diff --git a/provider/cmd/pulumi-resource-azuread/schema.json b/provider/cmd/pulumi-resource-azuread/schema.json
index b3af80fe6..a8df2e25c 100644
--- a/provider/cmd/pulumi-resource-azuread/schema.json
+++ b/provider/cmd/pulumi-resource-azuread/schema.json
@@ -4183,12 +4183,16 @@
}
},
"azuread:index/group:Group": {
- "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`\n\nIf using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(AzureAD.GetClientConfig.InvokeAsync());\n var example = new AzureAD.Group(\"example\", new AzureAD.GroupArgs\n {\n DisplayName = \"example\",\n Owners = \n {\n current.Apply(current =\u003e current.ObjectId),\n },\n SecurityEnabled = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n*Microsoft 365 group*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"groupOwner\", {\n userPrincipalName: \"example-group-owner@hashicorp.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"groupOwner\",\n user_principal_name=\"example-group-owner@hashicorp.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(AzureAD.GetClientConfig.InvokeAsync());\n var groupOwner = new AzureAD.User(\"groupOwner\", new AzureAD.UserArgs\n {\n UserPrincipalName = \"example-group-owner@hashicorp.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n var example = new AzureAD.Group(\"example\", new AzureAD.GroupArgs\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = \n {\n \"Unified\",\n },\n Owners = \n {\n current.Apply(current =\u003e current.ObjectId),\n groupOwner.ObjectId,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"groupOwner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@hashicorp.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n*Group with members*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"J Doe\",\n owners: [current.then(current =\u003e current.objectId)],\n password: \"notSecure123\",\n userPrincipalName: \"jdoe@hashicorp.com\",\n});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n members: [exampleUser.objectId],\n});\n```\n\n*Group with dynamic membership*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership=azuread.GroupDynamicMembershipArgs(\n enabled=True,\n rule=\"user.department -eq \\\"Sales\\\"\",\n ))\n```\n```csharp\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(AzureAD.GetClientConfig.InvokeAsync());\n var example = new AzureAD.Group(\"example\", new AzureAD.GroupArgs\n {\n DisplayName = \"MyGroup\",\n Owners = \n {\n current.Apply(current =\u003e current.ObjectId),\n },\n SecurityEnabled = true,\n Types = \n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n ",
+ "description": "Manages a group within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Group.ReadWrite.All` or `Directory.ReadWrite.All`\n\nIf using the `assignable_to_role` property, this resource additionally requires one of the following application roles: `RoleManagement.ReadWrite.Directory` or `Directory.ReadWrite.All`\n\nIf specifying owners for a group, which are user principals, this resource additionally requires one of the following application roles: `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`\n\nThe `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n owners=[current.object_id],\n security_enabled=True)\n```\n```csharp\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(AzureAD.GetClientConfig.InvokeAsync());\n var example = new AzureAD.Group(\"example\", new AzureAD.GroupArgs\n {\n DisplayName = \"example\",\n Owners = \n {\n current.Apply(current =\u003e current.ObjectId),\n },\n SecurityEnabled = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n*Microsoft 365 group*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst groupOwner = new azuread.User(\"groupOwner\", {\n userPrincipalName: \"example-group-owner@hashicorp.com\",\n displayName: \"Group Owner\",\n mailNickname: \"example-group-owner\",\n password: \"SecretP@sswd99!\",\n});\nconst example = new azuread.Group(\"example\", {\n displayName: \"example\",\n mailEnabled: true,\n mailNickname: \"ExampleGroup\",\n securityEnabled: true,\n types: [\"Unified\"],\n owners: [\n current.then(current =\u003e current.objectId),\n groupOwner.objectId,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\ngroup_owner = azuread.User(\"groupOwner\",\n user_principal_name=\"example-group-owner@hashicorp.com\",\n display_name=\"Group Owner\",\n mail_nickname=\"example-group-owner\",\n password=\"SecretP@sswd99!\")\nexample = azuread.Group(\"example\",\n display_name=\"example\",\n mail_enabled=True,\n mail_nickname=\"ExampleGroup\",\n security_enabled=True,\n types=[\"Unified\"],\n owners=[\n current.object_id,\n group_owner.object_id,\n ])\n```\n```csharp\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(AzureAD.GetClientConfig.InvokeAsync());\n var groupOwner = new AzureAD.User(\"groupOwner\", new AzureAD.UserArgs\n {\n UserPrincipalName = \"example-group-owner@hashicorp.com\",\n DisplayName = \"Group Owner\",\n MailNickname = \"example-group-owner\",\n Password = \"SecretP@sswd99!\",\n });\n var example = new AzureAD.Group(\"example\", new AzureAD.GroupArgs\n {\n DisplayName = \"example\",\n MailEnabled = true,\n MailNickname = \"ExampleGroup\",\n SecurityEnabled = true,\n Types = \n {\n \"Unified\",\n },\n Owners = \n {\n current.Apply(current =\u003e current.ObjectId),\n groupOwner.ObjectId,\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupOwner, err := azuread.NewUser(ctx, \"groupOwner\", \u0026azuread.UserArgs{\n\t\t\tUserPrincipalName: pulumi.String(\"example-group-owner@hashicorp.com\"),\n\t\t\tDisplayName: pulumi.String(\"Group Owner\"),\n\t\t\tMailNickname: pulumi.String(\"example-group-owner\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tMailEnabled: pulumi.Bool(true),\n\t\t\tMailNickname: pulumi.String(\"ExampleGroup\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Unified\"),\n\t\t\t},\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t\tgroupOwner.ObjectId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n\n*Group with members*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"J Doe\",\n owners: [current.then(current =\u003e current.objectId)],\n password: \"notSecure123\",\n userPrincipalName: \"jdoe@hashicorp.com\",\n});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n members: [exampleUser.objectId],\n});\n```\n\n*Group with dynamic membership*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.Group(\"example\", {\n displayName: \"MyGroup\",\n owners: [current.then(current =\u003e current.objectId)],\n securityEnabled: true,\n types: [\"DynamicMembership\"],\n dynamicMembership: {\n enabled: true,\n rule: \"user.department -eq \\\"Sales\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.Group(\"example\",\n display_name=\"MyGroup\",\n owners=[current.object_id],\n security_enabled=True,\n types=[\"DynamicMembership\"],\n dynamic_membership=azuread.GroupDynamicMembershipArgs(\n enabled=True,\n rule=\"user.department -eq \\\"Sales\\\"\",\n ))\n```\n```csharp\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(AzureAD.GetClientConfig.InvokeAsync());\n var example = new AzureAD.Group(\"example\", new AzureAD.GroupArgs\n {\n DisplayName = \"MyGroup\",\n Owners = \n {\n current.Apply(current =\u003e current.ObjectId),\n },\n SecurityEnabled = true,\n Types = \n {\n \"DynamicMembership\",\n },\n DynamicMembership = new AzureAD.Inputs.GroupDynamicMembershipArgs\n {\n Enabled = true,\n Rule = \"user.department -eq \\\"Sales\\\"\",\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewGroup(ctx, \"example\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tOwners: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.ObjectId),\n\t\t\t},\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t\tTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DynamicMembership\"),\n\t\t\t},\n\t\t\tDynamicMembership: \u0026GroupDynamicMembershipArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tRule: pulumi.String(\"user.department -eq \\\"Sales\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGroups can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/group:Group my_group 00000000-0000-0000-0000-000000000000\n```\n\n ",
"properties": {
"assignableToRole": {
"type": "boolean",
"description": "Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.\n"
},
+ "autoSubscribeNewMembers": {
+ "type": "boolean",
