azure-native.authorization.ScopeAccessReviewScheduleDefinitionById
Explore with Pulumi AI
Access Review Schedule Definition. API Version: 2021-12-01-preview.
Example Usage
PutAccessReview
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var scopeAccessReviewScheduleDefinitionById = new AzureNative.Authorization.ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionById", new()
{
ScheduleDefinitionId = "fa73e90b-5bf1-45fd-a182-35ce5fc0674d",
Scope = "subscriptions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d",
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewScopeAccessReviewScheduleDefinitionById(ctx, "scopeAccessReviewScheduleDefinitionById", &authorization.ScopeAccessReviewScheduleDefinitionByIdArgs{
ScheduleDefinitionId: pulumi.String("fa73e90b-5bf1-45fd-a182-35ce5fc0674d"),
Scope: pulumi.String("subscriptions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.ScopeAccessReviewScheduleDefinitionById;
import com.pulumi.azurenative.authorization.ScopeAccessReviewScheduleDefinitionByIdArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var scopeAccessReviewScheduleDefinitionById = new ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionById", ScopeAccessReviewScheduleDefinitionByIdArgs.builder()
.scheduleDefinitionId("fa73e90b-5bf1-45fd-a182-35ce5fc0674d")
.scope("subscriptions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
scope_access_review_schedule_definition_by_id = azure_native.authorization.ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionById",
schedule_definition_id="fa73e90b-5bf1-45fd-a182-35ce5fc0674d",
scope="subscriptions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const scopeAccessReviewScheduleDefinitionById = new azure_native.authorization.ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionById", {
scheduleDefinitionId: "fa73e90b-5bf1-45fd-a182-35ce5fc0674d",
scope: "subscriptions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d",
});
resources:
scopeAccessReviewScheduleDefinitionById:
type: azure-native:authorization:ScopeAccessReviewScheduleDefinitionById
properties:
scheduleDefinitionId: fa73e90b-5bf1-45fd-a182-35ce5fc0674d
scope: subscriptions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d
Create ScopeAccessReviewScheduleDefinitionById Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ScopeAccessReviewScheduleDefinitionById(name: string, args: ScopeAccessReviewScheduleDefinitionByIdArgs, opts?: CustomResourceOptions);
@overload
def ScopeAccessReviewScheduleDefinitionById(resource_name: str,
args: ScopeAccessReviewScheduleDefinitionByIdArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ScopeAccessReviewScheduleDefinitionById(resource_name: str,
opts: Optional[ResourceOptions] = None,
scope: Optional[str] = None,
instance_duration_in_days: Optional[int] = None,
type: Optional[Union[str, AccessReviewRecurrenceRangeType]] = None,
include_inherited_access: Optional[bool] = None,
description_for_admins: Optional[str] = None,
description_for_reviewers: Optional[str] = None,
display_name: Optional[str] = None,
end_date: Optional[str] = None,
exclude_resource_id: Optional[str] = None,
exclude_role_definition_id: Optional[str] = None,
expand_nested_memberships: Optional[bool] = None,
inactive_duration: Optional[str] = None,
include_access_below_resource: Optional[bool] = None,
default_decision_enabled: Optional[bool] = None,
default_decision: Optional[Union[str, DefaultDecisionType]] = None,
reminder_notifications_enabled: Optional[bool] = None,
interval: Optional[int] = None,
justification_required_on_approval: Optional[bool] = None,
mail_notifications_enabled: Optional[bool] = None,
number_of_occurrences: Optional[int] = None,
recommendation_look_back_duration: Optional[str] = None,
recommendations_enabled: Optional[bool] = None,
instances: Optional[Sequence[AccessReviewInstanceArgs]] = None,
reviewers: Optional[Sequence[AccessReviewReviewerArgs]] = None,
schedule_definition_id: Optional[str] = None,
backup_reviewers: Optional[Sequence[AccessReviewReviewerArgs]] = None,
start_date: Optional[str] = None,
auto_apply_decisions_enabled: Optional[bool] = None)
func NewScopeAccessReviewScheduleDefinitionById(ctx *Context, name string, args ScopeAccessReviewScheduleDefinitionByIdArgs, opts ...ResourceOption) (*ScopeAccessReviewScheduleDefinitionById, error)
public ScopeAccessReviewScheduleDefinitionById(string name, ScopeAccessReviewScheduleDefinitionByIdArgs args, CustomResourceOptions? opts = null)
public ScopeAccessReviewScheduleDefinitionById(String name, ScopeAccessReviewScheduleDefinitionByIdArgs args)
public ScopeAccessReviewScheduleDefinitionById(String name, ScopeAccessReviewScheduleDefinitionByIdArgs args, CustomResourceOptions options)
type: azure-native:authorization:ScopeAccessReviewScheduleDefinitionById
