"exampleAdminister\", ApplicationAppRoleArgs.builder() \n .applicationId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Application\n properties:\n displayName: example\n exampleAdminister:\n type: azuread:ApplicationAppRole\n properties:\n applicationId: ${example.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication App Roles can be imported using the object ID of the application and the ID of the app role, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111\n```\n\n ", "properties": { "allowedMemberTypes": { "type": "array", @@ -4093,7 +4093,7 @@ } }, "azuread:index/applicationCertificate:ApplicationCertificate": { - "description": "\n\n## Import\n\nCertificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g.\n\n```sh\n $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the application's object ID, the string \"certificate\" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`. ", + "description": "\n\n## Import\n\nCertificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g.\n\n ```sh\n $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the application's object ID, the string \"certificate\" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`.\n\n ", "properties": { "applicationId": { "type": "string", @@ -4249,7 +4249,7 @@ } }, "azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationFallbackPublicClient = new azuread.ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\", {\n applicationId: exampleApplicationRegistration.id,\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_fallback_public_client = azuread.ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\",\n application_id=example_application_registration.id,\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationFallbackPublicClient = new AzureAD.ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationFallbackPublicClient(ctx, \"exampleApplicationFallbackPublicClient\", \u0026azuread.ApplicationFallbackPublicClientArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationFallbackPublicClient;\nimport com.pulumi.azuread.ApplicationFallbackPublicClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationFallbackPublicClient = new ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\", ApplicationFallbackPublicClientArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationFallbackPublicClient:\n type: azuread:ApplicationFallbackPublicClient\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n enabled: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe Application Fallback Public Client setting can be imported using the object ID of the application, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationFallbackPublicClient = new azuread.ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\", {\n applicationId: exampleApplicationRegistration.id,\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_fallback_public_client = azuread.ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\",\n application_id=example_application_registration.id,\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationFallbackPublicClient = new AzureAD.ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationFallbackPublicClient(ctx, \"exampleApplicationFallbackPublicClient\", \u0026azuread.ApplicationFallbackPublicClientArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationFallbackPublicClient;\nimport com.pulumi.azuread.ApplicationFallbackPublicClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationFallbackPublicClient = new ApplicationFallbackPublicClient(\"exampleApplicationFallbackPublicClient\", ApplicationFallbackPublicClientArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationFallbackPublicClient:\n type: azuread:ApplicationFallbackPublicClient\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n enabled: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe Application Fallback Public Client setting can be imported using the object ID of the application, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient\n```\n\n ", "properties": { "applicationId": { "type": "string", @@ -4296,7 +4296,7 @@ } }, "azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationFederatedIdentityCredential = new azuread.ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\", {\n applicationId: exampleApplicationRegistration.id,\n displayName: \"my-repo-deploy\",\n description: \"Deployments for my-repo\",\n audiences: [\"api://AzureADTokenExchange\"],\n issuer: \"https://token.actions.githubusercontent.com\",\n subject: \"repo:my-organization/my-repo:environment:prod\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_federated_identity_credential = azuread.ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\",\n application_id=example_application_registration.id,\n display_name=\"my-repo-deploy\",\n description=\"Deployments for my-repo\",\n audiences=[\"api://AzureADTokenExchange\"],\n issuer=\"https://token.actions.githubusercontent.com\",\n subject=\"repo:my-organization/my-repo:environment:prod\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationFederatedIdentityCredential = new AzureAD.ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n DisplayName = \"my-repo-deploy\",\n Description = \"Deployments for my-repo\",\n Audiences = new[]\n {\n \"api://AzureADTokenExchange\",\n },\n Issuer = \"https://token.actions.githubusercontent.com\",\n Subject = \"repo:my-organization/my-repo:environment:prod\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationFederatedIdentityCredential(ctx, \"exampleApplicationFederatedIdentityCredential\", \u0026azuread.ApplicationFederatedIdentityCredentialArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tDisplayName: pulumi.String(\"my-repo-deploy\"),\n\t\t\tDescription: pulumi.String(\"Deployments for my-repo\"),\n\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://AzureADTokenExchange\"),\n\t\t\t},\n\t\t\tIssuer: pulumi.String(\"https://token.actions.githubusercontent.com\"),\n\t\t\tSubject: pulumi.String(\"repo:my-organization/my-repo:environment:prod\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationFederatedIdentityCredential;\nimport com.pulumi.azuread.ApplicationFederatedIdentityCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationFederatedIdentityCredential = new ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\", ApplicationFederatedIdentityCredentialArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .displayName(\"my-repo-deploy\")\n .description(\"Deployments for my-repo\")\n .audiences(\"api://AzureADTokenExchange\")\n .issuer(\"https://token.actions.githubusercontent.com\")\n .subject(\"repo:my-organization/my-repo:environment:prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationFederatedIdentityCredential:\n type: azuread:ApplicationFederatedIdentityCredential\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n displayName: my-repo-deploy\n description: Deployments for my-repo\n audiences:\n - api://AzureADTokenExchange\n issuer: https://token.actions.githubusercontent.com\n subject: repo:my-organization/my-repo:environment:prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nFederated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g.\n\n```sh\n $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the application's object ID, the string \"federatedIdentityCredential\" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`. ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationFederatedIdentityCredential = new azuread.ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\", {\n applicationId: exampleApplicationRegistration.id,\n displayName: \"my-repo-deploy\",\n description: \"Deployments for my-repo\",\n audiences: [\"api://AzureADTokenExchange\"],\n issuer: \"https://token.actions.githubusercontent.com\",\n subject: \"repo:my-organization/my-repo:environment:prod\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_federated_identity_credential = azuread.ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\",\n application_id=example_application_registration.id,\n display_name=\"my-repo-deploy\",\n description=\"Deployments for my-repo\",\n audiences=[\"api://AzureADTokenExchange\"],\n issuer=\"https://token.actions.githubusercontent.com\",\n subject=\"repo:my-organization/my-repo:environment:prod\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationFederatedIdentityCredential = new AzureAD.ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n DisplayName = \"my-repo-deploy\",\n Description = \"Deployments for my-repo\",\n Audiences = new[]\n {\n \"api://AzureADTokenExchange\",\n },\n Issuer = \"https://token.actions.githubusercontent.com\",\n Subject = \"repo:my-organization/my-repo:environment:prod\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationFederatedIdentityCredential(ctx, \"exampleApplicationFederatedIdentityCredential\", \u0026azuread.ApplicationFederatedIdentityCredentialArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tDisplayName: pulumi.String(\"my-repo-deploy\"),\n\t\t\tDescription: pulumi.String(\"Deployments for my-repo\"),\n\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://AzureADTokenExchange\"),\n\t\t\t},\n\t\t\tIssuer: pulumi.String(\"https://token.actions.githubusercontent.com\"),\n\t\t\tSubject: pulumi.String(\"repo:my-organization/my-repo:environment:prod\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationFederatedIdentityCredential;\nimport com.pulumi.azuread.ApplicationFederatedIdentityCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationFederatedIdentityCredential = new ApplicationFederatedIdentityCredential(\"exampleApplicationFederatedIdentityCredential\", ApplicationFederatedIdentityCredentialArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .displayName(\"my-repo-deploy\")\n .description(\"Deployments for my-repo\")\n .audiences(\"api://AzureADTokenExchange\")\n .issuer(\"https://token.actions.githubusercontent.com\")\n .subject(\"repo:my-organization/my-repo:environment:prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationFederatedIdentityCredential:\n type: azuread:ApplicationFederatedIdentityCredential\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n displayName: my-repo-deploy\n description: Deployments for my-repo\n audiences:\n - api://AzureADTokenExchange\n issuer: https://token.actions.githubusercontent.com\n subject: repo:my-organization/my-repo:environment:prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nFederated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g.\n\n ```sh\n $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the application's object ID, the string \"federatedIdentityCredential\" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`.\n\n ", "properties": { "applicationId": { "type": "string", @@ -4434,7 +4434,7 @@ } }, "azuread:index/applicationFromTemplate:ApplicationFromTemplate": { - "description": "Creates an application registration and associated service principal from a gallery template.\n\n\u003e The azuread.Application resource can also be used to instantiate a gallery application, however unlike the `azuread.Application` resource, this resource does not attempt to manage any properties of the resulting application.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"exampleApplicationFromTemplate\", {\n displayName: \"Example Application\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n});\nconst exampleApplication = azuread.getApplicationOutput({\n objectId: exampleApplicationFromTemplate.applicationObjectId,\n});\nconst exampleServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Marketo\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"exampleApplicationFromTemplate\",\n display_name=\"Example Application\",\n template_id=example_application_template.template_id)\nexample_application = azuread.get_application_output(object_id=example_application_from_template.application_object_id)\nexample_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"exampleApplicationFromTemplate\", new()\n {\n DisplayName = \"Example Application\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleApplication = AzureAD.GetApplication.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ApplicationObjectId,\n });\n\n var exampleServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"exampleApplicationFromTemplate\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"Example Application\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = azuread.LookupApplicationOutput(ctx, azuread.GetApplicationOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ApplicationObjectId,\n\t\t}, nil)\n\t\t_ = azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetApplicationArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder() \n .displayName(\"Example Application\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleApplication = AzureadFunctions.getApplication(GetApplicationArgs.builder()\n .objectId(exampleApplicationFromTemplate.applicationObjectId())\n .build());\n\n final var exampleServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n properties:\n displayName: Example Application\n templateId: ${exampleApplicationTemplate.templateId}\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n exampleApplication:\n fn::invoke:\n Function: azuread:getApplication\n Arguments:\n objectId: ${exampleApplicationFromTemplate.applicationObjectId}\n exampleServicePrincipal:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTemplated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222\n```\n\n ", + "description": "Creates an application registration and associated service principal from a gallery template.\n\n\u003e The azuread.Application resource can also be used to instantiate a gallery application, however unlike the `azuread.Application` resource, this resource does not attempt to manage any properties of the resulting application.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplicationFromTemplate = new azuread.ApplicationFromTemplate(\"exampleApplicationFromTemplate\", {\n displayName: \"Example Application\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n});\nconst exampleApplication = azuread.getApplicationOutput({\n objectId: exampleApplicationFromTemplate.applicationObjectId,\n});\nconst exampleServicePrincipal = azuread.getServicePrincipalOutput({\n objectId: exampleApplicationFromTemplate.servicePrincipalObjectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Marketo\")\nexample_application_from_template = azuread.ApplicationFromTemplate(\"exampleApplicationFromTemplate\",\n display_name=\"Example Application\",\n template_id=example_application_template.template_id)\nexample_application = azuread.get_application_output(object_id=example_application_from_template.application_object_id)\nexample_service_principal = azuread.get_service_principal_output(object_id=example_application_from_template.service_principal_object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplicationFromTemplate = new AzureAD.ApplicationFromTemplate(\"exampleApplicationFromTemplate\", new()\n {\n DisplayName = \"Example Application\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleApplication = AzureAD.GetApplication.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ApplicationObjectId,\n });\n\n var exampleServicePrincipal = AzureAD.GetServicePrincipal.Invoke(new()\n {\n ObjectId = exampleApplicationFromTemplate.ServicePrincipalObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplicationFromTemplate, err := azuread.NewApplicationFromTemplate(ctx, \"exampleApplicationFromTemplate\", \u0026azuread.ApplicationFromTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"Example Application\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = azuread.LookupApplicationOutput(ctx, azuread.GetApplicationOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ApplicationObjectId,\n\t\t}, nil)\n\t\t_ = azuread.LookupServicePrincipalOutput(ctx, azuread.GetServicePrincipalOutputArgs{\n\t\t\tObjectId: exampleApplicationFromTemplate.ServicePrincipalObjectId,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.ApplicationFromTemplate;\nimport com.pulumi.azuread.ApplicationFromTemplateArgs;\nimport com.pulumi.azuread.inputs.GetApplicationArgs;\nimport com.pulumi.azuread.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplicationFromTemplate = new ApplicationFromTemplate(\"exampleApplicationFromTemplate\", ApplicationFromTemplateArgs.builder() \n .displayName(\"Example Application\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n final var exampleApplication = AzureadFunctions.getApplication(GetApplicationArgs.builder()\n .objectId(exampleApplicationFromTemplate.applicationObjectId())\n .build());\n\n final var exampleServicePrincipal = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .objectId(exampleApplicationFromTemplate.servicePrincipalObjectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationFromTemplate:\n type: azuread:ApplicationFromTemplate\n properties:\n displayName: Example Application\n templateId: ${exampleApplicationTemplate.templateId}\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n exampleApplication:\n fn::invoke:\n Function: azuread:getApplication\n Arguments:\n objectId: ${exampleApplicationFromTemplate.applicationObjectId}\n exampleServicePrincipal:\n fn::invoke:\n Function: azuread:getServicePrincipal\n Arguments:\n objectId: ${exampleApplicationFromTemplate.servicePrincipalObjectId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTemplated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222\n```\n\n ", "properties": { "applicationId": { "type": "string", @@ -4517,7 +4517,7 @@ } }, "azuread:index/applicationIdentifierUri:ApplicationIdentifierUri": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationIdentifierUri = new azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", {\n applicationId: exampleApplicationRegistration.id,\n identifierUri: \"https://app.hashitown.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_identifier_uri = azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\",\n application_id=example_application_registration.id,\n identifier_uri=\"https://app.hashitown.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationIdentifierUri = new AzureAD.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n IdentifierUri = \"https://app.hashitown.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationIdentifierUri(ctx, \"exampleApplicationIdentifierUri\", \u0026azuread.ApplicationIdentifierUriArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tIdentifierUri: pulumi.String(\"https://app.hashitown.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationIdentifierUri;\nimport com.pulumi.azuread.ApplicationIdentifierUriArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationIdentifierUri = new ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", ApplicationIdentifierUriArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .identifierUri(\"https://app.hashitown.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationIdentifierUri:\n type: azuread:ApplicationIdentifierUri\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n identifierUri: https://app.hashitown.com\n```\n\n\u003e **Tip** For managing multiple identifier URIs for the same application, create another instance of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleApplicationIdentifierUri = new azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", {applicationId: exampleApplication.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_application_identifier_uri = azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", application_id=example_application.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationIdentifierUri = new AzureAD.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", new()\n {\n ApplicationId = exampleApplication.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationIdentifierUri(ctx, \"exampleApplicationIdentifierUri\", \u0026azuread.ApplicationIdentifierUriArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationIdentifierUri;\nimport com.pulumi.azuread.ApplicationIdentifierUriArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationIdentifierUri = new ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", ApplicationIdentifierUriArgs.builder() \n .applicationId(exampleApplication.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationIdentifierUri:\n type: azuread:ApplicationIdentifierUri\n properties:\n applicationId: ${exampleApplication.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8=\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationIdentifierUri = new azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", {\n applicationId: exampleApplicationRegistration.id,\n identifierUri: \"https://app.hashitown.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_identifier_uri = azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\",\n application_id=example_application_registration.id,\n identifier_uri=\"https://app.hashitown.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationIdentifierUri = new AzureAD.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n IdentifierUri = \"https://app.hashitown.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationIdentifierUri(ctx, \"exampleApplicationIdentifierUri\", \u0026azuread.ApplicationIdentifierUriArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tIdentifierUri: pulumi.String(\"https://app.hashitown.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationIdentifierUri;\nimport com.pulumi.azuread.ApplicationIdentifierUriArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationIdentifierUri = new ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", ApplicationIdentifierUriArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .identifierUri(\"https://app.hashitown.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationIdentifierUri:\n type: azuread:ApplicationIdentifierUri\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n identifierUri: https://app.hashitown.com\n```\n\n\u003e **Tip** For managing multiple identifier URIs for the same application, create another instance of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleApplicationIdentifierUri = new azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", {applicationId: exampleApplication.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_application_identifier_uri = azuread.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", application_id=example_application.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationIdentifierUri = new AzureAD.ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", new()\n {\n ApplicationId = exampleApplication.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationIdentifierUri(ctx, \"exampleApplicationIdentifierUri\", \u0026azuread.ApplicationIdentifierUriArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationIdentifierUri;\nimport com.pulumi.azuread.ApplicationIdentifierUriArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationIdentifierUri = new ApplicationIdentifierUri(\"exampleApplicationIdentifierUri\", ApplicationIdentifierUriArgs.builder() \n .applicationId(exampleApplication.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationIdentifierUri:\n type: azuread:ApplicationIdentifierUri\n properties:\n applicationId: ${exampleApplication.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8=\n```\n\n ", "properties": { "applicationId": { "type": "string", @@ -4566,7 +4566,7 @@ } }, "azuread:index/applicationKnownClients:ApplicationKnownClients": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst client = new azuread.ApplicationRegistration(\"client\", {displayName: \"example client\"});\nconst exampleApplicationKnownClients = new azuread.ApplicationKnownClients(\"exampleApplicationKnownClients\", {\n applicationId: exampleApplicationRegistration.id,\n knownClientIds: [client.clientId],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nclient = azuread.ApplicationRegistration(\"client\", display_name=\"example client\")\nexample_application_known_clients = azuread.ApplicationKnownClients(\"exampleApplicationKnownClients\",\n application_id=example_application_registration.id,\n known_client_ids=[client.client_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var client = new AzureAD.ApplicationRegistration(\"client\", new()\n {\n DisplayName = \"example client\",\n });\n\n var exampleApplicationKnownClients = new AzureAD.ApplicationKnownClients(\"exampleApplicationKnownClients\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n KnownClientIds = new[]\n {\n client.ClientId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := azuread.NewApplicationRegistration(ctx, \"client\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example client\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationKnownClients(ctx, \"exampleApplicationKnownClients\", \u0026azuread.ApplicationKnownClientsArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tKnownClientIds: pulumi.StringArray{\n\t\t\t\tclient.ClientId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationKnownClients;\nimport com.pulumi.azuread.ApplicationKnownClientsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var client = new ApplicationRegistration(\"client\", ApplicationRegistrationArgs.builder() \n .displayName(\"example client\")\n .build());\n\n var exampleApplicationKnownClients = new ApplicationKnownClients(\"exampleApplicationKnownClients\", ApplicationKnownClientsArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .knownClientIds(client.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n client:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example client\n exampleApplicationKnownClients:\n type: azuread:ApplicationKnownClients\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n knownClientIds:\n - ${client.clientId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Known Clients can be imported using the object ID of the application in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst client = new azuread.ApplicationRegistration(\"client\", {displayName: \"example client\"});\nconst exampleApplicationKnownClients = new azuread.ApplicationKnownClients(\"exampleApplicationKnownClients\", {\n applicationId: exampleApplicationRegistration.id,\n knownClientIds: [client.clientId],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nclient = azuread.ApplicationRegistration(\"client\", display_name=\"example client\")\nexample_application_known_clients = azuread.ApplicationKnownClients(\"exampleApplicationKnownClients\",\n application_id=example_application_registration.id,\n known_client_ids=[client.client_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var client = new AzureAD.ApplicationRegistration(\"client\", new()\n {\n DisplayName = \"example client\",\n });\n\n var exampleApplicationKnownClients = new AzureAD.ApplicationKnownClients(\"exampleApplicationKnownClients\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n KnownClientIds = new[]\n {\n client.ClientId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := azuread.NewApplicationRegistration(ctx, \"client\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example client\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationKnownClients(ctx, \"exampleApplicationKnownClients\", \u0026azuread.ApplicationKnownClientsArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tKnownClientIds: pulumi.StringArray{\n\t\t\t\tclient.ClientId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationKnownClients;\nimport com.pulumi.azuread.ApplicationKnownClientsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var client = new ApplicationRegistration(\"client\", ApplicationRegistrationArgs.builder() \n .displayName(\"example client\")\n .build());\n\n var exampleApplicationKnownClients = new ApplicationKnownClients(\"exampleApplicationKnownClients\", ApplicationKnownClientsArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .knownClientIds(client.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n client:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example client\n exampleApplicationKnownClients:\n type: azuread:ApplicationKnownClients\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n knownClientIds:\n - ${client.clientId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Known Clients can be imported using the object ID of the application in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients\n```\n\n ", "properties": { "applicationId": { "type": "string", @@ -4622,7 +4622,7 @@ } }, "azuread:index/applicationOptionalClaims:ApplicationOptionalClaims": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationOptionalClaims = new azuread.ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\", {\n applicationId: exampleApplicationRegistration.id,\n accessTokens: [\n {\n name: \"myclaim\",\n },\n {\n name: \"otherclaim\",\n },\n ],\n idTokens: [{\n name: \"userclaim\",\n source: \"user\",\n essential: true,\n additionalProperties: [\"emit_as_roles\"],\n }],\n saml2Tokens: [{\n name: \"samlexample\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_optional_claims = azuread.ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\",\n application_id=example_application_registration.id,\n access_tokens=[\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"myclaim\",\n ),\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"otherclaim\",\n ),\n ],\n id_tokens=[azuread.ApplicationOptionalClaimsIdTokenArgs(\n name=\"userclaim\",\n source=\"user\",\n essential=True,\n additional_properties=[\"emit_as_roles\"],\n )],\n saml2_tokens=[azuread.ApplicationOptionalClaimsSaml2TokenArgs(\n name=\"samlexample\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationOptionalClaims = new AzureAD.ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n AccessTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"myclaim\",\n },\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"otherclaim\",\n },\n },\n IdTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsIdTokenArgs\n {\n Name = \"userclaim\",\n Source = \"user\",\n Essential = true,\n AdditionalProperties = new[]\n {\n \"emit_as_roles\",\n },\n },\n },\n Saml2Tokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsSaml2TokenArgs\n {\n Name = \"samlexample\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationOptionalClaims(ctx, \"exampleApplicationOptionalClaims\", \u0026azuread.ApplicationOptionalClaimsArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tAccessTokens: azuread.ApplicationOptionalClaimsAccessTokenArray{\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\tName: pulumi.String(\"myclaim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\tName: pulumi.String(\"otherclaim\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIdTokens: azuread.ApplicationOptionalClaimsIdTokenArray{\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsIdTokenArgs{\n\t\t\t\t\tName: pulumi.String(\"userclaim\"),\n\t\t\t\t\tSource: pulumi.String(\"user\"),\n\t\t\t\t\tEssential: pulumi.Bool(true),\n\t\t\t\t\tAdditionalProperties: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"emit_as_roles\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSaml2Tokens: azuread.ApplicationOptionalClaimsSaml2TokenArray{\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsSaml2TokenArgs{\n\t\t\t\t\tName: pulumi.String(\"samlexample\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationOptionalClaims;\nimport com.pulumi.azuread.ApplicationOptionalClaimsArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsAccessTokenArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsIdTokenArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsSaml2TokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationOptionalClaims = new ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\", ApplicationOptionalClaimsArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .accessTokens( \n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"myclaim\")\n .build(),\n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"otherclaim\")\n .build())\n .idTokens(ApplicationOptionalClaimsIdTokenArgs.builder()\n .name(\"userclaim\")\n .source(\"user\")\n .essential(true)\n .additionalProperties(\"emit_as_roles\")\n .build())\n .saml2Tokens(ApplicationOptionalClaimsSaml2TokenArgs.builder()\n .name(\"samlexample\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationOptionalClaims:\n type: azuread:ApplicationOptionalClaims\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n accessTokens:\n - name: myclaim\n - name: otherclaim\n idTokens:\n - name: userclaim\n source: user\n essential: true\n additionalProperties:\n - emit_as_roles\n saml2Tokens:\n - name: samlexample\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Optional Claims can be imported using the object ID of the application, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationOptionalClaims = new azuread.ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\", {\n applicationId: exampleApplicationRegistration.id,\n accessTokens: [\n {\n name: \"myclaim\",\n },\n {\n name: \"otherclaim\",\n },\n ],\n idTokens: [{\n name: \"userclaim\",\n source: \"user\",\n essential: true,\n additionalProperties: [\"emit_as_roles\"],\n }],\n saml2Tokens: [{\n name: \"samlexample\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_optional_claims = azuread.ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\",\n application_id=example_application_registration.id,\n access_tokens=[\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"myclaim\",\n ),\n azuread.ApplicationOptionalClaimsAccessTokenArgs(\n name=\"otherclaim\",\n ),\n ],\n id_tokens=[azuread.ApplicationOptionalClaimsIdTokenArgs(\n name=\"userclaim\",\n source=\"user\",\n essential=True,\n additional_properties=[\"emit_as_roles\"],\n )],\n saml2_tokens=[azuread.ApplicationOptionalClaimsSaml2TokenArgs(\n name=\"samlexample\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationOptionalClaims = new AzureAD.ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n AccessTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"myclaim\",\n },\n new AzureAD.Inputs.ApplicationOptionalClaimsAccessTokenArgs\n {\n Name = \"otherclaim\",\n },\n },\n IdTokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsIdTokenArgs\n {\n Name = \"userclaim\",\n Source = \"user\",\n Essential = true,\n AdditionalProperties = new[]\n {\n \"emit_as_roles\",\n },\n },\n },\n Saml2Tokens = new[]\n {\n new AzureAD.Inputs.ApplicationOptionalClaimsSaml2TokenArgs\n {\n Name = \"samlexample\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationOptionalClaims(ctx, \"exampleApplicationOptionalClaims\", \u0026azuread.ApplicationOptionalClaimsArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tAccessTokens: azuread.ApplicationOptionalClaimsAccessTokenArray{\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\tName: pulumi.String(\"myclaim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsAccessTokenArgs{\n\t\t\t\t\tName: pulumi.String(\"otherclaim\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIdTokens: azuread.ApplicationOptionalClaimsIdTokenArray{\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsIdTokenArgs{\n\t\t\t\t\tName: pulumi.String(\"userclaim\"),\n\t\t\t\t\tSource: pulumi.String(\"user\"),\n\t\t\t\t\tEssential: pulumi.Bool(true),\n\t\t\t\t\tAdditionalProperties: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"emit_as_roles\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSaml2Tokens: azuread.ApplicationOptionalClaimsSaml2TokenArray{\n\t\t\t\t\u0026azuread.ApplicationOptionalClaimsSaml2TokenArgs{\n\t\t\t\t\tName: pulumi.String(\"samlexample\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationOptionalClaims;\nimport com.pulumi.azuread.ApplicationOptionalClaimsArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsAccessTokenArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsIdTokenArgs;\nimport com.pulumi.azuread.inputs.ApplicationOptionalClaimsSaml2TokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationOptionalClaims = new ApplicationOptionalClaims(\"exampleApplicationOptionalClaims\", ApplicationOptionalClaimsArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .accessTokens( \n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"myclaim\")\n .build(),\n ApplicationOptionalClaimsAccessTokenArgs.builder()\n .name(\"otherclaim\")\n .build())\n .idTokens(ApplicationOptionalClaimsIdTokenArgs.builder()\n .name(\"userclaim\")\n .source(\"user\")\n .essential(true)\n .additionalProperties(\"emit_as_roles\")\n .build())\n .saml2Tokens(ApplicationOptionalClaimsSaml2TokenArgs.builder()\n .name(\"samlexample\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationOptionalClaims:\n type: azuread:ApplicationOptionalClaims\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n accessTokens:\n - name: myclaim\n - name: otherclaim\n idTokens:\n - name: userclaim\n source: user\n essential: true\n additionalProperties:\n - emit_as_roles\n saml2Tokens:\n - name: samlexample\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Optional Claims can be imported using the object ID of the application, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "accessTokens": { "type": "array", @@ -4718,7 +4718,7 @@ } }, "azuread:index/applicationOwner:ApplicationOwner": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst jane = new azuread.User(\"jane\", {\n userPrincipalName: \"jane.fischer@hashitown.com\",\n displayName: \"Jane Fischer\",\n password: \"Ch@ngeMe\",\n});\nconst exampleJane = new azuread.ApplicationOwner(\"exampleJane\", {\n applicationId: example.id,\n ownerObjectId: jane.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\njane = azuread.User(\"jane\",\n user_principal_name=\"jane.fischer@hashitown.com\",\n display_name=\"Jane Fischer\",\n password=\"Ch@ngeMe\")\nexample_jane = azuread.ApplicationOwner(\"exampleJane\",\n application_id=example.id,\n owner_object_id=jane.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var jane = new AzureAD.User(\"jane\", new()\n {\n UserPrincipalName = \"jane.fischer@hashitown.com\",\n DisplayName = \"Jane Fischer\",\n Password = \"Ch@ngeMe\",\n });\n\n var exampleJane = new AzureAD.ApplicationOwner(\"exampleJane\", new()\n {\n ApplicationId = example.Id,\n OwnerObjectId = jane.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjane, err := azuread.NewUser(ctx, \"jane\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"jane.fischer@hashitown.com\"),\n\t\t\tDisplayName: pulumi.String(\"Jane Fischer\"),\n\t\t\tPassword: pulumi.String(\"Ch@ngeMe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationOwner(ctx, \"exampleJane\", \u0026azuread.ApplicationOwnerArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tOwnerObjectId: jane.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ApplicationOwner;\nimport com.pulumi.azuread.ApplicationOwnerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var jane = new User(\"jane\", UserArgs.builder() \n .userPrincipalName(\"jane.fischer@hashitown.com\")\n .displayName(\"Jane Fischer\")\n .password(\"Ch@ngeMe\")\n .build());\n\n var exampleJane = new ApplicationOwner(\"exampleJane\", ApplicationOwnerArgs.builder() \n .applicationId(example.id())\n .ownerObjectId(jane.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n jane:\n type: azuread:User\n properties:\n userPrincipalName: jane.fischer@hashitown.com\n displayName: Jane Fischer\n password: Ch@ngeMe\n exampleJane:\n type: azuread:ApplicationOwner\n properties:\n applicationId: ${example.id}\n ownerObjectId: ${jane.objectId}\n```\n\n\u003e **Tip** For managing more application owners, create additional instances of this resource\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Owners can be imported using the object ID of the application and the object ID of the owner, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst jane = new azuread.User(\"jane\", {\n userPrincipalName: \"jane.fischer@hashitown.com\",\n displayName: \"Jane Fischer\",\n password: \"Ch@ngeMe\",\n});\nconst exampleJane = new azuread.ApplicationOwner(\"exampleJane\", {\n applicationId: example.id,\n ownerObjectId: jane.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\njane = azuread.User(\"jane\",\n user_principal_name=\"jane.fischer@hashitown.com\",\n display_name=\"Jane Fischer\",\n password=\"Ch@ngeMe\")\nexample_jane = azuread.ApplicationOwner(\"exampleJane\",\n application_id=example.id,\n owner_object_id=jane.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var jane = new AzureAD.User(\"jane\", new()\n {\n UserPrincipalName = \"jane.fischer@hashitown.com\",\n DisplayName = \"Jane Fischer\",\n Password = \"Ch@ngeMe\",\n });\n\n var exampleJane = new AzureAD.ApplicationOwner(\"exampleJane\", new()\n {\n ApplicationId = example.Id,\n OwnerObjectId = jane.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjane, err := azuread.NewUser(ctx, \"jane\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"jane.fischer@hashitown.com\"),\n\t\t\tDisplayName: pulumi.String(\"Jane Fischer\"),\n\t\t\tPassword: pulumi.String(\"Ch@ngeMe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationOwner(ctx, \"exampleJane\", \u0026azuread.ApplicationOwnerArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tOwnerObjectId: jane.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ApplicationOwner;\nimport com.pulumi.azuread.ApplicationOwnerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var jane = new User(\"jane\", UserArgs.builder() \n .userPrincipalName(\"jane.fischer@hashitown.com\")\n .displayName(\"Jane Fischer\")\n .password(\"Ch@ngeMe\")\n .build());\n\n var exampleJane = new ApplicationOwner(\"exampleJane\", ApplicationOwnerArgs.builder() \n .applicationId(example.id())\n .ownerObjectId(jane.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n jane:\n type: azuread:User\n properties:\n userPrincipalName: jane.fischer@hashitown.com\n displayName: Jane Fischer\n password: Ch@ngeMe\n exampleJane:\n type: azuread:ApplicationOwner\n properties:\n applicationId: ${example.id}\n ownerObjectId: ${jane.objectId}\n```\n\n\u003e **Tip** For managing more application owners, create additional instances of this resource\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Owners can be imported using the object ID of the application and the object ID of the owner, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111\n```\n\n ", "properties": { "applicationId": { "type": "string", @@ -4767,7 +4767,7 @@ } }, "azuread:index/applicationPassword:ApplicationPassword": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationPassword = new azuread.ApplicationPassword(\"exampleApplicationPassword\", {applicationId: exampleApplicationRegistration.id});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_password = azuread.ApplicationPassword(\"exampleApplicationPassword\", application_id=example_application_registration.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationPassword = new AzureAD.ApplicationPassword(\"exampleApplicationPassword\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPassword(ctx, \"exampleApplicationPassword\", \u0026azuread.ApplicationPasswordArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationPassword;\nimport com.pulumi.azuread.ApplicationPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationPassword = new ApplicationPassword(\"exampleApplicationPassword\", ApplicationPasswordArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationPassword:\n type: azuread:ApplicationPassword\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n```\n\n*Time-based rotation*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as time from \"@pulumiverse/time\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleRotating = new time.Rotating(\"exampleRotating\", {rotationDays: 7});\nconst exampleApplicationPassword = new azuread.ApplicationPassword(\"exampleApplicationPassword\", {\n applicationId: exampleApplicationRegistration.id,\n rotateWhenChanged: {\n rotation: exampleRotating.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumiverse_time as time\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_rotating = time.Rotating(\"exampleRotating\", rotation_days=7)\nexample_application_password = azuread.ApplicationPassword(\"exampleApplicationPassword\",\n application_id=example_application_registration.id,\n rotate_when_changed={\n \"rotation\": example_rotating.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Time = Pulumiverse.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleRotating = new Time.Rotating(\"exampleRotating\", new()\n {\n RotationDays = 7,\n });\n\n var exampleApplicationPassword = new AzureAD.ApplicationPassword(\"exampleApplicationPassword\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n RotateWhenChanged = \n {\n { \"rotation\", exampleRotating.Id },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRotating, err := time.NewRotating(ctx, \"exampleRotating\", \u0026time.RotatingArgs{\n\t\t\tRotationDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPassword(ctx, \"exampleApplicationPassword\", \u0026azuread.ApplicationPasswordArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tRotateWhenChanged: pulumi.StringMap{\n\t\t\t\t\"rotation\": exampleRotating.