+ "description": "Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.\n"
+ },
"behaviors": {
"type": "array",
"items": {
@@ -4208,6 +4212,18 @@
"$ref": "#/types/azuread:index/GroupDynamicMembership:GroupDynamicMembership",
"description": "A `dynamic_membership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.\n"
},
+ "externalSendersAllowed": {
+ "type": "boolean",
+ "description": "Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.\n"
+ },
+ "hideFromAddressLists": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.\n"
+ },
+ "hideFromOutlookClients": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.\n"
+ },
"mail": {
"type": "string",
"description": "The SMTP address for the group.\n"
@@ -4321,6 +4337,10 @@
"type": "boolean",
"description": "Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.\n"
},
+ "autoSubscribeNewMembers": {
+ "type": "boolean",
+ "description": "Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.\n"
+ },
"behaviors": {
"type": "array",
"items": {
@@ -4340,6 +4360,18 @@
"$ref": "#/types/azuread:index/GroupDynamicMembership:GroupDynamicMembership",
"description": "A `dynamic_membership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.\n"
},
+ "externalSendersAllowed": {
+ "type": "boolean",
+ "description": "Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.\n"
+ },
+ "hideFromAddressLists": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.\n"
+ },
+ "hideFromOutlookClients": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.\n"
+ },
"mailEnabled": {
"type": "boolean",
"description": "Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).\n"
@@ -4403,6 +4435,10 @@
"type": "boolean",
"description": "Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.\n"
},
+ "autoSubscribeNewMembers": {
+ "type": "boolean",
+ "description": "Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.\n"
+ },
"behaviors": {
"type": "array",
"items": {
@@ -4422,6 +4458,18 @@
"$ref": "#/types/azuread:index/GroupDynamicMembership:GroupDynamicMembership",
"description": "A `dynamic_membership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.\n"
},
+ "externalSendersAllowed": {
+ "type": "boolean",
+ "description": "Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.\n"
+ },
+ "hideFromAddressLists": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.\n"
+ },
+ "hideFromOutlookClients": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.\n"
+ },
"mail": {
"type": "string",
"description": "The SMTP address for the group.\n"
@@ -6571,6 +6619,10 @@
"type": "boolean",
"description": "Indicates whether this group can be assigned to an Azure Active Directory role.\n"
},
+ "autoSubscribeNewMembers": {
+ "type": "boolean",
+ "description": "Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.\n"
+ },
"behaviors": {
"type": "array",
"items": {
@@ -6593,6 +6645,18 @@
},
"description": "A `dynamic_membership` block as documented below.\n"
},
+ "externalSendersAllowed": {
+ "type": "boolean",
+ "description": "Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.\n"
+ },
+ "hideFromAddressLists": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.\n"
+ },
+ "hideFromOutlookClients": {
+ "type": "boolean",
+ "description": "Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.\n"
+ },
"id": {
"type": "string",
"description": "The provider-assigned unique ID for this managed resource.\n"
@@ -6688,10 +6752,14 @@
"type": "object",
"required": [
"assignableToRole",
+ "autoSubscribeNewMembers",
"behaviors",
"description",
"displayName",
"dynamicMemberships",
+ "externalSendersAllowed",
+ "hideFromAddressLists",
+ "hideFromOutlookClients",
"mail",
"mailEnabled",
"mailNickname",
diff --git a/provider/go.sum b/provider/go.sum
index 1fad26d9f..6a032672d 100644
--- a/provider/go.sum
+++ b/provider/go.sum
@@ -482,8 +482,8 @@ github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmX
github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY=
github.com/hashicorp/terraform-plugin-test v1.2.0 h1:AWFdqyfnOj04sxTdaAF57QqvW7XXrT8PseUHkbKsE8I=
github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs=
-github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220114004106-da613363fc4a h1:ZRNcf+RNHFj2YmVshoKosI4SLUsP/z86oq4ypYZyH4Q=
-github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220114004106-da613363fc4a/go.mod h1:xwU7MrDRLRoyJUJSSDhNms8yv3jHnlq4tJkuCfrHlVc=
+github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220128030533-a33dcaa5e1f4 h1:PwkQSE13SSmQ9EFVjFbp+E0i+Wrphfb0Xlci0kvE57E=
+github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220128030533-a33dcaa5e1f4/go.mod h1:9maKV4aH8NcQWpc4yaSKJBJ5xoHb0WlnBWVsriPx/sI=
github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg=
github.com/hashicorp/terraform-svchost v0.0.0-20191119180714-d2e4933b9136 h1:81Dg7SK6Q5vzqFItO8e1iIF2Nj8bLXV23NXjEgbev/s=
github.com/hashicorp/terraform-svchost v0.0.0-20191119180714-d2e4933b9136/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg=
@@ -564,8 +564,8 @@ github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgx
github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/lib/pq v1.10.1/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/manicminer/hamilton v0.39.0 h1:sOp4EAsYA4f0x/+fjPeWVEP3K9NULPjpqe6i9Itkgd8=
-github.com/manicminer/hamilton v0.39.0/go.mod h1:IOYn2Dc9SUiZ7Ryw6c8Ay795vPPMnrCZe3MktS447dc=
+github.com/manicminer/hamilton v0.40.1 h1:EcKl91ZHBA2NRwz2dyerPbkqH1PUR5GYJwqRUo1yCLg=
+github.com/manicminer/hamilton v0.40.1/go.mod h1:IOYn2Dc9SUiZ7Ryw6c8Ay795vPPMnrCZe3MktS447dc=
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
diff --git a/provider/shim/go.mod b/provider/shim/go.mod
index 1563df919..a55493bb9 100644
--- a/provider/shim/go.mod
+++ b/provider/shim/go.mod
@@ -4,7 +4,7 @@ go 1.15
require (
github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0
- github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220114004106-da613363fc4a
+ github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220128030533-a33dcaa5e1f4
)
replace github.com/hashicorp/terraform-plugin-sdk/v2 => github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20201218231525-9cca98608a5e
diff --git a/provider/shim/go.sum b/provider/shim/go.sum
index eb020fabf..61a491150 100644
--- a/provider/shim/go.sum
+++ b/provider/shim/go.sum
@@ -254,8 +254,8 @@ github.com/hashicorp/terraform-json v0.8.0 h1:XObQ3PgqU52YLQKEaJ08QtUshAfN3yu4u8
github.com/hashicorp/terraform-json v0.8.0/go.mod h1:3defM4kkMfttwiE7VakJDwCd4R+umhSQnvJwORXbprE=
github.com/hashicorp/terraform-plugin-go v0.1.0 h1:kyXZ0nkHxiRev/q18N40IbRRk4AV0zE/MDJkDM3u8dY=
github.com/hashicorp/terraform-plugin-go v0.1.0/go.mod h1:10V6F3taeDWVAoLlkmArKttR3IULlRWFAGtQIQTIDr4=
-github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220114004106-da613363fc4a h1:ZRNcf+RNHFj2YmVshoKosI4SLUsP/z86oq4ypYZyH4Q=
-github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220114004106-da613363fc4a/go.mod h1:xwU7MrDRLRoyJUJSSDhNms8yv3jHnlq4tJkuCfrHlVc=
+github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220128030533-a33dcaa5e1f4 h1:PwkQSE13SSmQ9EFVjFbp+E0i+Wrphfb0Xlci0kvE57E=
+github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20220128030533-a33dcaa5e1f4/go.mod h1:9maKV4aH8NcQWpc4yaSKJBJ5xoHb0WlnBWVsriPx/sI=
github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
github.com/hashicorp/yamux v0.0.0-20210316155119-a95892c5f864 h1:Y4V+SFe7d3iH+9pJCoeWIOS5/xBJIFsltS7E+KJSsJY=
@@ -292,8 +292,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
-github.com/manicminer/hamilton v0.39.0 h1:sOp4EAsYA4f0x/+fjPeWVEP3K9NULPjpqe6i9Itkgd8=
-github.com/manicminer/hamilton v0.39.0/go.mod h1:IOYn2Dc9SUiZ7Ryw6c8Ay795vPPMnrCZe3MktS447dc=
+github.com/manicminer/hamilton v0.40.1 h1:EcKl91ZHBA2NRwz2dyerPbkqH1PUR5GYJwqRUo1yCLg=
+github.com/manicminer/hamilton v0.40.1/go.mod h1:IOYn2Dc9SUiZ7Ryw6c8Ay795vPPMnrCZe3MktS447dc=
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
diff --git a/sdk/dotnet/GetGroup.cs b/sdk/dotnet/GetGroup.cs
index ebc00416f..eb609b87f 100644
--- a/sdk/dotnet/GetGroup.cs
+++ b/sdk/dotnet/GetGroup.cs
@@ -163,6 +163,10 @@ public sealed class GetGroupResult
///
public readonly bool AssignableToRole;
///
+ /// Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
+ ///
+ public readonly bool AutoSubscribeNewMembers;
+ ///
/// A list of behaviors for a Microsoft 365 group, such as `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details.