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ScopeAccessReviewScheduleDefinitionByIdArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ScopeAccessReviewScheduleDefinitionByIdArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ScopeAccessReviewScheduleDefinitionByIdArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ScopeAccessReviewScheduleDefinitionByIdArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ScopeAccessReviewScheduleDefinitionByIdArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var scopeAccessReviewScheduleDefinitionByIdResource = new AzureNative.Authorization.ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionByIdResource", new()
{
Scope = "string",
InstanceDurationInDays = 0,
Type = "string",
IncludeInheritedAccess = false,
DescriptionForAdmins = "string",
DescriptionForReviewers = "string",
DisplayName = "string",
EndDate = "string",
ExcludeResourceId = "string",
ExcludeRoleDefinitionId = "string",
ExpandNestedMemberships = false,
InactiveDuration = "string",
IncludeAccessBelowResource = false,
DefaultDecisionEnabled = false,
DefaultDecision = "string",
ReminderNotificationsEnabled = false,
Interval = 0,
JustificationRequiredOnApproval = false,
MailNotificationsEnabled = false,
NumberOfOccurrences = 0,
RecommendationLookBackDuration = "string",
RecommendationsEnabled = false,
Instances = new[]
{
{
{ "backupReviewers", new[]
{
{
{ "principalId", "string" },
},
} },
{ "endDateTime", "string" },
{ "reviewers", new[]
{
{
{ "principalId", "string" },
},
} },
{ "startDateTime", "string" },
},
},
Reviewers = new[]
{
{
{ "principalId", "string" },
},
},
ScheduleDefinitionId = "string",
BackupReviewers = new[]
{
{
{ "principalId", "string" },
},
},
StartDate = "string",
AutoApplyDecisionsEnabled = false,
});
example, err := authorization.NewScopeAccessReviewScheduleDefinitionById(ctx, "scopeAccessReviewScheduleDefinitionByIdResource", &authorization.ScopeAccessReviewScheduleDefinitionByIdArgs{
Scope: "string",
InstanceDurationInDays: 0,
Type: "string",
IncludeInheritedAccess: false,
DescriptionForAdmins: "string",
DescriptionForReviewers: "string",
DisplayName: "string",
EndDate: "string",
ExcludeResourceId: "string",
ExcludeRoleDefinitionId: "string",
ExpandNestedMemberships: false,
InactiveDuration: "string",
IncludeAccessBelowResource: false,
DefaultDecisionEnabled: false,
DefaultDecision: "string",
ReminderNotificationsEnabled: false,
Interval: 0,
JustificationRequiredOnApproval: false,
MailNotificationsEnabled: false,
NumberOfOccurrences: 0,
RecommendationLookBackDuration: "string",
RecommendationsEnabled: false,
Instances: []map[string]interface{}{
map[string]interface{}{
"backupReviewers": []map[string]interface{}{
map[string]interface{}{
"principalId": "string",
},
},
"endDateTime": "string",
"reviewers": []map[string]interface{}{
map[string]interface{}{
"principalId": "string",
},
},
"startDateTime": "string",
},
},
Reviewers: []map[string]interface{}{
map[string]interface{}{
"principalId": "string",
},
},
ScheduleDefinitionId: "string",
BackupReviewers: []map[string]interface{}{
map[string]interface{}{
"principalId": "string",
},
},
StartDate: "string",
AutoApplyDecisionsEnabled: false,
})
var scopeAccessReviewScheduleDefinitionByIdResource = new ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionByIdResource", ScopeAccessReviewScheduleDefinitionByIdArgs.builder()
.scope("string")
.instanceDurationInDays(0)
.type("string")
.includeInheritedAccess(false)
.descriptionForAdmins("string")
.descriptionForReviewers("string")
.displayName("string")
.endDate("string")
.excludeResourceId("string")
.excludeRoleDefinitionId("string")
.expandNestedMemberships(false)
.inactiveDuration("string")
.includeAccessBelowResource(false)
.defaultDecisionEnabled(false)
.defaultDecision("string")
.reminderNotificationsEnabled(false)
.interval(0)
.justificationRequiredOnApproval(false)
.mailNotificationsEnabled(false)
.numberOfOccurrences(0)
.recommendationLookBackDuration("string")
.recommendationsEnabled(false)
.instances(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.reviewers(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.scheduleDefinitionId("string")
.backupReviewers(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.startDate("string")
.autoApplyDecisionsEnabled(false)
.build());
scope_access_review_schedule_definition_by_id_resource = azure_native.authorization.ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionByIdResource",
scope=string,
instance_duration_in_days=0,
type=string,
include_inherited_access=False,
description_for_admins=string,
description_for_reviewers=string,
display_name=string,
end_date=string,
exclude_resource_id=string,
exclude_role_definition_id=string,