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.time.Rotating;\nimport com.pulumi.time.RotatingArgs;\nimport com.pulumi.azuread.ApplicationPassword;\nimport com.pulumi.azuread.ApplicationPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleRotating = new Rotating(\"exampleRotating\", RotatingArgs.builder() \n .rotationDays(7)\n .build());\n\n var exampleApplicationPassword = new ApplicationPassword(\"exampleApplicationPassword\", ApplicationPasswordArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .rotateWhenChanged(Map.of(\"rotation\", exampleRotating.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleRotating:\n type: time:Rotating\n properties:\n rotationDays: 7\n exampleApplicationPassword:\n type: azuread:ApplicationPassword\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n rotateWhenChanged:\n rotation: ${exampleRotating.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleApplicationPassword = new azuread.ApplicationPassword(\"exampleApplicationPassword\", {applicationId: exampleApplicationRegistration.id});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_application_password = azuread.ApplicationPassword(\"exampleApplicationPassword\", application_id=example_application_registration.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationPassword = new AzureAD.ApplicationPassword(\"exampleApplicationPassword\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPassword(ctx, \"exampleApplicationPassword\", \u0026azuread.ApplicationPasswordArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationPassword;\nimport com.pulumi.azuread.ApplicationPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationPassword = new ApplicationPassword(\"exampleApplicationPassword\", ApplicationPasswordArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleApplicationPassword:\n type: azuread:ApplicationPassword\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n```\n\n*Time-based rotation*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as time from \"@pulumiverse/time\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleRotating = new time.Rotating(\"exampleRotating\", {rotationDays: 7});\nconst exampleApplicationPassword = new azuread.ApplicationPassword(\"exampleApplicationPassword\", {\n applicationId: exampleApplicationRegistration.id,\n rotateWhenChanged: {\n rotation: exampleRotating.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumiverse_time as time\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_rotating = time.Rotating(\"exampleRotating\", rotation_days=7)\nexample_application_password = azuread.ApplicationPassword(\"exampleApplicationPassword\",\n application_id=example_application_registration.id,\n rotate_when_changed={\n \"rotation\": example_rotating.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Time = Pulumiverse.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleRotating = new Time.Rotating(\"exampleRotating\", new()\n {\n RotationDays = 7,\n });\n\n var exampleApplicationPassword = new AzureAD.ApplicationPassword(\"exampleApplicationPassword\", new()\n {\n ApplicationId = exampleApplicationRegistration.Id,\n RotateWhenChanged = \n {\n { \"rotation\", exampleRotating.Id },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationRegistration, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRotating, err := time.NewRotating(ctx, \"exampleRotating\", \u0026time.RotatingArgs{\n\t\t\tRotationDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPassword(ctx, \"exampleApplicationPassword\", \u0026azuread.ApplicationPasswordArgs{\n\t\t\tApplicationId: exampleApplicationRegistration.ID(),\n\t\t\tRotateWhenChanged: pulumi.StringMap{\n\t\t\t\t\"rotation\": exampleRotating.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.time.Rotating;\nimport com.pulumi.time.RotatingArgs;\nimport com.pulumi.azuread.ApplicationPassword;\nimport com.pulumi.azuread.ApplicationPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleRotating = new Rotating(\"exampleRotating\", RotatingArgs.builder() \n .rotationDays(7)\n .build());\n\n var exampleApplicationPassword = new ApplicationPassword(\"exampleApplicationPassword\", ApplicationPasswordArgs.builder() \n .applicationId(exampleApplicationRegistration.id())\n .rotateWhenChanged(Map.of(\"rotation\", exampleRotating.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleRotating:\n type: time:Rotating\n properties:\n rotationDays: 7\n exampleApplicationPassword:\n type: azuread:ApplicationPassword\n properties:\n applicationId: ${exampleApplicationRegistration.id}\n rotateWhenChanged:\n rotation: ${exampleRotating.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing.\n\n ", "properties": { "applicationId": { "type": "string", @@ -4917,7 +4917,7 @@ } }, "azuread:index/applicationPermissionScope:ApplicationPermissionScope": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as random from \"@pulumi/random\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleAdminister = new random.RandomUuid(\"exampleAdminister\", {});\nconst exampleApplicationPermissionScope = new azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", {\n applicationId: azuread_application_registration.test.id,\n scopeId: exampleAdminister.id,\n value: \"administer\",\n adminConsentDescription: \"Administer the application\",\n adminConsentDisplayName: \"Administer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_random as random\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_administer = random.RandomUuid(\"exampleAdminister\")\nexample_application_permission_scope = azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\",\n application_id=azuread_application_registration[\"test\"][\"id\"],\n scope_id=example_administer.id,\n value=\"administer\",\n admin_consent_description=\"Administer the application\",\n admin_consent_display_name=\"Administer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleAdminister = new Random.RandomUuid(\"exampleAdminister\");\n\n var exampleApplicationPermissionScope = new AzureAD.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", new()\n {\n ApplicationId = azuread_application_registration.Test.Id,\n ScopeId = exampleAdminister.Id,\n Value = \"administer\",\n AdminConsentDescription = \"Administer the application\",\n AdminConsentDisplayName = \"Administer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdminister, err := random.NewRandomUuid(ctx, \"exampleAdminister\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPermissionScope(ctx, \"exampleApplicationPermissionScope\", \u0026azuread.ApplicationPermissionScopeArgs{\n\t\t\tApplicationId: pulumi.Any(azuread_application_registration.Test.Id),\n\t\t\tScopeId: exampleAdminister.ID(),\n\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\tAdminConsentDescription: pulumi.String(\"Administer the application\"),\n\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.random.RandomUuid;\nimport com.pulumi.azuread.ApplicationPermissionScope;\nimport com.pulumi.azuread.ApplicationPermissionScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleAdminister = new RandomUuid(\"exampleAdminister\");\n\n var exampleApplicationPermissionScope = new ApplicationPermissionScope(\"exampleApplicationPermissionScope\", ApplicationPermissionScopeArgs.builder() \n .applicationId(azuread_application_registration.test().id())\n .scopeId(exampleAdminister.id())\n .value(\"administer\")\n .adminConsentDescription(\"Administer the application\")\n .adminConsentDisplayName(\"Administer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleAdminister:\n type: random:RandomUuid\n exampleApplicationPermissionScope:\n type: azuread:ApplicationPermissionScope\n properties:\n applicationId: ${azuread_application_registration.test.id}\n scopeId: ${exampleAdminister.id}\n value: administer\n adminConsentDescription: Administer the application\n adminConsentDisplayName: Administer\n```\n\n\u003e **Tip** For managing more permissions scopes, create additional instances of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleApplicationPermissionScope = new azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", {applicationId: exampleApplication.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_application_permission_scope = azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", application_id=example_application.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationPermissionScope = new AzureAD.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", new()\n {\n ApplicationId = exampleApplication.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPermissionScope(ctx, \"exampleApplicationPermissionScope\", \u0026azuread.ApplicationPermissionScopeArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationPermissionScope;\nimport com.pulumi.azuread.ApplicationPermissionScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationPermissionScope = new ApplicationPermissionScope(\"exampleApplicationPermissionScope\", ApplicationPermissionScopeArgs.builder() \n .applicationId(exampleApplication.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationPermissionScope:\n type: azuread:ApplicationPermissionScope\n properties:\n applicationId: ${exampleApplication.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as random from \"@pulumi/random\";\n\nconst exampleApplicationRegistration = new azuread.ApplicationRegistration(\"exampleApplicationRegistration\", {displayName: \"example\"});\nconst exampleAdminister = new random.RandomUuid(\"exampleAdminister\", {});\nconst exampleApplicationPermissionScope = new azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", {\n applicationId: azuread_application_registration.test.id,\n scopeId: exampleAdminister.id,\n value: \"administer\",\n adminConsentDescription: \"Administer the application\",\n adminConsentDisplayName: \"Administer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumi_random as random\n\nexample_application_registration = azuread.ApplicationRegistration(\"exampleApplicationRegistration\", display_name=\"example\")\nexample_administer = random.RandomUuid(\"exampleAdminister\")\nexample_application_permission_scope = azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\",\n application_id=azuread_application_registration[\"test\"][\"id\"],\n scope_id=example_administer.id,\n value=\"administer\",\n admin_consent_description=\"Administer the application\",\n admin_consent_display_name=\"Administer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationRegistration = new AzureAD.ApplicationRegistration(\"exampleApplicationRegistration\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleAdminister = new Random.RandomUuid(\"exampleAdminister\");\n\n var exampleApplicationPermissionScope = new AzureAD.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", new()\n {\n ApplicationId = azuread_application_registration.Test.Id,\n ScopeId = exampleAdminister.Id,\n Value = \"administer\",\n AdminConsentDescription = \"Administer the application\",\n AdminConsentDisplayName = \"Administer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewApplicationRegistration(ctx, \"exampleApplicationRegistration\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAdminister, err := random.NewRandomUuid(ctx, \"exampleAdminister\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPermissionScope(ctx, \"exampleApplicationPermissionScope\", \u0026azuread.ApplicationPermissionScopeArgs{\n\t\t\tApplicationId: pulumi.Any(azuread_application_registration.Test.Id),\n\t\t\tScopeId: exampleAdminister.ID(),\n\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\tAdminConsentDescription: pulumi.String(\"Administer the application\"),\n\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.random.RandomUuid;\nimport com.pulumi.azuread.ApplicationPermissionScope;\nimport com.pulumi.azuread.ApplicationPermissionScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplicationRegistration = new ApplicationRegistration(\"exampleApplicationRegistration\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleAdminister = new RandomUuid(\"exampleAdminister\");\n\n var exampleApplicationPermissionScope = new ApplicationPermissionScope(\"exampleApplicationPermissionScope\", ApplicationPermissionScopeArgs.builder() \n .applicationId(azuread_application_registration.test().id())\n .scopeId(exampleAdminister.id())\n .value(\"administer\")\n .adminConsentDescription(\"Administer the application\")\n .adminConsentDisplayName(\"Administer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplicationRegistration:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n exampleAdminister:\n type: random:RandomUuid\n exampleApplicationPermissionScope:\n type: azuread:ApplicationPermissionScope\n properties:\n applicationId: ${azuread_application_registration.test.id}\n scopeId: ${exampleAdminister.id}\n value: administer\n adminConsentDescription: Administer the application\n adminConsentDisplayName: Administer\n```\n\n\u003e **Tip** For managing more permissions scopes, create additional instances of this resource\n\n*Usage with azuread.Application resource*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleApplicationPermissionScope = new azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", {applicationId: exampleApplication.id});\n// ...\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_application_permission_scope = azuread.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", application_id=example_application.id)\n# ...\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationPermissionScope = new AzureAD.ApplicationPermissionScope(\"exampleApplicationPermissionScope\", new()\n {\n ApplicationId = exampleApplication.Id,\n });\n\n // ...\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPermissionScope(ctx, \"exampleApplicationPermissionScope\", \u0026azuread.ApplicationPermissionScopeArgs{\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationPermissionScope;\nimport com.pulumi.azuread.ApplicationPermissionScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationPermissionScope = new ApplicationPermissionScope(\"exampleApplicationPermissionScope\", ApplicationPermissionScopeArgs.builder() \n .applicationId(exampleApplication.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationPermissionScope:\n type: azuread:ApplicationPermissionScope\n properties:\n applicationId: ${exampleApplication.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111\n```\n\n ", "properties": { "adminConsentDescription": { "type": "string", @@ -5044,7 +5044,7 @@ } }, "azuread:index/applicationPreAuthorized:ApplicationPreAuthorized": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst authorized = new azuread.ApplicationRegistration(\"authorized\", {displayName: \"example-authorized-app\"});\nconst authorizer = new azuread.Application(\"authorizer\", {\n displayName: \"example-authorizing-app\",\n api: {\n oauth2PermissionScopes: [\n {\n adminConsentDescription: \"Administer the application\",\n adminConsentDisplayName: \"Administer\",\n enabled: true,\n id: \"00000000-0000-0000-0000-000000000000\",\n type: \"Admin\",\n value: \"administer\",\n },\n {\n adminConsentDescription: \"Access the application\",\n adminConsentDisplayName: \"Access\",\n enabled: true,\n id: \"11111111-1111-1111-1111-111111111111\",\n type: \"User\",\n userConsentDescription: \"Access the application\",\n userConsentDisplayName: \"Access\",\n value: \"user_impersonation\",\n },\n ],\n },\n});\nconst example = new azuread.ApplicationPreAuthorized(\"example\", {\n applicationId: authorizer.id,\n authorizedClientId: authorized.clientId,\n permissionIds: [\n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nauthorized = azuread.ApplicationRegistration(\"authorized\", display_name=\"example-authorized-app\")\nauthorizer = azuread.Application(\"authorizer\",\n display_name=\"example-authorizing-app\",\n api=azuread.ApplicationApiArgs(\n oauth2_permission_scopes=[\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Administer the application\",\n admin_consent_display_name=\"Administer\",\n enabled=True,\n id=\"00000000-0000-0000-0000-000000000000\",\n type=\"Admin\",\n value=\"administer\",\n ),\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Access the application\",\n admin_consent_display_name=\"Access\",\n enabled=True,\n id=\"11111111-1111-1111-1111-111111111111\",\n type=\"User\",\n user_consent_description=\"Access the application\",\n user_consent_display_name=\"Access\",\n value=\"user_impersonation\",\n ),\n ],\n ))\nexample = azuread.ApplicationPreAuthorized(\"example\",\n application_id=authorizer.id,\n authorized_client_id=authorized.client_id,\n permission_ids=[\n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var authorized = new AzureAD.ApplicationRegistration(\"authorized\", new()\n {\n DisplayName = \"example-authorized-app\",\n });\n\n var authorizer = new AzureAD.Application(\"authorizer\", new()\n {\n DisplayName = \"example-authorizing-app\",\n Api = new AzureAD.Inputs.ApplicationApiArgs\n {\n Oauth2PermissionScopes = new[]\n {\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Administer the application\",\n AdminConsentDisplayName = \"Administer\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-000000000000\",\n Type = \"Admin\",\n Value = \"administer\",\n },\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Access the application\",\n AdminConsentDisplayName = \"Access\",\n Enabled = true,\n Id = \"11111111-1111-1111-1111-111111111111\",\n Type = \"User\",\n UserConsentDescription = \"Access the application\",\n UserConsentDisplayName = \"Access\",\n Value = \"user_impersonation\",\n },\n },\n },\n });\n\n var example = new AzureAD.ApplicationPreAuthorized(\"example\", new()\n {\n ApplicationId = authorizer.Id,\n AuthorizedClientId = authorized.ClientId,\n PermissionIds = new[]\n {\n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tauthorized, err := azuread.NewApplicationRegistration(ctx, \"authorized\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example-authorized-app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tauthorizer, err := azuread.NewApplication(ctx, \"authorizer\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example-authorizing-app\"),\n\t\t\tApi: \u0026azuread.ApplicationApiArgs{\n\t\t\t\tOauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Administer the application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\t\t\t\tType: pulumi.String(\"Admin\"),\n\t\t\t\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Access the application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Access\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"11111111-1111-1111-1111-111111111111\"),\n\t\t\t\t\t\tType: pulumi.String(\"User\"),\n\t\t\t\t\t\tUserConsentDescription: pulumi.String(\"Access the application\"),\n\t\t\t\t\t\tUserConsentDisplayName: pulumi.String(\"Access\"),\n\t\t\t\t\t\tValue: pulumi.String(\"user_impersonation\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPreAuthorized(ctx, \"example\", \u0026azuread.ApplicationPreAuthorizedArgs{\n\t\t\tApplicationId: authorizer.ID(),\n\t\t\tAuthorizedClientId: authorized.ClientId,\n\t\t\tPermissionIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\t\tpulumi.String(\"11111111-1111-1111-1111-111111111111\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationApiArgs;\nimport com.pulumi.azuread.ApplicationPreAuthorized;\nimport com.pulumi.azuread.ApplicationPreAuthorizedArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var authorized = new ApplicationRegistration(\"authorized\", ApplicationRegistrationArgs.builder() \n .displayName(\"example-authorized-app\")\n .build());\n\n var authorizer = new Application(\"authorizer\", ApplicationArgs.builder() \n .displayName(\"example-authorizing-app\")\n .api(ApplicationApiArgs.builder()\n .oauth2PermissionScopes( \n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Administer the application\")\n .adminConsentDisplayName(\"Administer\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-000000000000\")\n .type(\"Admin\")\n .value(\"administer\")\n .build(),\n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Access the application\")\n .adminConsentDisplayName(\"Access\")\n .enabled(true)\n .id(\"11111111-1111-1111-1111-111111111111\")\n .type(\"User\")\n .userConsentDescription(\"Access the application\")\n .userConsentDisplayName(\"Access\")\n .value(\"user_impersonation\")\n .build())\n .build())\n .build());\n\n var example = new ApplicationPreAuthorized(\"example\", ApplicationPreAuthorizedArgs.builder() \n .applicationId(authorizer.id())\n .authorizedClientId(authorized.clientId())\n .permissionIds( \n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n authorized:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example-authorized-app\n authorizer:\n type: azuread:Application\n properties:\n displayName: example-authorizing-app\n api:\n oauth2PermissionScopes:\n - adminConsentDescription: Administer the application\n adminConsentDisplayName: Administer\n enabled: true\n id: 00000000-0000-0000-0000-000000000000\n type: Admin\n value: administer\n - adminConsentDescription: Access the application\n adminConsentDisplayName: Access\n enabled: true\n id: 11111111-1111-1111-1111-111111111111\n type: User\n userConsentDescription: Access the application\n userConsentDisplayName: Access\n value: user_impersonation\n example:\n type: azuread:ApplicationPreAuthorized\n properties:\n applicationId: ${authorizer.id}\n authorizedClientId: ${authorized.clientId}\n permissionIds:\n - 00000000-0000-0000-0000-000000000000\n - 11111111-1111-1111-1111-111111111111\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g.\n\n```sh\n $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string \"preAuthorizedApplication\" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`. ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst authorized = new azuread.ApplicationRegistration(\"authorized\", {displayName: \"example-authorized-app\"});\nconst authorizer = new azuread.Application(\"authorizer\", {\n displayName: \"example-authorizing-app\",\n api: {\n oauth2PermissionScopes: [\n {\n adminConsentDescription: \"Administer the application\",\n adminConsentDisplayName: \"Administer\",\n enabled: true,\n id: \"00000000-0000-0000-0000-000000000000\",\n type: \"Admin\",\n value: \"administer\",\n },\n {\n adminConsentDescription: \"Access the application\",\n adminConsentDisplayName: \"Access\",\n enabled: true,\n id: \"11111111-1111-1111-1111-111111111111\",\n type: \"User\",\n userConsentDescription: \"Access the application\",\n userConsentDisplayName: \"Access\",\n value: \"user_impersonation\",\n },\n ],\n },\n});\nconst example = new azuread.ApplicationPreAuthorized(\"example\", {\n applicationId: authorizer.id,\n authorizedClientId: authorized.clientId,\n permissionIds: [\n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nauthorized = azuread.ApplicationRegistration(\"authorized\", display_name=\"example-authorized-app\")\nauthorizer = azuread.Application(\"authorizer\",\n display_name=\"example-authorizing-app\",\n api=azuread.ApplicationApiArgs(\n oauth2_permission_scopes=[\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Administer the application\",\n admin_consent_display_name=\"Administer\",\n enabled=True,\n id=\"00000000-0000-0000-0000-000000000000\",\n type=\"Admin\",\n value=\"administer\",\n ),\n azuread.ApplicationApiOauth2PermissionScopeArgs(\n admin_consent_description=\"Access the application\",\n admin_consent_display_name=\"Access\",\n enabled=True,\n id=\"11111111-1111-1111-1111-111111111111\",\n type=\"User\",\n user_consent_description=\"Access the application\",\n user_consent_display_name=\"Access\",\n value=\"user_impersonation\",\n ),\n ],\n ))\nexample = azuread.ApplicationPreAuthorized(\"example\",\n application_id=authorizer.id,\n authorized_client_id=authorized.client_id,\n permission_ids=[\n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var authorized = new AzureAD.ApplicationRegistration(\"authorized\", new()\n {\n DisplayName = \"example-authorized-app\",\n });\n\n var authorizer = new AzureAD.Application(\"authorizer\", new()\n {\n DisplayName = \"example-authorizing-app\",\n Api = new AzureAD.Inputs.ApplicationApiArgs\n {\n Oauth2PermissionScopes = new[]\n {\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Administer the application\",\n AdminConsentDisplayName = \"Administer\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-000000000000\",\n Type = \"Admin\",\n Value = \"administer\",\n },\n new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs\n {\n AdminConsentDescription = \"Access the application\",\n AdminConsentDisplayName = \"Access\",\n Enabled = true,\n Id = \"11111111-1111-1111-1111-111111111111\",\n Type = \"User\",\n UserConsentDescription = \"Access the application\",\n UserConsentDisplayName = \"Access\",\n Value = \"user_impersonation\",\n },\n },\n },\n });\n\n var example = new AzureAD.ApplicationPreAuthorized(\"example\", new()\n {\n ApplicationId = authorizer.Id,\n AuthorizedClientId = authorized.ClientId,\n PermissionIds = new[]\n {\n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tauthorized, err := azuread.NewApplicationRegistration(ctx, \"authorized\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example-authorized-app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tauthorizer, err := azuread.NewApplication(ctx, \"authorizer\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example-authorizing-app\"),\n\t\t\tApi: \u0026azuread.ApplicationApiArgs{\n\t\t\t\tOauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Administer the application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Administer\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\t\t\t\tType: pulumi.String(\"Admin\"),\n\t\t\t\t\t\tValue: pulumi.String(\"administer\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026azuread.ApplicationApiOauth2PermissionScopeArgs{\n\t\t\t\t\t\tAdminConsentDescription: pulumi.String(\"Access the application\"),\n\t\t\t\t\t\tAdminConsentDisplayName: pulumi.String(\"Access\"),\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tId: pulumi.String(\"11111111-1111-1111-1111-111111111111\"),\n\t\t\t\t\t\tType: pulumi.String(\"User\"),\n\t\t\t\t\t\tUserConsentDescription: pulumi.String(\"Access the application\"),\n\t\t\t\t\t\tUserConsentDisplayName: pulumi.String(\"Access\"),\n\t\t\t\t\t\tValue: pulumi.String(\"user_impersonation\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPreAuthorized(ctx, \"example\", \u0026azuread.ApplicationPreAuthorizedArgs{\n\t\t\tApplicationId: authorizer.ID(),\n\t\t\tAuthorizedClientId: authorized.ClientId,\n\t\t\tPermissionIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\t\tpulumi.String(\"11111111-1111-1111-1111-111111111111\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationApiArgs;\nimport com.pulumi.azuread.ApplicationPreAuthorized;\nimport com.pulumi.azuread.ApplicationPreAuthorizedArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var authorized = new ApplicationRegistration(\"authorized\", ApplicationRegistrationArgs.builder() \n .displayName(\"example-authorized-app\")\n .build());\n\n var authorizer = new Application(\"authorizer\", ApplicationArgs.builder() \n .displayName(\"example-authorizing-app\")\n .api(ApplicationApiArgs.builder()\n .oauth2PermissionScopes( \n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Administer the application\")\n .adminConsentDisplayName(\"Administer\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-000000000000\")\n .type(\"Admin\")\n .value(\"administer\")\n .build(),\n ApplicationApiOauth2PermissionScopeArgs.builder()\n .adminConsentDescription(\"Access the application\")\n .adminConsentDisplayName(\"Access\")\n .enabled(true)\n .id(\"11111111-1111-1111-1111-111111111111\")\n .type(\"User\")\n .userConsentDescription(\"Access the application\")\n .userConsentDisplayName(\"Access\")\n .value(\"user_impersonation\")\n .build())\n .build())\n .build());\n\n var example = new ApplicationPreAuthorized(\"example\", ApplicationPreAuthorizedArgs.builder() \n .applicationId(authorizer.id())\n .authorizedClientId(authorized.clientId())\n .permissionIds( \n \"00000000-0000-0000-0000-000000000000\",\n \"11111111-1111-1111-1111-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n authorized:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example-authorized-app\n authorizer:\n type: azuread:Application\n properties:\n displayName: example-authorizing-app\n api:\n oauth2PermissionScopes:\n - adminConsentDescription: Administer the application\n adminConsentDisplayName: Administer\n enabled: true\n id: 00000000-0000-0000-0000-000000000000\n type: Admin\n value: administer\n - adminConsentDescription: Access the application\n adminConsentDisplayName: Access\n enabled: true\n id: 11111111-1111-1111-1111-111111111111\n type: User\n userConsentDescription: Access the application\n userConsentDisplayName: Access\n value: user_impersonation\n example:\n type: azuread:ApplicationPreAuthorized\n properties:\n applicationId: ${authorizer.id}\n authorizedClientId: ${authorized.clientId}\n permissionIds:\n - 00000000-0000-0000-0000-000000000000\n - 11111111-1111-1111-1111-111111111111\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g.\n\n ```sh\n $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string \"preAuthorizedApplication\" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`.\n\n ", "properties": { "applicationId": { "type": "string", @@ -5150,7 +5150,7 @@ } }, "azuread:index/applicationRedirectUris:ApplicationRedirectUris": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst examplePublic = new azuread.ApplicationRedirectUris(\"examplePublic\", {\n applicationId: example.id,\n type: \"PublicClient\",\n redirectUris: [\n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\",\n ],\n});\nconst exampleSpa = new azuread.ApplicationRedirectUris(\"exampleSpa\", {\n applicationId: example.id,\n type: \"SPA\",\n redirectUris: [\n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\",\n ],\n});\nconst exampleWeb = new azuread.ApplicationRedirectUris(\"exampleWeb\", {\n applicationId: example.id,\n type: \"Web\",\n redirectUris: [\n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_public = azuread.ApplicationRedirectUris(\"examplePublic\",\n application_id=example.id,\n type=\"PublicClient\",\n redirect_uris=[\n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\",\n ])\nexample_spa = azuread.ApplicationRedirectUris(\"exampleSpa\",\n application_id=example.id,\n type=\"SPA\",\n redirect_uris=[\n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\",\n ])\nexample_web = azuread.ApplicationRedirectUris(\"exampleWeb\",\n application_id=example.id,\n type=\"Web\",\n redirect_uris=[\n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var examplePublic = new AzureAD.ApplicationRedirectUris(\"examplePublic\", new()\n {\n ApplicationId = example.Id,\n Type = \"PublicClient\",\n RedirectUris = new[]\n {\n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\",\n },\n });\n\n var exampleSpa = new AzureAD.ApplicationRedirectUris(\"exampleSpa\", new()\n {\n ApplicationId = example.Id,\n Type = \"SPA\",\n RedirectUris = new[]\n {\n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\",\n },\n });\n\n var exampleWeb = new AzureAD.ApplicationRedirectUris(\"exampleWeb\", new()\n {\n ApplicationId = example.Id,\n Type = \"Web\",\n RedirectUris = new[]\n {\n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationRedirectUris(ctx, \"examplePublic\", \u0026azuread.ApplicationRedirectUrisArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"PublicClient\"),\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"myapp://auth\"),\n\t\t\t\tpulumi.String(\"sample.mobile.app.bundie.id://auth\"),\n\t\t\t\tpulumi.String(\"https://login.microsoftonline.com/common/oauth2/nativeclient\"),\n\t\t\t\tpulumi.String(\"https://login.live.com/oauth20_desktop.srf\"),\n\t\t\t\tpulumi.String(\"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\"),\n\t\t\t\tpulumi.String(\"urn:ietf:wg:oauth:2.0:foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationRedirectUris(ctx, \"exampleSpa\", \u0026azuread.ApplicationRedirectUrisArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"SPA\"),\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://mobile.hashitown.com/\"),\n\t\t\t\tpulumi.String(\"https://beta.hashitown.com/\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationRedirectUris(ctx, \"exampleWeb\", \u0026azuread.ApplicationRedirectUrisArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"Web\"),\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://app.hashitown.com/\"),\n\t\t\t\tpulumi.String(\"https://classic.hashitown.com/\"),\n\t\t\t\tpulumi.String(\"urn:ietf:wg:oauth:2.0:oob\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationRedirectUris;\nimport com.pulumi.azuread.ApplicationRedirectUrisArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var examplePublic = new ApplicationRedirectUris(\"examplePublic\", ApplicationRedirectUrisArgs.builder() \n .applicationId(example.id())\n .type(\"PublicClient\")\n .redirectUris( \n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\")\n .build());\n\n var exampleSpa = new ApplicationRedirectUris(\"exampleSpa\", ApplicationRedirectUrisArgs.builder() \n .applicationId(example.id())\n .type(\"SPA\")\n .redirectUris( \n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\")\n .build());\n\n var exampleWeb = new ApplicationRedirectUris(\"exampleWeb\", ApplicationRedirectUrisArgs.builder() \n .applicationId(example.id())\n .type(\"Web\")\n .redirectUris( \n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n examplePublic:\n type: azuread:ApplicationRedirectUris\n properties:\n applicationId: ${example.id}\n type: PublicClient\n redirectUris:\n - myapp://auth\n - sample.mobile.app.bundie.id://auth\n - https://login.microsoftonline.com/common/oauth2/nativeclient\n - https://login.live.com/oauth20_desktop.srf\n - ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\n - urn:ietf:wg:oauth:2.0:foo\n exampleSpa:\n type: azuread:ApplicationRedirectUris\n properties:\n applicationId: ${example.id}\n type: SPA\n redirectUris:\n - https://mobile.hashitown.com/\n - https://beta.hashitown.com/\n exampleWeb:\n type: azuread:ApplicationRedirectUris\n properties:\n applicationId: ${example.id}\n type: Web\n redirectUris:\n - https://app.hashitown.com/\n - https://classic.hashitown.com/\n - urn:ietf:wg:oauth:2.0:oob\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication API Access can be imported using the object ID of the application and the URI type, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {displayName: \"example\"});\nconst examplePublic = new azuread.ApplicationRedirectUris(\"examplePublic\", {\n applicationId: example.id,\n type: \"PublicClient\",\n redirectUris: [\n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\",\n ],\n});\nconst exampleSpa = new azuread.ApplicationRedirectUris(\"exampleSpa\", {\n applicationId: example.id,\n type: \"SPA\",\n redirectUris: [\n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\",\n ],\n});\nconst exampleWeb = new azuread.ApplicationRedirectUris(\"exampleWeb\", {\n applicationId: example.id,\n type: \"Web\",\n redirectUris: [\n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ApplicationRegistration(\"example\", display_name=\"example\")\nexample_public = azuread.ApplicationRedirectUris(\"examplePublic\",\n application_id=example.id,\n type=\"PublicClient\",\n redirect_uris=[\n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\",\n ])\nexample_spa = azuread.ApplicationRedirectUris(\"exampleSpa\",\n application_id=example.id,\n type=\"SPA\",\n redirect_uris=[\n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\",\n ])\nexample_web = azuread.ApplicationRedirectUris(\"exampleWeb\",\n application_id=example.id,\n type=\"Web\",\n redirect_uris=[\n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n DisplayName = \"example\",\n });\n\n var examplePublic = new AzureAD.ApplicationRedirectUris(\"examplePublic\", new()\n {\n ApplicationId = example.Id,\n Type = \"PublicClient\",\n RedirectUris = new[]\n {\n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\",\n },\n });\n\n var exampleSpa = new AzureAD.ApplicationRedirectUris(\"exampleSpa\", new()\n {\n ApplicationId = example.Id,\n Type = \"SPA\",\n RedirectUris = new[]\n {\n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\",\n },\n });\n\n var exampleWeb = new AzureAD.ApplicationRedirectUris(\"exampleWeb\", new()\n {\n ApplicationId = example.Id,\n Type = \"Web\",\n RedirectUris = new[]\n {\n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationRedirectUris(ctx, \"examplePublic\", \u0026azuread.ApplicationRedirectUrisArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"PublicClient\"),\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"myapp://auth\"),\n\t\t\t\tpulumi.String(\"sample.mobile.app.bundie.id://auth\"),\n\t\t\t\tpulumi.String(\"https://login.microsoftonline.com/common/oauth2/nativeclient\"),\n\t\t\t\tpulumi.String(\"https://login.live.com/oauth20_desktop.srf\"),\n\t\t\t\tpulumi.String(\"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\"),\n\t\t\t\tpulumi.String(\"urn:ietf:wg:oauth:2.0:foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationRedirectUris(ctx, \"exampleSpa\", \u0026azuread.ApplicationRedirectUrisArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"SPA\"),\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://mobile.hashitown.com/\"),\n\t\t\t\tpulumi.String(\"https://beta.hashitown.com/\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationRedirectUris(ctx, \"exampleWeb\", \u0026azuread.ApplicationRedirectUrisArgs{\n\t\t\tApplicationId: example.ID(),\n\t\t\tType: pulumi.String(\"Web\"),\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://app.hashitown.com/\"),\n\t\t\t\tpulumi.String(\"https://classic.hashitown.com/\"),\n\t\t\t\tpulumi.String(\"urn:ietf:wg:oauth:2.0:oob\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport com.pulumi.azuread.ApplicationRedirectUris;\nimport com.pulumi.azuread.ApplicationRedirectUrisArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var examplePublic = new ApplicationRedirectUris(\"examplePublic\", ApplicationRedirectUrisArgs.builder() \n .applicationId(example.id())\n .type(\"PublicClient\")\n .redirectUris( \n \"myapp://auth\",\n \"sample.mobile.app.bundie.id://auth\",\n \"https://login.microsoftonline.com/common/oauth2/nativeclient\",\n \"https://login.live.com/oauth20_desktop.srf\",\n \"ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\",\n \"urn:ietf:wg:oauth:2.0:foo\")\n .build());\n\n var exampleSpa = new ApplicationRedirectUris(\"exampleSpa\", ApplicationRedirectUrisArgs.builder() \n .applicationId(example.id())\n .type(\"SPA\")\n .redirectUris( \n \"https://mobile.hashitown.com/\",\n \"https://beta.hashitown.com/\")\n .build());\n\n var exampleWeb = new ApplicationRedirectUris(\"exampleWeb\", ApplicationRedirectUrisArgs.builder() \n .applicationId(example.id())\n .type(\"Web\")\n .redirectUris( \n \"https://app.hashitown.com/\",\n \"https://classic.hashitown.com/\",\n \"urn:ietf:wg:oauth:2.0:oob\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n displayName: example\n examplePublic:\n type: azuread:ApplicationRedirectUris\n properties:\n applicationId: ${example.id}\n type: PublicClient\n redirectUris:\n - myapp://auth\n - sample.mobile.app.bundie.id://auth\n - https://login.microsoftonline.com/common/oauth2/nativeclient\n - https://login.live.com/oauth20_desktop.srf\n - ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222\n - urn:ietf:wg:oauth:2.0:foo\n exampleSpa:\n type: azuread:ApplicationRedirectUris\n properties:\n applicationId: ${example.id}\n type: SPA\n redirectUris:\n - https://mobile.hashitown.com/\n - https://beta.hashitown.com/\n exampleWeb:\n type: azuread:ApplicationRedirectUris\n properties:\n applicationId: ${example.id}\n type: Web\n redirectUris:\n - https://app.hashitown.com/\n - https://classic.hashitown.com/\n - urn:ietf:wg:oauth:2.0:oob\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication API Access can be imported using the object ID of the application and the URI type, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web\n```\n\n ", "properties": { "applicationId": { "type": "string", @@ -5222,7 +5222,7 @@ } }, "azuread:index/applicationRegistration:ApplicationRegistration": { - "description": "Manages an application registration within Azure Active Directory.\n\nFor a more comprehensive alternative, please see the azuread.Application resource. Please note that this resource should not be used together with the `azuread.Application` resource when managing the same application.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {\n description: \"My example application\",\n displayName: \"Example Application\",\n homepageUrl: \"https://app.hashitown.com/\",\n logoutUrl: \"https://app.hashitown.com/logout\",\n marketingUrl: \"https://hashitown.com/\",\n privacyStatementUrl: \"https://hashitown.com/privacy\",\n signInAudience: \"AzureADMyOrg\",\n supportUrl: \"https://support.hashitown.com/\",\n termsOfServiceUrl: \"https://hashitown.com/terms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ApplicationRegistration(\"example\",\n description=\"My example application\",\n display_name=\"Example Application\",\n homepage_url=\"https://app.hashitown.com/\",\n logout_url=\"https://app.hashitown.com/logout\",\n marketing_url=\"https://hashitown.com/\",\n privacy_statement_url=\"https://hashitown.com/privacy\",\n sign_in_audience=\"AzureADMyOrg\",\n support_url=\"https://support.hashitown.com/\",\n terms_of_service_url=\"https://hashitown.com/terms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n Description = \"My example application\",\n DisplayName = \"Example Application\",\n HomepageUrl = \"https://app.hashitown.com/\",\n LogoutUrl = \"https://app.hashitown.com/logout\",\n MarketingUrl = \"https://hashitown.com/\",\n PrivacyStatementUrl = \"https://hashitown.com/privacy\",\n SignInAudience = \"AzureADMyOrg\",\n SupportUrl = \"https://support.hashitown.com/\",\n TermsOfServiceUrl = \"https://hashitown.com/terms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDescription: pulumi.String(\"My example application\"),\n\t\t\tDisplayName: pulumi.String(\"Example Application\"),\n\t\t\tHomepageUrl: pulumi.String(\"https://app.hashitown.com/\"),\n\t\t\tLogoutUrl: pulumi.String(\"https://app.hashitown.com/logout\"),\n\t\t\tMarketingUrl: pulumi.String(\"https://hashitown.com/\"),\n\t\t\tPrivacyStatementUrl: pulumi.String(\"https://hashitown.com/privacy\"),\n\t\t\tSignInAudience: pulumi.String(\"AzureADMyOrg\"),\n\t\t\tSupportUrl: pulumi.String(\"https://support.hashitown.com/\"),\n\t\t\tTermsOfServiceUrl: pulumi.String(\"https://hashitown.com/terms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .description(\"My example application\")\n .displayName(\"Example Application\")\n .homepageUrl(\"https://app.hashitown.com/\")\n .logoutUrl(\"https://app.hashitown.com/logout\")\n .marketingUrl(\"https://hashitown.com/\")\n .privacyStatementUrl(\"https://hashitown.com/privacy\")\n .signInAudience(\"AzureADMyOrg\")\n .supportUrl(\"https://support.hashitown.com/\")\n .termsOfServiceUrl(\"https://hashitown.com/terms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n description: My example application\n displayName: Example Application\n homepageUrl: https://app.hashitown.com/\n logoutUrl: https://app.hashitown.com/logout\n marketingUrl: https://hashitown.com/\n privacyStatementUrl: https://hashitown.com/privacy\n signInAudience: AzureADMyOrg\n supportUrl: https://support.hashitown.com/\n termsOfServiceUrl: https://hashitown.com/terms\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Registrations can be imported using the object ID of the application, in the following format.\n\n```sh\n $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages an application registration within Azure Active Directory.\n\nFor a more comprehensive alternative, please see the azuread.Application resource. Please note that this resource should not be used together with the `azuread.Application` resource when managing the same application.