///
public readonly ImmutableArray Behaviors;
@@ -179,6 +183,18 @@ public sealed class GetGroupResult
///
public readonly ImmutableArray DynamicMemberships;
///
+ /// Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
+ ///
+ public readonly bool ExternalSendersAllowed;
+ ///
+ /// Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
+ ///
+ public readonly bool HideFromAddressLists;
+ ///
+ /// Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
+ ///
+ public readonly bool HideFromOutlookClients;
+ ///
/// The provider-assigned unique ID for this managed resource.
///
public readonly string Id;
@@ -259,6 +275,8 @@ public sealed class GetGroupResult
private GetGroupResult(
bool assignableToRole,
+ bool autoSubscribeNewMembers,
+
ImmutableArray behaviors,
string description,
@@ -267,6 +285,12 @@ private GetGroupResult(
ImmutableArray dynamicMemberships,
+ bool externalSendersAllowed,
+
+ bool hideFromAddressLists,
+
+ bool hideFromOutlookClients,
+
string id,
string mail,
@@ -306,10 +330,14 @@ private GetGroupResult(
string visibility)
{
AssignableToRole = assignableToRole;
+ AutoSubscribeNewMembers = autoSubscribeNewMembers;
Behaviors = behaviors;
Description = description;
DisplayName = displayName;
DynamicMemberships = dynamicMemberships;
+ ExternalSendersAllowed = externalSendersAllowed;
+ HideFromAddressLists = hideFromAddressLists;
+ HideFromOutlookClients = hideFromOutlookClients;
Id = id;
Mail = mail;
MailEnabled = mailEnabled;
diff --git a/sdk/dotnet/Group.cs b/sdk/dotnet/Group.cs
index c0d278a7a..591755cb8 100644
--- a/sdk/dotnet/Group.cs
+++ b/sdk/dotnet/Group.cs
@@ -24,6 +24,8 @@ namespace Pulumi.AzureAD
///
/// When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`
///
+ /// The `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.
+ ///
/// ## Import
///
/// Groups can be imported using their object ID, e.g.
@@ -41,6 +43,12 @@ public partial class Group : Pulumi.CustomResource
[Output("assignableToRole")]
public Output AssignableToRole { get; private set; } = null!;
+ ///
+ /// Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ ///
+ [Output("autoSubscribeNewMembers")]
+ public Output AutoSubscribeNewMembers { get; private set; } = null!;
+
///
/// A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
///
@@ -65,6 +73,24 @@ public partial class Group : Pulumi.CustomResource
[Output("dynamicMembership")]
public Output DynamicMembership { get; private set; } = null!;
+ ///
+ /// Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ///
+ [Output("externalSendersAllowed")]
+ public Output ExternalSendersAllowed { get; private set; } = null!;
+
+ ///
+ /// Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ ///
+ [Output("hideFromAddressLists")]
+ public Output HideFromAddressLists { get; private set; } = null!;
+
+ ///
+ /// Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ ///
+ [Output("hideFromOutlookClients")]
+ public Output HideFromOutlookClients { get; private set; } = null!;
+
///
/// The SMTP address for the group.
///
@@ -231,6 +257,12 @@ public sealed class GroupArgs : Pulumi.ResourceArgs
[Input("assignableToRole")]
public Input? AssignableToRole { get; set; }
+ ///
+ /// Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ ///
+ [Input("autoSubscribeNewMembers")]
+ public Input? AutoSubscribeNewMembers { get; set; }
+
[Input("behaviors")]
private InputList? _behaviors;
@@ -261,6 +293,24 @@ public InputList Behaviors
[Input("dynamicMembership")]
public Input? DynamicMembership { get; set; }
+ ///
+ /// Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ///
+ [Input("externalSendersAllowed")]
+ public Input? ExternalSendersAllowed { get; set; }
+
+ ///
+ /// Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ ///
+ [Input("hideFromAddressLists")]
+ public Input? HideFromAddressLists { get; set; }
+
+ ///
+ /// Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ ///
+ [Input("hideFromOutlookClients")]
+ public Input? HideFromOutlookClients { get; set; }
+
///
/// Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
///
@@ -358,6 +408,12 @@ public sealed class GroupState : Pulumi.ResourceArgs
[Input("assignableToRole")]
public Input? AssignableToRole { get; set; }
+ ///
+ /// Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ ///
+ [Input("autoSubscribeNewMembers")]
+ public Input? AutoSubscribeNewMembers { get; set; }
+
[Input("behaviors")]
private InputList? _behaviors;
@@ -388,6 +444,24 @@ public InputList Behaviors
[Input("dynamicMembership")]
public Input? DynamicMembership { get; set; }
+ ///
+ /// Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ///
+ [Input("externalSendersAllowed")]
+ public Input? ExternalSendersAllowed { get; set; }
+
+ ///
+ /// Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ ///
+ [Input("hideFromAddressLists")]
+ public Input? HideFromAddressLists { get; set; }
+
+ ///
+ /// Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ ///
+ [Input("hideFromOutlookClients")]
+ public Input? HideFromOutlookClients { get; set; }
+
///
/// The SMTP address for the group.
///
diff --git a/sdk/go/azuread/getGroup.go b/sdk/go/azuread/getGroup.go
index 49cd73ec8..381e5e9b3 100644
--- a/sdk/go/azuread/getGroup.go
+++ b/sdk/go/azuread/getGroup.go
@@ -71,6 +71,8 @@ type LookupGroupArgs struct {
type LookupGroupResult struct {
// Indicates whether this group can be assigned to an Azure Active Directory role.
AssignableToRole bool `pulumi:"assignableToRole"`
+ // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
+ AutoSubscribeNewMembers bool `pulumi:"autoSubscribeNewMembers"`
// A list of behaviors for a Microsoft 365 group, such as `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details.
Behaviors []string `pulumi:"behaviors"`
// The optional description of the group.
@@ -79,6 +81,12 @@ type LookupGroupResult struct {
DisplayName string `pulumi:"displayName"`
// A `dynamicMembership` block as documented below.
DynamicMemberships []GetGroupDynamicMembership `pulumi:"dynamicMemberships"`
+ // Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
+ ExternalSendersAllowed bool `pulumi:"externalSendersAllowed"`
+ // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
+ HideFromAddressLists bool `pulumi:"hideFromAddressLists"`
+ // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
+ HideFromOutlookClients bool `pulumi:"hideFromOutlookClients"`
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
// The SMTP address for the group.