expand_nested_memberships=False,
inactive_duration=string,
include_access_below_resource=False,
default_decision_enabled=False,
default_decision=string,
reminder_notifications_enabled=False,
interval=0,
justification_required_on_approval=False,
mail_notifications_enabled=False,
number_of_occurrences=0,
recommendation_look_back_duration=string,
recommendations_enabled=False,
instances=[{
backupReviewers: [{
principalId: string,
}],
endDateTime: string,
reviewers: [{
principalId: string,
}],
startDateTime: string,
}],
reviewers=[{
principalId: string,
}],
schedule_definition_id=string,
backup_reviewers=[{
principalId: string,
}],
start_date=string,
auto_apply_decisions_enabled=False)
const scopeAccessReviewScheduleDefinitionByIdResource = new azure_native.authorization.ScopeAccessReviewScheduleDefinitionById("scopeAccessReviewScheduleDefinitionByIdResource", {
scope: "string",
instanceDurationInDays: 0,
type: "string",
includeInheritedAccess: false,
descriptionForAdmins: "string",
descriptionForReviewers: "string",
displayName: "string",
endDate: "string",
excludeResourceId: "string",
excludeRoleDefinitionId: "string",
expandNestedMemberships: false,
inactiveDuration: "string",
includeAccessBelowResource: false,
defaultDecisionEnabled: false,
defaultDecision: "string",
reminderNotificationsEnabled: false,
interval: 0,
justificationRequiredOnApproval: false,
mailNotificationsEnabled: false,
numberOfOccurrences: 0,
recommendationLookBackDuration: "string",
recommendationsEnabled: false,
instances: [{
backupReviewers: [{
principalId: "string",
}],
endDateTime: "string",
reviewers: [{
principalId: "string",
}],
startDateTime: "string",
}],
reviewers: [{
principalId: "string",
}],
scheduleDefinitionId: "string",
backupReviewers: [{
principalId: "string",
}],
startDate: "string",
autoApplyDecisionsEnabled: false,
});
type: azure-native:authorization:ScopeAccessReviewScheduleDefinitionById
properties:
autoApplyDecisionsEnabled: false
backupReviewers:
- principalId: string
defaultDecision: string
defaultDecisionEnabled: false
descriptionForAdmins: string
descriptionForReviewers: string
displayName: string
endDate: string
excludeResourceId: string
excludeRoleDefinitionId: string
expandNestedMemberships: false
inactiveDuration: string
includeAccessBelowResource: false
includeInheritedAccess: false
instanceDurationInDays: 0
instances:
- backupReviewers:
- principalId: string
endDateTime: string
reviewers:
- principalId: string
startDateTime: string
interval: 0
justificationRequiredOnApproval: false
mailNotificationsEnabled: false
numberOfOccurrences: 0
recommendationLookBackDuration: string
recommendationsEnabled: false
reminderNotificationsEnabled: false
reviewers:
- principalId: string
scheduleDefinitionId: string
scope: string
startDate: string
type: string
ScopeAccessReviewScheduleDefinitionById Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ScopeAccessReviewScheduleDefinitionById resource accepts the following input properties:
- Scope string
- The scope of the resource.
- Auto
Apply boolDecisions Enabled - Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
- Backup
Reviewers List<Pulumi.Azure Native. Authorization. Inputs. Access Review Reviewer> - This is the collection of backup reviewers.
- Default
Decision string | Pulumi.Azure Native. Authorization. Default Decision Type - This specifies the behavior for the autoReview feature when an access review completes.
- Default
Decision boolEnabled - Flag to indicate whether reviewers are required to provide a justification when reviewing access.
- Description
For stringAdmins - The description provided by the access review creator and visible to admins.
- Description
For stringReviewers - The description provided by the access review creator to be shown to reviewers.
- Display
Name string - The display name for the schedule definition.
- End
Date string - The DateTime when the review is scheduled to end. Required if type is endDate
- Exclude
Resource stringId - This is used to indicate the resource id(s) to exclude
- Exclude
Role stringDefinition Id - This is used to indicate the role definition id(s) to exclude
- Expand
Nested boolMemberships - Flag to indicate whether to expand nested memberships or not.
- Inactive
Duration string - Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- Include
Access boolBelow Resource - Flag to indicate whether to expand nested memberships or not.
- Include
Inherited boolAccess - Flag to indicate whether to expand nested memberships or not.
- Instance
Duration intIn Days - The duration in days for an instance.
- Instances
List<Pulumi.
Azure Native. Authorization. Inputs. Access Review Instance> - This is the collection of instances returned when one does an expand on it.