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ApplicationRegistration(\"example\", {\n description: \"My example application\",\n displayName: \"Example Application\",\n homepageUrl: \"https://app.hashitown.com/\",\n logoutUrl: \"https://app.hashitown.com/logout\",\n marketingUrl: \"https://hashitown.com/\",\n privacyStatementUrl: \"https://hashitown.com/privacy\",\n signInAudience: \"AzureADMyOrg\",\n supportUrl: \"https://support.hashitown.com/\",\n termsOfServiceUrl: \"https://hashitown.com/terms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ApplicationRegistration(\"example\",\n description=\"My example application\",\n display_name=\"Example Application\",\n homepage_url=\"https://app.hashitown.com/\",\n logout_url=\"https://app.hashitown.com/logout\",\n marketing_url=\"https://hashitown.com/\",\n privacy_statement_url=\"https://hashitown.com/privacy\",\n sign_in_audience=\"AzureADMyOrg\",\n support_url=\"https://support.hashitown.com/\",\n terms_of_service_url=\"https://hashitown.com/terms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ApplicationRegistration(\"example\", new()\n {\n Description = \"My example application\",\n DisplayName = \"Example Application\",\n HomepageUrl = \"https://app.hashitown.com/\",\n LogoutUrl = \"https://app.hashitown.com/logout\",\n MarketingUrl = \"https://hashitown.com/\",\n PrivacyStatementUrl = \"https://hashitown.com/privacy\",\n SignInAudience = \"AzureADMyOrg\",\n SupportUrl = \"https://support.hashitown.com/\",\n TermsOfServiceUrl = \"https://hashitown.com/terms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewApplicationRegistration(ctx, \"example\", \u0026azuread.ApplicationRegistrationArgs{\n\t\t\tDescription: pulumi.String(\"My example application\"),\n\t\t\tDisplayName: pulumi.String(\"Example Application\"),\n\t\t\tHomepageUrl: pulumi.String(\"https://app.hashitown.com/\"),\n\t\t\tLogoutUrl: pulumi.String(\"https://app.hashitown.com/logout\"),\n\t\t\tMarketingUrl: pulumi.String(\"https://hashitown.com/\"),\n\t\t\tPrivacyStatementUrl: pulumi.String(\"https://hashitown.com/privacy\"),\n\t\t\tSignInAudience: pulumi.String(\"AzureADMyOrg\"),\n\t\t\tSupportUrl: pulumi.String(\"https://support.hashitown.com/\"),\n\t\t\tTermsOfServiceUrl: pulumi.String(\"https://hashitown.com/terms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ApplicationRegistration;\nimport com.pulumi.azuread.ApplicationRegistrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationRegistration(\"example\", ApplicationRegistrationArgs.builder() \n .description(\"My example application\")\n .displayName(\"Example Application\")\n .homepageUrl(\"https://app.hashitown.com/\")\n .logoutUrl(\"https://app.hashitown.com/logout\")\n .marketingUrl(\"https://hashitown.com/\")\n .privacyStatementUrl(\"https://hashitown.com/privacy\")\n .signInAudience(\"AzureADMyOrg\")\n .supportUrl(\"https://support.hashitown.com/\")\n .termsOfServiceUrl(\"https://hashitown.com/terms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ApplicationRegistration\n properties:\n description: My example application\n displayName: Example Application\n homepageUrl: https://app.hashitown.com/\n logoutUrl: https://app.hashitown.com/logout\n marketingUrl: https://hashitown.com/\n privacyStatementUrl: https://hashitown.com/privacy\n signInAudience: AzureADMyOrg\n supportUrl: https://support.hashitown.com/\n termsOfServiceUrl: https://hashitown.com/terms\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApplication Registrations can be imported using the object ID of the application, in the following format.\n\n ```sh\n $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "clientId": { "type": "string", @@ -5466,7 +5466,7 @@ } }, "azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy": { - "description": "Manages a Authentication Strength Policy within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AuthenticationStrengthPolicy(\"example\", {\n allowedCombinations: [\n \"fido2\",\n \"password\",\n ],\n description: \"Policy for demo purposes\",\n displayName: \"Example Authentication Strength Policy\",\n});\nconst example2 = new azuread.AuthenticationStrengthPolicy(\"example2\", {\n allowedCombinations: [\n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\",\n ],\n description: \"Policy for demo purposes with all possible combinations\",\n displayName: \"Example Authentication Strength Policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AuthenticationStrengthPolicy(\"example\",\n allowed_combinations=[\n \"fido2\",\n \"password\",\n ],\n description=\"Policy for demo purposes\",\n display_name=\"Example Authentication Strength Policy\")\nexample2 = azuread.AuthenticationStrengthPolicy(\"example2\",\n allowed_combinations=[\n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\",\n ],\n description=\"Policy for demo purposes with all possible combinations\",\n display_name=\"Example Authentication Strength Policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AuthenticationStrengthPolicy(\"example\", new()\n {\n AllowedCombinations = new[]\n {\n \"fido2\",\n \"password\",\n },\n Description = \"Policy for demo purposes\",\n DisplayName = \"Example Authentication Strength Policy\",\n });\n\n var example2 = new AzureAD.AuthenticationStrengthPolicy(\"example2\", new()\n {\n AllowedCombinations = new[]\n {\n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\",\n },\n Description = \"Policy for demo purposes with all possible combinations\",\n DisplayName = \"Example Authentication Strength Policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAuthenticationStrengthPolicy(ctx, \"example\", \u0026azuread.AuthenticationStrengthPolicyArgs{\n\t\t\tAllowedCombinations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fido2\"),\n\t\t\t\tpulumi.String(\"password\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Policy for demo purposes\"),\n\t\t\tDisplayName: pulumi.String(\"Example Authentication Strength Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAuthenticationStrengthPolicy(ctx, \"example2\", \u0026azuread.AuthenticationStrengthPolicyArgs{\n\t\t\tAllowedCombinations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fido2\"),\n\t\t\t\tpulumi.String(\"password\"),\n\t\t\t\tpulumi.String(\"deviceBasedPush\"),\n\t\t\t\tpulumi.String(\"temporaryAccessPassOneTime\"),\n\t\t\t\tpulumi.String(\"federatedMultiFactor\"),\n\t\t\t\tpulumi.String(\"federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"hardwareOath,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"microsoftAuthenticatorPush,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"password,hardwareOath\"),\n\t\t\t\tpulumi.String(\"password,microsoftAuthenticatorPush\"),\n\t\t\t\tpulumi.String(\"password,sms\"),\n\t\t\t\tpulumi.String(\"password,softwareOath\"),\n\t\t\t\tpulumi.String(\"password,voice\"),\n\t\t\t\tpulumi.String(\"sms\"),\n\t\t\t\tpulumi.String(\"sms,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"softwareOath,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"temporaryAccessPassMultiUse\"),\n\t\t\t\tpulumi.String(\"voice,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"windowsHelloForBusiness\"),\n\t\t\t\tpulumi.String(\"x509CertificateMultiFactor\"),\n\t\t\t\tpulumi.String(\"x509CertificateSingleFactor\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Policy for demo purposes with all possible combinations\"),\n\t\t\tDisplayName: pulumi.String(\"Example Authentication Strength Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AuthenticationStrengthPolicy;\nimport com.pulumi.azuread.AuthenticationStrengthPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthenticationStrengthPolicy(\"example\", AuthenticationStrengthPolicyArgs.builder() \n .allowedCombinations( \n \"fido2\",\n \"password\")\n .description(\"Policy for demo purposes\")\n .displayName(\"Example Authentication Strength Policy\")\n .build());\n\n var example2 = new AuthenticationStrengthPolicy(\"example2\", AuthenticationStrengthPolicyArgs.builder() \n .allowedCombinations( \n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\")\n .description(\"Policy for demo purposes with all possible combinations\")\n .displayName(\"Example Authentication Strength Policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AuthenticationStrengthPolicy\n properties:\n allowedCombinations:\n - fido2\n - password\n description: Policy for demo purposes\n displayName: Example Authentication Strength Policy\n example2:\n type: azuread:AuthenticationStrengthPolicy\n properties:\n allowedCombinations:\n - fido2\n - password\n - deviceBasedPush\n - temporaryAccessPassOneTime\n - federatedMultiFactor\n - federatedSingleFactor\n - hardwareOath,federatedSingleFactor\n - microsoftAuthenticatorPush,federatedSingleFactor\n - password,hardwareOath\n - password,microsoftAuthenticatorPush\n - password,sms\n - password,softwareOath\n - password,voice\n - sms\n - sms,federatedSingleFactor\n - softwareOath,federatedSingleFactor\n - temporaryAccessPassMultiUse\n - voice,federatedSingleFactor\n - windowsHelloForBusiness\n - x509CertificateMultiFactor\n - x509CertificateSingleFactor\n description: Policy for demo purposes with all possible combinations\n displayName: Example Authentication Strength Policy\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAuthentication Strength Policies can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a Authentication Strength Policy within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AuthenticationStrengthPolicy(\"example\", {\n allowedCombinations: [\n \"fido2\",\n \"password\",\n ],\n description: \"Policy for demo purposes\",\n displayName: \"Example Authentication Strength Policy\",\n});\nconst example2 = new azuread.AuthenticationStrengthPolicy(\"example2\", {\n allowedCombinations: [\n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\",\n ],\n description: \"Policy for demo purposes with all possible combinations\",\n displayName: \"Example Authentication Strength Policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AuthenticationStrengthPolicy(\"example\",\n allowed_combinations=[\n \"fido2\",\n \"password\",\n ],\n description=\"Policy for demo purposes\",\n display_name=\"Example Authentication Strength Policy\")\nexample2 = azuread.AuthenticationStrengthPolicy(\"example2\",\n allowed_combinations=[\n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\",\n ],\n description=\"Policy for demo purposes with all possible combinations\",\n display_name=\"Example Authentication Strength Policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AuthenticationStrengthPolicy(\"example\", new()\n {\n AllowedCombinations = new[]\n {\n \"fido2\",\n \"password\",\n },\n Description = \"Policy for demo purposes\",\n DisplayName = \"Example Authentication Strength Policy\",\n });\n\n var example2 = new AzureAD.AuthenticationStrengthPolicy(\"example2\", new()\n {\n AllowedCombinations = new[]\n {\n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\",\n },\n Description = \"Policy for demo purposes with all possible combinations\",\n DisplayName = \"Example Authentication Strength Policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAuthenticationStrengthPolicy(ctx, \"example\", \u0026azuread.AuthenticationStrengthPolicyArgs{\n\t\t\tAllowedCombinations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fido2\"),\n\t\t\t\tpulumi.String(\"password\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Policy for demo purposes\"),\n\t\t\tDisplayName: pulumi.String(\"Example Authentication Strength Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAuthenticationStrengthPolicy(ctx, \"example2\", \u0026azuread.AuthenticationStrengthPolicyArgs{\n\t\t\tAllowedCombinations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fido2\"),\n\t\t\t\tpulumi.String(\"password\"),\n\t\t\t\tpulumi.String(\"deviceBasedPush\"),\n\t\t\t\tpulumi.String(\"temporaryAccessPassOneTime\"),\n\t\t\t\tpulumi.String(\"federatedMultiFactor\"),\n\t\t\t\tpulumi.String(\"federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"hardwareOath,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"microsoftAuthenticatorPush,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"password,hardwareOath\"),\n\t\t\t\tpulumi.String(\"password,microsoftAuthenticatorPush\"),\n\t\t\t\tpulumi.String(\"password,sms\"),\n\t\t\t\tpulumi.String(\"password,softwareOath\"),\n\t\t\t\tpulumi.String(\"password,voice\"),\n\t\t\t\tpulumi.String(\"sms\"),\n\t\t\t\tpulumi.String(\"sms,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"softwareOath,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"temporaryAccessPassMultiUse\"),\n\t\t\t\tpulumi.String(\"voice,federatedSingleFactor\"),\n\t\t\t\tpulumi.String(\"windowsHelloForBusiness\"),\n\t\t\t\tpulumi.String(\"x509CertificateMultiFactor\"),\n\t\t\t\tpulumi.String(\"x509CertificateSingleFactor\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Policy for demo purposes with all possible combinations\"),\n\t\t\tDisplayName: pulumi.String(\"Example Authentication Strength Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AuthenticationStrengthPolicy;\nimport com.pulumi.azuread.AuthenticationStrengthPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthenticationStrengthPolicy(\"example\", AuthenticationStrengthPolicyArgs.builder() \n .allowedCombinations( \n \"fido2\",\n \"password\")\n .description(\"Policy for demo purposes\")\n .displayName(\"Example Authentication Strength Policy\")\n .build());\n\n var example2 = new AuthenticationStrengthPolicy(\"example2\", AuthenticationStrengthPolicyArgs.builder() \n .allowedCombinations( \n \"fido2\",\n \"password\",\n \"deviceBasedPush\",\n \"temporaryAccessPassOneTime\",\n \"federatedMultiFactor\",\n \"federatedSingleFactor\",\n \"hardwareOath,federatedSingleFactor\",\n \"microsoftAuthenticatorPush,federatedSingleFactor\",\n \"password,hardwareOath\",\n \"password,microsoftAuthenticatorPush\",\n \"password,sms\",\n \"password,softwareOath\",\n \"password,voice\",\n \"sms\",\n \"sms,federatedSingleFactor\",\n \"softwareOath,federatedSingleFactor\",\n \"temporaryAccessPassMultiUse\",\n \"voice,federatedSingleFactor\",\n \"windowsHelloForBusiness\",\n \"x509CertificateMultiFactor\",\n \"x509CertificateSingleFactor\")\n .description(\"Policy for demo purposes with all possible combinations\")\n .displayName(\"Example Authentication Strength Policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AuthenticationStrengthPolicy\n properties:\n allowedCombinations:\n - fido2\n - password\n description: Policy for demo purposes\n displayName: Example Authentication Strength Policy\n example2:\n type: azuread:AuthenticationStrengthPolicy\n properties:\n allowedCombinations:\n - fido2\n - password\n - deviceBasedPush\n - temporaryAccessPassOneTime\n - federatedMultiFactor\n - federatedSingleFactor\n - hardwareOath,federatedSingleFactor\n - microsoftAuthenticatorPush,federatedSingleFactor\n - password,hardwareOath\n - password,microsoftAuthenticatorPush\n - password,sms\n - password,softwareOath\n - password,voice\n - sms\n - sms,federatedSingleFactor\n - softwareOath,federatedSingleFactor\n - temporaryAccessPassMultiUse\n - voice,federatedSingleFactor\n - windowsHelloForBusiness\n - x509CertificateMultiFactor\n - x509CertificateSingleFactor\n description: Policy for demo purposes with all possible combinations\n displayName: Example Authentication Strength Policy\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAuthentication Strength Policies can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "allowedCombinations": { "type": "array", @@ -5532,7 +5532,7 @@ } }, "azuread:index/claimsMappingPolicy:ClaimsMappingPolicy": { - "description": "Manages a Claims Mapping Policy within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ApplicationConfiguration` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst myPolicy = new azuread.ClaimsMappingPolicy(\"myPolicy\", {\n definitions: [JSON.stringify({\n ClaimsMappingPolicy: {\n ClaimsSchema: [\n {\n ID: \"employeeid\",\n JwtClaimType: \"name\",\n SamlClaimType: \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n Source: \"user\",\n },\n {\n ID: \"tenantcountry\",\n JwtClaimType: \"country\",\n SamlClaimType: \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n Source: \"company\",\n },\n ],\n IncludeBasicClaimSet: \"true\",\n Version: 1,\n },\n })],\n displayName: \"My Policy\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_azuread as azuread\n\nmy_policy = azuread.ClaimsMappingPolicy(\"myPolicy\",\n definitions=[json.dumps({\n \"ClaimsMappingPolicy\": {\n \"ClaimsSchema\": [\n {\n \"ID\": \"employeeid\",\n \"JwtClaimType\": \"name\",\n \"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n \"Source\": \"user\",\n },\n {\n \"ID\": \"tenantcountry\",\n \"JwtClaimType\": \"country\",\n \"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n \"Source\": \"company\",\n },\n ],\n \"IncludeBasicClaimSet\": \"true\",\n \"Version\": 1,\n },\n })],\n display_name=\"My Policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myPolicy = new AzureAD.ClaimsMappingPolicy(\"myPolicy\", new()\n {\n Definitions = new[]\n {\n JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"ClaimsMappingPolicy\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ClaimsSchema\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ID\"] = \"employeeid\",\n [\"JwtClaimType\"] = \"name\",\n [\"SamlClaimType\"] = \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n [\"Source\"] = \"user\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ID\"] = \"tenantcountry\",\n [\"JwtClaimType\"] = \"country\",\n [\"SamlClaimType\"] = \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n [\"Source\"] = \"company\",\n },\n },\n [\"IncludeBasicClaimSet\"] = \"true\",\n [\"Version\"] = 1,\n },\n }),\n },\n DisplayName = \"My Policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"ClaimsMappingPolicy\": map[string]interface{}{\n\t\t\t\t\"ClaimsSchema\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ID\": \"employeeid\",\n\t\t\t\t\t\t\"JwtClaimType\": \"name\",\n\t\t\t\t\t\t\"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n\t\t\t\t\t\t\"Source\": \"user\",\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ID\": \"tenantcountry\",\n\t\t\t\t\t\t\"JwtClaimType\": \"country\",\n\t\t\t\t\t\t\"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n\t\t\t\t\t\t\"Source\": \"company\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"IncludeBasicClaimSet\": \"true\",\n\t\t\t\t\"Version\": 1,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = azuread.NewClaimsMappingPolicy(ctx, \"myPolicy\", \u0026azuread.ClaimsMappingPolicyArgs{\n\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\tpulumi.String(json0),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"My Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ClaimsMappingPolicy;\nimport com.pulumi.azuread.ClaimsMappingPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myPolicy = new ClaimsMappingPolicy(\"myPolicy\", ClaimsMappingPolicyArgs.builder() \n .definitions(serializeJson(\n jsonObject(\n jsonProperty(\"ClaimsMappingPolicy\", jsonObject(\n jsonProperty(\"ClaimsSchema\", jsonArray(\n jsonObject(\n jsonProperty(\"ID\", \"employeeid\"),\n jsonProperty(\"JwtClaimType\", \"name\"),\n jsonProperty(\"SamlClaimType\", \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\"),\n jsonProperty(\"Source\", \"user\")\n ), \n jsonObject(\n jsonProperty(\"ID\", \"tenantcountry\"),\n jsonProperty(\"JwtClaimType\", \"country\"),\n jsonProperty(\"SamlClaimType\", \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\"),\n jsonProperty(\"Source\", \"company\")\n )\n )),\n jsonProperty(\"IncludeBasicClaimSet\", \"true\"),\n jsonProperty(\"Version\", 1)\n ))\n )))\n .displayName(\"My Policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myPolicy:\n type: azuread:ClaimsMappingPolicy\n properties:\n definitions:\n - fn::toJSON:\n ClaimsMappingPolicy:\n ClaimsSchema:\n - ID: employeeid\n JwtClaimType: name\n SamlClaimType: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\n Source: user\n - ID: tenantcountry\n JwtClaimType: country\n SamlClaimType: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\n Source: company\n IncludeBasicClaimSet: 'true'\n Version: 1\n displayName: My Policy\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nClaims Mapping Policy can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a Claims Mapping Policy within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ApplicationConfiguration` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst myPolicy = new azuread.ClaimsMappingPolicy(\"myPolicy\", {\n definitions: [JSON.stringify({\n ClaimsMappingPolicy: {\n ClaimsSchema: [\n {\n ID: \"employeeid\",\n JwtClaimType: \"name\",\n SamlClaimType: \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n Source: \"user\",\n },\n {\n ID: \"tenantcountry\",\n JwtClaimType: \"country\",\n SamlClaimType: \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n Source: \"company\",\n },\n ],\n IncludeBasicClaimSet: \"true\",\n Version: 1,\n },\n })],\n displayName: \"My Policy\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_azuread as azuread\n\nmy_policy = azuread.ClaimsMappingPolicy(\"myPolicy\",\n definitions=[json.dumps({\n \"ClaimsMappingPolicy\": {\n \"ClaimsSchema\": [\n {\n \"ID\": \"employeeid\",\n \"JwtClaimType\": \"name\",\n \"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n \"Source\": \"user\",\n },\n {\n \"ID\": \"tenantcountry\",\n \"JwtClaimType\": \"country\",\n \"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n \"Source\": \"company\",\n },\n ],\n \"IncludeBasicClaimSet\": \"true\",\n \"Version\": 1,\n },\n })],\n display_name=\"My Policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myPolicy = new AzureAD.ClaimsMappingPolicy(\"myPolicy\", new()\n {\n Definitions = new[]\n {\n JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"ClaimsMappingPolicy\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ClaimsSchema\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ID\"] = \"employeeid\",\n [\"JwtClaimType\"] = \"name\",\n [\"SamlClaimType\"] = \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n [\"Source\"] = \"user\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ID\"] = \"tenantcountry\",\n [\"JwtClaimType\"] = \"country\",\n [\"SamlClaimType\"] = \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n [\"Source\"] = \"company\",\n },\n },\n [\"IncludeBasicClaimSet\"] = \"true\",\n [\"Version\"] = 1,\n },\n }),\n },\n DisplayName = \"My Policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"ClaimsMappingPolicy\": map[string]interface{}{\n\t\t\t\t\"ClaimsSchema\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ID\": \"employeeid\",\n\t\t\t\t\t\t\"JwtClaimType\": \"name\",\n\t\t\t\t\t\t\"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\n\t\t\t\t\t\t\"Source\": \"user\",\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ID\": \"tenantcountry\",\n\t\t\t\t\t\t\"JwtClaimType\": \"country\",\n\t\t\t\t\t\t\"SamlClaimType\": \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\",\n\t\t\t\t\t\t\"Source\": \"company\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"IncludeBasicClaimSet\": \"true\",\n\t\t\t\t\"Version\": 1,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = azuread.NewClaimsMappingPolicy(ctx, \"myPolicy\", \u0026azuread.ClaimsMappingPolicyArgs{\n\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\tpulumi.String(json0),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"My Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ClaimsMappingPolicy;\nimport com.pulumi.azuread.ClaimsMappingPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myPolicy = new ClaimsMappingPolicy(\"myPolicy\", ClaimsMappingPolicyArgs.builder() \n .definitions(serializeJson(\n jsonObject(\n jsonProperty(\"ClaimsMappingPolicy\", jsonObject(\n jsonProperty(\"ClaimsSchema\", jsonArray(\n jsonObject(\n jsonProperty(\"ID\", \"employeeid\"),\n jsonProperty(\"JwtClaimType\", \"name\"),\n jsonProperty(\"SamlClaimType\", \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\"),\n jsonProperty(\"Source\", \"user\")\n ), \n jsonObject(\n jsonProperty(\"ID\", \"tenantcountry\"),\n jsonProperty(\"JwtClaimType\", \"country\"),\n jsonProperty(\"SamlClaimType\", \"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\"),\n jsonProperty(\"Source\", \"company\")\n )\n )),\n jsonProperty(\"IncludeBasicClaimSet\", \"true\"),\n jsonProperty(\"Version\", 1)\n ))\n )))\n .displayName(\"My Policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myPolicy:\n type: azuread:ClaimsMappingPolicy\n properties:\n definitions:\n - fn::toJSON:\n ClaimsMappingPolicy:\n ClaimsSchema:\n - ID: employeeid\n JwtClaimType: name\n SamlClaimType: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\n Source: user\n - ID: tenantcountry\n JwtClaimType: country\n SamlClaimType: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country\n Source: company\n IncludeBasicClaimSet: 'true'\n Version: 1\n displayName: My Policy\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nClaims Mapping Policy can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "definitions": { "type": "array", @@ -5586,7 +5586,7 @@ } }, "azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy": { - "description": "Manages a Conditional Access Policy within Azure Active Directory.\n\n\u003e **Licensing Requirements** Specifying `client_applications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access).\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### All users except guests or external users\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n conditions: {\n applications: {\n excludedApplications: [],\n includedApplications: [\"All\"],\n },\n clientAppTypes: [\"all\"],\n devices: {\n filter: {\n mode: \"exclude\",\n rule: \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n locations: {\n excludedLocations: [\"AllTrusted\"],\n includedLocations: [\"All\"],\n },\n platforms: {\n excludedPlatforms: [\"iOS\"],\n includedPlatforms: [\"android\"],\n },\n signInRiskLevels: [\"medium\"],\n userRiskLevels: [\"medium\"],\n users: {\n excludedUsers: [\"GuestsOrExternalUsers\"],\n includedUsers: [\"All\"],\n },\n },\n displayName: \"example policy\",\n grantControls: {\n builtInControls: [\"mfa\"],\n operator: \"OR\",\n },\n sessionControls: {\n applicationEnforcedRestrictionsEnabled: true,\n cloudAppSecurityPolicy: \"monitorOnly\",\n disableResilienceDefaults: false,\n signInFrequency: 10,\n signInFrequencyPeriod: \"hours\",\n },\n state: \"disabled\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ConditionalAccessPolicy(\"example\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n excluded_applications=[],\n included_applications=[\"All\"],\n ),\n client_app_types=[\"all\"],\n devices=azuread.ConditionalAccessPolicyConditionsDevicesArgs(\n filter=azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs(\n mode=\"exclude\",\n rule=\"device.operatingSystem eq \\\"Doors\\\"\",\n ),\n ),\n locations=azuread.ConditionalAccessPolicyConditionsLocationsArgs(\n excluded_locations=[\"AllTrusted\"],\n included_locations=[\"All\"],\n ),\n platforms=azuread.ConditionalAccessPolicyConditionsPlatformsArgs(\n excluded_platforms=[\"iOS\"],\n included_platforms=[\"android\"],\n ),\n sign_in_risk_levels=[\"medium\"],\n user_risk_levels=[\"medium\"],\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n excluded_users=[\"GuestsOrExternalUsers\"],\n included_users=[\"All\"],\n ),\n ),\n display_name=\"example policy\",\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n built_in_controls=[\"mfa\"],\n operator=\"OR\",\n ),\n session_controls=azuread.ConditionalAccessPolicySessionControlsArgs(\n application_enforced_restrictions_enabled=True,\n cloud_app_security_policy=\"monitorOnly\",\n disable_resilience_defaults=False,\n sign_in_frequency=10,\n sign_in_frequency_period=\"hours\",\n ),\n state=\"disabled\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n ExcludedApplications = new() { },\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Devices = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesArgs\n {\n Filter = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs\n {\n Mode = \"exclude\",\n Rule = \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n Locations = new AzureAD.Inputs.ConditionalAccessPolicyConditionsLocationsArgs\n {\n ExcludedLocations = new[]\n {\n \"AllTrusted\",\n },\n IncludedLocations = new[]\n {\n \"All\",\n },\n },\n Platforms = new AzureAD.Inputs.ConditionalAccessPolicyConditionsPlatformsArgs\n {\n ExcludedPlatforms = new[]\n {\n \"iOS\",\n },\n IncludedPlatforms = new[]\n {\n \"android\",\n },\n },\n SignInRiskLevels = new[]\n {\n \"medium\",\n },\n UserRiskLevels = new[]\n {\n \"medium\",\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n ExcludedUsers = new[]\n {\n \"GuestsOrExternalUsers\",\n },\n IncludedUsers = new[]\n {\n \"All\",\n },\n },\n },\n DisplayName = \"example policy\",\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n BuiltInControls = new[]\n {\n \"mfa\",\n },\n Operator = \"OR\",\n },\n SessionControls = new AzureAD.Inputs.ConditionalAccessPolicySessionControlsArgs\n {\n ApplicationEnforcedRestrictionsEnabled = true,\n CloudAppSecurityPolicy = \"monitorOnly\",\n DisableResilienceDefaults = false,\n SignInFrequency = 10,\n SignInFrequencyPeriod = \"hours\",\n },\n State = \"disabled\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tExcludedApplications: pulumi.StringArray{},\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tDevices: \u0026azuread.ConditionalAccessPolicyConditionsDevicesArgs{\n\t\t\t\t\tFilter: \u0026azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs{\n\t\t\t\t\t\tMode: pulumi.String(\"exclude\"),\n\t\t\t\t\t\tRule: pulumi.String(\"device.operatingSystem eq \\\"Doors\\\"\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLocations: \u0026azuread.ConditionalAccessPolicyConditionsLocationsArgs{\n\t\t\t\t\tExcludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AllTrusted\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tPlatforms: \u0026azuread.ConditionalAccessPolicyConditionsPlatformsArgs{\n\t\t\t\t\tExcludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"iOS\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"android\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSignInRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUserRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tExcludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GuestsOrExternalUsers\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"mfa\"),\n\t\t\t\t},\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t},\n\t\t\tSessionControls: \u0026azuread.ConditionalAccessPolicySessionControlsArgs{\n\t\t\t\tApplicationEnforcedRestrictionsEnabled: pulumi.Bool(true),\n\t\t\t\tCloudAppSecurityPolicy: pulumi.String(\"monitorOnly\"),\n\t\t\t\tDisableResilienceDefaults: pulumi.Bool(false),\n\t\t\t\tSignInFrequency: pulumi.Int(10),\n\t\t\t\tSignInFrequencyPeriod: pulumi.String(\"hours\"),\n\t\t\t},\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsLocationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsPlatformsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicySessionControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .excludedApplications()\n .includedApplications(\"All\")\n .build())\n .clientAppTypes(\"all\")\n .devices(ConditionalAccessPolicyConditionsDevicesArgs.builder()\n .filter(ConditionalAccessPolicyConditionsDevicesFilterArgs.builder()\n .mode(\"exclude\")\n .rule(\"device.operatingSystem eq \\\"Doors\\\"\")\n .build())\n .build())\n .locations(ConditionalAccessPolicyConditionsLocationsArgs.builder()\n .excludedLocations(\"AllTrusted\")\n .includedLocations(\"All\")\n .build())\n .platforms(ConditionalAccessPolicyConditionsPlatformsArgs.builder()\n .excludedPlatforms(\"iOS\")\n .includedPlatforms(\"android\")\n .build())\n .signInRiskLevels(\"medium\")\n .userRiskLevels(\"medium\")\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .excludedUsers(\"GuestsOrExternalUsers\")\n .includedUsers(\"All\")\n .build())\n .build())\n .displayName(\"example policy\")\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .builtInControls(\"mfa\")\n .operator(\"OR\")\n .build())\n .sessionControls(ConditionalAccessPolicySessionControlsArgs.builder()\n .applicationEnforcedRestrictionsEnabled(true)\n .cloudAppSecurityPolicy(\"monitorOnly\")\n .disableResilienceDefaults(false)\n .signInFrequency(10)\n .signInFrequencyPeriod(\"hours\")\n .build())\n .state(\"disabled\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n conditions:\n applications:\n excludedApplications: []\n includedApplications:\n - All\n clientAppTypes:\n - all\n devices:\n filter:\n mode: exclude\n rule: device.operatingSystem eq \"Doors\"\n locations:\n excludedLocations:\n - AllTrusted\n includedLocations:\n - All\n platforms:\n excludedPlatforms:\n - iOS\n includedPlatforms:\n - android\n signInRiskLevels:\n - medium\n userRiskLevels:\n - medium\n users:\n excludedUsers:\n - GuestsOrExternalUsers\n includedUsers:\n - All\n displayName: example policy\n grantControls:\n builtInControls:\n - mfa\n operator: OR\n sessionControls:\n applicationEnforcedRestrictionsEnabled: true\n cloudAppSecurityPolicy: monitorOnly\n disableResilienceDefaults: false\n signInFrequency: 10\n signInFrequencyPeriod: hours\n state: disabled\n```\n{{% /example %}}\n{{% example %}}\n### Included client applications / service principals\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [current.then(current =\u003e current.objectId)],\n excludedServicePrincipals: [],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n client_app_types=[\"all\"],\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n included_applications=[\"All\"],\n ),\n client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs(\n included_service_principals=[current.object_id],\n excluded_service_principals=[],\n ),\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n included_users=[\"None\"],\n ),\n ),\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n operator=\"OR\",\n built_in_controls=[\"block\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n ExcludedServicePrincipals = new() { },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .excludedServicePrincipals()\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ${current.objectId}\n excludedServicePrincipals: []\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% example %}}\n### Excluded client applications / service principals\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [\"ServicePrincipalsInMyTenant\"],\n excludedServicePrincipals: [current.then(current =\u003e current.objectId)],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n client_app_types=[\"all\"],\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n included_applications=[\"All\"],\n ),\n client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs(\n included_service_principals=[\"ServicePrincipalsInMyTenant\"],\n excluded_service_principals=[current.object_id],\n ),\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n included_users=[\"None\"],\n ),\n ),\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n operator=\"OR\",\n built_in_controls=[\"block\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n \"ServicePrincipalsInMyTenant\",\n },\n ExcludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ServicePrincipalsInMyTenant\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(\"ServicePrincipalsInMyTenant\")\n .excludedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ServicePrincipalsInMyTenant\n excludedServicePrincipals:\n - ${current.objectId}\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nConditional Access Policies can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a Conditional Access Policy within Azure Active Directory.\n\n\u003e **Licensing Requirements** Specifying `client_applications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access).\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### All users except guests or external users\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n conditions: {\n applications: {\n excludedApplications: [],\n includedApplications: [\"All\"],\n },\n clientAppTypes: [\"all\"],\n devices: {\n filter: {\n mode: \"exclude\",\n rule: \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n locations: {\n excludedLocations: [\"AllTrusted\"],\n includedLocations: [\"All\"],\n },\n platforms: {\n excludedPlatforms: [\"iOS\"],\n includedPlatforms: [\"android\"],\n },\n signInRiskLevels: [\"medium\"],\n userRiskLevels: [\"medium\"],\n users: {\n excludedUsers: [\"GuestsOrExternalUsers\"],\n includedUsers: [\"All\"],\n },\n },\n displayName: \"example policy\",\n grantControls: {\n builtInControls: [\"mfa\"],\n operator: \"OR\",\n },\n sessionControls: {\n applicationEnforcedRestrictionsEnabled: true,\n cloudAppSecurityPolicy: \"monitorOnly\",\n disableResilienceDefaults: false,\n signInFrequency: 10,\n signInFrequencyPeriod: \"hours\",\n },\n state: \"disabled\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ConditionalAccessPolicy(\"example\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n excluded_applications=[],\n included_applications=[\"All\"],\n ),\n client_app_types=[\"all\"],\n devices=azuread.ConditionalAccessPolicyConditionsDevicesArgs(\n filter=azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs(\n mode=\"exclude\",\n rule=\"device.operatingSystem eq \\\"Doors\\\"\",\n ),\n ),\n locations=azuread.ConditionalAccessPolicyConditionsLocationsArgs(\n excluded_locations=[\"AllTrusted\"],\n included_locations=[\"All\"],\n ),\n platforms=azuread.ConditionalAccessPolicyConditionsPlatformsArgs(\n excluded_platforms=[\"iOS\"],\n included_platforms=[\"android\"],\n ),\n sign_in_risk_levels=[\"medium\"],\n user_risk_levels=[\"medium\"],\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n excluded_users=[\"GuestsOrExternalUsers\"],\n included_users=[\"All\"],\n ),\n ),\n display_name=\"example policy\",\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n built_in_controls=[\"mfa\"],\n operator=\"OR\",\n ),\n session_controls=azuread.ConditionalAccessPolicySessionControlsArgs(\n application_enforced_restrictions_enabled=True,\n cloud_app_security_policy=\"monitorOnly\",\n disable_resilience_defaults=False,\n sign_in_frequency=10,\n sign_in_frequency_period=\"hours\",\n ),\n state=\"disabled\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n ExcludedApplications = new() { },\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Devices = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesArgs\n {\n Filter = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs\n {\n Mode = \"exclude\",\n Rule = \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n Locations = new AzureAD.Inputs.ConditionalAccessPolicyConditionsLocationsArgs\n {\n ExcludedLocations = new[]\n {\n \"AllTrusted\",\n },\n IncludedLocations = new[]\n {\n \"All\",\n },\n },\n Platforms = new AzureAD.Inputs.ConditionalAccessPolicyConditionsPlatformsArgs\n {\n ExcludedPlatforms = new[]\n {\n \"iOS\",\n },\n IncludedPlatforms = new[]\n {\n \"android\",\n },\n },\n SignInRiskLevels = new[]\n {\n \"medium\",\n },\n UserRiskLevels = new[]\n {\n \"medium\",\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n ExcludedUsers = new[]\n {\n \"GuestsOrExternalUsers\",\n },\n IncludedUsers = new[]\n {\n \"All\",\n },\n },\n },\n DisplayName = \"example policy\",\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n BuiltInControls = new[]\n {\n \"mfa\",\n },\n Operator = \"OR\",\n },\n SessionControls = new AzureAD.Inputs.ConditionalAccessPolicySessionControlsArgs\n {\n ApplicationEnforcedRestrictionsEnabled = true,\n CloudAppSecurityPolicy = \"monitorOnly\",\n DisableResilienceDefaults = false,\n SignInFrequency = 10,\n SignInFrequencyPeriod = \"hours\",\n },\n State = \"disabled\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tExcludedApplications: pulumi.StringArray{},\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tDevices: \u0026azuread.ConditionalAccessPolicyConditionsDevicesArgs{\n\t\t\t\t\tFilter: \u0026azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs{\n\t\t\t\t\t\tMode: pulumi.String(\"exclude\"),\n\t\t\t\t\t\tRule: pulumi.String(\"device.operatingSystem eq \\\"Doors\\\"\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLocations: \u0026azuread.ConditionalAccessPolicyConditionsLocationsArgs{\n\t\t\t\t\tExcludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AllTrusted\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tPlatforms: \u0026azuread.ConditionalAccessPolicyConditionsPlatformsArgs{\n\t\t\t\t\tExcludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"iOS\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"android\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSignInRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUserRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tExcludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GuestsOrExternalUsers\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"mfa\"),\n\t\t\t\t},\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t},\n\t\t\tSessionControls: \u0026azuread.ConditionalAccessPolicySessionControlsArgs{\n\t\t\t\tApplicationEnforcedRestrictionsEnabled: pulumi.Bool(true),\n\t\t\t\tCloudAppSecurityPolicy: pulumi.String(\"monitorOnly\"),\n\t\t\t\tDisableResilienceDefaults: pulumi.Bool(false),\n\t\t\t\tSignInFrequency: pulumi.Int(10),\n\t\t\t\tSignInFrequencyPeriod: pulumi.String(\"hours\"),\n\t\t\t},\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsLocationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsPlatformsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicySessionControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .excludedApplications()\n .includedApplications(\"All\")\n .build())\n .clientAppTypes(\"all\")\n .devices(ConditionalAccessPolicyConditionsDevicesArgs.builder()\n .filter(ConditionalAccessPolicyConditionsDevicesFilterArgs.builder()\n .mode(\"exclude\")\n .rule(\"device.operatingSystem eq \\\"Doors\\\"\")\n .build())\n .build())\n .locations(ConditionalAccessPolicyConditionsLocationsArgs.builder()\n .excludedLocations(\"AllTrusted\")\n .includedLocations(\"All\")\n .build())\n .platforms(ConditionalAccessPolicyConditionsPlatformsArgs.builder()\n .excludedPlatforms(\"iOS\")\n .includedPlatforms(\"android\")\n .build())\n .signInRiskLevels(\"medium\")\n .userRiskLevels(\"medium\")\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .excludedUsers(\"GuestsOrExternalUsers\")\n .includedUsers(\"All\")\n .build())\n .build())\n .displayName(\"example policy\")\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .builtInControls(\"mfa\")\n .operator(\"OR\")\n .build())\n .sessionControls(ConditionalAccessPolicySessionControlsArgs.builder()\n .applicationEnforcedRestrictionsEnabled(true)\n .cloudAppSecurityPolicy(\"monitorOnly\")\n .disableResilienceDefaults(false)\n .signInFrequency(10)\n .signInFrequencyPeriod(\"hours\")\n .build())\n .state(\"disabled\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n conditions:\n applications:\n excludedApplications: []\n includedApplications:\n - All\n clientAppTypes:\n - all\n devices:\n filter:\n mode: exclude\n rule: device.operatingSystem eq \"Doors\"\n locations:\n excludedLocations:\n - AllTrusted\n includedLocations:\n - All\n platforms:\n excludedPlatforms:\n - iOS\n includedPlatforms:\n - android\n signInRiskLevels:\n - medium\n userRiskLevels:\n - medium\n users:\n excludedUsers:\n - GuestsOrExternalUsers\n includedUsers:\n - All\n displayName: example policy\n grantControls:\n builtInControls:\n - mfa\n operator: OR\n sessionControls:\n applicationEnforcedRestrictionsEnabled: true\n cloudAppSecurityPolicy: monitorOnly\n disableResilienceDefaults: false\n signInFrequency: 10\n signInFrequencyPeriod: hours\n state: disabled\n```\n{{% /example %}}\n{{% example %}}\n### Included client applications / service principals\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [current.then(current =\u003e current.objectId)],\n excludedServicePrincipals: [],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n client_app_types=[\"all\"],\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n included_applications=[\"All\"],\n ),\n client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs(\n included_service_principals=[current.object_id],\n excluded_service_principals=[],\n ),\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n included_users=[\"None\"],\n ),\n ),\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n operator=\"OR\",\n built_in_controls=[\"block\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n ExcludedServicePrincipals = new() { },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .excludedServicePrincipals()\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ${current.objectId}\n excludedServicePrincipals: []\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% example %}}\n### Excluded client applications / service principals\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [\"ServicePrincipalsInMyTenant\"],\n excludedServicePrincipals: [current.then(current =\u003e current.objectId)],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n client_app_types=[\"all\"],\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n included_applications=[\"All\"],\n ),\n client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs(\n included_service_principals=[\"ServicePrincipalsInMyTenant\"],\n excluded_service_principals=[current.object_id],\n ),\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n included_users=[\"None\"],\n ),\n ),\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n operator=\"OR\",\n built_in_controls=[\"block\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n \"ServicePrincipalsInMyTenant\",\n },\n ExcludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ServicePrincipalsInMyTenant\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(\"ServicePrincipalsInMyTenant\")\n .excludedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ServicePrincipalsInMyTenant\n excludedServicePrincipals:\n - ${current.objectId}\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nConditional Access Policies can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "conditions": { "$ref": "#/types/azuread:index/ConditionalAccessPolicyConditions:ConditionalAccessPolicyConditions", @@ -5669,7 +5669,7 @@ } }, "azuread:index/customDirectoryRole:CustomDirectoryRole": { - "description": "Manages a Custom Directory Role within Azure Active Directory.