@@ -164,6 +172,11 @@ func (o LookupGroupResultOutput) AssignableToRole() pulumi.BoolOutput {
return o.ApplyT(func(v LookupGroupResult) bool { return v.AssignableToRole }).(pulumi.BoolOutput)
}
+// Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
+func (o LookupGroupResultOutput) AutoSubscribeNewMembers() pulumi.BoolOutput {
+ return o.ApplyT(func(v LookupGroupResult) bool { return v.AutoSubscribeNewMembers }).(pulumi.BoolOutput)
+}
+
// A list of behaviors for a Microsoft 365 group, such as `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details.
func (o LookupGroupResultOutput) Behaviors() pulumi.StringArrayOutput {
return o.ApplyT(func(v LookupGroupResult) []string { return v.Behaviors }).(pulumi.StringArrayOutput)
@@ -184,6 +197,21 @@ func (o LookupGroupResultOutput) DynamicMemberships() GetGroupDynamicMembershipA
return o.ApplyT(func(v LookupGroupResult) []GetGroupDynamicMembership { return v.DynamicMemberships }).(GetGroupDynamicMembershipArrayOutput)
}
+// Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
+func (o LookupGroupResultOutput) ExternalSendersAllowed() pulumi.BoolOutput {
+ return o.ApplyT(func(v LookupGroupResult) bool { return v.ExternalSendersAllowed }).(pulumi.BoolOutput)
+}
+
+// Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
+func (o LookupGroupResultOutput) HideFromAddressLists() pulumi.BoolOutput {
+ return o.ApplyT(func(v LookupGroupResult) bool { return v.HideFromAddressLists }).(pulumi.BoolOutput)
+}
+
+// Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
+func (o LookupGroupResultOutput) HideFromOutlookClients() pulumi.BoolOutput {
+ return o.ApplyT(func(v LookupGroupResult) bool { return v.HideFromOutlookClients }).(pulumi.BoolOutput)
+}
+
// The provider-assigned unique ID for this managed resource.
func (o LookupGroupResultOutput) Id() pulumi.StringOutput {
return o.ApplyT(func(v LookupGroupResult) string { return v.Id }).(pulumi.StringOutput)
diff --git a/sdk/go/azuread/group.go b/sdk/go/azuread/group.go
index a7ff9242e..f5ad1aee1 100644
--- a/sdk/go/azuread/group.go
+++ b/sdk/go/azuread/group.go
@@ -25,6 +25,8 @@ import (
//
// When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`
//
+// The `externalSendersAllowed`, `autoSubscribeNewMembers`, `hideFromAddressLists` and `hideFromOutlookClients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.
+//
// ## Import
//
// Groups can be imported using their object ID, e.g.
@@ -37,6 +39,8 @@ type Group struct {
// Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
AssignableToRole pulumi.BoolPtrOutput `pulumi:"assignableToRole"`
+ // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ AutoSubscribeNewMembers pulumi.BoolPtrOutput `pulumi:"autoSubscribeNewMembers"`
// A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
Behaviors pulumi.StringArrayOutput `pulumi:"behaviors"`
// The description for the group.
@@ -45,6 +49,12 @@ type Group struct {
DisplayName pulumi.StringOutput `pulumi:"displayName"`
// A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
DynamicMembership GroupDynamicMembershipPtrOutput `pulumi:"dynamicMembership"`
+ // Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ExternalSendersAllowed pulumi.BoolPtrOutput `pulumi:"externalSendersAllowed"`
+ // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ HideFromAddressLists pulumi.BoolPtrOutput `pulumi:"hideFromAddressLists"`
+ // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ HideFromOutlookClients pulumi.BoolPtrOutput `pulumi:"hideFromOutlookClients"`
// The SMTP address for the group.
Mail pulumi.StringOutput `pulumi:"mail"`
// Whether the group is a mail enabled, with a shared group mailbox. At least one of `mailEnabled` or `securityEnabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
@@ -119,6 +129,8 @@ func GetGroup(ctx *pulumi.Context,
type groupState struct {
// Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
AssignableToRole *bool `pulumi:"assignableToRole"`
+ // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ AutoSubscribeNewMembers *bool `pulumi:"autoSubscribeNewMembers"`
// A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
Behaviors []string `pulumi:"behaviors"`
// The description for the group.
@@ -127,6 +139,12 @@ type groupState struct {
DisplayName *string `pulumi:"displayName"`
// A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
DynamicMembership *GroupDynamicMembership `pulumi:"dynamicMembership"`
+ // Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ExternalSendersAllowed *bool `pulumi:"externalSendersAllowed"`
+ // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ HideFromAddressLists *bool `pulumi:"hideFromAddressLists"`
+ // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ HideFromOutlookClients *bool `pulumi:"hideFromOutlookClients"`
// The SMTP address for the group.
Mail *string `pulumi:"mail"`
// Whether the group is a mail enabled, with a shared group mailbox. At least one of `mailEnabled` or `securityEnabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
@@ -170,6 +188,8 @@ type groupState struct {
type GroupState struct {
// Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
AssignableToRole pulumi.BoolPtrInput
+ // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ AutoSubscribeNewMembers pulumi.BoolPtrInput
// A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
Behaviors pulumi.StringArrayInput
// The description for the group.
@@ -178,6 +198,12 @@ type GroupState struct {
DisplayName pulumi.StringPtrInput
// A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
DynamicMembership GroupDynamicMembershipPtrInput
+ // Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ExternalSendersAllowed pulumi.BoolPtrInput
+ // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ HideFromAddressLists pulumi.BoolPtrInput
+ // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ HideFromOutlookClients pulumi.BoolPtrInput
// The SMTP address for the group.
Mail pulumi.StringPtrInput
// Whether the group is a mail enabled, with a shared group mailbox. At least one of `mailEnabled` or `securityEnabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
@@ -225,6 +251,8 @@ func (GroupState) ElementType() reflect.Type {
type groupArgs struct {
// Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
AssignableToRole *bool `pulumi:"assignableToRole"`
+ // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ AutoSubscribeNewMembers *bool `pulumi:"autoSubscribeNewMembers"`
// A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
Behaviors []string `pulumi:"behaviors"`
// The description for the group.
@@ -233,6 +261,12 @@ type groupArgs struct {
DisplayName string `pulumi:"displayName"`
// A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
DynamicMembership *GroupDynamicMembership `pulumi:"dynamicMembership"`
+ // Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ExternalSendersAllowed *bool `pulumi:"externalSendersAllowed"`
+ // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ HideFromAddressLists *bool `pulumi:"hideFromAddressLists"`
+ // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ HideFromOutlookClients *bool `pulumi:"hideFromOutlookClients"`
// Whether the group is a mail enabled, with a shared group mailbox. At least one of `mailEnabled` or `securityEnabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
MailEnabled *bool `pulumi:"mailEnabled"`
// The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created.
@@ -259,6 +293,8 @@ type groupArgs struct {
type GroupArgs struct {
// Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
AssignableToRole pulumi.BoolPtrInput
+ // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ AutoSubscribeNewMembers pulumi.BoolPtrInput
// A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
Behaviors pulumi.StringArrayInput
// The description for the group.
@@ -267,6 +303,12 @@ type GroupArgs struct {
DisplayName pulumi.StringInput
// A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
DynamicMembership GroupDynamicMembershipPtrInput
+ // Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ ExternalSendersAllowed pulumi.BoolPtrInput
+ // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ HideFromAddressLists pulumi.BoolPtrInput
+ // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ HideFromOutlookClients pulumi.BoolPtrInput
// Whether the group is a mail enabled, with a shared group mailbox. At least one of `mailEnabled` or `securityEnabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
MailEnabled pulumi.BoolPtrInput
// The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created.
diff --git a/sdk/nodejs/getGroup.ts b/sdk/nodejs/getGroup.ts
index cae2e7053..eb6c5aee3 100644
--- a/sdk/nodejs/getGroup.ts
+++ b/sdk/nodejs/getGroup.ts
@@ -76,6 +76,10 @@ export interface GetGroupResult {
* Indicates whether this group can be assigned to an Azure Active Directory role.