- Interval int
- The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
- Justification
Required boolOn Approval - Flag to indicate whether the reviewer is required to pass justification when recording a decision.
- Mail
Notifications boolEnabled - Flag to indicate whether sending mails to reviewers and the review creator is enabled.
- Number
Of intOccurrences - The number of times to repeat the access review. Required and must be positive if type is numbered.
- Recommendation
Look stringBack Duration - Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- Recommendations
Enabled bool - Flag to indicate whether showing recommendations to reviewers is enabled.
- Reminder
Notifications boolEnabled - Flag to indicate whether sending reminder emails to reviewers are enabled.
- Reviewers
List<Pulumi.
Azure Native. Authorization. Inputs. Access Review Reviewer> - This is the collection of reviewers.
- Schedule
Definition stringId - The id of the access review schedule definition.
- Start
Date string - The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
- Type
string | Pulumi.
Azure Native. Authorization. Access Review Recurrence Range Type - The recurrence range type. The possible values are: endDate, noEnd, numbered.
- Scope string
- The scope of the resource.
- Auto
Apply boolDecisions Enabled - Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
- Backup
Reviewers []AccessReview Reviewer Args - This is the collection of backup reviewers.
- Default
Decision string | DefaultDecision Type - This specifies the behavior for the autoReview feature when an access review completes.
- Default
Decision boolEnabled - Flag to indicate whether reviewers are required to provide a justification when reviewing access.
- Description
For stringAdmins - The description provided by the access review creator and visible to admins.
- Description
For stringReviewers - The description provided by the access review creator to be shown to reviewers.
- Display
Name string - The display name for the schedule definition.
- End
Date string - The DateTime when the review is scheduled to end. Required if type is endDate
- Exclude
Resource stringId - This is used to indicate the resource id(s) to exclude
- Exclude
Role stringDefinition Id - This is used to indicate the role definition id(s) to exclude
- Expand
Nested boolMemberships - Flag to indicate whether to expand nested memberships or not.
- Inactive
Duration string - Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- Include
Access boolBelow Resource - Flag to indicate whether to expand nested memberships or not.
- Include
Inherited boolAccess - Flag to indicate whether to expand nested memberships or not.
- Instance
Duration intIn Days - The duration in days for an instance.
- Instances
[]Access
Review Instance Args - This is the collection of instances returned when one does an expand on it.
- Interval int
- The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
- Justification
Required boolOn Approval - Flag to indicate whether the reviewer is required to pass justification when recording a decision.
- Mail
Notifications boolEnabled - Flag to indicate whether sending mails to reviewers and the review creator is enabled.
- Number
Of intOccurrences - The number of times to repeat the access review. Required and must be positive if type is numbered.
- Recommendation
Look stringBack Duration - Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- Recommendations
Enabled bool - Flag to indicate whether showing recommendations to reviewers is enabled.
- Reminder
Notifications boolEnabled - Flag to indicate whether sending reminder emails to reviewers are enabled.
- Reviewers
[]Access
Review Reviewer Args - This is the collection of reviewers.
- Schedule
Definition stringId - The id of the access review schedule definition.
- Start
Date string - The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
- Type
string | Access
Review Recurrence Range Type - The recurrence range type. The possible values are: endDate, noEnd, numbered.
- scope String
- The scope of the resource.
- auto
Apply BooleanDecisions Enabled - Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
- backup
Reviewers List<AccessReview Reviewer> - This is the collection of backup reviewers.
- default
Decision String | DefaultDecision Type - This specifies the behavior for the autoReview feature when an access review completes.
- default
Decision BooleanEnabled - Flag to indicate whether reviewers are required to provide a justification when reviewing access.
- description
For StringAdmins - The description provided by the access review creator and visible to admins.
- description
For StringReviewers - The description provided by the access review creator to be shown to reviewers.
- display
Name String - The display name for the schedule definition.
- end
Date String - The DateTime when the review is scheduled to end. Required if type is endDate
- exclude
Resource StringId - This is used to indicate the resource id(s) to exclude
- exclude
Role StringDefinition Id - This is used to indicate the role definition id(s) to exclude
- expand
Nested BooleanMemberships - Flag to indicate whether to expand nested memberships or not.
- inactive
Duration String - Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- include
Access BooleanBelow Resource - Flag to indicate whether to expand nested memberships or not.
- include
Inherited BooleanAccess - Flag to indicate whether to expand nested memberships or not.
- instance
Duration IntegerIn Days - The duration in days for an instance.
- instances
List<Access
Review Instance> - This is the collection of instances returned when one does an expand on it.
- interval Integer
- The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
- justification
Required BooleanOn Approval - Flag to indicate whether the reviewer is required to pass justification when recording a decision.