\n\nThis resource is for managing custom directory roles. For management of built-in roles, see the azuread.DirectoryRole resource.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.CustomDirectoryRole(\"example\", {\n description: \"Allows reading applications and updating groups\",\n displayName: \"My Custom Role\",\n enabled: true,\n permissions: [\n {\n allowedResourceActions: [\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\",\n ],\n },\n {\n allowedResourceActions: [\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\",\n ],\n },\n ],\n version: \"1.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.CustomDirectoryRole(\"example\",\n description=\"Allows reading applications and updating groups\",\n display_name=\"My Custom Role\",\n enabled=True,\n permissions=[\n azuread.CustomDirectoryRolePermissionArgs(\n allowed_resource_actions=[\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\",\n ],\n ),\n azuread.CustomDirectoryRolePermissionArgs(\n allowed_resource_actions=[\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\",\n ],\n ),\n ],\n version=\"1.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.CustomDirectoryRole(\"example\", new()\n {\n Description = \"Allows reading applications and updating groups\",\n DisplayName = \"My Custom Role\",\n Enabled = true,\n Permissions = new[]\n {\n new AzureAD.Inputs.CustomDirectoryRolePermissionArgs\n {\n AllowedResourceActions = new[]\n {\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\",\n },\n },\n new AzureAD.Inputs.CustomDirectoryRolePermissionArgs\n {\n AllowedResourceActions = new[]\n {\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\",\n },\n },\n },\n Version = \"1.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewCustomDirectoryRole(ctx, \"example\", \u0026azuread.CustomDirectoryRoleArgs{\n\t\t\tDescription: pulumi.String(\"Allows reading applications and updating groups\"),\n\t\t\tDisplayName: pulumi.String(\"My Custom Role\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tPermissions: azuread.CustomDirectoryRolePermissionArray{\n\t\t\t\t\u0026azuread.CustomDirectoryRolePermissionArgs{\n\t\t\t\t\tAllowedResourceActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/basic/update\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/create\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/standard/read\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026azuread.CustomDirectoryRolePermissionArgs{\n\t\t\t\t\tAllowedResourceActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/allProperties/read\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/allProperties/read\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/basic/update\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/create\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/delete\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.CustomDirectoryRole;\nimport com.pulumi.azuread.CustomDirectoryRoleArgs;\nimport com.pulumi.azuread.inputs.CustomDirectoryRolePermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomDirectoryRole(\"example\", CustomDirectoryRoleArgs.builder() \n .description(\"Allows reading applications and updating groups\")\n .displayName(\"My Custom Role\")\n .enabled(true)\n .permissions( \n CustomDirectoryRolePermissionArgs.builder()\n .allowedResourceActions( \n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\")\n .build(),\n CustomDirectoryRolePermissionArgs.builder()\n .allowedResourceActions( \n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\")\n .build())\n .version(\"1.0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:CustomDirectoryRole\n properties:\n description: Allows reading applications and updating groups\n displayName: My Custom Role\n enabled: true\n permissions:\n - allowedResourceActions:\n - microsoft.directory/applications/basic/update\n - microsoft.directory/applications/create\n - microsoft.directory/applications/standard/read\n - allowedResourceActions:\n - microsoft.directory/groups/allProperties/read\n - microsoft.directory/groups/allProperties/read\n - microsoft.directory/groups/basic/update\n - microsoft.directory/groups/create\n - microsoft.directory/groups/delete\n version: '1.0'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", + "description": "Manages a Custom Directory Role within Azure Active Directory.\n\nThis resource is for managing custom directory roles. For management of built-in roles, see the azuread.DirectoryRole resource.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.CustomDirectoryRole(\"example\", {\n description: \"Allows reading applications and updating groups\",\n displayName: \"My Custom Role\",\n enabled: true,\n permissions: [\n {\n allowedResourceActions: [\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\",\n ],\n },\n {\n allowedResourceActions: [\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\",\n ],\n },\n ],\n version: \"1.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.CustomDirectoryRole(\"example\",\n description=\"Allows reading applications and updating groups\",\n display_name=\"My Custom Role\",\n enabled=True,\n permissions=[\n azuread.CustomDirectoryRolePermissionArgs(\n allowed_resource_actions=[\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\",\n ],\n ),\n azuread.CustomDirectoryRolePermissionArgs(\n allowed_resource_actions=[\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\",\n ],\n ),\n ],\n version=\"1.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.CustomDirectoryRole(\"example\", new()\n {\n Description = \"Allows reading applications and updating groups\",\n DisplayName = \"My Custom Role\",\n Enabled = true,\n Permissions = new[]\n {\n new AzureAD.Inputs.CustomDirectoryRolePermissionArgs\n {\n AllowedResourceActions = new[]\n {\n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\",\n },\n },\n new AzureAD.Inputs.CustomDirectoryRolePermissionArgs\n {\n AllowedResourceActions = new[]\n {\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\",\n },\n },\n },\n Version = \"1.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewCustomDirectoryRole(ctx, \"example\", \u0026azuread.CustomDirectoryRoleArgs{\n\t\t\tDescription: pulumi.String(\"Allows reading applications and updating groups\"),\n\t\t\tDisplayName: pulumi.String(\"My Custom Role\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tPermissions: azuread.CustomDirectoryRolePermissionArray{\n\t\t\t\t\u0026azuread.CustomDirectoryRolePermissionArgs{\n\t\t\t\t\tAllowedResourceActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/basic/update\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/create\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/applications/standard/read\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026azuread.CustomDirectoryRolePermissionArgs{\n\t\t\t\t\tAllowedResourceActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/allProperties/read\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/allProperties/read\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/basic/update\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/create\"),\n\t\t\t\t\t\tpulumi.String(\"microsoft.directory/groups/delete\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.CustomDirectoryRole;\nimport com.pulumi.azuread.CustomDirectoryRoleArgs;\nimport com.pulumi.azuread.inputs.CustomDirectoryRolePermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomDirectoryRole(\"example\", CustomDirectoryRoleArgs.builder() \n .description(\"Allows reading applications and updating groups\")\n .displayName(\"My Custom Role\")\n .enabled(true)\n .permissions( \n CustomDirectoryRolePermissionArgs.builder()\n .allowedResourceActions( \n \"microsoft.directory/applications/basic/update\",\n \"microsoft.directory/applications/create\",\n \"microsoft.directory/applications/standard/read\")\n .build(),\n CustomDirectoryRolePermissionArgs.builder()\n .allowedResourceActions( \n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/allProperties/read\",\n \"microsoft.directory/groups/basic/update\",\n \"microsoft.directory/groups/create\",\n \"microsoft.directory/groups/delete\")\n .build())\n .version(\"1.0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:CustomDirectoryRole\n properties:\n description: Allows reading applications and updating groups\n displayName: My Custom Role\n enabled: true\n permissions:\n - allowedResourceActions:\n - microsoft.directory/applications/basic/update\n - microsoft.directory/applications/create\n - microsoft.directory/applications/standard/read\n - allowedResourceActions:\n - microsoft.directory/groups/allProperties/read\n - microsoft.directory/groups/allProperties/read\n - microsoft.directory/groups/basic/update\n - microsoft.directory/groups/create\n - microsoft.directory/groups/delete\n version: '1.0'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing.\n\n ", "properties": { "description": { "type": "string", @@ -5787,7 +5787,7 @@ } }, "azuread:index/directoryRole:DirectoryRole": { - "description": "Manages a Directory Role within Azure Active Directory. Directory Roles are also known as Administrator Roles.\n\nDirectory Roles are built-in to Azure Active Directory and are immutable. However, by default they are not activated in a tenant (except for the Global Administrator role). This resource ensures a directory role is activated from its associated role template, and exports the object ID of the role, so that role assignments can be made for it.\n\nOnce activated, directory roles cannot be deactivated and so this resource does not perform any actions on destroy.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Activate a directory role by its template ID*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.DirectoryRole(\"example\", {templateId: \"00000000-0000-0000-0000-000000000000\"});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.DirectoryRole(\"example\", template_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.DirectoryRole(\"example\", new()\n {\n TemplateId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tTemplateId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DirectoryRole(\"example\", DirectoryRoleArgs.builder() \n .templateId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:DirectoryRole\n properties:\n templateId: 00000000-0000-0000-0000-000000000000\n```\n\n*Activate a directory role by display name*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.DirectoryRole(\"example\", {displayName: \"Printer administrator\"});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.DirectoryRole(\"example\", display_name=\"Printer administrator\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Printer administrator\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Printer administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DirectoryRole(\"example\", DirectoryRoleArgs.builder() \n .displayName(\"Printer administrator\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:DirectoryRole\n properties:\n displayName: Printer administrator\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", + "description": "Manages a Directory Role within Azure Active Directory. Directory Roles are also known as Administrator Roles.\n\nDirectory Roles are built-in to Azure Active Directory and are immutable. However, by default they are not activated in a tenant (except for the Global Administrator role). This resource ensures a directory role is activated from its associated role template, and exports the object ID of the role, so that role assignments can be made for it.\n\nOnce activated, directory roles cannot be deactivated and so this resource does not perform any actions on destroy.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Activate a directory role by its template ID*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.DirectoryRole(\"example\", {templateId: \"00000000-0000-0000-0000-000000000000\"});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.DirectoryRole(\"example\", template_id=\"00000000-0000-0000-0000-000000000000\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.DirectoryRole(\"example\", new()\n {\n TemplateId = \"00000000-0000-0000-0000-000000000000\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tTemplateId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DirectoryRole(\"example\", DirectoryRoleArgs.builder() \n .templateId(\"00000000-0000-0000-0000-000000000000\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:DirectoryRole\n properties:\n templateId: 00000000-0000-0000-0000-000000000000\n```\n\n*Activate a directory role by display name*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.DirectoryRole(\"example\", {displayName: \"Printer administrator\"});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.DirectoryRole(\"example\", display_name=\"Printer administrator\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.DirectoryRole(\"example\", new()\n {\n DisplayName = \"Printer administrator\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewDirectoryRole(ctx, \"example\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Printer administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DirectoryRole(\"example\", DirectoryRoleArgs.builder() \n .displayName(\"Printer administrator\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:DirectoryRole\n properties:\n displayName: Printer administrator\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing.\n\n ", "properties": { "description": { "type": "string", @@ -5850,7 +5850,7 @@ } }, "azuread:index/directoryRoleAssignment:DirectoryRoleAssignment": { - "description": "Manages a single directory role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n\n## Import\n\nDirectory role assignments can be imported using the ID of the assignment, e.g.\n\n```sh\n $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1\n```\n\n ", + "description": "Manages a single directory role assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n\n## Import\n\nDirectory role assignments can be imported using the ID of the assignment, e.g.\n\n ```sh\n $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1\n```\n\n ", "properties": { "appScopeId": { "type": "string", @@ -5962,7 +5962,7 @@ } }, "azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest": { - "description": "Manages a single directory role eligibility schedule request within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nThe calling principal requires one of the following application roles: `RoleEligibilitySchedule.ReadWrite.Directory` or `RoleManagement.ReadWrite.Directory`.\n\nThe calling principal requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"exampleDirectoryRole\", {displayName: \"Application Administrator\"});\nconst exampleDirectoryRoleEligibilityScheduleRequest = new azuread.DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", {\n roleDefinitionId: exampleDirectoryRole.templateId,\n principalId: azuread_user.example.object_id,\n directoryScopeId: \"/\",\n justification: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"exampleDirectoryRole\", display_name=\"Application Administrator\")\nexample_directory_role_eligibility_schedule_request = azuread.DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\",\n role_definition_id=example_directory_role.template_id,\n principal_id=azuread_user[\"example\"][\"object_id\"],\n directory_scope_id=\"/\",\n justification=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"exampleDirectoryRole\", new()\n {\n DisplayName = \"Application Administrator\",\n });\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new AzureAD.DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", new()\n {\n RoleDefinitionId = exampleDirectoryRole.TemplateId,\n PrincipalId = azuread_user.Example.Object_id,\n DirectoryScopeId = \"/\",\n Justification = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"exampleDirectoryRole\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Application Administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleEligibilityScheduleRequest(ctx, \"exampleDirectoryRoleEligibilityScheduleRequest\", \u0026azuread.DirectoryRoleEligibilityScheduleRequestArgs{\n\t\t\tRoleDefinitionId: exampleDirectoryRole.TemplateId,\n\t\t\tPrincipalId: pulumi.Any(azuread_user.Example.Object_id),\n\t\t\tDirectoryScopeId: pulumi.String(\"/\"),\n\t\t\tJustification: pulumi.String(\"Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequest;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequestArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder() \n .displayName(\"Application Administrator\")\n .build());\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", DirectoryRoleEligibilityScheduleRequestArgs.builder() \n .roleDefinitionId(exampleDirectoryRole.templateId())\n .principalId(azuread_user.example().object_id())\n .directoryScopeId(\"/\")\n .justification(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n properties:\n displayName: Application Administrator\n exampleDirectoryRoleEligibilityScheduleRequest:\n type: azuread:DirectoryRoleEligibilityScheduleRequest\n properties:\n roleDefinitionId: ${exampleDirectoryRole.templateId}\n principalId: ${azuread_user.example.object_id}\n directoryScopeId: /\n justification: Example\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\n\u003e Note the use of the `template_id` attribute when referencing built-in roles.\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDirectory role eligibility schedule requests can be imported using the ID of the assignment, e.g.\n\n```sh\n $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522\n```\n\n ", + "description": "Manages a single directory role eligibility schedule request within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nThe calling principal requires one of the following application roles: `RoleEligibilitySchedule.ReadWrite.Directory` or `RoleManagement.ReadWrite.Directory`.\n\nThe calling principal requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"exampleDirectoryRole\", {displayName: \"Application Administrator\"});\nconst exampleDirectoryRoleEligibilityScheduleRequest = new azuread.DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", {\n roleDefinitionId: exampleDirectoryRole.templateId,\n principalId: azuread_user.example.object_id,\n directoryScopeId: \"/\",\n justification: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"exampleDirectoryRole\", display_name=\"Application Administrator\")\nexample_directory_role_eligibility_schedule_request = azuread.DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\",\n role_definition_id=example_directory_role.template_id,\n principal_id=azuread_user[\"example\"][\"object_id\"],\n directory_scope_id=\"/\",\n justification=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"exampleDirectoryRole\", new()\n {\n DisplayName = \"Application Administrator\",\n });\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new AzureAD.DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", new()\n {\n RoleDefinitionId = exampleDirectoryRole.TemplateId,\n PrincipalId = azuread_user.Example.Object_id,\n DirectoryScopeId = \"/\",\n Justification = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"exampleDirectoryRole\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Application Administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleEligibilityScheduleRequest(ctx, \"exampleDirectoryRoleEligibilityScheduleRequest\", \u0026azuread.DirectoryRoleEligibilityScheduleRequestArgs{\n\t\t\tRoleDefinitionId: exampleDirectoryRole.TemplateId,\n\t\t\tPrincipalId: pulumi.Any(azuread_user.Example.Object_id),\n\t\t\tDirectoryScopeId: pulumi.String(\"/\"),\n\t\t\tJustification: pulumi.String(\"Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequest;\nimport com.pulumi.azuread.DirectoryRoleEligibilityScheduleRequestArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder() \n .displayName(\"Application Administrator\")\n .build());\n\n var exampleDirectoryRoleEligibilityScheduleRequest = new DirectoryRoleEligibilityScheduleRequest(\"exampleDirectoryRoleEligibilityScheduleRequest\", DirectoryRoleEligibilityScheduleRequestArgs.builder() \n .roleDefinitionId(exampleDirectoryRole.templateId())\n .principalId(azuread_user.example().object_id())\n .directoryScopeId(\"/\")\n .justification(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n properties:\n displayName: Application Administrator\n exampleDirectoryRoleEligibilityScheduleRequest:\n type: azuread:DirectoryRoleEligibilityScheduleRequest\n properties:\n roleDefinitionId: ${exampleDirectoryRole.templateId}\n principalId: ${azuread_user.example.object_id}\n directoryScopeId: /\n justification: Example\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n\n\u003e Note the use of the `template_id` attribute when referencing built-in roles.\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDirectory role eligibility schedule requests can be imported using the ID of the assignment, e.g.\n\n ```sh\n $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522\n```\n\n ", "properties": { "directoryScopeId": { "type": "string", @@ -6043,7 +6043,7 @@ } }, "azuread:index/directoryRoleMember:DirectoryRoleMember": { - "description": "Manages a single directory role membership (assignment) within Azure Active Directory.\n\n\u003e **Deprecation Warning:** This resource has been superseded by the azuread.DirectoryRoleAssignment resource and will be removed in version 3.0 of the AzureAD provider\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"exampleDirectoryRole\", {displayName: \"Security administrator\"});\nconst exampleDirectoryRoleMember = new azuread.DirectoryRoleMember(\"exampleDirectoryRoleMember\", {\n roleObjectId: exampleDirectoryRole.objectId,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"exampleDirectoryRole\", display_name=\"Security administrator\")\nexample_directory_role_member = azuread.DirectoryRoleMember(\"exampleDirectoryRoleMember\",\n role_object_id=example_directory_role.object_id,\n member_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"exampleDirectoryRole\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleDirectoryRoleMember = new AzureAD.DirectoryRoleMember(\"exampleDirectoryRoleMember\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"exampleDirectoryRole\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleMember(ctx, \"exampleDirectoryRoleMember\", \u0026azuread.DirectoryRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleMember;\nimport com.pulumi.azuread.DirectoryRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder() \n .displayName(\"Security administrator\")\n .build());\n\n var exampleDirectoryRoleMember = new DirectoryRoleMember(\"exampleDirectoryRoleMember\", DirectoryRoleMemberArgs.builder() \n .roleObjectId(exampleDirectoryRole.objectId())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n properties:\n displayName: Security administrator\n exampleDirectoryRoleMember:\n type: azuread:DirectoryRoleMember\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n memberObjectId: ${exampleUser.objectId}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDirectory role members can be imported using the object ID of the role and the object ID of the member, e.g.\n\n```sh\n $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`. ", + "description": "Manages a single directory role membership (assignment) within Azure Active Directory.\n\n\u003e **Deprecation Warning:** This resource has been superseded by the azuread.DirectoryRoleAssignment resource and will be removed in version 3.0 of the AzureAD provider\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleDirectoryRole = new azuread.DirectoryRole(\"exampleDirectoryRole\", {displayName: \"Security administrator\"});\nconst exampleDirectoryRoleMember = new azuread.DirectoryRoleMember(\"exampleDirectoryRoleMember\", {\n roleObjectId: exampleDirectoryRole.objectId,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.objectId),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_directory_role = azuread.DirectoryRole(\"exampleDirectoryRole\", display_name=\"Security administrator\")\nexample_directory_role_member = azuread.DirectoryRoleMember(\"exampleDirectoryRoleMember\",\n role_object_id=example_directory_role.object_id,\n member_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleDirectoryRole = new AzureAD.DirectoryRole(\"exampleDirectoryRole\", new()\n {\n DisplayName = \"Security administrator\",\n });\n\n var exampleDirectoryRoleMember = new AzureAD.DirectoryRoleMember(\"exampleDirectoryRoleMember\", new()\n {\n RoleObjectId = exampleDirectoryRole.ObjectId,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.ObjectId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectoryRole, err := azuread.NewDirectoryRole(ctx, \"exampleDirectoryRole\", \u0026azuread.DirectoryRoleArgs{\n\t\t\tDisplayName: pulumi.String(\"Security administrator\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewDirectoryRoleMember(ctx, \"exampleDirectoryRoleMember\", \u0026azuread.DirectoryRoleMemberArgs{\n\t\t\tRoleObjectId: exampleDirectoryRole.ObjectId,\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.ObjectId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.DirectoryRole;\nimport com.pulumi.azuread.DirectoryRoleArgs;\nimport com.pulumi.azuread.DirectoryRoleMember;\nimport com.pulumi.azuread.DirectoryRoleMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleDirectoryRole = new DirectoryRole(\"exampleDirectoryRole\", DirectoryRoleArgs.builder() \n .displayName(\"Security administrator\")\n .build());\n\n var exampleDirectoryRoleMember = new DirectoryRoleMember(\"exampleDirectoryRoleMember\", DirectoryRoleMemberArgs.builder() \n .roleObjectId(exampleDirectoryRole.objectId())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDirectoryRole:\n type: azuread:DirectoryRole\n properties:\n displayName: Security administrator\n exampleDirectoryRoleMember:\n type: azuread:DirectoryRoleMember\n properties:\n roleObjectId: ${exampleDirectoryRole.objectId}\n memberObjectId: ${exampleUser.objectId}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDirectory role members can be imported using the object ID of the role and the object ID of the member, e.g.\n\n ```sh\n $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`.\n\n ", "properties": { "memberObjectId": { "type": "string", @@ -6084,7 +6084,7 @@ } }, "azuread:index/group:Group": { - "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nAlternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`.\n\nIf using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\nWhen creating this resource in administrative units exclusively, the role `Groups Administrator` is required to be scoped on any administrative unit used.\n\nThe `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Microsoft 365 group*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"groupOwner\", {\n userPrincipalName: \"example-group-owner@example.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"groupOwner\",\n user_principal_name=\"example-group-owner@example.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var groupOwner = new AzureAD.User(\"groupOwner\", new()\n {\n UserPrincipalName = \"example-group-owner@example.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = new[]\n {\n \"Unified\",\n },\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n groupOwner.ObjectId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"groupOwner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@example.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var groupOwner = new User(\"groupOwner\", UserArgs.builder() \n .userPrincipalName(\"example-group-owner@example.com\")\n .displayName(\"Group Owner\")\n .mailNickname(\"example-group-owner\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .mailEnabled(true)\n .mailNickname(\"ExampleGroup\")\n .securityEnabled(true)\n .types(\"Unified\")\n .owners( \n current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()),\n groupOwner.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groupOwner:\n type: azuread:User\n properties:\n userPrincipalName: example-group-owner@example.com\n displayName: Group Owner\n mailNickname: example-group-owner\n password: SecretP@sswd99!\n example:\n type: azuread:Group\n properties:\n displayName: example\n mailEnabled: true\n mailNickname: ExampleGroup\n securityEnabled: true\n types:\n - Unified\n owners:\n - ${current.objectId}\n - ${groupOwner.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with members*\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J Doe\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .password(\"notSecure123\")\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .members(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleUser:\n type: azuread:User\n properties:\n displayName: J Doe\n owners:\n - ${current.objectId}\n password: notSecure123\n userPrincipalName: jdoe@example.com\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n members:\n - ${exampleUser.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with dynamic membership*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership=azuread.GroupDynamicMembershipArgs(\n enabled=True,\n rule=\"user.department -eq \\\"Sales\\\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"MyGroup\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n Types = new[]\n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026azuread.GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GroupDynamicMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .types(\"DynamicMembership\")\n .dynamicMembership(GroupDynamicMembershipArgs.builder()\n .enabled(true)\n .rule(\"user.department -eq \\\"Sales\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n types:\n - DynamicMembership\n dynamicMembership:\n enabled: true\n rule: user.department -eq \"Sales\"\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nAlternatively, if the authenticated service principal is also an owner of the group being managed, this resource can use the application role: `Group.Create`.\n\nIf using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\nWhen creating this resource in administrative units exclusively, the role `Groups Administrator` is required to be scoped on any administrative unit used.\n\nThe `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n securityEnabled: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Microsoft 365 group*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"groupOwner\", {\n userPrincipalName: \"example-group-owner@example.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"groupOwner\",\n user_principal_name=\"example-group-owner@example.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var groupOwner = new AzureAD.User(\"groupOwner\", new()\n {\n UserPrincipalName = \"example-group-owner@example.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = new[]\n {\n \"Unified\",\n },\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n groupOwner.ObjectId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"groupOwner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@example.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var groupOwner = new User(\"groupOwner\", UserArgs.builder() \n .userPrincipalName(\"example-group-owner@example.com\")\n .displayName(\"Group Owner\")\n .mailNickname(\"example-group-owner\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"example\")\n .mailEnabled(true)\n .mailNickname(\"ExampleGroup\")\n .securityEnabled(true)\n .types(\"Unified\")\n .owners( \n current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()),\n groupOwner.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groupOwner:\n type: azuread:User\n properties:\n userPrincipalName: example-group-owner@example.com\n displayName: Group Owner\n mailNickname: example-group-owner\n password: SecretP@sswd99!\n example:\n type: azuread:Group\n properties:\n displayName: example\n mailEnabled: true\n mailNickname: ExampleGroup\n securityEnabled: true\n types:\n - Unified\n owners:\n - ${current.objectId}\n - ${groupOwner.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with members*\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J Doe\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .password(\"notSecure123\")\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .members(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleUser:\n type: azuread:User\n properties:\n displayName: J Doe\n owners:\n - ${current.objectId}\n password: notSecure123\n userPrincipalName: jdoe@example.com\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n members:\n - ${exampleUser.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Group with dynamic membership*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership=azuread.GroupDynamicMembershipArgs(\n enabled=True,\n rule=\"user.department -eq \\\"Sales\\\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.Group(\"example\", new()\n {\n DisplayName = \"MyGroup\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n SecurityEnabled = true,\n Types = new[]\n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026azuread.GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.inputs.GroupDynamicMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new Group(\"example\", GroupArgs.builder() \n .displayName(\"MyGroup\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .securityEnabled(true)\n .types(\"DynamicMembership\")\n .dynamicMembership(GroupDynamicMembershipArgs.builder()\n .enabled(true)\n .rule(\"user.department -eq \\\"Sales\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Group\n properties:\n displayName: MyGroup\n owners:\n - ${current.objectId}\n securityEnabled: true\n types:\n - DynamicMembership\n dynamicMembership:\n enabled: true\n rule: user.department -eq \"Sales\"\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n ```sh\n $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "administrativeUnitIds": { "type": "array", @@ -6527,7 +6527,7 @@ } }, "azuread:index/groupMember:GroupMember": { - "description": "Manages a single group membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.Group` resource for the same group. Doing so will cause a conflict and group members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nHowever, if the authenticated service principal is an owner of the group being managed, an application role is not required.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"my_group\",\n securityEnabled: true,\n});\nconst exampleGroupMember = new azuread.GroupMember(\"exampleGroupMember\", {\n groupObjectId: exampleGroup.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"my_group\",\n security_enabled=True)\nexample_group_member = azuread.GroupMember(\"exampleGroupMember\",\n group_object_id=example_group.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"my_group\",\n SecurityEnabled = true,\n });\n\n var exampleGroupMember = new AzureAD.GroupMember(\"exampleGroupMember\", new()\n {\n GroupObjectId = exampleGroup.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"my_group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroupMember(ctx, \"exampleGroupMember\", \u0026azuread.GroupMemberArgs{\n\t\t\tGroupObjectId: exampleGroup.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.GroupMember;\nimport com.pulumi.azuread.GroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"my_group\")\n .securityEnabled(true)\n .build());\n\n var exampleGroupMember = new GroupMember(\"exampleGroupMember\", GroupMemberArgs.builder() \n .groupObjectId(exampleGroup.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: my_group\n securityEnabled: true\n exampleGroupMember:\n type: azuread:GroupMember\n properties:\n groupObjectId: ${exampleGroup.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroup members can be imported using the object ID of the group and the object ID of the member, e.g.\n\n```sh\n $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. ", + "description": "Manages a single group membership within Azure Active Directory.\n\n\u003e **Warning** Do not use this resource at the same time as the `members` property of the `azuread.Group` resource for the same group. Doing so will cause a conflict and group members will be removed.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`.\n\nHowever, if the authenticated service principal is an owner of the group being managed, an application role is not required.\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleUser = azuread.getUser({\n userPrincipalName: \"jdoe@example.com\",\n});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"my_group\",\n securityEnabled: true,\n});\nconst exampleGroupMember = new azuread.GroupMember(\"exampleGroupMember\", {\n groupObjectId: exampleGroup.id,\n memberObjectId: exampleUser.then(exampleUser =\u003e exampleUser.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_user = azuread.get_user(user_principal_name=\"jdoe@example.com\")\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"my_group\",\n security_enabled=True)\nexample_group_member = azuread.GroupMember(\"exampleGroupMember\",\n group_object_id=example_group.id,\n member_object_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUser = AzureAD.GetUser.Invoke(new()\n {\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"my_group\",\n SecurityEnabled = true,\n });\n\n var exampleGroupMember = new AzureAD.GroupMember(\"exampleGroupMember\", new()\n {\n GroupObjectId = exampleGroup.Id,\n MemberObjectId = exampleUser.Apply(getUserResult =\u003e getUserResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := azuread.LookupUser(ctx, \u0026azuread.LookupUserArgs{\n\t\t\tUserPrincipalName: pulumi.StringRef(\"jdoe@example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"my_group\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroupMember(ctx, \"exampleGroupMember\", \u0026azuread.GroupMemberArgs{\n\t\t\tGroupObjectId: exampleGroup.ID(),\n\t\t\tMemberObjectId: *pulumi.String(exampleUser.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetUserArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.GroupMember;\nimport com.pulumi.azuread.GroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleUser = AzureadFunctions.getUser(GetUserArgs.builder()\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"my_group\")\n .securityEnabled(true)\n .build());\n\n var exampleGroupMember = new GroupMember(\"exampleGroupMember\", GroupMemberArgs.builder() \n .groupObjectId(exampleGroup.id())\n .memberObjectId(exampleUser.applyValue(getUserResult -\u003e getUserResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: my_group\n securityEnabled: true\n exampleGroupMember:\n type: azuread:GroupMember\n properties:\n groupObjectId: ${exampleGroup.id}\n memberObjectId: ${exampleUser.id}\nvariables:\n exampleUser:\n fn::invoke:\n Function: azuread:getUser\n Arguments:\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroup members can be imported using the object ID of the group and the object ID of the member, e.g.\n\n ```sh\n $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`.\n\n ", "properties": { "groupObjectId": { "type": "string", @@ -6576,7 +6576,7 @@ } }, "azuread:index/invitation:Invitation": { - "description": "Manages an invitation of a guest user within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `User.Invite.All`, `User.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Guest Inviter`, `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Invitation(\"example\", {\n redirectUrl: \"https://portal.azure.com\",\n userEmailAddress: \"jdoe@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Invitation(\"example\",\n redirect_url=\"https://portal.azure.com\",\n user_email_address=\"jdoe@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Invitation(\"example\", new()\n {\n RedirectUrl = \"https://portal.azure.com\",\n UserEmailAddress = \"jdoe@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewInvitation(ctx, \"example\", \u0026azuread.InvitationArgs{\n\t\t\tRedirectUrl: pulumi.String(\"https://portal.azure.com\"),\n\t\t\tUserEmailAddress: pulumi.String(\"jdoe@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Invitation;\nimport com.pulumi.azuread.InvitationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invitation(\"example\", InvitationArgs.builder() \n .redirectUrl(\"https://portal.azure.com\")\n .userEmailAddress(\"jdoe@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Invitation\n properties:\n redirectUrl: https://portal.azure.com\n userEmailAddress: jdoe@example.com\n```\n\n*Invitation with standard message*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Invitation(\"example\", {\n message: {\n language: \"en-US\",\n },\n redirectUrl: \"https://portal.azure.com\",\n userEmailAddress: \"jdoe@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Invitation(\"example\",\n message=azuread.InvitationMessageArgs(\n language=\"en-US\",\n ),\n redirect_url=\"https://portal.azure.com\",\n user_email_address=\"jdoe@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Invitation(\"example\", new()\n {\n Message = new AzureAD.Inputs.InvitationMessageArgs\n {\n Language = \"en-US\",\n },\n RedirectUrl = \"https://portal.azure.com\",\n UserEmailAddress = \"jdoe@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewInvitation(ctx, \"example\", \u0026azuread.InvitationArgs{\n\t\t\tMessage: \u0026azuread.InvitationMessageArgs{\n\t\t\t\tLanguage: pulumi.String(\"en-US\"),\n\t\t\t},\n\t\t\tRedirectUrl: pulumi.String(\"https://portal.azure.com\"),\n\t\t\tUserEmailAddress: pulumi.String(\"jdoe@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Invitation;\nimport com.pulumi.azuread.InvitationArgs;\nimport com.pulumi.azuread.inputs.InvitationMessageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invitation(\"example\", InvitationArgs.builder() \n .message(InvitationMessageArgs.builder()\n .language(\"en-US\")\n .build())\n .redirectUrl(\"https://portal.azure.com\")\n .userEmailAddress(\"jdoe@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Invitation\n properties:\n message:\n language: en-US\n redirectUrl: https://portal.azure.com\n userEmailAddress: jdoe@example.com\n```\n\n*Invitation with custom message body and an additional recipient*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Invitation(\"example\", {\n message: {\n additionalRecipients: \"aaliceberg@example.com\",\n body: \"Hello there! You are invited to join my Azure tenant!\",\n },\n redirectUrl: \"https://portal.azure.com\",\n userDisplayName: \"Bob Bobson\",\n userEmailAddress: \"bbobson@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Invitation(\"example\",\n message=azuread.InvitationMessageArgs(\n additional_recipients=\"aaliceberg@example.com\",\n body=\"Hello there! You are invited to join my Azure tenant!\",\n ),\n redirect_url=\"https://portal.azure.com\",\n user_display_name=\"Bob Bobson\",\n user_email_address=\"bbobson@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Invitation(\"example\", new()\n {\n Message = new AzureAD.Inputs.InvitationMessageArgs\n {\n AdditionalRecipients = \"aaliceberg@example.com\",\n Body = \"Hello there! You are invited to join my Azure tenant!\",\n },\n RedirectUrl = \"https://portal.azure.com\",\n UserDisplayName = \"Bob Bobson\",\n UserEmailAddress = \"bbobson@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewInvitation(ctx, \"example\", \u0026azuread.InvitationArgs{\n\t\t\tMessage: \u0026azuread.InvitationMessageArgs{\n\t\t\t\tAdditionalRecipients: pulumi.String(\"aaliceberg@example.com\"),\n\t\t\t\tBody: pulumi.String(\"Hello there! You are invited to join my Azure tenant!\"),\n\t\t\t},\n\t\t\tRedirectUrl: pulumi.String(\"https://portal.azure.com\"),\n\t\t\tUserDisplayName: pulumi.String(\"Bob Bobson\"),\n\t\t\tUserEmailAddress: pulumi.String(\"bbobson@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Invitation;\nimport com.pulumi.azuread.InvitationArgs;\nimport com.pulumi.azuread.inputs.InvitationMessageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invitation(\"example\", InvitationArgs.builder() \n .message(InvitationMessageArgs.builder()\n .additionalRecipients(\"aaliceberg@example.com\")\n .body(\"Hello there! You are invited to join my Azure tenant!\")\n .build())\n .redirectUrl(\"https://portal.azure.com\")\n .userDisplayName(\"Bob Bobson\")\n .userEmailAddress(\"bbobson@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Invitation\n properties:\n message:\n additionalRecipients: aaliceberg@example.com\n body: Hello there! You are invited to join my Azure tenant!\n redirectUrl: https://portal.azure.com\n userDisplayName: Bob Bobson\n userEmailAddress: bbobson@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", + "description": "Manages an invitation of a guest user within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `User.Invite.All`, `User.