*/
readonly assignableToRole: boolean;
+ /**
+ * Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
+ */
+ readonly autoSubscribeNewMembers: boolean;
/**
* A list of behaviors for a Microsoft 365 group, such as `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details.
*/
@@ -92,6 +96,18 @@ export interface GetGroupResult {
* A `dynamicMembership` block as documented below.
*/
readonly dynamicMemberships: outputs.GetGroupDynamicMembership[];
+ /**
+ * Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
+ */
+ readonly externalSendersAllowed: boolean;
+ /**
+ * Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
+ */
+ readonly hideFromAddressLists: boolean;
+ /**
+ * Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
+ */
+ readonly hideFromOutlookClients: boolean;
/**
* The provider-assigned unique ID for this managed resource.
*/
diff --git a/sdk/nodejs/group.ts b/sdk/nodejs/group.ts
index 95caf9215..9f95b6bc7 100644
--- a/sdk/nodejs/group.ts
+++ b/sdk/nodejs/group.ts
@@ -20,6 +20,8 @@ import * as utilities from "./utilities";
*
* When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`
*
+ * The `externalSendersAllowed`, `autoSubscribeNewMembers`, `hideFromAddressLists` and `hideFromOutlookClients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.
+ *
* ## Example Usage
*
* *Basic example*
@@ -142,6 +144,10 @@ export class Group extends pulumi.CustomResource {
* Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
*/
public readonly assignableToRole!: pulumi.Output;
+ /**
+ * Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ */
+ public readonly autoSubscribeNewMembers!: pulumi.Output;
/**
* A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
*/
@@ -158,6 +164,18 @@ export class Group extends pulumi.CustomResource {
* A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
*/
public readonly dynamicMembership!: pulumi.Output;
+ /**
+ * Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ */
+ public readonly externalSendersAllowed!: pulumi.Output;
+ /**
+ * Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ */
+ public readonly hideFromAddressLists!: pulumi.Output;
+ /**
+ * Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ */
+ public readonly hideFromOutlookClients!: pulumi.Output;
/**
* The SMTP address for the group.
*/
@@ -249,10 +267,14 @@ export class Group extends pulumi.CustomResource {
if (opts.id) {
const state = argsOrState as GroupState | undefined;
inputs["assignableToRole"] = state ? state.assignableToRole : undefined;
+ inputs["autoSubscribeNewMembers"] = state ? state.autoSubscribeNewMembers : undefined;
inputs["behaviors"] = state ? state.behaviors : undefined;
inputs["description"] = state ? state.description : undefined;
inputs["displayName"] = state ? state.displayName : undefined;
inputs["dynamicMembership"] = state ? state.dynamicMembership : undefined;
+ inputs["externalSendersAllowed"] = state ? state.externalSendersAllowed : undefined;
+ inputs["hideFromAddressLists"] = state ? state.hideFromAddressLists : undefined;
+ inputs["hideFromOutlookClients"] = state ? state.hideFromOutlookClients : undefined;
inputs["mail"] = state ? state.mail : undefined;
inputs["mailEnabled"] = state ? state.mailEnabled : undefined;
inputs["mailNickname"] = state ? state.mailNickname : undefined;
@@ -278,10 +300,14 @@ export class Group extends pulumi.CustomResource {
throw new Error("Missing required property 'displayName'");
}
inputs["assignableToRole"] = args ? args.assignableToRole : undefined;
+ inputs["autoSubscribeNewMembers"] = args ? args.autoSubscribeNewMembers : undefined;
inputs["behaviors"] = args ? args.behaviors : undefined;
inputs["description"] = args ? args.description : undefined;
inputs["displayName"] = args ? args.displayName : undefined;
inputs["dynamicMembership"] = args ? args.dynamicMembership : undefined;
+ inputs["externalSendersAllowed"] = args ? args.externalSendersAllowed : undefined;
+ inputs["hideFromAddressLists"] = args ? args.hideFromAddressLists : undefined;
+ inputs["hideFromOutlookClients"] = args ? args.hideFromOutlookClients : undefined;
inputs["mailEnabled"] = args ? args.mailEnabled : undefined;
inputs["mailNickname"] = args ? args.mailNickname : undefined;
inputs["members"] = args ? args.members : undefined;
@@ -317,6 +343,10 @@ export interface GroupState {
* Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
*/
assignableToRole?: pulumi.Input;
+ /**
+ * Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ */
+ autoSubscribeNewMembers?: pulumi.Input;
/**
* A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
*/
@@ -333,6 +363,18 @@ export interface GroupState {
* A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
*/
dynamicMembership?: pulumi.Input;
+ /**
+ * Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ */
+ externalSendersAllowed?: pulumi.Input;
+ /**
+ * Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ */
+ hideFromAddressLists?: pulumi.Input;
+ /**
+ * Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ */
+ hideFromOutlookClients?: pulumi.Input;
/**
* The SMTP address for the group.
*/
@@ -419,6 +461,10 @@ export interface GroupArgs {
* Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
*/
assignableToRole?: pulumi.Input;
+ /**
+ * Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ */
+ autoSubscribeNewMembers?: pulumi.Input;
/**
* A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
*/
@@ -435,6 +481,18 @@ export interface GroupArgs {
* A `dynamicMembership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
*/
dynamicMembership?: pulumi.Input;
+ /**
+ * Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ */
+ externalSendersAllowed?: pulumi.Input;
+ /**
+ * Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ */
+ hideFromAddressLists?: pulumi.Input;
+ /**
+ * Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ */
+ hideFromOutlookClients?: pulumi.Input;
/**
* Whether the group is a mail enabled, with a shared group mailbox. At least one of `mailEnabled` or `securityEnabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
*/
diff --git a/sdk/python/pulumi_azuread/get_group.py b/sdk/python/pulumi_azuread/get_group.py
index 37956a887..4c98bfbdf 100644
--- a/sdk/python/pulumi_azuread/get_group.py
+++ b/sdk/python/pulumi_azuread/get_group.py
@@ -21,10 +21,13 @@ class GetGroupResult:
"""
A collection of values returned by getGroup.