- mail
Notifications BooleanEnabled - Flag to indicate whether sending mails to reviewers and the review creator is enabled.
- number
Of IntegerOccurrences - The number of times to repeat the access review. Required and must be positive if type is numbered.
- recommendation
Look StringBack Duration - Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- recommendations
Enabled Boolean - Flag to indicate whether showing recommendations to reviewers is enabled.
- reminder
Notifications BooleanEnabled - Flag to indicate whether sending reminder emails to reviewers are enabled.
- reviewers
List<Access
Review Reviewer> - This is the collection of reviewers.
- schedule
Definition StringId - The id of the access review schedule definition.
- start
Date String - The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
- type
String | Access
Review Recurrence Range Type - The recurrence range type. The possible values are: endDate, noEnd, numbered.
- scope string
- The scope of the resource.
- auto
Apply booleanDecisions Enabled - Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
- backup
Reviewers AccessReview Reviewer[] - This is the collection of backup reviewers.
- default
Decision string | DefaultDecision Type - This specifies the behavior for the autoReview feature when an access review completes.
- default
Decision booleanEnabled - Flag to indicate whether reviewers are required to provide a justification when reviewing access.
- description
For stringAdmins - The description provided by the access review creator and visible to admins.
- description
For stringReviewers - The description provided by the access review creator to be shown to reviewers.
- display
Name string - The display name for the schedule definition.
- end
Date string - The DateTime when the review is scheduled to end. Required if type is endDate
- exclude
Resource stringId - This is used to indicate the resource id(s) to exclude
- exclude
Role stringDefinition Id - This is used to indicate the role definition id(s) to exclude
- expand
Nested booleanMemberships - Flag to indicate whether to expand nested memberships or not.
- inactive
Duration string - Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- include
Access booleanBelow Resource - Flag to indicate whether to expand nested memberships or not.
- include
Inherited booleanAccess - Flag to indicate whether to expand nested memberships or not.
- instance
Duration numberIn Days - The duration in days for an instance.
- instances
Access
Review Instance[] - This is the collection of instances returned when one does an expand on it.
- interval number
- The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
- justification
Required booleanOn Approval - Flag to indicate whether the reviewer is required to pass justification when recording a decision.
- mail
Notifications booleanEnabled - Flag to indicate whether sending mails to reviewers and the review creator is enabled.
- number
Of numberOccurrences - The number of times to repeat the access review. Required and must be positive if type is numbered.
- recommendation
Look stringBack Duration - Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- recommendations
Enabled boolean - Flag to indicate whether showing recommendations to reviewers is enabled.
- reminder
Notifications booleanEnabled - Flag to indicate whether sending reminder emails to reviewers are enabled.
- reviewers
Access
Review Reviewer[] - This is the collection of reviewers.
- schedule
Definition stringId - The id of the access review schedule definition.
- start
Date string - The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
- type
string | Access
Review Recurrence Range Type - The recurrence range type. The possible values are: endDate, noEnd, numbered.
- scope str
- The scope of the resource.
- auto_
apply_ booldecisions_ enabled - Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
- backup_
reviewers Sequence[AccessReview Reviewer Args] - This is the collection of backup reviewers.
- default_
decision str | DefaultDecision Type - This specifies the behavior for the autoReview feature when an access review completes.
- default_
decision_ boolenabled - Flag to indicate whether reviewers are required to provide a justification when reviewing access.
- description_
for_ stradmins - The description provided by the access review creator and visible to admins.
- description_
for_ strreviewers - The description provided by the access review creator to be shown to reviewers.
- display_
name str - The display name for the schedule definition.
- end_
date str - The DateTime when the review is scheduled to end. Required if type is endDate
- exclude_
resource_ strid - This is used to indicate the resource id(s) to exclude
- exclude_
role_ strdefinition_ id - This is used to indicate the role definition id(s) to exclude
- expand_
nested_ boolmemberships - Flag to indicate whether to expand nested memberships or not.
- inactive_
duration str - Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- include_
access_ boolbelow_ resource - Flag to indicate whether to expand nested memberships or not.
- include_
inherited_ boolaccess - Flag to indicate whether to expand nested memberships or not.
- instance_
duration_ intin_ days - The duration in days for an instance.
- instances
Sequence[Access
Review Instance Args] - This is the collection of instances returned when one does an expand on it.
- interval int
- The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
- justification_
required_ boolon_ approval - Flag to indicate whether the reviewer is required to pass justification when recording a decision.
- mail_
notifications_ boolenabled - Flag to indicate whether sending mails to reviewers and the review creator is enabled.
- number_
of_ intoccurrences - The number of times to repeat the access review. Required and must be positive if type is numbered.
- recommendation_
look_ strback_ duration - Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- recommendations_
enabled bool - Flag to indicate whether showing recommendations to reviewers is enabled.
- reminder_
notifications_ boolenabled - Flag to indicate whether sending reminder emails to reviewers are enabled.
- reviewers
Sequence[Access
Review Reviewer Args] - This is the collection of reviewers.
- schedule_
definition_ strid - The id of the access review schedule definition.
- start_
date str - The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
- type
str | Access
Review Recurrence Range Type - The recurrence range type. The possible values are: endDate, noEnd, numbered.
- scope String
- The scope of the resource.
- auto
Apply BooleanDecisions Enabled - Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
- backup
Reviewers List<Property Map> - This is the collection of backup reviewers.
- default
Decision String | "Approve" | "Deny" | "Recommendation" - This specifies the behavior for the autoReview feature when an access review completes.
- default
Decision BooleanEnabled - Flag to indicate whether reviewers are required to provide a justification when reviewing access.
- description
For StringAdmins - The description provided by the access review creator and visible to admins.
- description
For StringReviewers - The description provided by the access review creator to be shown to reviewers.
- display
Name String - The display name for the schedule definition.
- end
Date String - The DateTime when the review is scheduled to end. Required if type is endDate
- exclude
Resource StringId - This is used to indicate the resource id(s) to exclude
- exclude
Role StringDefinition Id - This is used to indicate the role definition id(s) to exclude
- expand
Nested BooleanMemberships - Flag to indicate whether to expand nested memberships or not.
- inactive
Duration String - Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- include
Access BooleanBelow Resource - Flag to indicate whether to expand nested memberships or not.
- include
Inherited BooleanAccess - Flag to indicate whether to expand nested memberships or not.
- instance
Duration NumberIn Days - The duration in days for an instance.
- instances List<Property Map>
- This is the collection of instances returned when one does an expand on it.
- interval Number
- The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
- justification
Required BooleanOn Approval - Flag to indicate whether the reviewer is required to pass justification when recording a decision.
- mail
Notifications BooleanEnabled - Flag to indicate whether sending mails to reviewers and the review creator is enabled.
- number
Of NumberOccurrences - The number of times to repeat the access review. Required and must be positive if type is numbered.
- recommendation
Look StringBack Duration - Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
- recommendations
Enabled Boolean - Flag to indicate whether showing recommendations to reviewers is enabled.
- reminder
Notifications BooleanEnabled - Flag to indicate whether sending reminder emails to reviewers are enabled.
- reviewers List<Property Map>
- This is the collection of reviewers.
- schedule
Definition StringId - The id of the access review schedule definition.
- start
Date String - The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
- type
String | "end
Date" | "no End" | "numbered" - The recurrence range type. The possible values are: endDate, noEnd, numbered.
Outputs
All input properties are implicitly available as output properties. Additionally, the ScopeAccessReviewScheduleDefinitionById resource produces the following output properties:
- Assignment
State string - The role assignment state eligible/active to review
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The access review schedule definition unique id.
- Principal
Id string - The identity id
- Principal
Name string - The identity display name
- Principal
Type string - The identity type user/servicePrincipal to review
- Resource
Id string - ResourceId in which this review is getting created
- Reviewers
Type string - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- Role
Definition stringId - This is used to indicate the role being reviewed
- Status string
- This read-only field specifies the status of an accessReview.
- User
Principal stringName - The user principal name(if valid)
- Assignment
State string - The role assignment state eligible/active to review
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The access review schedule definition unique id.
- Principal
Id string - The identity id
- Principal
Name string - The identity display name
- Principal
Type string - The identity type user/servicePrincipal to review
- Resource
Id string - ResourceId in which this review is getting created
- Reviewers
Type string - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- Role
Definition stringId - This is used to indicate the role being reviewed
- Status string
- This read-only field specifies the status of an accessReview.
- User
Principal stringName - The user principal name(if valid)
- assignment
State String - The role assignment state eligible/active to review
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The access review schedule definition unique id.
- principal
Id String - The identity id
- principal
Name String - The identity display name
- principal
Type String - The identity type user/servicePrincipal to review
- resource
Id String - ResourceId in which this review is getting created
- reviewers
Type String - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- role
Definition StringId - This is used to indicate the role being reviewed
- status String
- This read-only field specifies the status of an accessReview.
- user
Principal StringName - The user principal name(if valid)
- assignment
State string - The role assignment state eligible/active to review
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The access review schedule definition unique id.
- principal
Id string - The identity id
- principal
Name string - The identity display name
- principal
Type string - The identity type user/servicePrincipal to review
- resource
Id string - ResourceId in which this review is getting created
- reviewers
Type string - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- role
Definition stringId - This is used to indicate the role being reviewed
- status string
- This read-only field specifies the status of an accessReview.
- user
Principal stringName - The user principal name(if valid)
- assignment_
state str - The role assignment state eligible/active to review
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The access review schedule definition unique id.
- principal_
id str - The identity id
- principal_
name str - The identity display name
- principal_
type str - The identity type user/servicePrincipal to review
- resource_
id str - ResourceId in which this review is getting created
- reviewers_
type str - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- role_
definition_ strid - This is used to indicate the role being reviewed
- status str
- This read-only field specifies the status of an accessReview.
- user_
principal_ strname - The user principal name(if valid)
- assignment
State String - The role assignment state eligible/active to review
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The access review schedule definition unique id.
- principal
Id String - The identity id
- principal
Name String - The identity display name
- principal
Type String - The identity type user/servicePrincipal to review
- resource
Id String - ResourceId in which this review is getting created
- reviewers
Type String - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- role
Definition StringId - This is used to indicate the role being reviewed
- status String
- This read-only field specifies the status of an accessReview.
- user
Principal StringName - The user principal name(if valid)
Supporting Types
AccessReviewInstance, AccessReviewInstanceArgs
- Backup
Reviewers List<Pulumi.Azure Native. Authorization. Inputs. Access Review Reviewer> - This is the collection of backup reviewers.
- End
Date stringTime - The DateTime when the review instance is scheduled to end.
- Reviewers
List<Pulumi.
Azure Native. Authorization. Inputs. Access Review Reviewer> - This is the collection of reviewers.
- Start
Date stringTime - The DateTime when the review instance is scheduled to be start.
- Backup
Reviewers []AccessReview Reviewer - This is the collection of backup reviewers.
- End
Date stringTime - The DateTime when the review instance is scheduled to end.
- Reviewers
[]Access
Review Reviewer - This is the collection of reviewers.
- Start
Date stringTime - The DateTime when the review instance is scheduled to be start.
- backup
Reviewers List<AccessReview Reviewer> - This is the collection of backup reviewers.
- end
Date StringTime - The DateTime when the review instance is scheduled to end.
- reviewers
List<Access
Review Reviewer> - This is the collection of reviewers.
- start
Date StringTime - The DateTime when the review instance is scheduled to be start.
- backup
Reviewers AccessReview Reviewer[] - This is the collection of backup reviewers.
- end
Date stringTime - The DateTime when the review instance is scheduled to end.
- reviewers
Access
Review Reviewer[] - This is the collection of reviewers.
- start
Date stringTime - The DateTime when the review instance is scheduled to be start.
- backup_
reviewers Sequence[AccessReview Reviewer] - This is the collection of backup reviewers.
- end_
date_ strtime - The DateTime when the review instance is scheduled to end.
- reviewers
Sequence[Access
Review Reviewer] - This is the collection of reviewers.
- start_
date_ strtime - The DateTime when the review instance is scheduled to be start.
- backup
Reviewers List<Property Map> - This is the collection of backup reviewers.
- end
Date StringTime - The DateTime when the review instance is scheduled to end.
- reviewers List<Property Map>
- This is the collection of reviewers.
- start
Date StringTime - The DateTime when the review instance is scheduled to be start.
AccessReviewInstanceResponse, AccessReviewInstanceResponseArgs
- Id string
- The access review instance id.
- Name string
- The access review instance name.
- Reviewers
Type string - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- Status string
- This read-only field specifies the status of an access review instance.
- Type string
- The resource type.
- Backup
Reviewers List<Pulumi.Azure Native. Authorization. Inputs. Access Review Reviewer Response> - This is the collection of backup reviewers.
- End
Date stringTime - The DateTime when the review instance is scheduled to end.
- Reviewers
List<Pulumi.
Azure Native. Authorization. Inputs. Access Review Reviewer Response> - This is the collection of reviewers.
- Start
Date stringTime - The DateTime when the review instance is scheduled to be start.
- Id string
- The access review instance id.
- Name string
- The access review instance name.
- Reviewers
Type string - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- Status string
- This read-only field specifies the status of an access review instance.
- Type string
- The resource type.
- Backup
Reviewers []AccessReview Reviewer Response - This is the collection of backup reviewers.
- End
Date stringTime - The DateTime when the review instance is scheduled to end.
- Reviewers
[]Access
Review Reviewer Response - This is the collection of reviewers.
- Start
Date stringTime - The DateTime when the review instance is scheduled to be start.
- id String
- The access review instance id.
- name String
- The access review instance name.
- reviewers
Type String - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- status String
- This read-only field specifies the status of an access review instance.
- type String
- The resource type.
- backup
Reviewers List<AccessReview Reviewer Response> - This is the collection of backup reviewers.
- end
Date StringTime - The DateTime when the review instance is scheduled to end.