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Guest Inviter`, `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Invitation(\"example\", {\n redirectUrl: \"https://portal.azure.com\",\n userEmailAddress: \"jdoe@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Invitation(\"example\",\n redirect_url=\"https://portal.azure.com\",\n user_email_address=\"jdoe@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Invitation(\"example\", new()\n {\n RedirectUrl = \"https://portal.azure.com\",\n UserEmailAddress = \"jdoe@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewInvitation(ctx, \"example\", \u0026azuread.InvitationArgs{\n\t\t\tRedirectUrl: pulumi.String(\"https://portal.azure.com\"),\n\t\t\tUserEmailAddress: pulumi.String(\"jdoe@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Invitation;\nimport com.pulumi.azuread.InvitationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invitation(\"example\", InvitationArgs.builder() \n .redirectUrl(\"https://portal.azure.com\")\n .userEmailAddress(\"jdoe@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Invitation\n properties:\n redirectUrl: https://portal.azure.com\n userEmailAddress: jdoe@example.com\n```\n\n*Invitation with standard message*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Invitation(\"example\", {\n message: {\n language: \"en-US\",\n },\n redirectUrl: \"https://portal.azure.com\",\n userEmailAddress: \"jdoe@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Invitation(\"example\",\n message=azuread.InvitationMessageArgs(\n language=\"en-US\",\n ),\n redirect_url=\"https://portal.azure.com\",\n user_email_address=\"jdoe@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Invitation(\"example\", new()\n {\n Message = new AzureAD.Inputs.InvitationMessageArgs\n {\n Language = \"en-US\",\n },\n RedirectUrl = \"https://portal.azure.com\",\n UserEmailAddress = \"jdoe@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewInvitation(ctx, \"example\", \u0026azuread.InvitationArgs{\n\t\t\tMessage: \u0026azuread.InvitationMessageArgs{\n\t\t\t\tLanguage: pulumi.String(\"en-US\"),\n\t\t\t},\n\t\t\tRedirectUrl: pulumi.String(\"https://portal.azure.com\"),\n\t\t\tUserEmailAddress: pulumi.String(\"jdoe@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Invitation;\nimport com.pulumi.azuread.InvitationArgs;\nimport com.pulumi.azuread.inputs.InvitationMessageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invitation(\"example\", InvitationArgs.builder() \n .message(InvitationMessageArgs.builder()\n .language(\"en-US\")\n .build())\n .redirectUrl(\"https://portal.azure.com\")\n .userEmailAddress(\"jdoe@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Invitation\n properties:\n message:\n language: en-US\n redirectUrl: https://portal.azure.com\n userEmailAddress: jdoe@example.com\n```\n\n*Invitation with custom message body and an additional recipient*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.Invitation(\"example\", {\n message: {\n additionalRecipients: \"aaliceberg@example.com\",\n body: \"Hello there! You are invited to join my Azure tenant!\",\n },\n redirectUrl: \"https://portal.azure.com\",\n userDisplayName: \"Bob Bobson\",\n userEmailAddress: \"bbobson@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.Invitation(\"example\",\n message=azuread.InvitationMessageArgs(\n additional_recipients=\"aaliceberg@example.com\",\n body=\"Hello there! You are invited to join my Azure tenant!\",\n ),\n redirect_url=\"https://portal.azure.com\",\n user_display_name=\"Bob Bobson\",\n user_email_address=\"bbobson@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.Invitation(\"example\", new()\n {\n Message = new AzureAD.Inputs.InvitationMessageArgs\n {\n AdditionalRecipients = \"aaliceberg@example.com\",\n Body = \"Hello there! You are invited to join my Azure tenant!\",\n },\n RedirectUrl = \"https://portal.azure.com\",\n UserDisplayName = \"Bob Bobson\",\n UserEmailAddress = \"bbobson@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewInvitation(ctx, \"example\", \u0026azuread.InvitationArgs{\n\t\t\tMessage: \u0026azuread.InvitationMessageArgs{\n\t\t\t\tAdditionalRecipients: pulumi.String(\"aaliceberg@example.com\"),\n\t\t\t\tBody: pulumi.String(\"Hello there! You are invited to join my Azure tenant!\"),\n\t\t\t},\n\t\t\tRedirectUrl: pulumi.String(\"https://portal.azure.com\"),\n\t\t\tUserDisplayName: pulumi.String(\"Bob Bobson\"),\n\t\t\tUserEmailAddress: pulumi.String(\"bbobson@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Invitation;\nimport com.pulumi.azuread.InvitationArgs;\nimport com.pulumi.azuread.inputs.InvitationMessageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invitation(\"example\", InvitationArgs.builder() \n .message(InvitationMessageArgs.builder()\n .additionalRecipients(\"aaliceberg@example.com\")\n .body(\"Hello there! You are invited to join my Azure tenant!\")\n .build())\n .redirectUrl(\"https://portal.azure.com\")\n .userDisplayName(\"Bob Bobson\")\n .userEmailAddress(\"bbobson@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:Invitation\n properties:\n message:\n additionalRecipients: aaliceberg@example.com\n body: Hello there! You are invited to join my Azure tenant!\n redirectUrl: https://portal.azure.com\n userDisplayName: Bob Bobson\n userEmailAddress: bbobson@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing.\n\n ", "properties": { "message": { "$ref": "#/types/azuread:index/InvitationMessage:InvitationMessage", @@ -6685,7 +6685,7 @@ } }, "azuread:index/namedLocation:NamedLocation": { - "description": "Manages a Named Location within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example_ip = new azuread.NamedLocation(\"example-ip\", {\n displayName: \"IP Named Location\",\n ip: {\n ipRanges: [\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ],\n trusted: true,\n },\n});\nconst example_country = new azuread.NamedLocation(\"example-country\", {\n country: {\n countriesAndRegions: [\n \"GB\",\n \"US\",\n ],\n includeUnknownCountriesAndRegions: false,\n },\n displayName: \"Country Named Location\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_ip = azuread.NamedLocation(\"example-ip\",\n display_name=\"IP Named Location\",\n ip=azuread.NamedLocationIpArgs(\n ip_ranges=[\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ],\n trusted=True,\n ))\nexample_country = azuread.NamedLocation(\"example-country\",\n country=azuread.NamedLocationCountryArgs(\n countries_and_regions=[\n \"GB\",\n \"US\",\n ],\n include_unknown_countries_and_regions=False,\n ),\n display_name=\"Country Named Location\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example_ip = new AzureAD.NamedLocation(\"example-ip\", new()\n {\n DisplayName = \"IP Named Location\",\n Ip = new AzureAD.Inputs.NamedLocationIpArgs\n {\n IpRanges = new[]\n {\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n },\n Trusted = true,\n },\n });\n\n var example_country = new AzureAD.NamedLocation(\"example-country\", new()\n {\n Country = new AzureAD.Inputs.NamedLocationCountryArgs\n {\n CountriesAndRegions = new[]\n {\n \"GB\",\n \"US\",\n },\n IncludeUnknownCountriesAndRegions = false,\n },\n DisplayName = \"Country Named Location\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewNamedLocation(ctx, \"example-ip\", \u0026azuread.NamedLocationArgs{\n\t\t\tDisplayName: pulumi.String(\"IP Named Location\"),\n\t\t\tIp: \u0026azuread.NamedLocationIpArgs{\n\t\t\t\tIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"1.1.1.1/32\"),\n\t\t\t\t\tpulumi.String(\"2.2.2.2/32\"),\n\t\t\t\t},\n\t\t\t\tTrusted: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewNamedLocation(ctx, \"example-country\", \u0026azuread.NamedLocationArgs{\n\t\t\tCountry: \u0026azuread.NamedLocationCountryArgs{\n\t\t\t\tCountriesAndRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"GB\"),\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tIncludeUnknownCountriesAndRegions: pulumi.Bool(false),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"Country Named Location\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.NamedLocation;\nimport com.pulumi.azuread.NamedLocationArgs;\nimport com.pulumi.azuread.inputs.NamedLocationIpArgs;\nimport com.pulumi.azuread.inputs.NamedLocationCountryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example_ip = new NamedLocation(\"example-ip\", NamedLocationArgs.builder() \n .displayName(\"IP Named Location\")\n .ip(NamedLocationIpArgs.builder()\n .ipRanges( \n \"1.1.1.1/32\",\n \"2.2.2.2/32\")\n .trusted(true)\n .build())\n .build());\n\n var example_country = new NamedLocation(\"example-country\", NamedLocationArgs.builder() \n .country(NamedLocationCountryArgs.builder()\n .countriesAndRegions( \n \"GB\",\n \"US\")\n .includeUnknownCountriesAndRegions(false)\n .build())\n .displayName(\"Country Named Location\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-ip:\n type: azuread:NamedLocation\n properties:\n displayName: IP Named Location\n ip:\n ipRanges:\n - 1.1.1.1/32\n - 2.2.2.2/32\n trusted: true\n example-country:\n type: azuread:NamedLocation\n properties:\n country:\n countriesAndRegions:\n - GB\n - US\n includeUnknownCountriesAndRegions: false\n displayName: Country Named Location\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNamed Locations can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a Named Location within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example_ip = new azuread.NamedLocation(\"example-ip\", {\n displayName: \"IP Named Location\",\n ip: {\n ipRanges: [\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ],\n trusted: true,\n },\n});\nconst example_country = new azuread.NamedLocation(\"example-country\", {\n country: {\n countriesAndRegions: [\n \"GB\",\n \"US\",\n ],\n includeUnknownCountriesAndRegions: false,\n },\n displayName: \"Country Named Location\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_ip = azuread.NamedLocation(\"example-ip\",\n display_name=\"IP Named Location\",\n ip=azuread.NamedLocationIpArgs(\n ip_ranges=[\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ],\n trusted=True,\n ))\nexample_country = azuread.NamedLocation(\"example-country\",\n country=azuread.NamedLocationCountryArgs(\n countries_and_regions=[\n \"GB\",\n \"US\",\n ],\n include_unknown_countries_and_regions=False,\n ),\n display_name=\"Country Named Location\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example_ip = new AzureAD.NamedLocation(\"example-ip\", new()\n {\n DisplayName = \"IP Named Location\",\n Ip = new AzureAD.Inputs.NamedLocationIpArgs\n {\n IpRanges = new[]\n {\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n },\n Trusted = true,\n },\n });\n\n var example_country = new AzureAD.NamedLocation(\"example-country\", new()\n {\n Country = new AzureAD.Inputs.NamedLocationCountryArgs\n {\n CountriesAndRegions = new[]\n {\n \"GB\",\n \"US\",\n },\n IncludeUnknownCountriesAndRegions = false,\n },\n DisplayName = \"Country Named Location\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewNamedLocation(ctx, \"example-ip\", \u0026azuread.NamedLocationArgs{\n\t\t\tDisplayName: pulumi.String(\"IP Named Location\"),\n\t\t\tIp: \u0026azuread.NamedLocationIpArgs{\n\t\t\t\tIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"1.1.1.1/32\"),\n\t\t\t\t\tpulumi.String(\"2.2.2.2/32\"),\n\t\t\t\t},\n\t\t\t\tTrusted: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewNamedLocation(ctx, \"example-country\", \u0026azuread.NamedLocationArgs{\n\t\t\tCountry: \u0026azuread.NamedLocationCountryArgs{\n\t\t\t\tCountriesAndRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"GB\"),\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tIncludeUnknownCountriesAndRegions: pulumi.Bool(false),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"Country Named Location\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.NamedLocation;\nimport com.pulumi.azuread.NamedLocationArgs;\nimport com.pulumi.azuread.inputs.NamedLocationIpArgs;\nimport com.pulumi.azuread.inputs.NamedLocationCountryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example_ip = new NamedLocation(\"example-ip\", NamedLocationArgs.builder() \n .displayName(\"IP Named Location\")\n .ip(NamedLocationIpArgs.builder()\n .ipRanges( \n \"1.1.1.1/32\",\n \"2.2.2.2/32\")\n .trusted(true)\n .build())\n .build());\n\n var example_country = new NamedLocation(\"example-country\", NamedLocationArgs.builder() \n .country(NamedLocationCountryArgs.builder()\n .countriesAndRegions( \n \"GB\",\n \"US\")\n .includeUnknownCountriesAndRegions(false)\n .build())\n .displayName(\"Country Named Location\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-ip:\n type: azuread:NamedLocation\n properties:\n displayName: IP Named Location\n ip:\n ipRanges:\n - 1.1.1.1/32\n - 2.2.2.2/32\n trusted: true\n example-country:\n type: azuread:NamedLocation\n properties:\n country:\n countriesAndRegions:\n - GB\n - US\n includeUnknownCountriesAndRegions: false\n displayName: Country Named Location\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNamed Locations can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "country": { "$ref": "#/types/azuread:index/NamedLocationCountry:NamedLocationCountry", @@ -6744,7 +6744,7 @@ } }, "azuread:index/servicePrincipal:ServicePrincipal": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Create a service principal for an application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n clientId: exampleApplication.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n client_id=example_application.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ClientId = exampleApplication.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .clientId(exampleApplication.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${exampleApplication.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Create a service principal for an enterprise application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n clientId: exampleApplication.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n client_id=example_application.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id],\n feature_tags=[azuread.ServicePrincipalFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ClientId = exampleApplication.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ServicePrincipalFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tFeatureTags: azuread.ServicePrincipalFeatureTagArray{\n\t\t\t\t\u0026azuread.ServicePrincipalFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ServicePrincipalFeatureTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .clientId(exampleApplication.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .featureTags(ServicePrincipalFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${exampleApplication.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\n featureTags:\n - enterprise: true\n gallery: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Manage a service principal for a first-party Microsoft application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*Create a service principal for an application created from a gallery template*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n clientId: exampleApplication.clientId,\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Marketo\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id)\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n client_id=example_application.client_id,\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ClientId = exampleApplication.ClientId,\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .clientId(exampleApplication.clientId())\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${exampleApplication.clientId}\n useExisting: true\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nService principals can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Create a service principal for an application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n clientId: exampleApplication.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n client_id=example_application.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ClientId = exampleApplication.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .clientId(exampleApplication.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${exampleApplication.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Create a service principal for an enterprise application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n clientId: exampleApplication.clientId,\n appRoleAssignmentRequired: false,\n owners: [current.then(current =\u003e current.objectId)],\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n owners=[current.object_id])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n client_id=example_application.client_id,\n app_role_assignment_required=False,\n owners=[current.object_id],\n feature_tags=[azuread.ServicePrincipalFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ClientId = exampleApplication.ClientId,\n AppRoleAssignmentRequired = false,\n Owners = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ServicePrincipalFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tAppRoleAssignmentRequired: pulumi.Bool(false),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tFeatureTags: azuread.ServicePrincipalFeatureTagArray{\n\t\t\t\t\u0026azuread.ServicePrincipalFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ServicePrincipalFeatureTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .clientId(exampleApplication.clientId())\n .appRoleAssignmentRequired(false)\n .owners(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .featureTags(ServicePrincipalFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n owners:\n - ${current.objectId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${exampleApplication.clientId}\n appRoleAssignmentRequired: false\n owners:\n - ${current.objectId}\n featureTags:\n - enterprise: true\n gallery: true\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n\n*Manage a service principal for a first-party Microsoft application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n clientId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n client_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ClientId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .clientId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*Create a service principal for an application created from a gallery template*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Marketo\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n clientId: exampleApplication.clientId,\n useExisting: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Marketo\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id)\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n client_id=example_application.client_id,\n use_existing=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Marketo\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ClientId = exampleApplication.ClientId,\n UseExisting = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Marketo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tClientId: exampleApplication.ClientId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Marketo\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .clientId(exampleApplication.clientId())\n .useExisting(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n clientId: ${exampleApplication.clientId}\n useExisting: true\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Marketo\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nService principals can be imported using their object ID, e.g.\n\n ```sh\n $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "accountEnabled": { "type": "boolean", @@ -7182,7 +7182,7 @@ } }, "azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate": { - "description": "\n\n## Import\n\nCertificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g.\n\n```sh\n $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the service principal's object ID, the string \"certificate\" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`. ", + "description": "\n\n## Import\n\nCertificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g.\n\n ```sh\n $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the service principal's object ID, the string \"certificate\" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`.\n\n ", "properties": { "encoding": { "type": "string", @@ -7321,7 +7321,7 @@ } }, "azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment": { - "description": "Manages a Claims Mapping Policy Assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ApplicationConfiguration` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst app = new azuread.ServicePrincipalClaimsMappingPolicyAssignment(\"app\", {\n claimsMappingPolicyId: azuread_claims_mapping_policy.my_policy.id,\n servicePrincipalId: azuread_service_principal.my_principal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\napp = azuread.ServicePrincipalClaimsMappingPolicyAssignment(\"app\",\n claims_mapping_policy_id=azuread_claims_mapping_policy[\"my_policy\"][\"id\"],\n service_principal_id=azuread_service_principal[\"my_principal\"][\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new AzureAD.ServicePrincipalClaimsMappingPolicyAssignment(\"app\", new()\n {\n ClaimsMappingPolicyId = azuread_claims_mapping_policy.My_policy.Id,\n ServicePrincipalId = azuread_service_principal.My_principal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewServicePrincipalClaimsMappingPolicyAssignment(ctx, \"app\", \u0026azuread.ServicePrincipalClaimsMappingPolicyAssignmentArgs{\n\t\t\tClaimsMappingPolicyId: pulumi.Any(azuread_claims_mapping_policy.My_policy.Id),\n\t\t\tServicePrincipalId: pulumi.Any(azuread_service_principal.My_principal.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ServicePrincipalClaimsMappingPolicyAssignment;\nimport com.pulumi.azuread.ServicePrincipalClaimsMappingPolicyAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new ServicePrincipalClaimsMappingPolicyAssignment(\"app\", ServicePrincipalClaimsMappingPolicyAssignmentArgs.builder() \n .claimsMappingPolicyId(azuread_claims_mapping_policy.my_policy().id())\n .servicePrincipalId(azuread_service_principal.my_principal().id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: azuread:ServicePrincipalClaimsMappingPolicyAssignment\n properties:\n claimsMappingPolicyId: ${azuread_claims_mapping_policy.my_policy.id}\n servicePrincipalId: ${azuread_service_principal.my_principal.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nClaims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g\n\n```sh\n $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a Claims Mapping Policy Assignment within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ApplicationConfiguration` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst app = new azuread.ServicePrincipalClaimsMappingPolicyAssignment(\"app\", {\n claimsMappingPolicyId: azuread_claims_mapping_policy.my_policy.id,\n servicePrincipalId: azuread_service_principal.my_principal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\napp = azuread.ServicePrincipalClaimsMappingPolicyAssignment(\"app\",\n claims_mapping_policy_id=azuread_claims_mapping_policy[\"my_policy\"][\"id\"],\n service_principal_id=azuread_service_principal[\"my_principal\"][\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new AzureAD.ServicePrincipalClaimsMappingPolicyAssignment(\"app\", new()\n {\n ClaimsMappingPolicyId = azuread_claims_mapping_policy.My_policy.Id,\n ServicePrincipalId = azuread_service_principal.My_principal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewServicePrincipalClaimsMappingPolicyAssignment(ctx, \"app\", \u0026azuread.ServicePrincipalClaimsMappingPolicyAssignmentArgs{\n\t\t\tClaimsMappingPolicyId: pulumi.Any(azuread_claims_mapping_policy.My_policy.Id),\n\t\t\tServicePrincipalId: pulumi.Any(azuread_service_principal.My_principal.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ServicePrincipalClaimsMappingPolicyAssignment;\nimport com.pulumi.azuread.ServicePrincipalClaimsMappingPolicyAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new ServicePrincipalClaimsMappingPolicyAssignment(\"app\", ServicePrincipalClaimsMappingPolicyAssignmentArgs.builder() \n .claimsMappingPolicyId(azuread_claims_mapping_policy.my_policy().id())\n .servicePrincipalId(azuread_service_principal.my_principal().id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: azuread:ServicePrincipalClaimsMappingPolicyAssignment\n properties:\n claimsMappingPolicyId: ${azuread_claims_mapping_policy.my_policy.id}\n servicePrincipalId: ${azuread_service_principal.my_principal.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nClaims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g:\n\n ```sh\n $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000\n```\n\n ", "properties": { "claimsMappingPolicyId": { "type": "string", @@ -7370,7 +7370,7 @@ } }, "azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant": { - "description": "Manages a delegated permission grant for a service principal, on behalf of a single user, or all users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one the following directory role: `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Delegated permission grant for all users*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"openid\"],\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*Delegated permission grant for a single user*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"J. Doe\",\n userPrincipalName: \"jdoe@example.com\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n userObjectId: exampleUser.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"openid\"],\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"J. Doe\",\n user_principal_name=\"jdoe@example.com\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\")\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ],\n user_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"J. Doe\",\n UserPrincipalName = \"jdoe@example.com\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n UserObjectId = exampleUser.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@example.com\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t\tUserObjectId: exampleUser.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J. Doe\")\n .userPrincipalName(\"jdoe@example.com\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .userObjectId(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: J. Doe\n userPrincipalName: jdoe@example.com\n mailNickname: jdoe\n password: SecretP@sswd99!\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\n userObjectId: ${exampleUser.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDelegated permission grants can be imported using their ID, e.g.\n\n```sh\n $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n ", + "description": "Manages a delegated permission grant for a service principal, on behalf of a single user, or all users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one the following directory role: `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Delegated permission grant for all users*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"openid\"],\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*Delegated permission grant for a single user*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"J. Doe\",\n userPrincipalName: \"jdoe@example.com\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n userObjectId: exampleUser.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"openid\"],\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"J. Doe\",\n user_principal_name=\"jdoe@example.com\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\")\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ],\n user_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"J. Doe\",\n UserPrincipalName = \"jdoe@example.com\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n UserObjectId = exampleUser.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@example.com\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t\tUserObjectId: exampleUser.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J. Doe\")\n .userPrincipalName(\"jdoe@example.com\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .userObjectId(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: J. Doe\n userPrincipalName: jdoe@example.com\n mailNickname: jdoe\n password: SecretP@sswd99!\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\n userObjectId: ${exampleUser.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDelegated permission grants can be imported using their ID, e.g.\n\n ```sh\n $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n ", "properties": { "claimValues": { "type": "array", @@ -7456,7 +7456,7 @@ } }, "azuread:index/servicePrincipalPassword:ServicePrincipalPassword": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", {servicePrincipalId: exampleServicePrincipal.objectId});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_password = azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", service_principal_id=example_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalPassword(ctx, \"exampleServicePrincipalPassword\", \u0026azuread.ServicePrincipalPasswordArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalPassword;\nimport com.pulumi.azuread.ServicePrincipalPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalPassword = new ServicePrincipalPassword(\"exampleServicePrincipalPassword\", ServicePrincipalPasswordArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalPassword:\n type: azuread:ServicePrincipalPassword\n properties:\n servicePrincipalId: ${exampleServicePrincipal.objectId}\n```\n\n*Time-based rotation*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as time from \"@pulumiverse/time\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleRotating = new time.Rotating(\"exampleRotating\", {rotationDays: 7});\nconst exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", {\n servicePrincipalId: exampleServicePrincipal.objectId,\n rotateWhenChanged: {\n rotation: exampleRotating.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumiverse_time as time\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_rotating = time.Rotating(\"exampleRotating\", rotation_days=7)\nexample_service_principal_password = azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\",\n service_principal_id=example_service_principal.object_id,\n rotate_when_changed={\n \"rotation\": example_rotating.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Time = Pulumiverse.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleRotating = new Time.Rotating(\"exampleRotating\", new()\n {\n RotationDays = 7,\n });\n\n var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.ObjectId,\n RotateWhenChanged = \n {\n { \"rotation\", exampleRotating.Id },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRotating, err := time.NewRotating(ctx, \"exampleRotating\", \u0026time.RotatingArgs{\n\t\t\tRotationDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalPassword(ctx, \"exampleServicePrincipalPassword\", \u0026azuread.ServicePrincipalPasswordArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ObjectId,\n\t\t\tRotateWhenChanged: pulumi.StringMap{\n\t\t\t\t\"rotation\": exampleRotating.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.time.Rotating;\nimport com.pulumi.time.RotatingArgs;\nimport com.pulumi.azuread.ServicePrincipalPassword;\nimport com.pulumi.azuread.ServicePrincipalPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleRotating = new Rotating(\"exampleRotating\", RotatingArgs.builder() \n .rotationDays(7)\n .build());\n\n var exampleServicePrincipalPassword = new ServicePrincipalPassword(\"exampleServicePrincipalPassword\", ServicePrincipalPasswordArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.objectId())\n .rotateWhenChanged(Map.of(\"rotation\", exampleRotating.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleRotating:\n type: time:Rotating\n properties:\n rotationDays: 7\n exampleServicePrincipalPassword:\n type: azuread:ServicePrincipalPassword\n properties:\n servicePrincipalId: ${exampleServicePrincipal.objectId}\n rotateWhenChanged:\n rotation: ${exampleRotating.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", {servicePrincipalId: exampleServicePrincipal.objectId});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_password = azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", service_principal_id=example_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalPassword(ctx, \"exampleServicePrincipalPassword\", \u0026azuread.ServicePrincipalPasswordArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalPassword;\nimport com.pulumi.azuread.ServicePrincipalPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalPassword = new ServicePrincipalPassword(\"exampleServicePrincipalPassword\", ServicePrincipalPasswordArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalPassword:\n type: azuread:ServicePrincipalPassword\n properties:\n servicePrincipalId: ${exampleServicePrincipal.objectId}\n```\n\n*Time-based rotation*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as time from \"@pulumiverse/time\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleRotating = new time.Rotating(\"exampleRotating\", {rotationDays: 7});\nconst exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", {\n servicePrincipalId: exampleServicePrincipal.objectId,\n rotateWhenChanged: {\n rotation: exampleRotating.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumiverse_time as time\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_rotating = time.Rotating(\"exampleRotating\", rotation_days=7)\nexample_service_principal_password = azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\",\n service_principal_id=example_service_principal.object_id,\n rotate_when_changed={\n \"rotation\": example_rotating.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Time = Pulumiverse.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleRotating = new Time.Rotating(\"exampleRotating\", new()\n {\n RotationDays = 7,\n });\n\n var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.ObjectId,\n RotateWhenChanged = \n {\n { \"rotation\", exampleRotating.Id },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRotating, err := time.NewRotating(ctx, \"exampleRotating\", \u0026time.RotatingArgs{\n\t\t\tRotationDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalPassword(ctx, \"exampleServicePrincipalPassword\", \u0026azuread.ServicePrincipalPasswordArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ObjectId,\n\t\t\tRotateWhenChanged: pulumi.StringMap{\n\t\t\t\t\"rotation\": exampleRotating.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.time.Rotating;\nimport com.pulumi.time.RotatingArgs;\nimport com.pulumi.azuread.ServicePrincipalPassword;\nimport com.pulumi.azuread.ServicePrincipalPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleRotating = new Rotating(\"exampleRotating\", RotatingArgs.builder() \n .rotationDays(7)\n .build());\n\n var exampleServicePrincipalPassword = new ServicePrincipalPassword(\"exampleServicePrincipalPassword\", ServicePrincipalPasswordArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.objectId())\n .rotateWhenChanged(Map.of(\"rotation\", exampleRotating.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleRotating:\n type: time:Rotating\n properties:\n rotationDays: 7\n exampleServicePrincipalPassword:\n type: azuread:ServicePrincipalPassword\n properties:\n servicePrincipalId: ${exampleServicePrincipal.objectId}\n rotateWhenChanged:\n rotation: ${exampleRotating.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing.\n\n ", "properties": { "displayName": { "type": "string", @@ -7591,7 +7591,7 @@ } }, "azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Using default settings*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalTokenSigningCertificate = new azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", {servicePrincipalId: exampleServicePrincipal.id});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_token_signing_certificate = azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", service_principal_id=example_service_principal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalTokenSigningCertificate = new AzureAD.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalTokenSigningCertificate(ctx, \"exampleServicePrincipalTokenSigningCertificate\", \u0026azuread.ServicePrincipalTokenSigningCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificate;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalTokenSigningCertificate = new ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", ServicePrincipalTokenSigningCertificateArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalTokenSigningCertificate:\n type: azuread:ServicePrincipalTokenSigningCertificate\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n```\n\n*Using custom settings*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalTokenSigningCertificate = new azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", {\n servicePrincipalId: exampleServicePrincipal.id,\n displayName: \"CN=example.com\",\n endDate: \"2023-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_token_signing_certificate = azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\",\n service_principal_id=example_service_principal.id,\n display_name=\"CN=example.com\",\n end_date=\"2023-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalTokenSigningCertificate = new AzureAD.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n DisplayName = \"CN=example.com\",\n EndDate = \"2023-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalTokenSigningCertificate(ctx, \"exampleServicePrincipalTokenSigningCertificate\", \u0026azuread.ServicePrincipalTokenSigningCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tDisplayName: pulumi.String(\"CN=example.com\"),\n\t\t\tEndDate: pulumi.String(\"2023-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificate;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalTokenSigningCertificate = new ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", ServicePrincipalTokenSigningCertificateArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .displayName(\"CN=example.com\")\n .endDate(\"2023-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalTokenSigningCertificate:\n type: azuread:ServicePrincipalTokenSigningCertificate\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n displayName: CN=example.com\n endDate: 2023-05-01T01:02:03Z\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nToken signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g.\n\n```sh\n $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the service principal's object ID, the string \"tokenSigningCertificate\" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`. ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Using default settings*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalTokenSigningCertificate = new azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", {servicePrincipalId: exampleServicePrincipal.id});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_token_signing_certificate = azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", service_principal_id=example_service_principal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalTokenSigningCertificate = new AzureAD.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalTokenSigningCertificate(ctx, \"exampleServicePrincipalTokenSigningCertificate\", \u0026azuread.ServicePrincipalTokenSigningCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificate;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalTokenSigningCertificate = new ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", ServicePrincipalTokenSigningCertificateArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalTokenSigningCertificate:\n type: azuread:ServicePrincipalTokenSigningCertificate\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n```\n\n*Using custom settings*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalTokenSigningCertificate = new azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", {\n servicePrincipalId: exampleServicePrincipal.id,\n displayName: \"CN=example.com\",\n endDate: \"2023-05-01T01:02:03Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_token_signing_certificate = azuread.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\",\n service_principal_id=example_service_principal.id,\n display_name=\"CN=example.com\",\n end_date=\"2023-05-01T01:02:03Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalTokenSigningCertificate = new AzureAD.ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n DisplayName = \"CN=example.com\",\n EndDate = \"2023-05-01T01:02:03Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalTokenSigningCertificate(ctx, \"exampleServicePrincipalTokenSigningCertificate\", \u0026azuread.ServicePrincipalTokenSigningCertificateArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tDisplayName: pulumi.String(\"CN=example.com\"),\n\t\t\tEndDate: pulumi.String(\"2023-05-01T01:02:03Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificate;\nimport com.pulumi.azuread.ServicePrincipalTokenSigningCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalTokenSigningCertificate = new ServicePrincipalTokenSigningCertificate(\"exampleServicePrincipalTokenSigningCertificate\", ServicePrincipalTokenSigningCertificateArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .displayName(\"CN=example.com\")\n .endDate(\"2023-05-01T01:02:03Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalTokenSigningCertificate:\n type: azuread:ServicePrincipalTokenSigningCertificate\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n displayName: CN=example.com\n endDate: 2023-05-01T01:02:03Z\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nToken signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g.\n\n ```sh\n $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the service principal's object ID, the string \"tokenSigningCertificate\" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`.\n\n ", "properties": { "displayName": { "type": "string", @@ -7692,7 +7692,7 @@ } }, "azuread:index/synchronizationJob:SynchronizationJob": { - "description": "Manages a synchronization job associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n applicationId: exampleApplication.applicationId,\n useExisting: true,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"exampleSynchronizationSecret\", {\n servicePrincipalId: exampleServicePrincipal.id,\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\nconst exampleSynchronizationJob = new azuread.SynchronizationJob(\"exampleSynchronizationJob\", {\n servicePrincipalId: exampleServicePrincipal.id,\n templateId: \"dataBricks\",\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id,\n feature_tags=[azuread.ApplicationFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n application_id=example_application.application_id,\n use_existing=True)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"exampleSynchronizationSecret\",\n service_principal_id=example_service_principal.id,\n credentials=[\n azuread.SynchronizationSecretCredentialArgs(\n key=\"BaseAddress\",\n value=\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n ),\n azuread.SynchronizationSecretCredentialArgs(\n key=\"SecretToken\",\n value=\"some-token\",\n ),\n ])\nexample_synchronization_job = azuread.SynchronizationJob(\"exampleSynchronizationJob\",\n service_principal_id=example_service_principal.id,\n template_id=\"dataBricks\",\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n UseExisting = true,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"exampleSynchronizationSecret\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n var exampleSynchronizationJob = new AzureAD.SynchronizationJob(\"exampleSynchronizationJob\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n TemplateId = \"dataBricks\",\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"exampleSynchronizationSecret\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationJob(ctx, \"exampleSynchronizationJob\", \u0026azuread.SynchronizationJobArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tTemplateId: pulumi.String(\"dataBricks\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport com.pulumi.azuread.SynchronizationJob;\nimport com.pulumi.azuread.SynchronizationJobArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .useExisting(true)\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n var exampleSynchronizationJob = new SynchronizationJob(\"exampleSynchronizationJob\", SynchronizationJobArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .templateId(\"dataBricks\")\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n featureTags:\n - enterprise: true\n gallery: true\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n useExisting: true\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: https://adb-example.azuredatabricks.net/api/2.0/preview/scim\n - key: SecretToken\n value: some-token\n exampleSynchronizationJob:\n type: azuread:SynchronizationJob\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n templateId: dataBricks\n enabled: true\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSynchronization jobs can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`. ", + "description": "Manages a synchronization job associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n applicationId: exampleApplication.applicationId,\n useExisting: true,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"exampleSynchronizationSecret\", {\n servicePrincipalId: exampleServicePrincipal.id,\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\nconst exampleSynchronizationJob = new azuread.SynchronizationJob(\"exampleSynchronizationJob\", {\n servicePrincipalId: exampleServicePrincipal.id,\n templateId: \"dataBricks\",\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id,\n feature_tags=[azuread.ApplicationFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n application_id=example_application.application_id,\n use_existing=True)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"exampleSynchronizationSecret\",\n service_principal_id=example_service_principal.id,\n credentials=[\n azuread.SynchronizationSecretCredentialArgs(\n key=\"BaseAddress\",\n value=\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n ),\n azuread.SynchronizationSecretCredentialArgs(\n key=\"SecretToken\",\n value=\"some-token\",\n ),\n ])\nexample_synchronization_job = azuread.SynchronizationJob(\"exampleSynchronizationJob\",\n service_principal_id=example_service_principal.id,\n template_id=\"dataBricks\",\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n UseExisting = true,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"exampleSynchronizationSecret\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n var exampleSynchronizationJob = new AzureAD.SynchronizationJob(\"exampleSynchronizationJob\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n TemplateId = \"dataBricks\",\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"exampleSynchronizationSecret\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationJob(ctx, \"exampleSynchronizationJob\", \u0026azuread.SynchronizationJobArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tTemplateId: pulumi.String(\"dataBricks\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport com.pulumi.azuread.SynchronizationJob;\nimport com.pulumi.azuread.SynchronizationJobArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .useExisting(true)\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"https://adb-example.azuredatabricks.net/api/2.0/preview/scim\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n var exampleSynchronizationJob = new SynchronizationJob(\"exampleSynchronizationJob\", SynchronizationJobArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .templateId(\"dataBricks\")\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n featureTags:\n - enterprise: true\n gallery: true\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n useExisting: true\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: https://adb-example.azuredatabricks.net/api/2.0/preview/scim\n - key: SecretToken\n value: some-token\n exampleSynchronizationJob:\n type: azuread:SynchronizationJob\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n templateId: dataBricks\n enabled: true\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSynchronization jobs can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`.\n\n ", "properties": { "enabled": { "type": "boolean", @@ -7768,7 +7768,7 @@ } }, "azuread:index/synchronizationSecret:SynchronizationSecret": { - "description": "Manages synchronization secrets associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n applicationId: exampleApplication.applicationId,\n useExisting: true,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"exampleSynchronizationSecret\", {\n servicePrincipalId: exampleServicePrincipal.id,\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"abc\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id,\n feature_tags=[azuread.ApplicationFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n application_id=example_application.application_id,\n use_existing=True)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"exampleSynchronizationSecret\",\n service_principal_id=example_service_principal.id,\n credentials=[\n azuread.SynchronizationSecretCredentialArgs(\n key=\"BaseAddress\",\n value=\"abc\",\n ),\n azuread.SynchronizationSecretCredentialArgs(\n key=\"SecretToken\",\n value=\"some-token\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n UseExisting = true,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"exampleSynchronizationSecret\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"abc\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"exampleSynchronizationSecret\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"abc\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .useExisting(true)\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"abc\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n featureTags:\n - enterprise: true\n gallery: true\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n useExisting: true\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: abc\n - key: SecretToken\n value: some-token\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", + "description": "Manages synchronization secrets associated with a service principal (enterprise application) within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplicationTemplate = azuread.getApplicationTemplate({\n displayName: \"Azure Databricks SCIM Provisioning Connector\",\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n templateId: exampleApplicationTemplate.then(exampleApplicationTemplate =\u003e exampleApplicationTemplate.templateId),\n featureTags: [{\n enterprise: true,\n gallery: true,\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {\n applicationId: exampleApplication.applicationId,\n useExisting: true,\n});\nconst exampleSynchronizationSecret = new azuread.SynchronizationSecret(\"exampleSynchronizationSecret\", {\n servicePrincipalId: exampleServicePrincipal.id,\n credentials: [\n {\n key: \"BaseAddress\",\n value: \"abc\",\n },\n {\n key: \"SecretToken\",\n value: \"some-token\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application_template = azuread.get_application_template(display_name=\"Azure Databricks SCIM Provisioning Connector\")\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n template_id=example_application_template.template_id,\n feature_tags=[azuread.ApplicationFeatureTagArgs(\n enterprise=True,\n gallery=True,\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\",\n application_id=example_application.application_id,\n use_existing=True)\nexample_synchronization_secret = azuread.SynchronizationSecret(\"exampleSynchronizationSecret\",\n service_principal_id=example_service_principal.id,\n credentials=[\n azuread.SynchronizationSecretCredentialArgs(\n key=\"BaseAddress\",\n value=\"abc\",\n ),\n azuread.SynchronizationSecretCredentialArgs(\n key=\"SecretToken\",\n value=\"some-token\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplicationTemplate = AzureAD.GetApplicationTemplate.Invoke(new()\n {\n DisplayName = \"Azure Databricks SCIM Provisioning Connector\",\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n TemplateId = exampleApplicationTemplate.Apply(getApplicationTemplateResult =\u003e getApplicationTemplateResult.TemplateId),\n FeatureTags = new[]\n {\n new AzureAD.Inputs.ApplicationFeatureTagArgs\n {\n Enterprise = true,\n Gallery = true,\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n UseExisting = true,\n });\n\n var exampleSynchronizationSecret = new AzureAD.SynchronizationSecret(\"exampleSynchronizationSecret\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.Id,\n Credentials = new[]\n {\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"BaseAddress\",\n Value = \"abc\",\n },\n new AzureAD.Inputs.SynchronizationSecretCredentialArgs\n {\n Key = \"SecretToken\",\n Value = \"some-token\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplicationTemplate, err := azuread.GetApplicationTemplate(ctx, \u0026azuread.GetApplicationTemplateArgs{\n\t\t\tDisplayName: pulumi.StringRef(\"Azure Databricks SCIM Provisioning Connector\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tTemplateId: *pulumi.String(exampleApplicationTemplate.TemplateId),\n\t\t\tFeatureTags: azuread.ApplicationFeatureTagArray{\n\t\t\t\t\u0026azuread.ApplicationFeatureTagArgs{\n\t\t\t\t\tEnterprise: pulumi.Bool(true),\n\t\t\t\t\tGallery: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewSynchronizationSecret(ctx, \"exampleSynchronizationSecret\", \u0026azuread.SynchronizationSecretArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ID(),\n\t\t\tCredentials: azuread.SynchronizationSecretCredentialArray{\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"BaseAddress\"),\n\t\t\t\t\tValue: pulumi.String(\"abc\"),\n\t\t\t\t},\n\t\t\t\t\u0026azuread.SynchronizationSecretCredentialArgs{\n\t\t\t\t\tKey: pulumi.String(\"SecretToken\"),\n\t\t\t\t\tValue: pulumi.String(\"some-token\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetApplicationTemplateArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationFeatureTagArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.SynchronizationSecret;\nimport com.pulumi.azuread.SynchronizationSecretArgs;\nimport com.pulumi.azuread.inputs.SynchronizationSecretCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleApplicationTemplate = AzureadFunctions.getApplicationTemplate(GetApplicationTemplateArgs.builder()\n .displayName(\"Azure Databricks SCIM Provisioning Connector\")\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .templateId(exampleApplicationTemplate.applyValue(getApplicationTemplateResult -\u003e getApplicationTemplateResult.templateId()))\n .featureTags(ApplicationFeatureTagArgs.builder()\n .enterprise(true)\n .gallery(true)\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .useExisting(true)\n .build());\n\n var exampleSynchronizationSecret = new SynchronizationSecret(\"exampleSynchronizationSecret\", SynchronizationSecretArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.id())\n .credentials( \n SynchronizationSecretCredentialArgs.builder()\n .key(\"BaseAddress\")\n .value(\"abc\")\n .build(),\n SynchronizationSecretCredentialArgs.builder()\n .key(\"SecretToken\")\n .value(\"some-token\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n templateId: ${exampleApplicationTemplate.templateId}\n featureTags:\n - enterprise: true\n gallery: true\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n useExisting: true\n exampleSynchronizationSecret:\n type: azuread:SynchronizationSecret\n properties:\n servicePrincipalId: ${exampleServicePrincipal.id}\n credentials:\n - key: BaseAddress\n value: abc\n - key: SecretToken\n value: some-token\nvariables:\n exampleApplicationTemplate:\n fn::invoke:\n Function: azuread:getApplicationTemplate\n Arguments:\n displayName: Azure Databricks SCIM Provisioning Connector\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing.\n\n ", "properties": { "credentials": { "type": "array", @@ -7822,7 +7822,7 @@ } }, "azuread:index/user:User": { - "description": "Manages a user within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `User.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.User(\"example\", {\n displayName: \"J. Doe\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n userPrincipalName: \"jdoe@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.User(\"example\",\n display_name=\"J. Doe\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\",\n user_principal_name=\"jdoe@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.User(\"example\", new()\n {\n DisplayName = \"J. Doe\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewUser(ctx, \"example\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder() \n .displayName(\"J. Doe\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:User\n properties:\n displayName: J. Doe\n mailNickname: jdoe\n password: SecretP@sswd99!\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nUsers can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a user within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `User.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.User(\"example\", {\n displayName: \"J. Doe\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n userPrincipalName: \"jdoe@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.User(\"example\",\n display_name=\"J. Doe\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\",\n user_principal_name=\"jdoe@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.User(\"example\", new()\n {\n DisplayName = \"J. Doe\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n UserPrincipalName = \"jdoe@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewUser(ctx, \"example\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder() \n .displayName(\"J. Doe\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .userPrincipalName(\"jdoe@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:User\n properties:\n displayName: J. Doe\n mailNickname: jdoe\n password: SecretP@sswd99!\n userPrincipalName: jdoe@example.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nUsers can be imported using their object ID, e.g.\n\n ```sh\n $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "aboutMe": { "type": "string", @@ -8418,7 +8418,7 @@ } }, "azuread:index/userFlowAttribute:UserFlowAttribute": { - "description": "Manages user flow attributes in an Azure Active Directory (Azure AD) tenant.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.UserFlowAttribute(\"example\", {\n dataType: \"string\",\n description: \"Your hobby\",\n displayName: \"Hobby\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.UserFlowAttribute(\"example\",\n data_type=\"string\",\n description=\"Your hobby\",\n display_name=\"Hobby\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.UserFlowAttribute(\"example\", new()\n {\n DataType = \"string\",\n Description = \"Your hobby\",\n DisplayName = \"Hobby\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewUserFlowAttribute(ctx, \"example\", \u0026azuread.UserFlowAttributeArgs{\n\t\t\tDataType: pulumi.String(\"string\"),\n\t\t\tDescription: pulumi.String(\"Your hobby\"),\n\t\t\tDisplayName: pulumi.String(\"Hobby\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.UserFlowAttribute;\nimport com.pulumi.azuread.UserFlowAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserFlowAttribute(\"example\", UserFlowAttributeArgs.builder() \n .dataType(\"string\")\n .description(\"Your hobby\")\n .displayName(\"Hobby\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:UserFlowAttribute\n properties:\n dataType: string\n description: Your hobby\n displayName: Hobby\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nUser flow attributes can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv\n```\n\n -\u003e This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0\u0026tabs=http). ", + "description": "Manages user flow attributes in an Azure Active Directory (Azure AD) tenant.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `IdentityUserFlow.ReadWrite.All`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.UserFlowAttribute(\"example\", {\n dataType: \"string\",\n description: \"Your hobby\",\n displayName: \"Hobby\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.UserFlowAttribute(\"example\",\n data_type=\"string\",\n description=\"Your hobby\",\n display_name=\"Hobby\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.UserFlowAttribute(\"example\", new()\n {\n DataType = \"string\",\n Description = \"Your hobby\",\n DisplayName = \"Hobby\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewUserFlowAttribute(ctx, \"example\", \u0026azuread.UserFlowAttributeArgs{\n\t\t\tDataType: pulumi.String(\"string\"),\n\t\t\tDescription: pulumi.String(\"Your hobby\"),\n\t\t\tDisplayName: pulumi.String(\"Hobby\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.UserFlowAttribute;\nimport com.pulumi.azuread.UserFlowAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserFlowAttribute(\"example\", UserFlowAttributeArgs.builder() \n .dataType(\"string\")\n .description(\"Your hobby\")\n .displayName(\"Hobby\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:UserFlowAttribute\n properties:\n dataType: string\n description: Your hobby\n displayName: Hobby\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nUser flow attributes can be imported using the `id`, e.g.\n\n ```sh\n $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv\n```\n\n -\u003e This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0\u0026tabs=http).\n\n ", "properties": { "attributeType": { "type": "string", diff --git a/provider/go.mod b/provider/go.mod index a0c6e1f3e..ee104da01 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -5,12 +5,12 @@ go 1.21.3 require ( github.com/hashicorp/go-azure-sdk v0.20231117.1130141 github.com/hashicorp/terraform-provider-azuread/shim v0.0.0 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.73.0 - github.com/pulumi/pulumi/sdk/v3 v3.104.2 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.74.0 + github.com/pulumi/pulumi/sdk/v3 v3.105.0 ) replace ( - github.com/hashicorp/terraform-plugin-sdk/v2 => github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20240129205329-74776a5cd5f9 + github.com/hashicorp/terraform-plugin-sdk/v2 => github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20240202163305-e2a20ae13ef9 github.com/hashicorp/terraform-provider-azuread/shim => ./shim github.com/hashicorp/vault => github.com/hashicorp/vault v1.2.0 ) @@ -186,7 +186,7 @@ require ( github.com/pulumi/pulumi-java/pkg v0.9.9 // indirect github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.7 // indirect github.com/pulumi/pulumi-yaml v1.5.0 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.104.2 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.105.0 // indirect github.com/pulumi/schema-tools v0.1.2 // indirect github.com/pulumi/terraform-diff-reader v0.0.2 // indirect github.com/rivo/uniseg v0.4.4 // indirect diff --git a/provider/go.sum b/provider/go.sum index e74f91236..ea15e40e4 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -2221,22 +2221,22 @@ github.com/pulumi/providertest v0.0.10 h1:bx77G0JYPO2Alf/SHRP05XpAYMrboKJkMIVkbF github.com/pulumi/providertest v0.0.10/go.mod h1:HsxjVsytcMIuNj19w1lT2W0QXY0oReXl1+h6eD2JXP8= github.com/pulumi/pulumi-java/pkg v0.9.9 h1:F3xJUtMFDVrTGCxb7Rh2Q8s6tj7gMfM5pcoUthz7vFY= github.com/pulumi/pulumi-java/pkg v0.9.9/go.mod h1:LVF1zeg3UkToHWxb67V+zEIxQc3EdMnlot5NWSt+FpA= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.73.0 h1:8EVPKIISUQe/iABfvPa6pe9sOCz6jQViAHx5/cK02LQ= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.73.0/go.mod h1:gdaUiZPVbL5NyfANwaO4Bi87ds822JOm8BHJxr69OXU= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.74.0 h1:cVsqcIJqgCosq9ib0rUyUBLEr3Mamz138JA7gqN21c8= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.74.0/go.mod h1:WOKqq+pzEXcfoXbGPd4weBFIY6RQjzlKO365LPHKrB8= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.7 h1:Z9vmfVTW0QtJrWh+DRR3UKiRZX23f45lFtdhQiUHEqE= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.7/go.mod h1:T9zHpTHyVz2EyobzByFFpjfqgGtXO4C4bNqC0j29D2I= github.com/pulumi/pulumi-yaml v1.5.0 h1:HfXu+WSFNpycref9CK935cViYJzXwSgHGWM/RepyrW0= github.com/pulumi/pulumi-yaml v1.5.0/go.mod h1:AvKSmEQv2EkPbpvAQroR1eP1LkJGC8z5NDM34rVWOtg= -github.com/pulumi/pulumi/pkg/v3 v3.104.2 h1:pxioQCKuTrGyeCmdxkR2M03nFBrPMhPnuHMaaTfxY1Y= -github.com/pulumi/pulumi/pkg/v3 v3.104.2/go.mod h1:AvF18k2O6rZIV27fF9i0UueP/PjiqSJeRMiOi3cVgEM= -github.com/pulumi/pulumi/sdk/v3 v3.104.2 h1:aOwUkrlsyEWrL1jlHqn2/36zMSPQrVUYUyZPqstrmjc= -github.com/pulumi/pulumi/sdk/v3 v3.104.2/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= +github.com/pulumi/pulumi/pkg/v3 v3.105.0 h1:bJG1vUiYH2gDF1pfBKlIABDNoJD2LvU1LmjjL+EbvuM= +github.com/pulumi/pulumi/pkg/v3 v3.105.0/go.mod h1:eZAFEFOwE/skElTfwetfyTxPebmWr5vOS5NSU9XwlVw= +github.com/pulumi/pulumi/sdk/v3 v3.105.0 h1:OKEeubZigWyQVnZS6udnFnZHZ/8OWXuUYv9ir3OY+vs= +github.com/pulumi/pulumi/sdk/v3 v3.105.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= github.com/pulumi/terraform-diff-reader v0.0.2/go.mod h1:sZ9FUzGO+yM41hsQHs/yIcj/Y993qMdBxBU5mpDmAfQ= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20240129205329-74776a5cd5f9 h1:p8vtMw4abpcmwE0v8b6x2GKZQKisrmdjojkoP3oelak= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20240129205329-74776a5cd5f9/go.mod h1:qH/34G25Ugdj5FcM95cSoXzUgIbgfhVLXCcEcYaMwq8= +github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20240202163305-e2a20ae13ef9 h1:k3SdGlmaJ49yaRV79Ktb5KGdPvuNfeiv4+oHXN+wyhs= +github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20240202163305-e2a20ae13ef9/go.mod h1:qH/34G25Ugdj5FcM95cSoXzUgIbgfhVLXCcEcYaMwq8= github.com/rakyll/embedmd v0.0.0-20171029212350-c8060a0752a2/go.mod h1:7jOTMgqac46PZcF54q6l2hkLEG8op93fZu61KmxWDV4= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= diff --git a/sdk/dotnet/AccessPackage.cs b/sdk/dotnet/AccessPackage.cs index ec7657ece..d6ea1b7e1 100644 --- a/sdk/dotnet/AccessPackage.cs +++ b/sdk/dotnet/AccessPackage.cs @@ -51,7 +51,7 @@ namespace Pulumi.AzureAD /// Access Packages can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/accessPackage:AccessPackage")] diff --git a/sdk/dotnet/AccessPackageAssignmentPolicy.cs b/sdk/dotnet/AccessPackageAssignmentPolicy.cs index 906fe884d..4049f11a1 100644 --- a/sdk/dotnet/AccessPackageAssignmentPolicy.cs +++ b/sdk/dotnet/AccessPackageAssignmentPolicy.cs @@ -106,7 +106,7 @@ namespace Pulumi.AzureAD /// An access package assignment policy can be imported using the ID, e.g. /// /// ```sh - /// $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy")] diff --git a/sdk/dotnet/AccessPackageCatalog.cs b/sdk/dotnet/AccessPackageCatalog.cs index 63e55463a..d2408b15b 100644 --- a/sdk/dotnet/AccessPackageCatalog.cs +++ b/sdk/dotnet/AccessPackageCatalog.cs @@ -44,7 +44,7 @@ namespace Pulumi.AzureAD /// An Access Package Catalog can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/accessPackageCatalog:AccessPackageCatalog")] diff --git a/sdk/dotnet/AccessPackageCatalogRoleAssignment.cs b/sdk/dotnet/AccessPackageCatalogRoleAssignment.cs index 7fa8098f4..305357d0d 100644 --- a/sdk/dotnet/AccessPackageCatalogRoleAssignment.cs +++ b/sdk/dotnet/AccessPackageCatalogRoleAssignment.cs @@ -61,7 +61,7 @@ namespace Pulumi.AzureAD /// Catalog role assignments can be imported using the ID of the assignment, e.g. /// /// ```sh - /// $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment")] diff --git a/sdk/dotnet/AccessPackageResourceCatalogAssociation.cs b/sdk/dotnet/AccessPackageResourceCatalogAssociation.cs index b567d58f9..6820fb30d 100644 --- a/sdk/dotnet/AccessPackageResourceCatalogAssociation.cs +++ b/sdk/dotnet/AccessPackageResourceCatalogAssociation.cs @@ -57,7 +57,7 @@ namespace Pulumi.AzureAD /// The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. /// /// ```sh - /// $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. diff --git a/sdk/dotnet/AccessPackageResourcePackageAssociation.cs b/sdk/dotnet/AccessPackageResourcePackageAssociation.cs index 1ac1f1fa2..01c347782 100644 --- a/sdk/dotnet/AccessPackageResourcePackageAssociation.cs +++ b/sdk/dotnet/AccessPackageResourcePackageAssociation.cs @@ -70,7 +70,7 @@ namespace Pulumi.AzureAD /// The resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g. /// /// ```sh - /// $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + /// $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`. diff --git a/sdk/dotnet/AdministrativeUnit.cs b/sdk/dotnet/AdministrativeUnit.cs index 2c755cd93..38b6b77e6 100644 --- a/sdk/dotnet/AdministrativeUnit.cs +++ b/sdk/dotnet/AdministrativeUnit.cs @@ -45,7 +45,7 @@ namespace Pulumi.AzureAD /// Administrative units can be imported using their object ID, e.g. /// /// ```sh - /// $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/administrativeUnit:AdministrativeUnit")] diff --git a/sdk/dotnet/AdministrativeUnitMember.cs b/sdk/dotnet/AdministrativeUnitMember.cs index 0a66f4993..ad0ca8297 100644 --- a/sdk/dotnet/AdministrativeUnitMember.cs +++ b/sdk/dotnet/AdministrativeUnitMember.cs @@ -56,7 +56,7 @@ namespace Pulumi.AzureAD /// Administrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g. /// /// ```sh - /// $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`. diff --git a/sdk/dotnet/AdministrativeUnitRoleMember.cs b/sdk/dotnet/AdministrativeUnitRoleMember.cs index b5077544b..a31172210 100644 --- a/sdk/dotnet/AdministrativeUnitRoleMember.cs +++ b/sdk/dotnet/AdministrativeUnitRoleMember.cs @@ -60,7 +60,7 @@ namespace Pulumi.AzureAD /// Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. /// /// ```sh - /// $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + /// $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. diff --git a/sdk/dotnet/AppRoleAssignment.cs b/sdk/dotnet/AppRoleAssignment.cs index f700b59f5..f055f7a78 100644 --- a/sdk/dotnet/AppRoleAssignment.cs +++ b/sdk/dotnet/AppRoleAssignment.cs @@ -259,10 +259,10 @@ namespace Pulumi.AzureAD /// /// ## Import /// - /// App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g. + /// App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g. /// /// ```sh - /// $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + /// $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. diff --git a/sdk/dotnet/Application.cs b/sdk/dotnet/Application.cs index 9dcaebf07..97847d4ab 100644 --- a/sdk/dotnet/Application.cs +++ b/sdk/dotnet/Application.cs @@ -234,7 +234,7 @@ namespace Pulumi.AzureAD /// Applications can be imported using the object ID of the application, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/application:Application")] diff --git a/sdk/dotnet/ApplicationApiAccess.cs b/sdk/dotnet/ApplicationApiAccess.cs index 34aece187..ebc3e474c 100644 --- a/sdk/dotnet/ApplicationApiAccess.cs +++ b/sdk/dotnet/ApplicationApiAccess.cs @@ -81,7 +81,7 @@ namespace Pulumi.AzureAD /// Application API Access can be imported using the object ID of the application and the client ID of the API, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 /// ``` /// [AzureADResourceType("azuread:index/applicationApiAccess:ApplicationApiAccess")] diff --git a/sdk/dotnet/ApplicationAppRole.cs b/sdk/dotnet/ApplicationAppRole.cs index d0b2da41a..8e5c52ec2 100644 --- a/sdk/dotnet/ApplicationAppRole.cs +++ b/sdk/dotnet/ApplicationAppRole.cs @@ -75,7 +75,7 @@ namespace Pulumi.AzureAD /// Application App Roles can be imported using the object ID of the application and the ID of the app role, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 /// ``` /// [AzureADResourceType("azuread:index/applicationAppRole:ApplicationAppRole")] diff --git a/sdk/dotnet/ApplicationCertificate.cs b/sdk/dotnet/ApplicationCertificate.cs index 90855dd3b..6acc168b7 100644 --- a/sdk/dotnet/ApplicationCertificate.cs +++ b/sdk/dotnet/ApplicationCertificate.cs @@ -15,7 +15,7 @@ namespace Pulumi.AzureAD /// Certificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g. /// /// ```sh - /// $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the application's object ID, the string "certificate" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/dotnet/ApplicationFallbackPublicClient.cs b/sdk/dotnet/ApplicationFallbackPublicClient.cs index 4a16ca644..c258c0ccd 100644 --- a/sdk/dotnet/ApplicationFallbackPublicClient.cs +++ b/sdk/dotnet/ApplicationFallbackPublicClient.cs @@ -39,7 +39,7 @@ namespace Pulumi.AzureAD /// The Application Fallback Public Client setting can be imported using the object ID of the application, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient + /// $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient /// ``` /// [AzureADResourceType("azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient")] diff --git a/sdk/dotnet/ApplicationFederatedIdentityCredential.cs b/sdk/dotnet/ApplicationFederatedIdentityCredential.cs index 0e8b79ce0..a7af73581 100644 --- a/sdk/dotnet/ApplicationFederatedIdentityCredential.cs +++ b/sdk/dotnet/ApplicationFederatedIdentityCredential.cs @@ -46,7 +46,7 @@ namespace Pulumi.AzureAD /// Federated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g. /// /// ```sh - /// $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the application's object ID, the string "federatedIdentityCredential" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`. diff --git a/sdk/dotnet/ApplicationFromTemplate.cs b/sdk/dotnet/ApplicationFromTemplate.cs index f98158cf7..c5ced4303 100644 --- a/sdk/dotnet/ApplicationFromTemplate.cs +++ b/sdk/dotnet/ApplicationFromTemplate.cs @@ -61,7 +61,7 @@ namespace Pulumi.AzureAD /// Templated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 + /// $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 /// ``` /// [AzureADResourceType("azuread:index/applicationFromTemplate:ApplicationFromTemplate")] diff --git a/sdk/dotnet/ApplicationIdentifierUri.cs b/sdk/dotnet/ApplicationIdentifierUri.cs index 2cfb5d81a..96503cab5 100644 --- a/sdk/dotnet/ApplicationIdentifierUri.cs +++ b/sdk/dotnet/ApplicationIdentifierUri.cs @@ -65,7 +65,7 @@ namespace Pulumi.AzureAD /// Application Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= + /// $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= /// ``` /// [AzureADResourceType("azuread:index/applicationIdentifierUri:ApplicationIdentifierUri")] diff --git a/sdk/dotnet/ApplicationKnownClients.cs b/sdk/dotnet/ApplicationKnownClients.cs index 88f89f944..7594bd696 100644 --- a/sdk/dotnet/ApplicationKnownClients.cs +++ b/sdk/dotnet/ApplicationKnownClients.cs @@ -47,7 +47,7 @@ namespace Pulumi.AzureAD /// Application Known Clients can be imported using the object ID of the application in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients + /// $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients /// ``` /// [AzureADResourceType("azuread:index/applicationKnownClients:ApplicationKnownClients")] diff --git a/sdk/dotnet/ApplicationOptionalClaims.cs b/sdk/dotnet/ApplicationOptionalClaims.cs index 29048ea95..0f62c1368 100644 --- a/sdk/dotnet/ApplicationOptionalClaims.cs +++ b/sdk/dotnet/ApplicationOptionalClaims.cs @@ -69,7 +69,7 @@ namespace Pulumi.AzureAD /// Application Optional Claims can be imported using the object ID of the application, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/applicationOptionalClaims:ApplicationOptionalClaims")] diff --git a/sdk/dotnet/ApplicationOwner.cs b/sdk/dotnet/ApplicationOwner.cs index f2dee94ca..ddaf2721d 100644 --- a/sdk/dotnet/ApplicationOwner.cs +++ b/sdk/dotnet/ApplicationOwner.cs @@ -48,7 +48,7 @@ namespace Pulumi.AzureAD /// Application Owners can be imported using the object ID of the application and the object ID of the owner, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 /// ``` /// [AzureADResourceType("azuread:index/applicationOwner:ApplicationOwner")] diff --git a/sdk/dotnet/ApplicationPermissionScope.cs b/sdk/dotnet/ApplicationPermissionScope.cs index 2a5959803..2bee6ffc9 100644 --- a/sdk/dotnet/ApplicationPermissionScope.cs +++ b/sdk/dotnet/ApplicationPermissionScope.cs @@ -71,7 +71,7 @@ namespace Pulumi.AzureAD /// Application App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 /// ``` /// [AzureADResourceType("azuread:index/applicationPermissionScope:ApplicationPermissionScope")] diff --git a/sdk/dotnet/ApplicationPreAuthorized.cs b/sdk/dotnet/ApplicationPreAuthorized.cs index 3d1a43bc9..b9399f1f5 100644 --- a/sdk/dotnet/ApplicationPreAuthorized.cs +++ b/sdk/dotnet/ApplicationPreAuthorized.cs @@ -75,7 +75,7 @@ namespace Pulumi.AzureAD /// Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g. /// /// ```sh - /// $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string "preAuthorizedApplication" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`. diff --git a/sdk/dotnet/ApplicationRedirectUris.cs b/sdk/dotnet/ApplicationRedirectUris.cs index 9dba33ad8..ed0c79554 100644 --- a/sdk/dotnet/ApplicationRedirectUris.cs +++ b/sdk/dotnet/ApplicationRedirectUris.cs @@ -71,7 +71,7 @@ namespace Pulumi.AzureAD /// Application API Access can be imported using the object ID of the application and the URI type, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web + /// $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web /// ``` /// [AzureADResourceType("azuread:index/applicationRedirectUris:ApplicationRedirectUris")] diff --git a/sdk/dotnet/ApplicationRegistration.cs b/sdk/dotnet/ApplicationRegistration.cs index 43961a03a..1a64852d9 100644 --- a/sdk/dotnet/ApplicationRegistration.cs +++ b/sdk/dotnet/ApplicationRegistration.cs @@ -53,7 +53,7 @@ namespace Pulumi.AzureAD /// Application Registrations can be imported using the object ID of the application, in the following format. /// /// ```sh - /// $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/applicationRegistration:ApplicationRegistration")] diff --git a/sdk/dotnet/AuthenticationStrengthPolicy.cs b/sdk/dotnet/AuthenticationStrengthPolicy.cs index 6f7dcb5fd..14d04d510 100644 --- a/sdk/dotnet/AuthenticationStrengthPolicy.cs +++ b/sdk/dotnet/AuthenticationStrengthPolicy.cs @@ -79,7 +79,7 @@ namespace Pulumi.AzureAD /// Authentication Strength Policies can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy")] diff --git a/sdk/dotnet/ClaimsMappingPolicy.cs b/sdk/dotnet/ClaimsMappingPolicy.cs index ef8c9af22..32ee47219 100644 --- a/sdk/dotnet/ClaimsMappingPolicy.cs +++ b/sdk/dotnet/ClaimsMappingPolicy.cs @@ -72,7 +72,7 @@ namespace Pulumi.AzureAD /// Claims Mapping Policy can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/claimsMappingPolicy:ClaimsMappingPolicy")] diff --git a/sdk/dotnet/ConditionalAccessPolicy.cs b/sdk/dotnet/ConditionalAccessPolicy.cs index 3294a35bd..6709fbade 100644 --- a/sdk/dotnet/ConditionalAccessPolicy.cs +++ b/sdk/dotnet/ConditionalAccessPolicy.cs @@ -244,7 +244,7 @@ namespace Pulumi.AzureAD /// Conditional Access Policies can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy")] diff --git a/sdk/dotnet/DirectoryRoleAssignment.cs b/sdk/dotnet/DirectoryRoleAssignment.cs index 1a543225e..4d4469ed1 100644 --- a/sdk/dotnet/DirectoryRoleAssignment.cs +++ b/sdk/dotnet/DirectoryRoleAssignment.cs @@ -25,7 +25,7 @@ namespace Pulumi.AzureAD /// Directory role assignments can be imported using the ID of the assignment, e.g. /// /// ```sh - /// $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 + /// $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 /// ``` /// [AzureADResourceType("azuread:index/directoryRoleAssignment:DirectoryRoleAssignment")] diff --git a/sdk/dotnet/DirectoryRoleEligibilityScheduleRequest.cs b/sdk/dotnet/DirectoryRoleEligibilityScheduleRequest.cs index 3636a7f9f..bd2e5220e 100644 --- a/sdk/dotnet/DirectoryRoleEligibilityScheduleRequest.cs +++ b/sdk/dotnet/DirectoryRoleEligibilityScheduleRequest.cs @@ -58,7 +58,7 @@ namespace Pulumi.AzureAD /// Directory role eligibility schedule requests can be imported using the ID of the assignment, e.g. /// /// ```sh - /// $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 + /// $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 /// ``` /// [AzureADResourceType("azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest")] diff --git a/sdk/dotnet/DirectoryRoleMember.cs b/sdk/dotnet/DirectoryRoleMember.cs index 866391534..c7529ddae 100644 --- a/sdk/dotnet/DirectoryRoleMember.cs +++ b/sdk/dotnet/DirectoryRoleMember.cs @@ -56,7 +56,7 @@ namespace Pulumi.AzureAD /// Directory role members can be imported using the object ID of the role and the object ID of the member, e.g. /// /// ```sh - /// $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`. diff --git a/sdk/dotnet/Group.cs b/sdk/dotnet/Group.cs index 9a3d63211..865774247 100644 --- a/sdk/dotnet/Group.cs +++ b/sdk/dotnet/Group.cs @@ -35,7 +35,7 @@ namespace Pulumi.AzureAD /// Groups can be imported using their object ID, e.g. /// /// ```sh - /// $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/group:Group")] diff --git a/sdk/dotnet/GroupMember.cs b/sdk/dotnet/GroupMember.cs index 5510bfc92..c77e73193 100644 --- a/sdk/dotnet/GroupMember.cs +++ b/sdk/dotnet/GroupMember.cs @@ -59,7 +59,7 @@ namespace Pulumi.AzureAD /// Group members can be imported using the object ID of the group and the object ID of the member, e.g. /// /// ```sh - /// $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. diff --git a/sdk/dotnet/NamedLocation.cs b/sdk/dotnet/NamedLocation.cs index 247ae9952..0e8b0c938 100644 --- a/sdk/dotnet/NamedLocation.cs +++ b/sdk/dotnet/NamedLocation.cs @@ -66,7 +66,7 @@ namespace Pulumi.AzureAD /// Named Locations can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/namedLocation:NamedLocation")] diff --git a/sdk/dotnet/ServicePrincipal.cs b/sdk/dotnet/ServicePrincipal.cs index 6078e2032..8a0a153d8 100644 --- a/sdk/dotnet/ServicePrincipal.cs +++ b/sdk/dotnet/ServicePrincipal.cs @@ -144,7 +144,7 @@ namespace Pulumi.AzureAD /// Service principals can be imported using their object ID, e.g. /// /// ```sh - /// $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/servicePrincipal:ServicePrincipal")] diff --git a/sdk/dotnet/ServicePrincipalCertificate.cs b/sdk/dotnet/ServicePrincipalCertificate.cs index 8d7a169ca..79e758a65 100644 --- a/sdk/dotnet/ServicePrincipalCertificate.cs +++ b/sdk/dotnet/ServicePrincipalCertificate.cs @@ -15,7 +15,7 @@ namespace Pulumi.AzureAD /// Certificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g. /// /// ```sh - /// $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "certificate" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/dotnet/ServicePrincipalClaimsMappingPolicyAssignment.cs b/sdk/dotnet/ServicePrincipalClaimsMappingPolicyAssignment.cs index e976184b9..5c684b7af 100644 --- a/sdk/dotnet/ServicePrincipalClaimsMappingPolicyAssignment.cs +++ b/sdk/dotnet/ServicePrincipalClaimsMappingPolicyAssignment.cs @@ -41,10 +41,10 @@ namespace Pulumi.AzureAD /// /// ## Import /// - /// Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g + /// Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g: /// /// ```sh - /// $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment")] diff --git a/sdk/dotnet/ServicePrincipalDelegatedPermissionGrant.cs b/sdk/dotnet/ServicePrincipalDelegatedPermissionGrant.cs index ca57e7eb1..225bafb73 100644 --- a/sdk/dotnet/ServicePrincipalDelegatedPermissionGrant.cs +++ b/sdk/dotnet/ServicePrincipalDelegatedPermissionGrant.cs @@ -160,7 +160,7 @@ namespace Pulumi.AzureAD /// Delegated permission grants can be imported using their ID, e.g. /// /// ```sh - /// $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + /// $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz /// ``` /// [AzureADResourceType("azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant")] diff --git a/sdk/dotnet/ServicePrincipalTokenSigningCertificate.cs b/sdk/dotnet/ServicePrincipalTokenSigningCertificate.cs index f79fa2c57..99af698b5 100644 --- a/sdk/dotnet/ServicePrincipalTokenSigningCertificate.cs +++ b/sdk/dotnet/ServicePrincipalTokenSigningCertificate.cs @@ -75,7 +75,7 @@ namespace Pulumi.AzureAD /// Token signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g. /// /// ```sh - /// $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 + /// $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "tokenSigningCertificate" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`. diff --git a/sdk/dotnet/SynchronizationJob.cs b/sdk/dotnet/SynchronizationJob.cs index d8ad17e82..40525d2bb 100644 --- a/sdk/dotnet/SynchronizationJob.cs +++ b/sdk/dotnet/SynchronizationJob.cs @@ -88,7 +88,7 @@ namespace Pulumi.AzureAD /// Synchronization jobs can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 + /// $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 /// ``` /// /// -> This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`. diff --git a/sdk/dotnet/User.cs b/sdk/dotnet/User.cs index f3ee21a5b..7b8e020c2 100644 --- a/sdk/dotnet/User.cs +++ b/sdk/dotnet/User.cs @@ -46,7 +46,7 @@ namespace Pulumi.AzureAD /// Users can be imported using their object ID, e.g. /// /// ```sh - /// $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 + /// $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 /// ``` /// [AzureADResourceType("azuread:index/user:User")] diff --git a/sdk/dotnet/UserFlowAttribute.cs b/sdk/dotnet/UserFlowAttribute.cs index 86452687d..bc460b2ca 100644 --- a/sdk/dotnet/UserFlowAttribute.cs +++ b/sdk/dotnet/UserFlowAttribute.cs @@ -45,7 +45,7 @@ namespace Pulumi.AzureAD /// User flow attributes can be imported using the `id`, e.g. /// /// ```sh - /// $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + /// $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv /// ``` /// /// -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). diff --git a/sdk/go.mod b/sdk/go.mod index 45bc86992..989de8192 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/blang/semver v3.5.1+incompatible - github.com/pulumi/pulumi/sdk/v3 v3.104.2 + github.com/pulumi/pulumi/sdk/v3 v3.105.0 ) require ( diff --git a/sdk/go.sum b/sdk/go.sum index 1d65c725e..904f5e4f8 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -148,8 +148,8 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.6.2 h1:+z+l8cuwIauLSwXQS0uoI3rqB+YG4SzsZYtHfNoXBvw= github.com/pulumi/esc v0.6.2/go.mod h1:jNnYNjzsOgVTjCp0LL24NsCk8ZJxq4IoLQdCT0X7l8k= -github.com/pulumi/pulumi/sdk/v3 v3.104.2 h1:aOwUkrlsyEWrL1jlHqn2/36zMSPQrVUYUyZPqstrmjc= -github.com/pulumi/pulumi/sdk/v3 v3.104.2/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= +github.com/pulumi/pulumi/sdk/v3 v3.105.0 h1:OKEeubZigWyQVnZS6udnFnZHZ/8OWXuUYv9ir3OY+vs= +github.com/pulumi/pulumi/sdk/v3 v3.105.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/sdk/go/azuread/accessPackage.go b/sdk/go/azuread/accessPackage.go index c7802d681..28a03d524 100644 --- a/sdk/go/azuread/accessPackage.go +++ b/sdk/go/azuread/accessPackage.go @@ -62,9 +62,7 @@ import ( // Access Packages can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 // ``` type AccessPackage struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/accessPackageAssignmentPolicy.go b/sdk/go/azuread/accessPackageAssignmentPolicy.go index 0e801d232..4c4d601ea 100644 --- a/sdk/go/azuread/accessPackageAssignmentPolicy.go +++ b/sdk/go/azuread/accessPackageAssignmentPolicy.go @@ -109,9 +109,7 @@ import ( // An access package assignment policy can be imported using the ID, e.g. // // ```sh -// -// $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 // ``` type AccessPackageAssignmentPolicy struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/accessPackageCatalog.go b/sdk/go/azuread/accessPackageCatalog.go index c52b207cc..4aaa17e0e 100644 --- a/sdk/go/azuread/accessPackageCatalog.go +++ b/sdk/go/azuread/accessPackageCatalog.go @@ -54,9 +54,7 @@ import ( // An Access Package Catalog can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 // ``` type AccessPackageCatalog struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/accessPackageCatalogRoleAssignment.go b/sdk/go/azuread/accessPackageCatalogRoleAssignment.go index bc4c08478..7a7377a76 100644 --- a/sdk/go/azuread/accessPackageCatalogRoleAssignment.go +++ b/sdk/go/azuread/accessPackageCatalogRoleAssignment.go @@ -74,9 +74,7 @@ import ( // Catalog role assignments can be imported using the ID of the assignment, e.g. // // ```sh -// -// $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 // ``` type AccessPackageCatalogRoleAssignment struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/accessPackageResourceCatalogAssociation.go b/sdk/go/azuread/accessPackageResourceCatalogAssociation.go index b96db339c..d5060a39b 100644 --- a/sdk/go/azuread/accessPackageResourceCatalogAssociation.go +++ b/sdk/go/azuread/accessPackageResourceCatalogAssociation.go @@ -69,9 +69,7 @@ import ( // The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. // // ```sh -// -// $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. diff --git a/sdk/go/azuread/accessPackageResourcePackageAssociation.go b/sdk/go/azuread/accessPackageResourcePackageAssociation.go index c1e02aaa5..20bb88914 100644 --- a/sdk/go/azuread/accessPackageResourcePackageAssociation.go +++ b/sdk/go/azuread/accessPackageResourcePackageAssociation.go @@ -84,9 +84,7 @@ import ( // The resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g. // // ```sh -// -// $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member -// +// $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member // ``` // // -> This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`. diff --git a/sdk/go/azuread/administrativeUnit.go b/sdk/go/azuread/administrativeUnit.go index 21af254c8..e3930c98f 100644 --- a/sdk/go/azuread/administrativeUnit.go +++ b/sdk/go/azuread/administrativeUnit.go @@ -55,9 +55,7 @@ import ( // Administrative units can be imported using their object ID, e.g. // // ```sh -// -// $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 // ``` type AdministrativeUnit struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/administrativeUnitMember.go b/sdk/go/azuread/administrativeUnitMember.go index 572f8ba7f..c34a26a75 100644 --- a/sdk/go/azuread/administrativeUnitMember.go +++ b/sdk/go/azuread/administrativeUnitMember.go @@ -67,9 +67,7 @@ import ( // Administrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g. // // ```sh -// -// $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`. diff --git a/sdk/go/azuread/administrativeUnitRoleMember.go b/sdk/go/azuread/administrativeUnitRoleMember.go index 39c99950e..c8958c91e 100644 --- a/sdk/go/azuread/administrativeUnitRoleMember.go +++ b/sdk/go/azuread/administrativeUnitRoleMember.go @@ -73,9 +73,7 @@ import ( // Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. // // ```sh -// -// $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS -// +// $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS // ``` // // -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. diff --git a/sdk/go/azuread/appRoleAssignment.go b/sdk/go/azuread/appRoleAssignment.go index 27b6d9238..9da5e4ffd 100644 --- a/sdk/go/azuread/appRoleAssignment.go +++ b/sdk/go/azuread/appRoleAssignment.go @@ -312,12 +312,10 @@ import ( // // ## Import // -// App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g. +// App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g. // // ```sh -// -// $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz -// +// $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz // ``` // // -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. diff --git a/sdk/go/azuread/application.go b/sdk/go/azuread/application.go index 1f909ff1a..aaf4d9bd7 100644 --- a/sdk/go/azuread/application.go +++ b/sdk/go/azuread/application.go @@ -225,9 +225,7 @@ import ( // Applications can be imported using the object ID of the application, in the following format. // // ```sh -// -// $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 // ``` type Application struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationApiAccess.go b/sdk/go/azuread/applicationApiAccess.go index 5a7c0b743..dbc6fa95b 100644 --- a/sdk/go/azuread/applicationApiAccess.go +++ b/sdk/go/azuread/applicationApiAccess.go @@ -101,9 +101,7 @@ import ( // Application API Access can be imported using the object ID of the application and the client ID of the API, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 // ``` type ApplicationApiAccess struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationAppRole.go b/sdk/go/azuread/applicationAppRole.go index 615e3124c..09340894c 100644 --- a/sdk/go/azuread/applicationAppRole.go +++ b/sdk/go/azuread/applicationAppRole.go @@ -95,9 +95,7 @@ import ( // Application App Roles can be imported using the object ID of the application and the ID of the app role, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 // ``` type ApplicationAppRole struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationCertificate.go b/sdk/go/azuread/applicationCertificate.go index 76280941e..5f528e109 100644 --- a/sdk/go/azuread/applicationCertificate.go +++ b/sdk/go/azuread/applicationCertificate.go @@ -17,9 +17,7 @@ import ( // Certificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g. // // ```sh -// -// $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the application's object ID, the string "certificate" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/go/azuread/applicationFallbackPublicClient.go b/sdk/go/azuread/applicationFallbackPublicClient.go index f6fc38d42..785c51a73 100644 --- a/sdk/go/azuread/applicationFallbackPublicClient.go +++ b/sdk/go/azuread/applicationFallbackPublicClient.go @@ -50,9 +50,7 @@ import ( // The Application Fallback Public Client setting can be imported using the object ID of the application, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient -// +// $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient // ``` type ApplicationFallbackPublicClient struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationFederatedIdentityCredential.go b/sdk/go/azuread/applicationFederatedIdentityCredential.go index 837340da1..7ca6285e2 100644 --- a/sdk/go/azuread/applicationFederatedIdentityCredential.go +++ b/sdk/go/azuread/applicationFederatedIdentityCredential.go @@ -56,9 +56,7 @@ import ( // Federated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g. // // ```sh -// -// $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the application's object ID, the string "federatedIdentityCredential" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`. diff --git a/sdk/go/azuread/applicationFromTemplate.go b/sdk/go/azuread/applicationFromTemplate.go index df57c3c3c..496c25118 100644 --- a/sdk/go/azuread/applicationFromTemplate.go +++ b/sdk/go/azuread/applicationFromTemplate.go @@ -68,9 +68,7 @@ import ( // Templated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 -// +// $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 // ``` type ApplicationFromTemplate struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationIdentifierUri.go b/sdk/go/azuread/applicationIdentifierUri.go index 6e4d17405..a43022cec 100644 --- a/sdk/go/azuread/applicationIdentifierUri.go +++ b/sdk/go/azuread/applicationIdentifierUri.go @@ -84,9 +84,7 @@ import ( // Application Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= -// +// $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= // ``` type ApplicationIdentifierUri struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationKnownClients.go b/sdk/go/azuread/applicationKnownClients.go index 58b17da26..c0607e649 100644 --- a/sdk/go/azuread/applicationKnownClients.go +++ b/sdk/go/azuread/applicationKnownClients.go @@ -58,9 +58,7 @@ import ( // Application Known Clients can be imported using the object ID of the application in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients -// +// $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients // ``` type ApplicationKnownClients struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationOptionalClaims.go b/sdk/go/azuread/applicationOptionalClaims.go index 0c5137cb8..9e676694d 100644 --- a/sdk/go/azuread/applicationOptionalClaims.go +++ b/sdk/go/azuread/applicationOptionalClaims.go @@ -72,9 +72,7 @@ import ( // Application Optional Claims can be imported using the object ID of the application, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 // ``` type ApplicationOptionalClaims struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationOwner.go b/sdk/go/azuread/applicationOwner.go index f9036c0bb..7de023974 100644 --- a/sdk/go/azuread/applicationOwner.go +++ b/sdk/go/azuread/applicationOwner.go @@ -60,9 +60,7 @@ import ( // Application Owners can be imported using the object ID of the application and the object ID of the owner, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 // ``` type ApplicationOwner struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationPermissionScope.go b/sdk/go/azuread/applicationPermissionScope.go index fc934070b..7982ffcfd 100644 --- a/sdk/go/azuread/applicationPermissionScope.go +++ b/sdk/go/azuread/applicationPermissionScope.go @@ -92,9 +92,7 @@ import ( // Application App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 // ``` type ApplicationPermissionScope struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationPreAuthorized.go b/sdk/go/azuread/applicationPreAuthorized.go index a996945e7..3838fc1c8 100644 --- a/sdk/go/azuread/applicationPreAuthorized.go +++ b/sdk/go/azuread/applicationPreAuthorized.go @@ -82,9 +82,7 @@ import ( // Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g. // // ```sh -// -// $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string "preAuthorizedApplication" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`. diff --git a/sdk/go/azuread/applicationRedirectUris.go b/sdk/go/azuread/applicationRedirectUris.go index e97d8d7cb..041ed8ede 100644 --- a/sdk/go/azuread/applicationRedirectUris.go +++ b/sdk/go/azuread/applicationRedirectUris.go @@ -81,9 +81,7 @@ import ( // Application API Access can be imported using the object ID of the application and the URI type, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web -// +// $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web // ``` type ApplicationRedirectUris struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/applicationRegistration.go b/sdk/go/azuread/applicationRegistration.go index f3c4ff003..97c7bc2c1 100644 --- a/sdk/go/azuread/applicationRegistration.go +++ b/sdk/go/azuread/applicationRegistration.go @@ -63,9 +63,7 @@ import ( // Application Registrations can be imported using the object ID of the application, in the following format. // // ```sh -// -// $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 // ``` type ApplicationRegistration struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/authenticationStrengthPolicy.go b/sdk/go/azuread/authenticationStrengthPolicy.go index d288807a4..dd0ec2ce5 100644 --- a/sdk/go/azuread/authenticationStrengthPolicy.go +++ b/sdk/go/azuread/authenticationStrengthPolicy.go @@ -88,9 +88,7 @@ import ( // Authentication Strength Policies can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 // ``` type AuthenticationStrengthPolicy struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/claimsMappingPolicy.go b/sdk/go/azuread/claimsMappingPolicy.go index 5d18834aa..68d836560 100644 --- a/sdk/go/azuread/claimsMappingPolicy.go +++ b/sdk/go/azuread/claimsMappingPolicy.go @@ -82,9 +82,7 @@ import ( // Claims Mapping Policy can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 // ``` type ClaimsMappingPolicy struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/conditionalAccessPolicy.go b/sdk/go/azuread/conditionalAccessPolicy.go index 29e7d377a..15b8a36c4 100644 --- a/sdk/go/azuread/conditionalAccessPolicy.go +++ b/sdk/go/azuread/conditionalAccessPolicy.go @@ -233,9 +233,7 @@ import ( // Conditional Access Policies can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 // ``` type ConditionalAccessPolicy struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/directoryRoleAssignment.go b/sdk/go/azuread/directoryRoleAssignment.go index e856b27c0..edcebbb80 100644 --- a/sdk/go/azuread/directoryRoleAssignment.go +++ b/sdk/go/azuread/directoryRoleAssignment.go @@ -27,9 +27,7 @@ import ( // Directory role assignments can be imported using the ID of the assignment, e.g. // // ```sh -// -// $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 -// +// $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 // ``` type DirectoryRoleAssignment struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/directoryRoleEligibilityScheduleRequest.go b/sdk/go/azuread/directoryRoleEligibilityScheduleRequest.go index 2245812d2..c9e20e1a3 100644 --- a/sdk/go/azuread/directoryRoleEligibilityScheduleRequest.go +++ b/sdk/go/azuread/directoryRoleEligibilityScheduleRequest.go @@ -70,9 +70,7 @@ import ( // Directory role eligibility schedule requests can be imported using the ID of the assignment, e.g. // // ```sh -// -// $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 -// +// $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 // ``` type DirectoryRoleEligibilityScheduleRequest struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/directoryRoleMember.go b/sdk/go/azuread/directoryRoleMember.go index 32a5e41d5..2566b8f3b 100644 --- a/sdk/go/azuread/directoryRoleMember.go +++ b/sdk/go/azuread/directoryRoleMember.go @@ -67,9 +67,7 @@ import ( // Directory role members can be imported using the object ID of the role and the object ID of the member, e.g. // // ```sh -// -// $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`. diff --git a/sdk/go/azuread/group.go b/sdk/go/azuread/group.go index c903980fb..3d81d98a8 100644 --- a/sdk/go/azuread/group.go +++ b/sdk/go/azuread/group.go @@ -37,9 +37,7 @@ import ( // Groups can be imported using their object ID, e.g. // // ```sh -// -// $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 // ``` type Group struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/groupMember.go b/sdk/go/azuread/groupMember.go index e81980cd7..fa72a2344 100644 --- a/sdk/go/azuread/groupMember.go +++ b/sdk/go/azuread/groupMember.go @@ -71,9 +71,7 @@ import ( // Group members can be imported using the object ID of the group and the object ID of the member, e.g. // // ```sh -// -// $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. diff --git a/sdk/go/azuread/namedLocation.go b/sdk/go/azuread/namedLocation.go index 0c2555324..44a0a9d07 100644 --- a/sdk/go/azuread/namedLocation.go +++ b/sdk/go/azuread/namedLocation.go @@ -73,9 +73,7 @@ import ( // Named Locations can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 // ``` type NamedLocation struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/servicePrincipal.go b/sdk/go/azuread/servicePrincipal.go index df3edb338..5e178d69f 100644 --- a/sdk/go/azuread/servicePrincipal.go +++ b/sdk/go/azuread/servicePrincipal.go @@ -181,9 +181,7 @@ import ( // Service principals can be imported using their object ID, e.g. // // ```sh -// -// $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 // ``` type ServicePrincipal struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/servicePrincipalCertificate.go b/sdk/go/azuread/servicePrincipalCertificate.go index fb005f74f..fd9de5820 100644 --- a/sdk/go/azuread/servicePrincipalCertificate.go +++ b/sdk/go/azuread/servicePrincipalCertificate.go @@ -17,9 +17,7 @@ import ( // Certificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g. // // ```sh -// -// $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "certificate" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/go/azuread/servicePrincipalClaimsMappingPolicyAssignment.go b/sdk/go/azuread/servicePrincipalClaimsMappingPolicyAssignment.go index fb6c7ef41..be9276886 100644 --- a/sdk/go/azuread/servicePrincipalClaimsMappingPolicyAssignment.go +++ b/sdk/go/azuread/servicePrincipalClaimsMappingPolicyAssignment.go @@ -51,12 +51,10 @@ import ( // // ## Import // -// Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g +// Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g: // // ```sh -// -// $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 // ``` type ServicePrincipalClaimsMappingPolicyAssignment struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/servicePrincipalDelegatedPermissionGrant.go b/sdk/go/azuread/servicePrincipalDelegatedPermissionGrant.go index 24af92b3a..77c778f51 100644 --- a/sdk/go/azuread/servicePrincipalDelegatedPermissionGrant.go +++ b/sdk/go/azuread/servicePrincipalDelegatedPermissionGrant.go @@ -185,9 +185,7 @@ import ( // Delegated permission grants can be imported using their ID, e.g. // // ```sh -// -// $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz -// +// $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz // ``` type ServicePrincipalDelegatedPermissionGrant struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/servicePrincipalTokenSigningCertificate.go b/sdk/go/azuread/servicePrincipalTokenSigningCertificate.go index ce0fa1e7e..0c71d72d3 100644 --- a/sdk/go/azuread/servicePrincipalTokenSigningCertificate.go +++ b/sdk/go/azuread/servicePrincipalTokenSigningCertificate.go @@ -97,9 +97,7 @@ import ( // Token signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g. // // ```sh -// -// $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 -// +// $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 // ``` // // -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "tokenSigningCertificate" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`. diff --git a/sdk/go/azuread/synchronizationJob.go b/sdk/go/azuread/synchronizationJob.go index e88b15dab..8245d6829 100644 --- a/sdk/go/azuread/synchronizationJob.go +++ b/sdk/go/azuread/synchronizationJob.go @@ -97,9 +97,7 @@ import ( // Synchronization jobs can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 -// +// $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 // ``` // // -> This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`. diff --git a/sdk/go/azuread/user.go b/sdk/go/azuread/user.go index b95e355ce..a2cea510f 100644 --- a/sdk/go/azuread/user.go +++ b/sdk/go/azuread/user.go @@ -56,9 +56,7 @@ import ( // Users can be imported using their object ID, e.g. // // ```sh -// -// $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 -// +// $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 // ``` type User struct { pulumi.CustomResourceState diff --git a/sdk/go/azuread/userFlowAttribute.go b/sdk/go/azuread/userFlowAttribute.go index 205c897df..c974901dc 100644 --- a/sdk/go/azuread/userFlowAttribute.go +++ b/sdk/go/azuread/userFlowAttribute.go @@ -55,9 +55,7 @@ import ( // User flow attributes can be imported using the `id`, e.g. // // ```sh -// -// $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv -// +// $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv // ``` // // -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java index dd1879ce0..14b598a0d 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackage.java @@ -70,7 +70,7 @@ * Access Packages can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java index 990aaf3fb..f42f664fc 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageAssignmentPolicy.java @@ -122,7 +122,7 @@ * An access package assignment policy can be imported using the ID, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java index 19a61def2..c9198794f 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalog.java @@ -62,7 +62,7 @@ * An Access Package Catalog can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogRoleAssignment.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogRoleAssignment.java index 976efdf3e..2829eef54 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogRoleAssignment.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageCatalogRoleAssignment.java @@ -79,7 +79,7 @@ * Catalog role assignments can be imported using the ID of the assignment, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java index 12234ce9c..aa3e2e3fd 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourceCatalogAssociation.java @@ -75,7 +75,7 @@ * The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java index fb97bd70a..9432acaf6 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AccessPackageResourcePackageAssociation.java @@ -91,7 +91,7 @@ * The resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + * $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member * ``` * * -> This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java index 80d6c4633..1c3fb3739 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java @@ -64,7 +64,7 @@ * Administrative units can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitMember.java b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitMember.java index a80987c16..9306af925 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitMember.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitMember.java @@ -75,7 +75,7 @@ * Administrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g. * * ```sh - * $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java index 717dea6bb..cf9e0e955 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitRoleMember.java @@ -79,7 +79,7 @@ * Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. * * ```sh - * $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + * $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS * ``` * * -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AppRoleAssignment.java b/sdk/java/src/main/java/com/pulumi/azuread/AppRoleAssignment.java index e980e620f..2cf29f71e 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AppRoleAssignment.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AppRoleAssignment.java @@ -295,10 +295,10 @@ * * ## Import * - * App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g. + * App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g. * * ```sh - * $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + * $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz * ``` * * -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/Application.java b/sdk/java/src/main/java/com/pulumi/azuread/Application.java index 28c50e935..f10c20d2e 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/Application.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/Application.java @@ -217,7 +217,7 @@ * Applications can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationApiAccess.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationApiAccess.java index 72e2aa33a..0d8eec69b 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationApiAccess.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationApiAccess.java @@ -108,7 +108,7 @@ * Application API Access can be imported using the object ID of the application and the client ID of the API, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationAppRole.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationAppRole.java index 255a57a44..8c011b15e 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationAppRole.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationAppRole.java @@ -103,7 +103,7 @@ * Application App Roles can be imported using the object ID of the application and the ID of the app role, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationCertificate.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationCertificate.java index 9ae0e923c..d28b125ad 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationCertificate.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationCertificate.java @@ -21,7 +21,7 @@ * Certificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g. * * ```sh - * $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the application's object ID, the string "certificate" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFallbackPublicClient.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFallbackPublicClient.java index 777b921cf..63d97cdb4 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFallbackPublicClient.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFallbackPublicClient.java @@ -58,7 +58,7 @@ * The Application Fallback Public Client setting can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient + * $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFederatedIdentityCredential.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFederatedIdentityCredential.java index 783781629..a38e8b791 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFederatedIdentityCredential.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFederatedIdentityCredential.java @@ -62,7 +62,7 @@ * Federated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g. * * ```sh - * $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the application's object ID, the string "federatedIdentityCredential" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFromTemplate.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFromTemplate.java index 18d16fdd2..52a543994 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFromTemplate.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationFromTemplate.java @@ -78,7 +78,7 @@ * Templated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 + * $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationIdentifierUri.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationIdentifierUri.java index 12e744d58..74dfa245b 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationIdentifierUri.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationIdentifierUri.java @@ -94,7 +94,7 @@ * Application Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= + * $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationKnownClients.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationKnownClients.java index 851e5e60e..1ec5ca3c4 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationKnownClients.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationKnownClients.java @@ -61,7 +61,7 @@ * Application Known Clients can be imported using the object ID of the application in the following format. * * ```sh - * $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients + * $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOptionalClaims.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOptionalClaims.java index ed6b86905..a8bda1ef8 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOptionalClaims.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOptionalClaims.java @@ -79,7 +79,7 @@ * Application Optional Claims can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOwner.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOwner.java index dfab3f32d..9ca49ac9f 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOwner.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationOwner.java @@ -66,7 +66,7 @@ * Application Owners can be imported using the object ID of the application and the object ID of the owner, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPermissionScope.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPermissionScope.java index 7f51aa108..0d299dbbc 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPermissionScope.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPermissionScope.java @@ -101,7 +101,7 @@ * Application App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPreAuthorized.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPreAuthorized.java index 9b708c139..fa9c0702a 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPreAuthorized.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPreAuthorized.java @@ -88,7 +88,7 @@ * Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g. * * ```sh - * $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string "preAuthorizedApplication" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRedirectUris.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRedirectUris.java index 83e033ec7..19708e0d8 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRedirectUris.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRedirectUris.java @@ -81,7 +81,7 @@ * Application API Access can be imported using the object ID of the application and the URI type, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web + * $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRegistration.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRegistration.java index 37430ef67..3b2e140d2 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRegistration.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationRegistration.java @@ -73,7 +73,7 @@ * Application Registrations can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AuthenticationStrengthPolicy.java b/sdk/java/src/main/java/com/pulumi/azuread/AuthenticationStrengthPolicy.java index c1d2c4d90..7f679594c 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AuthenticationStrengthPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AuthenticationStrengthPolicy.java @@ -92,7 +92,7 @@ * Authentication Strength Policies can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ClaimsMappingPolicy.java b/sdk/java/src/main/java/com/pulumi/azuread/ClaimsMappingPolicy.java index ea50a6717..7f49453d5 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ClaimsMappingPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ClaimsMappingPolicy.java @@ -82,7 +82,7 @@ * Claims Mapping Policy can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java b/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java index 17e5060e2..113c1dd0d 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java @@ -224,7 +224,7 @@ * Conditional Access Policies can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleAssignment.java b/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleAssignment.java index 87abc2e9e..6faf62be8 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleAssignment.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleAssignment.java @@ -29,7 +29,7 @@ * Directory role assignments can be imported using the ID of the assignment, e.g. * * ```sh - * $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 + * $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleEligibilityScheduleRequest.java b/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleEligibilityScheduleRequest.java index e78f26c92..774466031 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleEligibilityScheduleRequest.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleEligibilityScheduleRequest.java @@ -76,7 +76,7 @@ * Directory role eligibility schedule requests can be imported using the ID of the assignment, e.g. * * ```sh - * $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 + * $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleMember.java b/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleMember.java index 95e494261..3b5435d97 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleMember.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/DirectoryRoleMember.java @@ -75,7 +75,7 @@ * Directory role members can be imported using the object ID of the role and the object ID of the member, e.g. * * ```sh - * $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/Group.java b/sdk/java/src/main/java/com/pulumi/azuread/Group.java index 9af0fff1f..045621d4a 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/Group.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/Group.java @@ -216,7 +216,7 @@ * Groups can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java b/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java index 8fdff4c9e..ce7e76844 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/GroupMember.java @@ -77,7 +77,7 @@ * Group members can be imported using the object ID of the group and the object ID of the member, e.g. * * ```sh - * $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/NamedLocation.java b/sdk/java/src/main/java/com/pulumi/azuread/NamedLocation.java index f46f8663f..949d339af 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/NamedLocation.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/NamedLocation.java @@ -80,7 +80,7 @@ * Named Locations can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipal.java b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipal.java index ee27d5623..1fc9b83fb 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipal.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipal.java @@ -197,7 +197,7 @@ * Service principals can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalCertificate.java b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalCertificate.java index 16088e469..be9125d3b 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalCertificate.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalCertificate.java @@ -21,7 +21,7 @@ * Certificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "certificate" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalClaimsMappingPolicyAssignment.java b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalClaimsMappingPolicyAssignment.java index cacc27775..de0bf43d7 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalClaimsMappingPolicyAssignment.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalClaimsMappingPolicyAssignment.java @@ -57,10 +57,10 @@ * * ## Import * - * Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g + * Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g: * * ```sh - * $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalDelegatedPermissionGrant.java b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalDelegatedPermissionGrant.java index 2930a711b..34665a9a6 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalDelegatedPermissionGrant.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalDelegatedPermissionGrant.java @@ -177,7 +177,7 @@ * Delegated permission grants can be imported using their ID, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + * $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalTokenSigningCertificate.java b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalTokenSigningCertificate.java index 4532399ac..d72ef3da4 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalTokenSigningCertificate.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalTokenSigningCertificate.java @@ -108,7 +108,7 @@ * Token signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "tokenSigningCertificate" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/SynchronizationJob.java b/sdk/java/src/main/java/com/pulumi/azuread/SynchronizationJob.java index 48262febc..291552c1d 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/SynchronizationJob.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/SynchronizationJob.java @@ -106,7 +106,7 @@ * Synchronization jobs can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 + * $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 * ``` * * -> This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/User.java b/sdk/java/src/main/java/com/pulumi/azuread/User.java index e9ff3d526..6f32d6367 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/User.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/User.java @@ -65,7 +65,7 @@ * Users can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java b/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java index 8594e0c0c..e92550fee 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/UserFlowAttribute.java @@ -61,7 +61,7 @@ * User flow attributes can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + * $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv * ``` * * -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). diff --git a/sdk/nodejs/accessPackage.ts b/sdk/nodejs/accessPackage.ts index 309482946..d4b0e925b 100644 --- a/sdk/nodejs/accessPackage.ts +++ b/sdk/nodejs/accessPackage.ts @@ -37,7 +37,7 @@ import * as utilities from "./utilities"; * Access Packages can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 * ``` */ export class AccessPackage extends pulumi.CustomResource { diff --git a/sdk/nodejs/accessPackageAssignmentPolicy.ts b/sdk/nodejs/accessPackageAssignmentPolicy.ts index 0231fe484..9b7a83bf7 100644 --- a/sdk/nodejs/accessPackageAssignmentPolicy.ts +++ b/sdk/nodejs/accessPackageAssignmentPolicy.ts @@ -74,7 +74,7 @@ import * as utilities from "./utilities"; * An access package assignment policy can be imported using the ID, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 * ``` */ export class AccessPackageAssignmentPolicy extends pulumi.CustomResource { diff --git a/sdk/nodejs/accessPackageCatalog.ts b/sdk/nodejs/accessPackageCatalog.ts index a85036bce..f23d1bb78 100644 --- a/sdk/nodejs/accessPackageCatalog.ts +++ b/sdk/nodejs/accessPackageCatalog.ts @@ -32,7 +32,7 @@ import * as utilities from "./utilities"; * An Access Package Catalog can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 * ``` */ export class AccessPackageCatalog extends pulumi.CustomResource { diff --git a/sdk/nodejs/accessPackageCatalogRoleAssignment.ts b/sdk/nodejs/accessPackageCatalogRoleAssignment.ts index 43570962c..b8dd0a4f0 100644 --- a/sdk/nodejs/accessPackageCatalogRoleAssignment.ts +++ b/sdk/nodejs/accessPackageCatalogRoleAssignment.ts @@ -43,7 +43,7 @@ import * as utilities from "./utilities"; * Catalog role assignments can be imported using the ID of the assignment, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 * ``` */ export class AccessPackageCatalogRoleAssignment extends pulumi.CustomResource { diff --git a/sdk/nodejs/accessPackageResourceCatalogAssociation.ts b/sdk/nodejs/accessPackageResourceCatalogAssociation.ts index 56511e989..08ffb4d95 100644 --- a/sdk/nodejs/accessPackageResourceCatalogAssociation.ts +++ b/sdk/nodejs/accessPackageResourceCatalogAssociation.ts @@ -41,7 +41,7 @@ import * as utilities from "./utilities"; * The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. diff --git a/sdk/nodejs/accessPackageResourcePackageAssociation.ts b/sdk/nodejs/accessPackageResourcePackageAssociation.ts index d06c49af7..d1451f99a 100644 --- a/sdk/nodejs/accessPackageResourcePackageAssociation.ts +++ b/sdk/nodejs/accessPackageResourcePackageAssociation.ts @@ -50,7 +50,7 @@ import * as utilities from "./utilities"; * The resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g. * * ```sh - * $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + * $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member * ``` * * -> This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`. diff --git a/sdk/nodejs/administrativeUnit.ts b/sdk/nodejs/administrativeUnit.ts index 93e5f1a51..5c6c90e5f 100644 --- a/sdk/nodejs/administrativeUnit.ts +++ b/sdk/nodejs/administrativeUnit.ts @@ -33,7 +33,7 @@ import * as utilities from "./utilities"; * Administrative units can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 * ``` */ export class AdministrativeUnit extends pulumi.CustomResource { diff --git a/sdk/nodejs/administrativeUnitMember.ts b/sdk/nodejs/administrativeUnitMember.ts index 5bda3b4b8..b2a4910b7 100644 --- a/sdk/nodejs/administrativeUnitMember.ts +++ b/sdk/nodejs/administrativeUnitMember.ts @@ -38,7 +38,7 @@ import * as utilities from "./utilities"; * Administrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g. * * ```sh - * $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`. diff --git a/sdk/nodejs/administrativeUnitRoleMember.ts b/sdk/nodejs/administrativeUnitRoleMember.ts index 55c6ee88b..11cbb8f19 100644 --- a/sdk/nodejs/administrativeUnitRoleMember.ts +++ b/sdk/nodejs/administrativeUnitRoleMember.ts @@ -38,7 +38,7 @@ import * as utilities from "./utilities"; * Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. * * ```sh - * $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + * $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS * ``` * * -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. diff --git a/sdk/nodejs/appRoleAssignment.ts b/sdk/nodejs/appRoleAssignment.ts index 28ecbb562..698b38002 100644 --- a/sdk/nodejs/appRoleAssignment.ts +++ b/sdk/nodejs/appRoleAssignment.ts @@ -154,10 +154,10 @@ import * as utilities from "./utilities"; * * ## Import * - * App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g. + * App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g. * * ```sh - * $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + * $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz * ``` * * -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. diff --git a/sdk/nodejs/application.ts b/sdk/nodejs/application.ts index 5ed014654..17f68a6b5 100644 --- a/sdk/nodejs/application.ts +++ b/sdk/nodejs/application.ts @@ -153,7 +153,7 @@ import * as utilities from "./utilities"; * Applications can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 * ``` */ export class Application extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationApiAccess.ts b/sdk/nodejs/applicationApiAccess.ts index d4dc3fc4c..d7e825c54 100644 --- a/sdk/nodejs/applicationApiAccess.ts +++ b/sdk/nodejs/applicationApiAccess.ts @@ -45,7 +45,7 @@ import * as utilities from "./utilities"; * Application API Access can be imported using the object ID of the application and the client ID of the API, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 * ``` */ export class ApplicationApiAccess extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationAppRole.ts b/sdk/nodejs/applicationAppRole.ts index 19cb3285b..d125c6ca3 100644 --- a/sdk/nodejs/applicationAppRole.ts +++ b/sdk/nodejs/applicationAppRole.ts @@ -42,7 +42,7 @@ import * as utilities from "./utilities"; * Application App Roles can be imported using the object ID of the application and the ID of the app role, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 * ``` */ export class ApplicationAppRole extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationCertificate.ts b/sdk/nodejs/applicationCertificate.ts index a881bc575..3bca9eb5f 100644 --- a/sdk/nodejs/applicationCertificate.ts +++ b/sdk/nodejs/applicationCertificate.ts @@ -10,7 +10,7 @@ import * as utilities from "./utilities"; * Certificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g. * * ```sh - * $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the application's object ID, the string "certificate" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/nodejs/applicationFallbackPublicClient.ts b/sdk/nodejs/applicationFallbackPublicClient.ts index fff777cc5..b610f4129 100644 --- a/sdk/nodejs/applicationFallbackPublicClient.ts +++ b/sdk/nodejs/applicationFallbackPublicClient.ts @@ -23,7 +23,7 @@ import * as utilities from "./utilities"; * The Application Fallback Public Client setting can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient + * $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient * ``` */ export class ApplicationFallbackPublicClient extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationFederatedIdentityCredential.ts b/sdk/nodejs/applicationFederatedIdentityCredential.ts index 05fe01e9c..9c83ec68a 100644 --- a/sdk/nodejs/applicationFederatedIdentityCredential.ts +++ b/sdk/nodejs/applicationFederatedIdentityCredential.ts @@ -27,7 +27,7 @@ import * as utilities from "./utilities"; * Federated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g. * * ```sh - * $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the application's object ID, the string "federatedIdentityCredential" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`. diff --git a/sdk/nodejs/applicationFromTemplate.ts b/sdk/nodejs/applicationFromTemplate.ts index 96fc72feb..1b7c201f7 100644 --- a/sdk/nodejs/applicationFromTemplate.ts +++ b/sdk/nodejs/applicationFromTemplate.ts @@ -43,7 +43,7 @@ import * as utilities from "./utilities"; * Templated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 + * $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 * ``` */ export class ApplicationFromTemplate extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationIdentifierUri.ts b/sdk/nodejs/applicationIdentifierUri.ts index 6aea6b386..3ec94cac6 100644 --- a/sdk/nodejs/applicationIdentifierUri.ts +++ b/sdk/nodejs/applicationIdentifierUri.ts @@ -36,7 +36,7 @@ import * as utilities from "./utilities"; * Application Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= + * $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= * ``` */ export class ApplicationIdentifierUri extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationKnownClients.ts b/sdk/nodejs/applicationKnownClients.ts index 1b927e127..9476499f1 100644 --- a/sdk/nodejs/applicationKnownClients.ts +++ b/sdk/nodejs/applicationKnownClients.ts @@ -24,7 +24,7 @@ import * as utilities from "./utilities"; * Application Known Clients can be imported using the object ID of the application in the following format. * * ```sh - * $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients + * $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients * ``` */ export class ApplicationKnownClients extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationOptionalClaims.ts b/sdk/nodejs/applicationOptionalClaims.ts index 1f5af087a..e58b9eebf 100644 --- a/sdk/nodejs/applicationOptionalClaims.ts +++ b/sdk/nodejs/applicationOptionalClaims.ts @@ -41,7 +41,7 @@ import * as utilities from "./utilities"; * Application Optional Claims can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 * ``` */ export class ApplicationOptionalClaims extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationOwner.ts b/sdk/nodejs/applicationOwner.ts index 1db817b8f..ebab30559 100644 --- a/sdk/nodejs/applicationOwner.ts +++ b/sdk/nodejs/applicationOwner.ts @@ -30,7 +30,7 @@ import * as utilities from "./utilities"; * Application Owners can be imported using the object ID of the application and the object ID of the owner, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 * ``` */ export class ApplicationOwner extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationPermissionScope.ts b/sdk/nodejs/applicationPermissionScope.ts index 7dd107975..c2e861bc8 100644 --- a/sdk/nodejs/applicationPermissionScope.ts +++ b/sdk/nodejs/applicationPermissionScope.ts @@ -41,7 +41,7 @@ import * as utilities from "./utilities"; * Application App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 * ``` */ export class ApplicationPermissionScope extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationPreAuthorized.ts b/sdk/nodejs/applicationPreAuthorized.ts index 61db905e9..497bbaac6 100644 --- a/sdk/nodejs/applicationPreAuthorized.ts +++ b/sdk/nodejs/applicationPreAuthorized.ts @@ -52,7 +52,7 @@ import * as utilities from "./utilities"; * Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g. * * ```sh - * $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string "preAuthorizedApplication" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`. diff --git a/sdk/nodejs/applicationRedirectUris.ts b/sdk/nodejs/applicationRedirectUris.ts index 1ff31950e..68f4e79be 100644 --- a/sdk/nodejs/applicationRedirectUris.ts +++ b/sdk/nodejs/applicationRedirectUris.ts @@ -48,7 +48,7 @@ import * as utilities from "./utilities"; * Application API Access can be imported using the object ID of the application and the URI type, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web + * $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web * ``` */ export class ApplicationRedirectUris extends pulumi.CustomResource { diff --git a/sdk/nodejs/applicationRegistration.ts b/sdk/nodejs/applicationRegistration.ts index 84109e502..e5b79bf5a 100644 --- a/sdk/nodejs/applicationRegistration.ts +++ b/sdk/nodejs/applicationRegistration.ts @@ -41,7 +41,7 @@ import * as utilities from "./utilities"; * Application Registrations