"""
- def __init__(__self__, assignable_to_role=None, behaviors=None, description=None, display_name=None, dynamic_memberships=None, id=None, mail=None, mail_enabled=None, mail_nickname=None, members=None, object_id=None, onpremises_domain_name=None, onpremises_netbios_name=None, onpremises_sam_account_name=None, onpremises_security_identifier=None, onpremises_sync_enabled=None, owners=None, preferred_language=None, provisioning_options=None, proxy_addresses=None, security_enabled=None, theme=None, types=None, visibility=None):
+ def __init__(__self__, assignable_to_role=None, auto_subscribe_new_members=None, behaviors=None, description=None, display_name=None, dynamic_memberships=None, external_senders_allowed=None, hide_from_address_lists=None, hide_from_outlook_clients=None, id=None, mail=None, mail_enabled=None, mail_nickname=None, members=None, object_id=None, onpremises_domain_name=None, onpremises_netbios_name=None, onpremises_sam_account_name=None, onpremises_security_identifier=None, onpremises_sync_enabled=None, owners=None, preferred_language=None, provisioning_options=None, proxy_addresses=None, security_enabled=None, theme=None, types=None, visibility=None):
if assignable_to_role and not isinstance(assignable_to_role, bool):
raise TypeError("Expected argument 'assignable_to_role' to be a bool")
pulumi.set(__self__, "assignable_to_role", assignable_to_role)
+ if auto_subscribe_new_members and not isinstance(auto_subscribe_new_members, bool):
+ raise TypeError("Expected argument 'auto_subscribe_new_members' to be a bool")
+ pulumi.set(__self__, "auto_subscribe_new_members", auto_subscribe_new_members)
if behaviors and not isinstance(behaviors, list):
raise TypeError("Expected argument 'behaviors' to be a list")
pulumi.set(__self__, "behaviors", behaviors)
@@ -37,6 +40,15 @@ def __init__(__self__, assignable_to_role=None, behaviors=None, description=None
if dynamic_memberships and not isinstance(dynamic_memberships, list):
raise TypeError("Expected argument 'dynamic_memberships' to be a list")
pulumi.set(__self__, "dynamic_memberships", dynamic_memberships)
+ if external_senders_allowed and not isinstance(external_senders_allowed, bool):
+ raise TypeError("Expected argument 'external_senders_allowed' to be a bool")
+ pulumi.set(__self__, "external_senders_allowed", external_senders_allowed)
+ if hide_from_address_lists and not isinstance(hide_from_address_lists, bool):
+ raise TypeError("Expected argument 'hide_from_address_lists' to be a bool")
+ pulumi.set(__self__, "hide_from_address_lists", hide_from_address_lists)
+ if hide_from_outlook_clients and not isinstance(hide_from_outlook_clients, bool):
+ raise TypeError("Expected argument 'hide_from_outlook_clients' to be a bool")
+ pulumi.set(__self__, "hide_from_outlook_clients", hide_from_outlook_clients)
if id and not isinstance(id, str):
raise TypeError("Expected argument 'id' to be a str")
pulumi.set(__self__, "id", id)
@@ -103,6 +115,14 @@ def assignable_to_role(self) -> bool:
"""
return pulumi.get(self, "assignable_to_role")
+ @property
+ @pulumi.getter(name="autoSubscribeNewMembers")
+ def auto_subscribe_new_members(self) -> bool:
+ """
+ Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
+ """
+ return pulumi.get(self, "auto_subscribe_new_members")
+
@property
@pulumi.getter
def behaviors(self) -> Sequence[str]:
@@ -135,6 +155,30 @@ def dynamic_memberships(self) -> Sequence['outputs.GetGroupDynamicMembershipResu
"""
return pulumi.get(self, "dynamic_memberships")
+ @property
+ @pulumi.getter(name="externalSendersAllowed")
+ def external_senders_allowed(self) -> bool:
+ """
+ Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
+ """
+ return pulumi.get(self, "external_senders_allowed")
+
+ @property
+ @pulumi.getter(name="hideFromAddressLists")
+ def hide_from_address_lists(self) -> bool:
+ """
+ Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_address_lists")
+
+ @property
+ @pulumi.getter(name="hideFromOutlookClients")
+ def hide_from_outlook_clients(self) -> bool:
+ """
+ Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_outlook_clients")
+
@property
@pulumi.getter
def id(self) -> str:
@@ -295,10 +339,14 @@ def __await__(self):
yield self
return GetGroupResult(
assignable_to_role=self.assignable_to_role,
+ auto_subscribe_new_members=self.auto_subscribe_new_members,
behaviors=self.behaviors,
description=self.description,
display_name=self.display_name,
dynamic_memberships=self.dynamic_memberships,
+ external_senders_allowed=self.external_senders_allowed,
+ hide_from_address_lists=self.hide_from_address_lists,
+ hide_from_outlook_clients=self.hide_from_outlook_clients,
id=self.id,
mail=self.mail,
mail_enabled=self.mail_enabled,
@@ -366,10 +414,14 @@ def get_group(display_name: Optional[str] = None,
return AwaitableGetGroupResult(
assignable_to_role=__ret__.assignable_to_role,
+ auto_subscribe_new_members=__ret__.auto_subscribe_new_members,
behaviors=__ret__.behaviors,
description=__ret__.description,
display_name=__ret__.display_name,
dynamic_memberships=__ret__.dynamic_memberships,
+ external_senders_allowed=__ret__.external_senders_allowed,
+ hide_from_address_lists=__ret__.hide_from_address_lists,
+ hide_from_outlook_clients=__ret__.hide_from_outlook_clients,
id=__ret__.id,
mail=__ret__.mail,
mail_enabled=__ret__.mail_enabled,
diff --git a/sdk/python/pulumi_azuread/group.py b/sdk/python/pulumi_azuread/group.py
index 634db9a72..55c88abf5 100644
--- a/sdk/python/pulumi_azuread/group.py
+++ b/sdk/python/pulumi_azuread/group.py
@@ -17,9 +17,13 @@ class GroupArgs:
def __init__(__self__, *,
display_name: pulumi.Input[str],
assignable_to_role: Optional[pulumi.Input[bool]] = None,
+ auto_subscribe_new_members: Optional[pulumi.Input[bool]] = None,
behaviors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
description: Optional[pulumi.Input[str]] = None,
dynamic_membership: Optional[pulumi.Input['GroupDynamicMembershipArgs']] = None,
+ external_senders_allowed: Optional[pulumi.Input[bool]] = None,
+ hide_from_address_lists: Optional[pulumi.Input[bool]] = None,
+ hide_from_outlook_clients: Optional[pulumi.Input[bool]] = None,
mail_enabled: Optional[pulumi.Input[bool]] = None,
mail_nickname: Optional[pulumi.Input[str]] = None,
members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
@@ -34,9 +38,13 @@ def __init__(__self__, *,
The set of arguments for constructing a Group resource.
:param pulumi.Input[str] display_name: The display name for the group.
:param pulumi.Input[bool] assignable_to_role: Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
+ :param pulumi.Input[bool] auto_subscribe_new_members: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
:param pulumi.Input[Sequence[pulumi.Input[str]]] behaviors: A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
:param pulumi.Input[str] description: The description for the group.
:param pulumi.Input['GroupDynamicMembershipArgs'] dynamic_membership: A `dynamic_membership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
+ :param pulumi.Input[bool] external_senders_allowed: Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_address_lists: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_outlook_clients: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
:param pulumi.Input[bool] mail_enabled: Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
:param pulumi.Input[str] mail_nickname: The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created.
:param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamic_membership` block.