- reviewers
List<Access
Review Reviewer Response> - This is the collection of reviewers.
- start
Date StringTime - The DateTime when the review instance is scheduled to be start.
- id string
- The access review instance id.
- name string
- The access review instance name.
- reviewers
Type string - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- status string
- This read-only field specifies the status of an access review instance.
- type string
- The resource type.
- backup
Reviewers AccessReview Reviewer Response[] - This is the collection of backup reviewers.
- end
Date stringTime - The DateTime when the review instance is scheduled to end.
- reviewers
Access
Review Reviewer Response[] - This is the collection of reviewers.
- start
Date stringTime - The DateTime when the review instance is scheduled to be start.
- id str
- The access review instance id.
- name str
- The access review instance name.
- reviewers_
type str - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- status str
- This read-only field specifies the status of an access review instance.
- type str
- The resource type.
- backup_
reviewers Sequence[AccessReview Reviewer Response] - This is the collection of backup reviewers.
- end_
date_ strtime - The DateTime when the review instance is scheduled to end.
- reviewers
Sequence[Access
Review Reviewer Response] - This is the collection of reviewers.
- start_
date_ strtime - The DateTime when the review instance is scheduled to be start.
- id String
- The access review instance id.
- name String
- The access review instance name.
- reviewers
Type String - This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
- status String
- This read-only field specifies the status of an access review instance.
- type String
- The resource type.
- backup
Reviewers List<Property Map> - This is the collection of backup reviewers.
- end
Date StringTime - The DateTime when the review instance is scheduled to end.
- reviewers List<Property Map>
- This is the collection of reviewers.
- start
Date StringTime - The DateTime when the review instance is scheduled to be start.
AccessReviewRecurrenceRangeType, AccessReviewRecurrenceRangeTypeArgs
- End
Date - endDate
- No
End - noEnd
- Numbered
- numbered
- Access
Review Recurrence Range Type End Date - endDate
- Access
Review Recurrence Range Type No End - noEnd
- Access
Review Recurrence Range Type Numbered - numbered
- End
Date - endDate
- No
End - noEnd
- Numbered
- numbered
- End
Date - endDate
- No
End - noEnd
- Numbered
- numbered
- END_DATE
- endDate
- NO_END
- noEnd
- NUMBERED
- numbered
- "end
Date" - endDate
- "no
End" - noEnd
- "numbered"
- numbered
AccessReviewReviewer, AccessReviewReviewerArgs
- Principal
Id string - The id of the reviewer(user/servicePrincipal)
- Principal
Id string - The id of the reviewer(user/servicePrincipal)
- principal
Id String - The id of the reviewer(user/servicePrincipal)
- principal
Id string - The id of the reviewer(user/servicePrincipal)
- principal_
id str - The id of the reviewer(user/servicePrincipal)
- principal
Id String - The id of the reviewer(user/servicePrincipal)
AccessReviewReviewerResponse, AccessReviewReviewerResponseArgs
- Principal
Type string - The identity type : user/servicePrincipal
- Principal
Id string - The id of the reviewer(user/servicePrincipal)
- Principal
Type string - The identity type : user/servicePrincipal
- Principal
Id string - The id of the reviewer(user/servicePrincipal)
- principal
Type String - The identity type : user/servicePrincipal
- principal
Id String - The id of the reviewer(user/servicePrincipal)
- principal
Type string - The identity type : user/servicePrincipal
- principal
Id string - The id of the reviewer(user/servicePrincipal)
- principal_
type str - The identity type : user/servicePrincipal
- principal_
id str - The id of the reviewer(user/servicePrincipal)
- principal
Type String - The identity type : user/servicePrincipal
- principal
Id String - The id of the reviewer(user/servicePrincipal)
DefaultDecisionType, DefaultDecisionTypeArgs
- Approve
- Approve
- Deny
- Deny
- Recommendation
- Recommendation
- Default
Decision Type Approve - Approve
- Default
Decision Type Deny - Deny
- Default
Decision Type Recommendation - Recommendation
- Approve
- Approve
- Deny
- Deny
- Recommendation
- Recommendation
- Approve
- Approve
- Deny
- Deny
- Recommendation
- Recommendation
- APPROVE
- Approve
- DENY
- Deny
- RECOMMENDATION
- Recommendation
- "Approve"
- Approve
- "Deny"
- Deny
- "Recommendation"
- Recommendation
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:authorization:ScopeAccessReviewScheduleDefinitionById fa73e90b-5bf1-45fd-a182-35ce5fc0674d /subscriptions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/fa73e90b-5bf1-45fd-a182-35ce5fc0674d
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- azure-native-v1 pulumi/pulumi-azure-native
- License
- Apache-2.0