can be imported using the object ID of the application, in the following format. * * ```sh - * $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 * ``` */ export class ApplicationRegistration extends pulumi.CustomResource { diff --git a/sdk/nodejs/authenticationStrengthPolicy.ts b/sdk/nodejs/authenticationStrengthPolicy.ts index c90a2fd55..4cb213890 100644 --- a/sdk/nodejs/authenticationStrengthPolicy.ts +++ b/sdk/nodejs/authenticationStrengthPolicy.ts @@ -63,7 +63,7 @@ import * as utilities from "./utilities"; * Authentication Strength Policies can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 * ``` */ export class AuthenticationStrengthPolicy extends pulumi.CustomResource { diff --git a/sdk/nodejs/claimsMappingPolicy.ts b/sdk/nodejs/claimsMappingPolicy.ts index 1a24da210..09b1e3d71 100644 --- a/sdk/nodejs/claimsMappingPolicy.ts +++ b/sdk/nodejs/claimsMappingPolicy.ts @@ -51,7 +51,7 @@ import * as utilities from "./utilities"; * Claims Mapping Policy can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 * ``` */ export class ClaimsMappingPolicy extends pulumi.CustomResource { diff --git a/sdk/nodejs/conditionalAccessPolicy.ts b/sdk/nodejs/conditionalAccessPolicy.ts index f6bef4f9c..b5717d6a5 100644 --- a/sdk/nodejs/conditionalAccessPolicy.ts +++ b/sdk/nodejs/conditionalAccessPolicy.ts @@ -133,7 +133,7 @@ import * as utilities from "./utilities"; * Conditional Access Policies can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 * ``` */ export class ConditionalAccessPolicy extends pulumi.CustomResource { diff --git a/sdk/nodejs/directoryRoleAssignment.ts b/sdk/nodejs/directoryRoleAssignment.ts index c2ea6a22f..4dcbd5a5e 100644 --- a/sdk/nodejs/directoryRoleAssignment.ts +++ b/sdk/nodejs/directoryRoleAssignment.ts @@ -20,7 +20,7 @@ import * as utilities from "./utilities"; * Directory role assignments can be imported using the ID of the assignment, e.g. * * ```sh - * $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 + * $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 * ``` */ export class DirectoryRoleAssignment extends pulumi.CustomResource { diff --git a/sdk/nodejs/directoryRoleEligibilityScheduleRequest.ts b/sdk/nodejs/directoryRoleEligibilityScheduleRequest.ts index 1b5dddbd9..211ca77ef 100644 --- a/sdk/nodejs/directoryRoleEligibilityScheduleRequest.ts +++ b/sdk/nodejs/directoryRoleEligibilityScheduleRequest.ts @@ -40,7 +40,7 @@ import * as utilities from "./utilities"; * Directory role eligibility schedule requests can be imported using the ID of the assignment, e.g. * * ```sh - * $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 + * $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 * ``` */ export class DirectoryRoleEligibilityScheduleRequest extends pulumi.CustomResource { diff --git a/sdk/nodejs/directoryRoleMember.ts b/sdk/nodejs/directoryRoleMember.ts index 52cff16c4..e4610642e 100644 --- a/sdk/nodejs/directoryRoleMember.ts +++ b/sdk/nodejs/directoryRoleMember.ts @@ -38,7 +38,7 @@ import * as utilities from "./utilities"; * Directory role members can be imported using the object ID of the role and the object ID of the member, e.g. * * ```sh - * $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`. diff --git a/sdk/nodejs/group.ts b/sdk/nodejs/group.ts index 3cb2de324..24374f31a 100644 --- a/sdk/nodejs/group.ts +++ b/sdk/nodejs/group.ts @@ -32,7 +32,7 @@ import * as utilities from "./utilities"; * Groups can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 * ``` */ export class Group extends pulumi.CustomResource { diff --git a/sdk/nodejs/groupMember.ts b/sdk/nodejs/groupMember.ts index f888930da..0ce55158f 100644 --- a/sdk/nodejs/groupMember.ts +++ b/sdk/nodejs/groupMember.ts @@ -43,7 +43,7 @@ import * as utilities from "./utilities"; * Group members can be imported using the object ID of the group and the object ID of the member, e.g. * * ```sh - * $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. diff --git a/sdk/nodejs/namedLocation.ts b/sdk/nodejs/namedLocation.ts index 7cc37f26c..41b640a1b 100644 --- a/sdk/nodejs/namedLocation.ts +++ b/sdk/nodejs/namedLocation.ts @@ -50,7 +50,7 @@ import * as utilities from "./utilities"; * Named Locations can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 * ``` */ export class NamedLocation extends pulumi.CustomResource { diff --git a/sdk/nodejs/servicePrincipal.ts b/sdk/nodejs/servicePrincipal.ts index d710e537f..f1ab73b9e 100644 --- a/sdk/nodejs/servicePrincipal.ts +++ b/sdk/nodejs/servicePrincipal.ts @@ -86,7 +86,7 @@ import * as utilities from "./utilities"; * Service principals can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 * ``` */ export class ServicePrincipal extends pulumi.CustomResource { diff --git a/sdk/nodejs/servicePrincipalCertificate.ts b/sdk/nodejs/servicePrincipalCertificate.ts index 213043b17..3c57e1bf6 100644 --- a/sdk/nodejs/servicePrincipalCertificate.ts +++ b/sdk/nodejs/servicePrincipalCertificate.ts @@ -10,7 +10,7 @@ import * as utilities from "./utilities"; * Certificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "certificate" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/nodejs/servicePrincipalClaimsMappingPolicyAssignment.ts b/sdk/nodejs/servicePrincipalClaimsMappingPolicyAssignment.ts index aef842405..9f6476ba8 100644 --- a/sdk/nodejs/servicePrincipalClaimsMappingPolicyAssignment.ts +++ b/sdk/nodejs/servicePrincipalClaimsMappingPolicyAssignment.ts @@ -29,10 +29,10 @@ import * as utilities from "./utilities"; * * ## Import * - * Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g + * Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g: * * ```sh - * $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 * ``` */ export class ServicePrincipalClaimsMappingPolicyAssignment extends pulumi.CustomResource { diff --git a/sdk/nodejs/servicePrincipalDelegatedPermissionGrant.ts b/sdk/nodejs/servicePrincipalDelegatedPermissionGrant.ts index 9b1e17575..1cd8b4e61 100644 --- a/sdk/nodejs/servicePrincipalDelegatedPermissionGrant.ts +++ b/sdk/nodejs/servicePrincipalDelegatedPermissionGrant.ts @@ -105,7 +105,7 @@ import * as utilities from "./utilities"; * Delegated permission grants can be imported using their ID, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + * $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz * ``` */ export class ServicePrincipalDelegatedPermissionGrant extends pulumi.CustomResource { diff --git a/sdk/nodejs/servicePrincipalTokenSigningCertificate.ts b/sdk/nodejs/servicePrincipalTokenSigningCertificate.ts index 705abd7c4..4cca7b56c 100644 --- a/sdk/nodejs/servicePrincipalTokenSigningCertificate.ts +++ b/sdk/nodejs/servicePrincipalTokenSigningCertificate.ts @@ -38,7 +38,7 @@ import * as utilities from "./utilities"; * Token signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g. * * ```sh - * $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 + * $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 * ``` * * -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "tokenSigningCertificate" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`. diff --git a/sdk/nodejs/synchronizationJob.ts b/sdk/nodejs/synchronizationJob.ts index 4de899fa8..b092a60e5 100644 --- a/sdk/nodejs/synchronizationJob.ts +++ b/sdk/nodejs/synchronizationJob.ts @@ -63,7 +63,7 @@ import * as utilities from "./utilities"; * Synchronization jobs can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 + * $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 * ``` * * -> This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`. diff --git a/sdk/nodejs/user.ts b/sdk/nodejs/user.ts index 2b84e52d6..fcbb9984c 100644 --- a/sdk/nodejs/user.ts +++ b/sdk/nodejs/user.ts @@ -34,7 +34,7 @@ import * as utilities from "./utilities"; * Users can be imported using their object ID, e.g. * * ```sh - * $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 + * $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 * ``` */ export class User extends pulumi.CustomResource { diff --git a/sdk/nodejs/userFlowAttribute.ts b/sdk/nodejs/userFlowAttribute.ts index 33acc68de..6c31061de 100644 --- a/sdk/nodejs/userFlowAttribute.ts +++ b/sdk/nodejs/userFlowAttribute.ts @@ -33,7 +33,7 @@ import * as utilities from "./utilities"; * User flow attributes can be imported using the `id`, e.g. * * ```sh - * $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + * $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv * ``` * * -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). diff --git a/sdk/python/pulumi_azuread/_utilities.py b/sdk/python/pulumi_azuread/_utilities.py index 8219769ca..e3b8564dc 100644 --- a/sdk/python/pulumi_azuread/_utilities.py +++ b/sdk/python/pulumi_azuread/_utilities.py @@ -4,6 +4,7 @@ import asyncio +import importlib.metadata import importlib.util import inspect import json @@ -18,11 +19,6 @@ from semver import VersionInfo as SemverVersion from parver import Version as PEP440Version -if sys.version_info >= (3, 8): - from importlib import metadata -else: - import importlib_metadata as metadata - def get_env(*args): for v in args: @@ -76,7 +72,7 @@ def _get_semver_version(): # to receive a valid semver string when receiving requests from the language host, so it's our # responsibility as the library to convert our own PEP440 version into a valid semver string. - pep440_version_string = metadata.version(root_package) + pep440_version_string = importlib.metadata.version(root_package) pep440_version = PEP440Version.parse(pep440_version_string) (major, minor, patch) = pep440_version.release prerelease = None diff --git a/sdk/python/pulumi_azuread/access_package.py b/sdk/python/pulumi_azuread/access_package.py index 114cc5649..7fb3d7ef5 100644 --- a/sdk/python/pulumi_azuread/access_package.py +++ b/sdk/python/pulumi_azuread/access_package.py @@ -193,7 +193,7 @@ def __init__(__self__, Access Packages can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -240,7 +240,7 @@ def __init__(__self__, Access Packages can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackage:AccessPackage example_package 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/access_package_assignment_policy.py b/sdk/python/pulumi_azuread/access_package_assignment_policy.py index 2efdc3aed..6d1cd5c7e 100644 --- a/sdk/python/pulumi_azuread/access_package_assignment_policy.py +++ b/sdk/python/pulumi_azuread/access_package_assignment_policy.py @@ -426,7 +426,7 @@ def __init__(__self__, An access package assignment policy can be imported using the ID, e.g. ```sh - $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -512,7 +512,7 @@ def __init__(__self__, An access package assignment policy can be imported using the ID, e.g. ```sh - $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/access_package_catalog.py b/sdk/python/pulumi_azuread/access_package_catalog.py index b592f782a..c7c63ec0f 100644 --- a/sdk/python/pulumi_azuread/access_package_catalog.py +++ b/sdk/python/pulumi_azuread/access_package_catalog.py @@ -190,7 +190,7 @@ def __init__(__self__, An Access Package Catalog can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -233,7 +233,7 @@ def __init__(__self__, An Access Package Catalog can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackageCatalog:AccessPackageCatalog example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/access_package_catalog_role_assignment.py b/sdk/python/pulumi_azuread/access_package_catalog_role_assignment.py index 7ea662137..b3060f338 100644 --- a/sdk/python/pulumi_azuread/access_package_catalog_role_assignment.py +++ b/sdk/python/pulumi_azuread/access_package_catalog_role_assignment.py @@ -162,7 +162,7 @@ def __init__(__self__, Catalog role assignments can be imported using the ID of the assignment, e.g. ```sh - $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -210,7 +210,7 @@ def __init__(__self__, Catalog role assignments can be imported using the ID of the assignment, e.g. ```sh - $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/accessPackageCatalogRoleAssignment:AccessPackageCatalogRoleAssignment example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/access_package_resource_catalog_association.py b/sdk/python/pulumi_azuread/access_package_resource_catalog_association.py index 25f71533f..0fe76643e 100644 --- a/sdk/python/pulumi_azuread/access_package_resource_catalog_association.py +++ b/sdk/python/pulumi_azuread/access_package_resource_catalog_association.py @@ -163,7 +163,7 @@ def __init__(__self__, The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. ```sh - $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. @@ -214,7 +214,7 @@ def __init__(__self__, The resource and catalog association can be imported using the catalog ID and the resource origin ID, e.g. ```sh - $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/accessPackageResourceCatalogAssociation:AccessPackageResourceCatalogAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Catalog ID and the Resource Origin ID in the format `{CatalogID}/{ResourceOriginID}`. diff --git a/sdk/python/pulumi_azuread/access_package_resource_package_association.py b/sdk/python/pulumi_azuread/access_package_resource_package_association.py index 616c975d2..e32dddf0c 100644 --- a/sdk/python/pulumi_azuread/access_package_resource_package_association.py +++ b/sdk/python/pulumi_azuread/access_package_resource_package_association.py @@ -171,7 +171,7 @@ def __init__(__self__, The resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g. ```sh - $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member ``` -> This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`. @@ -229,7 +229,7 @@ def __init__(__self__, The resource and catalog association can be imported using the access package ID, the access package ResourceRoleScope, the resource origin ID, and the access type, e.g. ```sh - $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member + $ pulumi import azuread:index/accessPackageResourcePackageAssociation:AccessPackageResourcePackageAssociation example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111_22222222-2222-2222-2222-22222222/33333333-3333-3333-3333-33333333/Member ``` -> This ID format is unique to Terraform and is composed of the Access Package ID, the access package ResourceRoleScope (in the format Role_Scope), the Resource Origin ID, and the Access Type, in the format `{AccessPackageID}/{ResourceRoleScope}/{ResourceOriginID}/{AccessType}`. diff --git a/sdk/python/pulumi_azuread/administrative_unit.py b/sdk/python/pulumi_azuread/administrative_unit.py index 7fbb8d629..ee8f52f13 100644 --- a/sdk/python/pulumi_azuread/administrative_unit.py +++ b/sdk/python/pulumi_azuread/administrative_unit.py @@ -249,7 +249,7 @@ def __init__(__self__, Administrative units can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -296,7 +296,7 @@ def __init__(__self__, Administrative units can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/administrative_unit_member.py b/sdk/python/pulumi_azuread/administrative_unit_member.py index 7b6ad4027..ef0506efc 100644 --- a/sdk/python/pulumi_azuread/administrative_unit_member.py +++ b/sdk/python/pulumi_azuread/administrative_unit_member.py @@ -130,7 +130,7 @@ def __init__(__self__, Administrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g. ```sh - $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`. @@ -177,7 +177,7 @@ def __init__(__self__, Administrative unit members can be imported using the object ID of the administrative unit and the object ID of the member, e.g. ```sh - $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/administrativeUnitMember:AdministrativeUnitMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the target Member Object ID in the format `{AdministrativeUnitObjectID}/member/{MemberObjectID}`. diff --git a/sdk/python/pulumi_azuread/administrative_unit_role_member.py b/sdk/python/pulumi_azuread/administrative_unit_role_member.py index 48457433a..fd9390bbb 100644 --- a/sdk/python/pulumi_azuread/administrative_unit_role_member.py +++ b/sdk/python/pulumi_azuread/administrative_unit_role_member.py @@ -160,7 +160,7 @@ def __init__(__self__, Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. ```sh - $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS ``` -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. @@ -208,7 +208,7 @@ def __init__(__self__, Administrative unit role members can be imported using the object ID of the administrative unit and the unique ID of the role assignment, e.g. ```sh - $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS + $ pulumi import azuread:index/administrativeUnitRoleMember:AdministrativeUnitRoleMember example 00000000-0000-0000-0000-000000000000/roleMember/zX37MRLyF0uvE-xf2WH4B7x-6CPLfudNnxFGj800htpBXqkxW7bITqGb6Rj4kuTuS ``` -> This ID format is unique to Terraform and is composed of the Administrative Unit Object ID and the role assignment ID in the format `{AdministrativeUnitObjectID}/roleMember/{RoleAssignmentID}`. diff --git a/sdk/python/pulumi_azuread/app_role_assignment.py b/sdk/python/pulumi_azuread/app_role_assignment.py index 76669f2bb..9938aceb2 100644 --- a/sdk/python/pulumi_azuread/app_role_assignment.py +++ b/sdk/python/pulumi_azuread/app_role_assignment.py @@ -312,10 +312,10 @@ def __init__(__self__, ## Import - App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g. + App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g. ```sh - $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz ``` -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. @@ -467,10 +467,10 @@ def __init__(__self__, ## Import - App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g. + App role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note: _not_ the ID of the app role), e.g. ```sh - $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz ``` -> This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. diff --git a/sdk/python/pulumi_azuread/application.py b/sdk/python/pulumi_azuread/application.py index a966189a8..eef5fdbf5 100644 --- a/sdk/python/pulumi_azuread/application.py +++ b/sdk/python/pulumi_azuread/application.py @@ -1241,7 +1241,7 @@ def __init__(__self__, Applications can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -1432,7 +1432,7 @@ def __init__(__self__, Applications can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/application:Application example /applications/00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_api_access.py b/sdk/python/pulumi_azuread/application_api_access.py index 49ba88d82..69c367d80 100644 --- a/sdk/python/pulumi_azuread/application_api_access.py +++ b/sdk/python/pulumi_azuread/application_api_access.py @@ -209,7 +209,7 @@ def __init__(__self__, Application API Access can be imported using the object ID of the application and the client ID of the API, in the following format. ```sh - $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. @@ -265,7 +265,7 @@ def __init__(__self__, Application API Access can be imported using the object ID of the application and the client ID of the API, in the following format. ```sh - $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationApiAccess:ApplicationApiAccess example /applications/00000000-0000-0000-0000-000000000000/apiAccess/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_app_role.py b/sdk/python/pulumi_azuread/application_app_role.py index 8e9389d3a..61721dc09 100644 --- a/sdk/python/pulumi_azuread/application_app_role.py +++ b/sdk/python/pulumi_azuread/application_app_role.py @@ -271,7 +271,7 @@ def __init__(__self__, Application App Roles can be imported using the object ID of the application and the ID of the app role, in the following format. ```sh - $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. @@ -328,7 +328,7 @@ def __init__(__self__, Application App Roles can be imported using the object ID of the application and the ID of the app role, in the following format. ```sh - $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationAppRole:ApplicationAppRole example /applications/00000000-0000-0000-0000-000000000000/appRoles/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_certificate.py b/sdk/python/pulumi_azuread/application_certificate.py index dc6e4a259..69f42c8e3 100644 --- a/sdk/python/pulumi_azuread/application_certificate.py +++ b/sdk/python/pulumi_azuread/application_certificate.py @@ -363,7 +363,7 @@ def __init__(__self__, Certificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g. ```sh - $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the application's object ID, the string "certificate" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`. @@ -396,7 +396,7 @@ def __init__(__self__, Certificates can be imported using the object ID of the associated application and the key ID of the certificate credential, e.g. ```sh - $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationCertificate:ApplicationCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the application's object ID, the string "certificate" and the certificate's key ID in the format `{ObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/python/pulumi_azuread/application_fallback_public_client.py b/sdk/python/pulumi_azuread/application_fallback_public_client.py index ad7e990ab..8da0c048a 100644 --- a/sdk/python/pulumi_azuread/application_fallback_public_client.py +++ b/sdk/python/pulumi_azuread/application_fallback_public_client.py @@ -124,7 +124,7 @@ def __init__(__self__, The Application Fallback Public Client setting can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient + $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient ``` :param str resource_name: The name of the resource. @@ -158,7 +158,7 @@ def __init__(__self__, The Application Fallback Public Client setting can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient + $ pulumi import azuread:index/applicationFallbackPublicClient:ApplicationFallbackPublicClient example /applications/00000000-0000-0000-0000-000000000000/fallbackPublicClient ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_federated_identity_credential.py b/sdk/python/pulumi_azuread/application_federated_identity_credential.py index 523d2b853..ce76e52a6 100644 --- a/sdk/python/pulumi_azuread/application_federated_identity_credential.py +++ b/sdk/python/pulumi_azuread/application_federated_identity_credential.py @@ -310,7 +310,7 @@ def __init__(__self__, Federated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g. ```sh - $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the application's object ID, the string "federatedIdentityCredential" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`. @@ -353,7 +353,7 @@ def __init__(__self__, Federated Identity Credentials can be imported using the object ID of the associated application and the ID of the federated identity credential, e.g. ```sh - $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationFederatedIdentityCredential:ApplicationFederatedIdentityCredential example 00000000-0000-0000-0000-000000000000/federatedIdentityCredential/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the application's object ID, the string "federatedIdentityCredential" and the credential ID in the format `{ObjectId}/federatedIdentityCredential/{CredentialId}`. diff --git a/sdk/python/pulumi_azuread/application_from_template.py b/sdk/python/pulumi_azuread/application_from_template.py index 55a9f653c..1495a4cfe 100644 --- a/sdk/python/pulumi_azuread/application_from_template.py +++ b/sdk/python/pulumi_azuread/application_from_template.py @@ -193,7 +193,7 @@ def __init__(__self__, Templated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format. ```sh - $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 + $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 ``` :param str resource_name: The name of the resource. @@ -239,7 +239,7 @@ def __init__(__self__, Templated Applications can be imported using the template ID, the object ID of the application, and the object ID of the service principal, in the following format. ```sh - $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 + $ pulumi import azuread:index/applicationFromTemplate:ApplicationFromTemplate example /applicationTemplates/00000000-0000-0000-0000-000000000000/instantiate/11111111-1111-1111-1111-111111111111/22222222-2222-2222-2222-222222222222 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_identifier_uri.py b/sdk/python/pulumi_azuread/application_identifier_uri.py index 3b26c3d39..42e0e04c3 100644 --- a/sdk/python/pulumi_azuread/application_identifier_uri.py +++ b/sdk/python/pulumi_azuread/application_identifier_uri.py @@ -128,7 +128,7 @@ def __init__(__self__, Application Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format. ```sh - $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= + $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= ``` :param str resource_name: The name of the resource. @@ -173,7 +173,7 @@ def __init__(__self__, Application Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format. ```sh - $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= + $ pulumi import azuread:index/applicationIdentifierUri:ApplicationIdentifierUri example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8= ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_known_clients.py b/sdk/python/pulumi_azuread/application_known_clients.py index ecef47daa..8636f55a4 100644 --- a/sdk/python/pulumi_azuread/application_known_clients.py +++ b/sdk/python/pulumi_azuread/application_known_clients.py @@ -116,7 +116,7 @@ def __init__(__self__, Application Known Clients can be imported using the object ID of the application in the following format. ```sh - $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients + $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients ``` :param str resource_name: The name of the resource. @@ -149,7 +149,7 @@ def __init__(__self__, Application Known Clients can be imported using the object ID of the application in the following format. ```sh - $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients + $ pulumi import azuread:index/applicationKnownClients:ApplicationKnownClients example /applications/00000000-0000-0000-0000-000000000000/knownClients ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_optional_claims.py b/sdk/python/pulumi_azuread/application_optional_claims.py index 5baf1dcf7..b76af109a 100644 --- a/sdk/python/pulumi_azuread/application_optional_claims.py +++ b/sdk/python/pulumi_azuread/application_optional_claims.py @@ -208,7 +208,7 @@ def __init__(__self__, Application Optional Claims can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -260,7 +260,7 @@ def __init__(__self__, Application Optional Claims can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/applicationOptionalClaims:ApplicationOptionalClaims example /applications/00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_owner.py b/sdk/python/pulumi_azuread/application_owner.py index 177f1fa5e..22cea7461 100644 --- a/sdk/python/pulumi_azuread/application_owner.py +++ b/sdk/python/pulumi_azuread/application_owner.py @@ -121,7 +121,7 @@ def __init__(__self__, Application Owners can be imported using the object ID of the application and the object ID of the owner, in the following format. ```sh - $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. @@ -159,7 +159,7 @@ def __init__(__self__, Application Owners can be imported using the object ID of the application and the object ID of the owner, in the following format. ```sh - $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationOwner:ApplicationOwner example /applications/00000000-0000-0000-0000-000000000000/owners/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_permission_scope.py b/sdk/python/pulumi_azuread/application_permission_scope.py index d1fac8c0f..92d66598f 100644 --- a/sdk/python/pulumi_azuread/application_permission_scope.py +++ b/sdk/python/pulumi_azuread/application_permission_scope.py @@ -336,7 +336,7 @@ def __init__(__self__, Application App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format. ```sh - $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. @@ -394,7 +394,7 @@ def __init__(__self__, Application App Roles can be imported using the object ID of the application and the ID of the permission scope, in the following format. ```sh - $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationPermissionScope:ApplicationPermissionScope example /applications/00000000-0000-0000-0000-000000000000/permissionScopes/11111111-1111-1111-1111-111111111111 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_pre_authorized.py b/sdk/python/pulumi_azuread/application_pre_authorized.py index 9a91bd06d..eb5c4c769 100644 --- a/sdk/python/pulumi_azuread/application_pre_authorized.py +++ b/sdk/python/pulumi_azuread/application_pre_authorized.py @@ -267,7 +267,7 @@ def __init__(__self__, Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g. ```sh - $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string "preAuthorizedApplication" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`. @@ -332,7 +332,7 @@ def __init__(__self__, Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g. ```sh - $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the authorizing application's object ID, the string "preAuthorizedApplication" and the authorized application's application ID (client ID) in the format `{ObjectId}/preAuthorizedApplication/{ApplicationId}`. diff --git a/sdk/python/pulumi_azuread/application_redirect_uris.py b/sdk/python/pulumi_azuread/application_redirect_uris.py index 6e6b7080c..8f2f67430 100644 --- a/sdk/python/pulumi_azuread/application_redirect_uris.py +++ b/sdk/python/pulumi_azuread/application_redirect_uris.py @@ -170,7 +170,7 @@ def __init__(__self__, Application API Access can be imported using the object ID of the application and the URI type, in the following format. ```sh - $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web + $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web ``` :param str resource_name: The name of the resource. @@ -226,7 +226,7 @@ def __init__(__self__, Application API Access can be imported using the object ID of the application and the URI type, in the following format. ```sh - $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web + $ pulumi import azuread:index/applicationRedirectUris:ApplicationRedirectUris example /applications/00000000-0000-0000-0000-000000000000/redirectUris/Web ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/application_registration.py b/sdk/python/pulumi_azuread/application_registration.py index 9694a65c7..9bd39c251 100644 --- a/sdk/python/pulumi_azuread/application_registration.py +++ b/sdk/python/pulumi_azuread/application_registration.py @@ -627,7 +627,7 @@ def __init__(__self__, Application Registrations can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -690,7 +690,7 @@ def __init__(__self__, Application Registrations can be imported using the object ID of the application, in the following format. ```sh - $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/authentication_strength_policy.py b/sdk/python/pulumi_azuread/authentication_strength_policy.py index e3e8fe5af..c306027a5 100644 --- a/sdk/python/pulumi_azuread/authentication_strength_policy.py +++ b/sdk/python/pulumi_azuread/authentication_strength_policy.py @@ -187,7 +187,7 @@ def __init__(__self__, Authentication Strength Policies can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -259,7 +259,7 @@ def __init__(__self__, Authentication Strength Policies can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/authenticationStrengthPolicy:AuthenticationStrengthPolicy my_policy 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/claims_mapping_policy.py b/sdk/python/pulumi_azuread/claims_mapping_policy.py index 24f1dc4e3..70965cf6c 100644 --- a/sdk/python/pulumi_azuread/claims_mapping_policy.py +++ b/sdk/python/pulumi_azuread/claims_mapping_policy.py @@ -144,7 +144,7 @@ def __init__(__self__, Claims Mapping Policy can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -205,7 +205,7 @@ def __init__(__self__, Claims Mapping Policy can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/claimsMappingPolicy:ClaimsMappingPolicy my_policy 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/conditional_access_policy.py b/sdk/python/pulumi_azuread/conditional_access_policy.py index db96fbd70..427b03d55 100644 --- a/sdk/python/pulumi_azuread/conditional_access_policy.py +++ b/sdk/python/pulumi_azuread/conditional_access_policy.py @@ -329,7 +329,7 @@ def __init__(__self__, Conditional Access Policies can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -472,7 +472,7 @@ def __init__(__self__, Conditional Access Policies can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/directory_role_assignment.py b/sdk/python/pulumi_azuread/directory_role_assignment.py index 94e50322d..74e682fa1 100644 --- a/sdk/python/pulumi_azuread/directory_role_assignment.py +++ b/sdk/python/pulumi_azuread/directory_role_assignment.py @@ -257,7 +257,7 @@ def __init__(__self__, Directory role assignments can be imported using the ID of the assignment, e.g. ```sh - $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 + $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 ``` :param str resource_name: The name of the resource. @@ -291,7 +291,7 @@ def __init__(__self__, Directory role assignments can be imported using the ID of the assignment, e.g. ```sh - $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 + $ pulumi import azuread:index/directoryRoleAssignment:DirectoryRoleAssignment example ePROZI_iKE653D_d6aoLHyr-lKgHI8ZGiIdz8CLVcng-1 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/directory_role_eligibility_schedule_request.py b/sdk/python/pulumi_azuread/directory_role_eligibility_schedule_request.py index 966d360ab..e77f31eff 100644 --- a/sdk/python/pulumi_azuread/directory_role_eligibility_schedule_request.py +++ b/sdk/python/pulumi_azuread/directory_role_eligibility_schedule_request.py @@ -194,7 +194,7 @@ def __init__(__self__, Directory role eligibility schedule requests can be imported using the ID of the assignment, e.g. ```sh - $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 + $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 ``` :param str resource_name: The name of the resource. @@ -243,7 +243,7 @@ def __init__(__self__, Directory role eligibility schedule requests can be imported using the ID of the assignment, e.g. ```sh - $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 + $ pulumi import azuread:index/directoryRoleEligibilityScheduleRequest:DirectoryRoleEligibilityScheduleRequest example 822ec710-4c9f-4f71-a27a-451759cc7522 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/directory_role_member.py b/sdk/python/pulumi_azuread/directory_role_member.py index 013ec91d8..ba33f236f 100644 --- a/sdk/python/pulumi_azuread/directory_role_member.py +++ b/sdk/python/pulumi_azuread/directory_role_member.py @@ -130,7 +130,7 @@ def __init__(__self__, Directory role members can be imported using the object ID of the role and the object ID of the member, e.g. ```sh - $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`. @@ -177,7 +177,7 @@ def __init__(__self__, Directory role members can be imported using the object ID of the role and the object ID of the member, e.g. ```sh - $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/directoryRoleMember:DirectoryRoleMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Directory Role Object ID and the target Member Object ID in the format `{RoleObjectID}/member/{MemberObjectID}`. diff --git a/sdk/python/pulumi_azuread/group.py b/sdk/python/pulumi_azuread/group.py index 24bbb0d02..c142ddf49 100644 --- a/sdk/python/pulumi_azuread/group.py +++ b/sdk/python/pulumi_azuread/group.py @@ -994,7 +994,7 @@ def __init__(__self__, Groups can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -1070,7 +1070,7 @@ def __init__(__self__, Groups can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/group_member.py b/sdk/python/pulumi_azuread/group_member.py index 034e9bb41..f02ce8831 100644 --- a/sdk/python/pulumi_azuread/group_member.py +++ b/sdk/python/pulumi_azuread/group_member.py @@ -132,7 +132,7 @@ def __init__(__self__, Group members can be imported using the object ID of the group and the object ID of the member, e.g. ```sh - $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. @@ -183,7 +183,7 @@ def __init__(__self__, Group members can be imported using the object ID of the group and the object ID of the member, e.g. ```sh - $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/groupMember:GroupMember example 00000000-0000-0000-0000-000000000000/member/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the Azure AD Group Object ID and the target Member Object ID in the format `{GroupObjectID}/member/{MemberObjectID}`. diff --git a/sdk/python/pulumi_azuread/named_location.py b/sdk/python/pulumi_azuread/named_location.py index b6b2731d5..850ad9282 100644 --- a/sdk/python/pulumi_azuread/named_location.py +++ b/sdk/python/pulumi_azuread/named_location.py @@ -183,7 +183,7 @@ def __init__(__self__, Named Locations can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -242,7 +242,7 @@ def __init__(__self__, Named Locations can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/namedLocation:NamedLocation my_location 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/service_principal.py b/sdk/python/pulumi_azuread/service_principal.py index d2a4d9596..60c24adee 100644 --- a/sdk/python/pulumi_azuread/service_principal.py +++ b/sdk/python/pulumi_azuread/service_principal.py @@ -898,7 +898,7 @@ def __init__(__self__, Service principals can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -1001,7 +1001,7 @@ def __init__(__self__, Service principals can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/servicePrincipal:ServicePrincipal example 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/service_principal_certificate.py b/sdk/python/pulumi_azuread/service_principal_certificate.py index 68e56a73e..475f3a7ca 100644 --- a/sdk/python/pulumi_azuread/service_principal_certificate.py +++ b/sdk/python/pulumi_azuread/service_principal_certificate.py @@ -317,7 +317,7 @@ def __init__(__self__, Certificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g. ```sh - $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "certificate" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`. @@ -349,7 +349,7 @@ def __init__(__self__, Certificates can be imported using the object ID of the associated service principal and the key ID of the certificate credential, e.g. ```sh - $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/servicePrincipalCertificate:ServicePrincipalCertificate example 00000000-0000-0000-0000-000000000000/certificate/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "certificate" and the certificate's key ID in the format `{ServicePrincipalObjectId}/certificate/{CertificateKeyId}`. diff --git a/sdk/python/pulumi_azuread/service_principal_claims_mapping_policy_assignment.py b/sdk/python/pulumi_azuread/service_principal_claims_mapping_policy_assignment.py index c05953275..414b7c843 100644 --- a/sdk/python/pulumi_azuread/service_principal_claims_mapping_policy_assignment.py +++ b/sdk/python/pulumi_azuread/service_principal_claims_mapping_policy_assignment.py @@ -121,10 +121,10 @@ def __init__(__self__, ## Import - Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g + Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g: ```sh - $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 + $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -162,10 +162,10 @@ def __init__(__self__, ## Import - Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g + Claims Mapping Policy can be imported using the `id`, in the form `service-principal-uuid/claimsMappingPolicy/claims-mapping-policy-uuid`, e.g: ```sh - $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 + $ pulumi import azuread:index/servicePrincipalClaimsMappingPolicyAssignment:ServicePrincipalClaimsMappingPolicyAssignment app 00000000-0000-0000-0000-000000000000/claimsMappingPolicy/11111111-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py b/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py index de33aa0a9..dead0fa52 100644 --- a/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py +++ b/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py @@ -264,7 +264,7 @@ def __init__(__self__, Delegated permission grants can be imported using their ID, e.g. ```sh - $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz ``` :param str resource_name: The name of the resource. @@ -376,7 +376,7 @@ def __init__(__self__, Delegated permission grants can be imported using their ID, e.g. ```sh - $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz + $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/service_principal_token_signing_certificate.py b/sdk/python/pulumi_azuread/service_principal_token_signing_certificate.py index 709730773..0020bc1b6 100644 --- a/sdk/python/pulumi_azuread/service_principal_token_signing_certificate.py +++ b/sdk/python/pulumi_azuread/service_principal_token_signing_certificate.py @@ -242,7 +242,7 @@ def __init__(__self__, Token signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g. ```sh - $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "tokenSigningCertificate" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`. @@ -295,7 +295,7 @@ def __init__(__self__, Token signing certificates can be imported using the object ID of the associated service principal and the key ID of the verify certificate credential, e.g. ```sh - $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 + $ pulumi import azuread:index/servicePrincipalTokenSigningCertificate:ServicePrincipalTokenSigningCertificate example 00000000-0000-0000-0000-000000000000/tokenSigningCertificate/11111111-1111-1111-1111-111111111111 ``` -> This ID format is unique to Terraform and is composed of the service principal's object ID, the string "tokenSigningCertificate" and the verify certificate's key ID in the format `{ServicePrincipalObjectId}/tokenSigningCertificate/{CertificateKeyId}`. diff --git a/sdk/python/pulumi_azuread/synchronization_job.py b/sdk/python/pulumi_azuread/synchronization_job.py index cac49bdd4..5d13ed4a1 100644 --- a/sdk/python/pulumi_azuread/synchronization_job.py +++ b/sdk/python/pulumi_azuread/synchronization_job.py @@ -199,7 +199,7 @@ def __init__(__self__, Synchronization jobs can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 + $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 ``` -> This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`. @@ -267,7 +267,7 @@ def __init__(__self__, Synchronization jobs can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 + $ pulumi import azuread:index/synchronizationJob:SynchronizationJob example 00000000-0000-0000-0000-000000000000/job/dataBricks.f5532fc709734b1a90e8a1fa9fd03a82.8442fd39-2183-419c-8732-74b6ce866bd5 ``` -> This ID format is unique to Terraform and is composed of the Service Principal Object ID and the ID of the Synchronization Job Id in the format `{servicePrincipalId}/job/{jobId}`. diff --git a/sdk/python/pulumi_azuread/user.py b/sdk/python/pulumi_azuread/user.py index b8c61645c..74577468a 100644 --- a/sdk/python/pulumi_azuread/user.py +++ b/sdk/python/pulumi_azuread/user.py @@ -1427,7 +1427,7 @@ def __init__(__self__, Users can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. @@ -1504,7 +1504,7 @@ def __init__(__self__, Users can be imported using their object ID, e.g. ```sh - $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 + $ pulumi import azuread:index/user:User my_user 00000000-0000-0000-0000-000000000000 ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_azuread/user_flow_attribute.py b/sdk/python/pulumi_azuread/user_flow_attribute.py index 78121727b..bf71d103c 100644 --- a/sdk/python/pulumi_azuread/user_flow_attribute.py +++ b/sdk/python/pulumi_azuread/user_flow_attribute.py @@ -173,7 +173,7 @@ def __init__(__self__, User flow attributes can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv ``` -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). @@ -218,7 +218,7 @@ def __init__(__self__, User flow attributes can be imported using the `id`, e.g. ```sh - $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv + $ pulumi import azuread:index/userFlowAttribute:UserFlowAttribute example extension_ecc9f88db2924942b8a96f44873616fe_Hobbyjkorv ``` -> This ID can be queried using the [User Flow Attributes API](https://learn.microsoft.com/en-us/graph/api/identityuserflowattribute-list?view=graph-rest-1.0&tabs=http). diff --git a/sdk/python/pyproject.toml b/sdk/python/pyproject.toml index c2c651a64..47dad51e8 100644 --- a/sdk/python/pyproject.toml +++ b/sdk/python/pyproject.toml @@ -1,10 +1,10 @@ [project] name = "pulumi_azuread" description = "A Pulumi package for creating and managing Azure Active Directory (Azure AD) cloud resources." - dependencies = ["importlib-metadata>=6.0.0,<7.0.0; python_version < \"3.8\"", "parver>=0.2.1", "pulumi>=3.0.0,<4.0.0", "semver>=2.8.1"] + dependencies = ["parver>=0.2.1", "pulumi>=3.0.0,<4.0.0", "semver>=2.8.1"] keywords = ["pulumi", "azuread"] readme = "README.md" - requires-python = ">=3.7" + requires-python = ">=3.8" version = "0.0.0" [project.license] text = "Apache-2.0"