@@ -51,12 +59,20 @@ def __init__(__self__, *,
pulumi.set(__self__, "display_name", display_name)
if assignable_to_role is not None:
pulumi.set(__self__, "assignable_to_role", assignable_to_role)
+ if auto_subscribe_new_members is not None:
+ pulumi.set(__self__, "auto_subscribe_new_members", auto_subscribe_new_members)
if behaviors is not None:
pulumi.set(__self__, "behaviors", behaviors)
if description is not None:
pulumi.set(__self__, "description", description)
if dynamic_membership is not None:
pulumi.set(__self__, "dynamic_membership", dynamic_membership)
+ if external_senders_allowed is not None:
+ pulumi.set(__self__, "external_senders_allowed", external_senders_allowed)
+ if hide_from_address_lists is not None:
+ pulumi.set(__self__, "hide_from_address_lists", hide_from_address_lists)
+ if hide_from_outlook_clients is not None:
+ pulumi.set(__self__, "hide_from_outlook_clients", hide_from_outlook_clients)
if mail_enabled is not None:
pulumi.set(__self__, "mail_enabled", mail_enabled)
if mail_nickname is not None:
@@ -102,6 +118,18 @@ def assignable_to_role(self) -> Optional[pulumi.Input[bool]]:
def assignable_to_role(self, value: Optional[pulumi.Input[bool]]):
pulumi.set(self, "assignable_to_role", value)
+ @property
+ @pulumi.getter(name="autoSubscribeNewMembers")
+ def auto_subscribe_new_members(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "auto_subscribe_new_members")
+
+ @auto_subscribe_new_members.setter
+ def auto_subscribe_new_members(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "auto_subscribe_new_members", value)
+
@property
@pulumi.getter
def behaviors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
@@ -138,6 +166,42 @@ def dynamic_membership(self) -> Optional[pulumi.Input['GroupDynamicMembershipArg
def dynamic_membership(self, value: Optional[pulumi.Input['GroupDynamicMembershipArgs']]):
pulumi.set(self, "dynamic_membership", value)
+ @property
+ @pulumi.getter(name="externalSendersAllowed")
+ def external_senders_allowed(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "external_senders_allowed")
+
+ @external_senders_allowed.setter
+ def external_senders_allowed(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "external_senders_allowed", value)
+
+ @property
+ @pulumi.getter(name="hideFromAddressLists")
+ def hide_from_address_lists(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_address_lists")
+
+ @hide_from_address_lists.setter
+ def hide_from_address_lists(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "hide_from_address_lists", value)
+
+ @property
+ @pulumi.getter(name="hideFromOutlookClients")
+ def hide_from_outlook_clients(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_outlook_clients")
+
+ @hide_from_outlook_clients.setter
+ def hide_from_outlook_clients(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "hide_from_outlook_clients", value)
+
@property
@pulumi.getter(name="mailEnabled")
def mail_enabled(self) -> Optional[pulumi.Input[bool]]:
@@ -263,10 +327,14 @@ def visibility(self, value: Optional[pulumi.Input[str]]):
class _GroupState:
def __init__(__self__, *,
assignable_to_role: Optional[pulumi.Input[bool]] = None,
+ auto_subscribe_new_members: Optional[pulumi.Input[bool]] = None,
behaviors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
description: Optional[pulumi.Input[str]] = None,
display_name: Optional[pulumi.Input[str]] = None,
dynamic_membership: Optional[pulumi.Input['GroupDynamicMembershipArgs']] = None,
+ external_senders_allowed: Optional[pulumi.Input[bool]] = None,
+ hide_from_address_lists: Optional[pulumi.Input[bool]] = None,
+ hide_from_outlook_clients: Optional[pulumi.Input[bool]] = None,
mail: Optional[pulumi.Input[str]] = None,
mail_enabled: Optional[pulumi.Input[bool]] = None,
mail_nickname: Optional[pulumi.Input[str]] = None,
@@ -289,10 +357,14 @@ def __init__(__self__, *,
"""
Input properties used for looking up and filtering Group resources.
:param pulumi.Input[bool] assignable_to_role: Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
+ :param pulumi.Input[bool] auto_subscribe_new_members: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
:param pulumi.Input[Sequence[pulumi.Input[str]]] behaviors: A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
:param pulumi.Input[str] description: The description for the group.
:param pulumi.Input[str] display_name: The display name for the group.
:param pulumi.Input['GroupDynamicMembershipArgs'] dynamic_membership: A `dynamic_membership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
+ :param pulumi.Input[bool] external_senders_allowed: Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_address_lists: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_outlook_clients: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
:param pulumi.Input[str] mail: The SMTP address for the group.
:param pulumi.Input[bool] mail_enabled: Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
:param pulumi.Input[str] mail_nickname: The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created.
@@ -315,6 +387,8 @@ def __init__(__self__, *,
"""
if assignable_to_role is not None:
pulumi.set(__self__, "assignable_to_role", assignable_to_role)
+ if auto_subscribe_new_members is not None:
+ pulumi.set(__self__, "auto_subscribe_new_members", auto_subscribe_new_members)
if behaviors is not None:
pulumi.set(__self__, "behaviors", behaviors)
if description is not None:
@@ -323,6 +397,12 @@ def __init__(__self__, *,
pulumi.set(__self__, "display_name", display_name)
if dynamic_membership is not None:
pulumi.set(__self__, "dynamic_membership", dynamic_membership)
+ if external_senders_allowed is not None:
+ pulumi.set(__self__, "external_senders_allowed", external_senders_allowed)
+ if hide_from_address_lists is not None:
+ pulumi.set(__self__, "hide_from_address_lists", hide_from_address_lists)
+ if hide_from_outlook_clients is not None:
+ pulumi.set(__self__, "hide_from_outlook_clients", hide_from_outlook_clients)
if mail is not None:
pulumi.set(__self__, "mail", mail)
if mail_enabled is not None:
@@ -374,6 +454,18 @@ def assignable_to_role(self) -> Optional[pulumi.Input[bool]]:
def assignable_to_role(self, value: Optional[pulumi.Input[bool]]):
pulumi.set(self, "assignable_to_role", value)
+ @property
+ @pulumi.getter(name="autoSubscribeNewMembers")
+ def auto_subscribe_new_members(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "auto_subscribe_new_members")
+
+ @auto_subscribe_new_members.setter
+ def auto_subscribe_new_members(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "auto_subscribe_new_members", value)
+
@property
@pulumi.getter
def behaviors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
@@ -422,6 +514,42 @@ def dynamic_membership(self) -> Optional[pulumi.Input['GroupDynamicMembershipArg
def dynamic_membership(self, value: Optional[pulumi.Input['GroupDynamicMembershipArgs']]):
pulumi.set(self, "dynamic_membership", value)
+ @property
+ @pulumi.getter(name="externalSendersAllowed")
+ def external_senders_allowed(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "external_senders_allowed")
+
+ @external_senders_allowed.setter
+ def external_senders_allowed(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "external_senders_allowed", value)
+
+ @property
+ @pulumi.getter(name="hideFromAddressLists")
+ def hide_from_address_lists(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_address_lists")
+
+ @hide_from_address_lists.setter
+ def hide_from_address_lists(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "hide_from_address_lists", value)
+
+ @property
+ @pulumi.getter(name="hideFromOutlookClients")
+ def hide_from_outlook_clients(self) -> Optional[pulumi.Input[bool]]:
+ """
+ Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_outlook_clients")
+
+ @hide_from_outlook_clients.setter
+ def hide_from_outlook_clients(self, value: Optional[pulumi.Input[bool]]):
+ pulumi.set(self, "hide_from_outlook_clients", value)
+
@property
@pulumi.getter
def mail(self) -> Optional[pulumi.Input[str]]:
@@ -657,10 +785,14 @@ def __init__(__self__,
resource_name: str,
opts: Optional[pulumi.ResourceOptions] = None,
assignable_to_role: Optional[pulumi.Input[bool]] = None,
+ auto_subscribe_new_members: Optional[pulumi.Input[bool]] = None,
behaviors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
description: Optional[pulumi.Input[str]] = None,
display_name: Optional[pulumi.Input[str]] = None,
dynamic_membership: Optional[pulumi.Input[pulumi.InputType['GroupDynamicMembershipArgs']]] = None,
+ external_senders_allowed: Optional[pulumi.Input[bool]] = None,
+ hide_from_address_lists: Optional[pulumi.Input[bool]] = None,
+ hide_from_outlook_clients: Optional[pulumi.Input[bool]] = None,
mail_enabled: Optional[pulumi.Input[bool]] = None,
mail_nickname: Optional[pulumi.Input[str]] = None,
members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
@@ -687,6 +819,8 @@ def __init__(__self__,
When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`
+ The `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.
+
## Import
Groups can be imported using their object ID, e.g.
@@ -698,10 +832,14 @@ def __init__(__self__,
:param str resource_name: The name of the resource.
:param pulumi.ResourceOptions opts: Options for the resource.
:param pulumi.Input[bool] assignable_to_role: Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
+ :param pulumi.Input[bool] auto_subscribe_new_members: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
:param pulumi.Input[Sequence[pulumi.Input[str]]] behaviors: A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
:param pulumi.Input[str] description: The description for the group.
:param pulumi.Input[str] display_name: The display name for the group.
:param pulumi.Input[pulumi.InputType['GroupDynamicMembershipArgs']] dynamic_membership: A `dynamic_membership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
+ :param pulumi.Input[bool] external_senders_allowed: Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_address_lists: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_outlook_clients: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
:param pulumi.Input[bool] mail_enabled: Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
:param pulumi.Input[str] mail_nickname: The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created.
:param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the `dynamic_membership` block.
@@ -734,6 +872,8 @@ def __init__(__self__,
When authenticated with a user principal, this resource requires one of the following directory roles: `Groups Administrator`, `User Administrator` or `Global Administrator`
+ The `external_senders_allowed`, `auto_subscribe_new_members`, `hide_from_address_lists` and `hide_from_outlook_clients` properties can only be configured when authenticating as a user and cannot be configured when authenticating as a service principal. Additionally, the user being used for authentication must be a Member of the tenant where the group is being managed and _not_ a Guest. This is a known API issue; please see the [Microsoft Graph Known Issues](https://docs.microsoft.com/en-us/graph/known-issues#groups) official documentation.
+
## Import
Groups can be imported using their object ID, e.g.
@@ -758,10 +898,14 @@ def _internal_init(__self__,
resource_name: str,
opts: Optional[pulumi.ResourceOptions] = None,
assignable_to_role: Optional[pulumi.Input[bool]] = None,
+ auto_subscribe_new_members: Optional[pulumi.Input[bool]] = None,
behaviors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
description: Optional[pulumi.Input[str]] = None,
display_name: Optional[pulumi.Input[str]] = None,
dynamic_membership: Optional[pulumi.Input[pulumi.InputType['GroupDynamicMembershipArgs']]] = None,
+ external_senders_allowed: Optional[pulumi.Input[bool]] = None,
+ hide_from_address_lists: Optional[pulumi.Input[bool]] = None,
+ hide_from_outlook_clients: Optional[pulumi.Input[bool]] = None,
mail_enabled: Optional[pulumi.Input[bool]] = None,
mail_nickname: Optional[pulumi.Input[str]] = None,
members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
@@ -785,12 +929,16 @@ def _internal_init(__self__,
__props__ = GroupArgs.__new__(GroupArgs)
__props__.__dict__["assignable_to_role"] = assignable_to_role
+ __props__.__dict__["auto_subscribe_new_members"] = auto_subscribe_new_members
__props__.__dict__["behaviors"] = behaviors
__props__.__dict__["description"] = description
if display_name is None and not opts.urn:
raise TypeError("Missing required property 'display_name'")
__props__.__dict__["display_name"] = display_name
__props__.__dict__["dynamic_membership"] = dynamic_membership
+ __props__.__dict__["external_senders_allowed"] = external_senders_allowed
+ __props__.__dict__["hide_from_address_lists"] = hide_from_address_lists
+ __props__.__dict__["hide_from_outlook_clients"] = hide_from_outlook_clients
__props__.__dict__["mail_enabled"] = mail_enabled
__props__.__dict__["mail_nickname"] = mail_nickname
__props__.__dict__["members"] = members
@@ -821,10 +969,14 @@ def get(resource_name: str,
id: pulumi.Input[str],
opts: Optional[pulumi.ResourceOptions] = None,
assignable_to_role: Optional[pulumi.Input[bool]] = None,
+ auto_subscribe_new_members: Optional[pulumi.Input[bool]] = None,
behaviors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
description: Optional[pulumi.Input[str]] = None,
display_name: Optional[pulumi.Input[str]] = None,
dynamic_membership: Optional[pulumi.Input[pulumi.InputType['GroupDynamicMembershipArgs']]] = None,
+ external_senders_allowed: Optional[pulumi.Input[bool]] = None,
+ hide_from_address_lists: Optional[pulumi.Input[bool]] = None,
+ hide_from_outlook_clients: Optional[pulumi.Input[bool]] = None,
mail: Optional[pulumi.Input[str]] = None,
mail_enabled: Optional[pulumi.Input[bool]] = None,
mail_nickname: Optional[pulumi.Input[str]] = None,
@@ -852,10 +1004,14 @@ def get(resource_name: str,
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
:param pulumi.ResourceOptions opts: Options for the resource.
:param pulumi.Input[bool] assignable_to_role: Indicates whether this group can be assigned to an Azure Active Directory role. Can only be `true` for security-enabled groups. Changing this forces a new resource to be created.
+ :param pulumi.Input[bool] auto_subscribe_new_members: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
:param pulumi.Input[Sequence[pulumi.Input[str]]] behaviors: A set of behaviors for a Microsoft 365 group. Possible values are `AllowOnlyMembersToPost`, `HideGroupInOutlook`, `SubscribeNewGroupMembers` and `WelcomeEmailDisabled`. See [official documentation](https://docs.microsoft.com/en-us/graph/group-set-options) for more details. Changing this forces a new resource to be created.
:param pulumi.Input[str] description: The description for the group.
:param pulumi.Input[str] display_name: The display name for the group.
:param pulumi.Input[pulumi.InputType['GroupDynamicMembershipArgs']] dynamic_membership: A `dynamic_membership` block as documented below. Required when `types` contains `DynamicMembership`. Cannot be used with the `members` property.
+ :param pulumi.Input[bool] external_senders_allowed: Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_address_lists: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ :param pulumi.Input[bool] hide_from_outlook_clients: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
:param pulumi.Input[str] mail: The SMTP address for the group.
:param pulumi.Input[bool] mail_enabled: Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. Only Microsoft 365 groups can be mail enabled (see the `types` property).
:param pulumi.Input[str] mail_nickname: The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created.
@@ -881,10 +1037,14 @@ def get(resource_name: str,
__props__ = _GroupState.__new__(_GroupState)
__props__.__dict__["assignable_to_role"] = assignable_to_role
+ __props__.__dict__["auto_subscribe_new_members"] = auto_subscribe_new_members
__props__.__dict__["behaviors"] = behaviors
__props__.__dict__["description"] = description
__props__.__dict__["display_name"] = display_name
__props__.__dict__["dynamic_membership"] = dynamic_membership
+ __props__.__dict__["external_senders_allowed"] = external_senders_allowed
+ __props__.__dict__["hide_from_address_lists"] = hide_from_address_lists
+ __props__.__dict__["hide_from_outlook_clients"] = hide_from_outlook_clients
__props__.__dict__["mail"] = mail
__props__.__dict__["mail_enabled"] = mail_enabled
__props__.__dict__["mail_nickname"] = mail_nickname
@@ -914,6 +1074,14 @@ def assignable_to_role(self) -> pulumi.Output[Optional[bool]]:
"""
return pulumi.get(self, "assignable_to_role")
+ @property
+ @pulumi.getter(name="autoSubscribeNewMembers")
+ def auto_subscribe_new_members(self) -> pulumi.Output[Optional[bool]]:
+ """
+ Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "auto_subscribe_new_members")
+
@property
@pulumi.getter
def behaviors(self) -> pulumi.Output[Optional[Sequence[str]]]:
@@ -946,6 +1114,30 @@ def dynamic_membership(self) -> pulumi.Output[Optional['outputs.GroupDynamicMemb
"""
return pulumi.get(self, "dynamic_membership")
+ @property
+ @pulumi.getter(name="externalSendersAllowed")
+ def external_senders_allowed(self) -> pulumi.Output[Optional[bool]]:
+ """
+ Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "external_senders_allowed")
+
+ @property
+ @pulumi.getter(name="hideFromAddressLists")
+ def hide_from_address_lists(self) -> pulumi.Output[Optional[bool]]:
+ """
+ Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_address_lists")
+
+ @property
+ @pulumi.getter(name="hideFromOutlookClients")
+ def hide_from_outlook_clients(self) -> pulumi.Output[Optional[bool]]:
+ """
+ Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups.
+ """
+ return pulumi.get(self, "hide_from_outlook_clients")
+
@property
@pulumi.getter
def mail(self) -> pulumi.Output[str]: