1. Packages
  2. Azure Classic
  3. API Docs
  4. domainservices
  5. Service

We recommend using Azure Native.

Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi

azure.domainservices.Service

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    import * as azuread from "@pulumi/azuread";
    
    const deploy = new azure.core.ResourceGroup("deploy", {
        name: "example-resources",
        location: "West Europe",
    });
    const deployVirtualNetwork = new azure.network.VirtualNetwork("deploy", {
        name: "deploy-vnet",
        location: deploy.location,
        resourceGroupName: deploy.name,
        addressSpaces: ["10.0.1.0/16"],
    });
    const deploySubnet = new azure.network.Subnet("deploy", {
        name: "deploy-subnet",
        resourceGroupName: deploy.name,
        virtualNetworkName: deployVirtualNetwork.name,
        addressPrefixes: ["10.0.1.0/24"],
    });
    const deployNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("deploy", {
        name: "deploy-nsg",
        location: deploy.location,
        resourceGroupName: deploy.name,
        securityRules: [
            {
                name: "AllowSyncWithAzureAD",
                priority: 101,
                direction: "Inbound",
                access: "Allow",
                protocol: "Tcp",
                sourcePortRange: "*",
                destinationPortRange: "443",
                sourceAddressPrefix: "AzureActiveDirectoryDomainServices",
                destinationAddressPrefix: "*",
            },
            {
                name: "AllowRD",
                priority: 201,
                direction: "Inbound",
                access: "Allow",
                protocol: "Tcp",
                sourcePortRange: "*",
                destinationPortRange: "3389",
                sourceAddressPrefix: "CorpNetSaw",
                destinationAddressPrefix: "*",
            },
            {
                name: "AllowPSRemoting",
                priority: 301,
                direction: "Inbound",
                access: "Allow",
                protocol: "Tcp",
                sourcePortRange: "*",
                destinationPortRange: "5986",
                sourceAddressPrefix: "AzureActiveDirectoryDomainServices",
                destinationAddressPrefix: "*",
            },
            {
                name: "AllowLDAPS",
                priority: 401,
                direction: "Inbound",
                access: "Allow",
                protocol: "Tcp",
                sourcePortRange: "*",
                destinationPortRange: "636",
                sourceAddressPrefix: "*",
                destinationAddressPrefix: "*",
            },
        ],
    });
    const deploySubnetNetworkSecurityGroupAssociation = new azure.network.SubnetNetworkSecurityGroupAssociation("deploy", {
        subnetId: deploySubnet.id,
        networkSecurityGroupId: deployNetworkSecurityGroup.id,
    });
    const dcAdmins = new azuread.Group("dc_admins", {
        displayName: "AAD DC Administrators",
        securityEnabled: true,
    });
    const admin = new azuread.User("admin", {
        userPrincipalName: "dc-admin@hashicorp-example.com",
        displayName: "DC Administrator",
        password: "Pa55w0Rd!!1",
    });
    const adminGroupMember = new azuread.GroupMember("admin", {
        groupObjectId: dcAdmins.objectId,
        memberObjectId: admin.objectId,
    });
    const example = new azuread.ServicePrincipal("example", {applicationId: "2565bd9d-da50-47d4-8b85-4c97f669dc36"});
    const aadds = new azure.core.ResourceGroup("aadds", {
        name: "aadds-rg",
        location: "westeurope",
    });
    const exampleService = new azure.domainservices.Service("example", {
        name: "example-aadds",
        location: aadds.location,
        resourceGroupName: aadds.name,
        domainName: "widgetslogin.net",
        sku: "Enterprise",
        filteredSyncEnabled: false,
        initialReplicaSet: {
            subnetId: deploySubnet.id,
        },
        notifications: {
            additionalRecipients: [
                "notifyA@example.net",
                "notifyB@example.org",
            ],
            notifyDcAdmins: true,
            notifyGlobalAdmins: true,
        },
        security: {
            syncKerberosPasswords: true,
            syncNtlmPasswords: true,
            syncOnPremPasswords: true,
        },
        tags: {
            Environment: "prod",
        },
    }, {
        dependsOn: [
            example,
            deploySubnetNetworkSecurityGroupAssociation,
        ],
    });
    
    import pulumi
    import pulumi_azure as azure
    import pulumi_azuread as azuread
    
    deploy = azure.core.ResourceGroup("deploy",
        name="example-resources",
        location="West Europe")
    deploy_virtual_network = azure.network.VirtualNetwork("deploy",
        name="deploy-vnet",
        location=deploy.location,
        resource_group_name=deploy.name,
        address_spaces=["10.0.1.0/16"])
    deploy_subnet = azure.network.Subnet("deploy",
        name="deploy-subnet",
        resource_group_name=deploy.name,
        virtual_network_name=deploy_virtual_network.name,
        address_prefixes=["10.0.1.0/24"])
    deploy_network_security_group = azure.network.NetworkSecurityGroup("deploy",
        name="deploy-nsg",
        location=deploy.location,
        resource_group_name=deploy.name,
        security_rules=[
            {
                "name": "AllowSyncWithAzureAD",
                "priority": 101,
                "direction": "Inbound",
                "access": "Allow",
                "protocol": "Tcp",
                "source_port_range": "*",
                "destination_port_range": "443",
                "source_address_prefix": "AzureActiveDirectoryDomainServices",
                "destination_address_prefix": "*",
            },
            {
                "name": "AllowRD",
                "priority": 201,
                "direction": "Inbound",
                "access": "Allow",
                "protocol": "Tcp",
                "source_port_range": "*",
                "destination_port_range": "3389",
                "source_address_prefix": "CorpNetSaw",
                "destination_address_prefix": "*",
            },
            {
                "name": "AllowPSRemoting",
                "priority": 301,
                "direction": "Inbound",
                "access": "Allow",
                "protocol": "Tcp",
                "source_port_range": "*",
                "destination_port_range": "5986",
                "source_address_prefix": "AzureActiveDirectoryDomainServices",
                "destination_address_prefix": "*",
            },
            {
                "name": "AllowLDAPS",
                "priority": 401,
                "direction": "Inbound",
                "access": "Allow",
                "protocol": "Tcp",
                "source_port_range": "*",
                "destination_port_range": "636",
                "source_address_prefix": "*",
                "destination_address_prefix": "*",
            },
        ])
    deploy_subnet_network_security_group_association = azure.network.SubnetNetworkSecurityGroupAssociation("deploy",
        subnet_id=deploy_subnet.id,
        network_security_group_id=deploy_network_security_group.id)
    dc_admins = azuread.Group("dc_admins",
        display_name="AAD DC Administrators",
        security_enabled=True)
    admin = azuread.User("admin",
        user_principal_name="dc-admin@hashicorp-example.com",
        display_name="DC Administrator",
        password="Pa55w0Rd!!1")
    admin_group_member = azuread.GroupMember("admin",
        group_object_id=dc_admins.object_id,
        member_object_id=admin.object_id)
    example = azuread.ServicePrincipal("example", application_id="2565bd9d-da50-47d4-8b85-4c97f669dc36")
    aadds = azure.core.ResourceGroup("aadds",
        name="aadds-rg",
        location="westeurope")
    example_service = azure.domainservices.Service("example",
        name="example-aadds",
        location=aadds.location,
        resource_group_name=aadds.name,
        domain_name="widgetslogin.net",
        sku="Enterprise",
        filtered_sync_enabled=False,
        initial_replica_set={
            "subnet_id": deploy_subnet.id,
        },
        notifications={
            "additional_recipients": [
                "notifyA@example.net",
                "notifyB@example.org",
            ],
            "notify_dc_admins": True,
            "notify_global_admins": True,
        },
        security={
            "sync_kerberos_passwords": True,
            "sync_ntlm_passwords": True,
            "sync_on_prem_passwords": True,
        },
        tags={
            "Environment": "prod",
        },
        opts = pulumi.ResourceOptions(depends_on=[
                example,
                deploy_subnet_network_security_group_association,
            ]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/domainservices"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
    	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		deploy, err := core.NewResourceGroup(ctx, "deploy", &core.ResourceGroupArgs{
    			Name:     pulumi.String("example-resources"),
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		deployVirtualNetwork, err := network.NewVirtualNetwork(ctx, "deploy", &network.VirtualNetworkArgs{
    			Name:              pulumi.String("deploy-vnet"),
    			Location:          deploy.Location,
    			ResourceGroupName: deploy.Name,
    			AddressSpaces: pulumi.StringArray{
    				pulumi.String("10.0.1.0/16"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		deploySubnet, err := network.NewSubnet(ctx, "deploy", &network.SubnetArgs{
    			Name:               pulumi.String("deploy-subnet"),
    			ResourceGroupName:  deploy.Name,
    			VirtualNetworkName: deployVirtualNetwork.Name,
    			AddressPrefixes: pulumi.StringArray{
    				pulumi.String("10.0.1.0/24"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		deployNetworkSecurityGroup, err := network.NewNetworkSecurityGroup(ctx, "deploy", &network.NetworkSecurityGroupArgs{
    			Name:              pulumi.String("deploy-nsg"),
    			Location:          deploy.Location,
    			ResourceGroupName: deploy.Name,
    			SecurityRules: network.NetworkSecurityGroupSecurityRuleArray{
    				&network.NetworkSecurityGroupSecurityRuleArgs{
    					Name:                     pulumi.String("AllowSyncWithAzureAD"),
    					Priority:                 pulumi.Int(101),
    					Direction:                pulumi.String("Inbound"),
    					Access:                   pulumi.String("Allow"),
    					Protocol:                 pulumi.String("Tcp"),
    					SourcePortRange:          pulumi.String("*"),
    					DestinationPortRange:     pulumi.String("443"),
    					SourceAddressPrefix:      pulumi.String("AzureActiveDirectoryDomainServices"),
    					DestinationAddressPrefix: pulumi.String("*"),
    				},
    				&network.NetworkSecurityGroupSecurityRuleArgs{
    					Name:                     pulumi.String("AllowRD"),
    					Priority:                 pulumi.Int(201),
    					Direction:                pulumi.String("Inbound"),
    					Access:                   pulumi.String("Allow"),
    					Protocol:                 pulumi.String("Tcp"),
    					SourcePortRange:          pulumi.String("*"),
    					DestinationPortRange:     pulumi.String("3389"),
    					SourceAddressPrefix:      pulumi.String("CorpNetSaw"),
    					DestinationAddressPrefix: pulumi.String("*"),
    				},
    				&network.NetworkSecurityGroupSecurityRuleArgs{
    					Name:                     pulumi.String("AllowPSRemoting"),
    					Priority:                 pulumi.Int(301),
    					Direction:                pulumi.String("Inbound"),
    					Access:                   pulumi.String("Allow"),
    					Protocol:                 pulumi.String("Tcp"),
    					SourcePortRange:          pulumi.String("*"),
    					DestinationPortRange:     pulumi.String("5986"),
    					SourceAddressPrefix:      pulumi.String("AzureActiveDirectoryDomainServices"),
    					DestinationAddressPrefix: pulumi.String("*"),
    				},
    				&network.NetworkSecurityGroupSecurityRuleArgs{
    					Name:                     pulumi.String("AllowLDAPS"),
    					Priority:                 pulumi.Int(401),
    					Direction:                pulumi.String("Inbound"),
    					Access:                   pulumi.String("Allow"),
    					Protocol:                 pulumi.String("Tcp"),
    					SourcePortRange:          pulumi.String("*"),
    					DestinationPortRange:     pulumi.String("636"),
    					SourceAddressPrefix:      pulumi.String("*"),
    					DestinationAddressPrefix: pulumi.String("*"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		deploySubnetNetworkSecurityGroupAssociation, err := network.NewSubnetNetworkSecurityGroupAssociation(ctx, "deploy", &network.SubnetNetworkSecurityGroupAssociationArgs{
    			SubnetId:               deploySubnet.ID(),
    			NetworkSecurityGroupId: deployNetworkSecurityGroup.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		dcAdmins, err := azuread.NewGroup(ctx, "dc_admins", &azuread.GroupArgs{
    			DisplayName:     pulumi.String("AAD DC Administrators"),
    			SecurityEnabled: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		admin, err := azuread.NewUser(ctx, "admin", &azuread.UserArgs{
    			UserPrincipalName: pulumi.String("dc-admin@hashicorp-example.com"),
    			DisplayName:       pulumi.String("DC Administrator"),
    			Password:          pulumi.String("Pa55w0Rd!!1"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = azuread.NewGroupMember(ctx, "admin", &azuread.GroupMemberArgs{
    			GroupObjectId:  dcAdmins.ObjectId,
    			MemberObjectId: admin.ObjectId,
    		})
    		if err != nil {
    			return err
    		}
    		example, err := azuread.NewServicePrincipal(ctx, "example", &azuread.ServicePrincipalArgs{
    			ApplicationId: pulumi.String("2565bd9d-da50-47d4-8b85-4c97f669dc36"),
    		})
    		if err != nil {
    			return err
    		}
    		aadds, err := core.NewResourceGroup(ctx, "aadds", &core.ResourceGroupArgs{
    			Name:     pulumi.String("aadds-rg"),
    			Location: pulumi.String("westeurope"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = domainservices.NewService(ctx, "example", &domainservices.ServiceArgs{
    			Name:                pulumi.String("example-aadds"),
    			Location:            aadds.Location,
    			ResourceGroupName:   aadds.Name,
    			DomainName:          pulumi.String("widgetslogin.net"),
    			Sku:                 pulumi.String("Enterprise"),
    			FilteredSyncEnabled: pulumi.Bool(false),
    			InitialReplicaSet: &domainservices.ServiceInitialReplicaSetArgs{
    				SubnetId: deploySubnet.ID(),
    			},
    			Notifications: &domainservices.ServiceNotificationsArgs{
    				AdditionalRecipients: pulumi.StringArray{
    					pulumi.String("notifyA@example.net"),
    					pulumi.String("notifyB@example.org"),
    				},
    				NotifyDcAdmins:     pulumi.Bool(true),
    				NotifyGlobalAdmins: pulumi.Bool(true),
    			},
    			Security: &domainservices.ServiceSecurityArgs{
    				SyncKerberosPasswords: pulumi.Bool(true),
    				SyncNtlmPasswords:     pulumi.Bool(true),
    				SyncOnPremPasswords:   pulumi.Bool(true),
    			},
    			Tags: pulumi.StringMap{
    				"Environment": pulumi.String("prod"),
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			example,
    			deploySubnetNetworkSecurityGroupAssociation,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var deploy = new Azure.Core.ResourceGroup("deploy", new()
        {
            Name = "example-resources",
            Location = "West Europe",
        });
    
        var deployVirtualNetwork = new Azure.Network.VirtualNetwork("deploy", new()
        {
            Name = "deploy-vnet",
            Location = deploy.Location,
            ResourceGroupName = deploy.Name,
            AddressSpaces = new[]
            {
                "10.0.1.0/16",
            },
        });
    
        var deploySubnet = new Azure.Network.Subnet("deploy", new()
        {
            Name = "deploy-subnet",
            ResourceGroupName = deploy.Name,
            VirtualNetworkName = deployVirtualNetwork.Name,
            AddressPrefixes = new[]
            {
                "10.0.1.0/24",
            },
        });
    
        var deployNetworkSecurityGroup = new Azure.Network.NetworkSecurityGroup("deploy", new()
        {
            Name = "deploy-nsg",
            Location = deploy.Location,
            ResourceGroupName = deploy.Name,
            SecurityRules = new[]
            {
                new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
                {
                    Name = "AllowSyncWithAzureAD",
                    Priority = 101,
                    Direction = "Inbound",
                    Access = "Allow",
                    Protocol = "Tcp",
                    SourcePortRange = "*",
                    DestinationPortRange = "443",
                    SourceAddressPrefix = "AzureActiveDirectoryDomainServices",
                    DestinationAddressPrefix = "*",
                },
                new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
                {
                    Name = "AllowRD",
                    Priority = 201,
                    Direction = "Inbound",
                    Access = "Allow",
                    Protocol = "Tcp",
                    SourcePortRange = "*",
                    DestinationPortRange = "3389",
                    SourceAddressPrefix = "CorpNetSaw",
                    DestinationAddressPrefix = "*",
                },
                new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
                {
                    Name = "AllowPSRemoting",
                    Priority = 301,
                    Direction = "Inbound",
                    Access = "Allow",
                    Protocol = "Tcp",
                    SourcePortRange = "*",
                    DestinationPortRange = "5986",
                    SourceAddressPrefix = "AzureActiveDirectoryDomainServices",
                    DestinationAddressPrefix = "*",
                },
                new Azure.Network.Inputs.NetworkSecurityGroupSecurityRuleArgs
                {
                    Name = "AllowLDAPS",
                    Priority = 401,
                    Direction = "Inbound",
                    Access = "Allow",
                    Protocol = "Tcp",
                    SourcePortRange = "*",
                    DestinationPortRange = "636",
                    SourceAddressPrefix = "*",
                    DestinationAddressPrefix = "*",
                },
            },
        });
    
        var deploySubnetNetworkSecurityGroupAssociation = new Azure.Network.SubnetNetworkSecurityGroupAssociation("deploy", new()
        {
            SubnetId = deploySubnet.Id,
            NetworkSecurityGroupId = deployNetworkSecurityGroup.Id,
        });
    
        var dcAdmins = new AzureAD.Group("dc_admins", new()
        {
            DisplayName = "AAD DC Administrators",
            SecurityEnabled = true,
        });
    
        var admin = new AzureAD.User("admin", new()
        {
            UserPrincipalName = "dc-admin@hashicorp-example.com",
            DisplayName = "DC Administrator",
            Password = "Pa55w0Rd!!1",
        });
    
        var adminGroupMember = new AzureAD.GroupMember("admin", new()
        {
            GroupObjectId = dcAdmins.ObjectId,
            MemberObjectId = admin.ObjectId,
        });
    
        var example = new AzureAD.ServicePrincipal("example", new()
        {
            ApplicationId = "2565bd9d-da50-47d4-8b85-4c97f669dc36",
        });
    
        var aadds = new Azure.Core.ResourceGroup("aadds", new()
        {
            Name = "aadds-rg",
            Location = "westeurope",
        });
    
        var exampleService = new Azure.DomainServices.Service("example", new()
        {
            Name = "example-aadds",
            Location = aadds.Location,
            ResourceGroupName = aadds.Name,
            DomainName = "widgetslogin.net",
            Sku = "Enterprise",
            FilteredSyncEnabled = false,
            InitialReplicaSet = new Azure.DomainServices.Inputs.ServiceInitialReplicaSetArgs
            {
                SubnetId = deploySubnet.Id,
            },
            Notifications = new Azure.DomainServices.Inputs.ServiceNotificationsArgs
            {
                AdditionalRecipients = new[]
                {
                    "notifyA@example.net",
                    "notifyB@example.org",
                },
                NotifyDcAdmins = true,
                NotifyGlobalAdmins = true,
            },
            Security = new Azure.DomainServices.Inputs.ServiceSecurityArgs
            {
                SyncKerberosPasswords = true,
                SyncNtlmPasswords = true,
                SyncOnPremPasswords = true,
            },
            Tags = 
            {
                { "Environment", "prod" },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                example,
                deploySubnetNetworkSecurityGroupAssociation,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.network.VirtualNetwork;
    import com.pulumi.azure.network.VirtualNetworkArgs;
    import com.pulumi.azure.network.Subnet;
    import com.pulumi.azure.network.SubnetArgs;
    import com.pulumi.azure.network.NetworkSecurityGroup;
    import com.pulumi.azure.network.NetworkSecurityGroupArgs;
    import com.pulumi.azure.network.inputs.NetworkSecurityGroupSecurityRuleArgs;
    import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociation;
    import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociationArgs;
    import com.pulumi.azuread.Group;
    import com.pulumi.azuread.GroupArgs;
    import com.pulumi.azuread.User;
    import com.pulumi.azuread.UserArgs;
    import com.pulumi.azuread.GroupMember;
    import com.pulumi.azuread.GroupMemberArgs;
    import com.pulumi.azuread.ServicePrincipal;
    import com.pulumi.azuread.ServicePrincipalArgs;
    import com.pulumi.azure.domainservices.Service;
    import com.pulumi.azure.domainservices.ServiceArgs;
    import com.pulumi.azure.domainservices.inputs.ServiceInitialReplicaSetArgs;
    import com.pulumi.azure.domainservices.inputs.ServiceNotificationsArgs;
    import com.pulumi.azure.domainservices.inputs.ServiceSecurityArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var deploy = new ResourceGroup("deploy", ResourceGroupArgs.builder()
                .name("example-resources")
                .location("West Europe")
                .build());
    
            var deployVirtualNetwork = new VirtualNetwork("deployVirtualNetwork", VirtualNetworkArgs.builder()
                .name("deploy-vnet")
                .location(deploy.location())
                .resourceGroupName(deploy.name())
                .addressSpaces("10.0.1.0/16")
                .build());
    
            var deploySubnet = new Subnet("deploySubnet", SubnetArgs.builder()
                .name("deploy-subnet")
                .resourceGroupName(deploy.name())
                .virtualNetworkName(deployVirtualNetwork.name())
                .addressPrefixes("10.0.1.0/24")
                .build());
    
            var deployNetworkSecurityGroup = new NetworkSecurityGroup("deployNetworkSecurityGroup", NetworkSecurityGroupArgs.builder()
                .name("deploy-nsg")
                .location(deploy.location())
                .resourceGroupName(deploy.name())
                .securityRules(            
                    NetworkSecurityGroupSecurityRuleArgs.builder()
                        .name("AllowSyncWithAzureAD")
                        .priority(101)
                        .direction("Inbound")
                        .access("Allow")
                        .protocol("Tcp")
                        .sourcePortRange("*")
                        .destinationPortRange("443")
                        .sourceAddressPrefix("AzureActiveDirectoryDomainServices")
                        .destinationAddressPrefix("*")
                        .build(),
                    NetworkSecurityGroupSecurityRuleArgs.builder()
                        .name("AllowRD")
                        .priority(201)
                        .direction("Inbound")
                        .access("Allow")
                        .protocol("Tcp")
                        .sourcePortRange("*")
                        .destinationPortRange("3389")
                        .sourceAddressPrefix("CorpNetSaw")
                        .destinationAddressPrefix("*")
                        .build(),
                    NetworkSecurityGroupSecurityRuleArgs.builder()
                        .name("AllowPSRemoting")
                        .priority(301)
                        .direction("Inbound")
                        .access("Allow")
                        .protocol("Tcp")
                        .sourcePortRange("*")
                        .destinationPortRange("5986")
                        .sourceAddressPrefix("AzureActiveDirectoryDomainServices")
                        .destinationAddressPrefix("*")
                        .build(),
                    NetworkSecurityGroupSecurityRuleArgs.builder()
                        .name("AllowLDAPS")
                        .priority(401)
                        .direction("Inbound")
                        .access("Allow")
                        .protocol("Tcp")
                        .sourcePortRange("*")
                        .destinationPortRange("636")
                        .sourceAddressPrefix("*")
                        .destinationAddressPrefix("*")
                        .build())
                .build());
    
            var deploySubnetNetworkSecurityGroupAssociation = new SubnetNetworkSecurityGroupAssociation("deploySubnetNetworkSecurityGroupAssociation", SubnetNetworkSecurityGroupAssociationArgs.builder()
                .subnetId(deploySubnet.id())
                .networkSecurityGroupId(deployNetworkSecurityGroup.id())
                .build());
    
            var dcAdmins = new Group("dcAdmins", GroupArgs.builder()
                .displayName("AAD DC Administrators")
                .securityEnabled(true)
                .build());
    
            var admin = new User("admin", UserArgs.builder()
                .userPrincipalName("dc-admin@hashicorp-example.com")
                .displayName("DC Administrator")
                .password("Pa55w0Rd!!1")
                .build());
    
            var adminGroupMember = new GroupMember("adminGroupMember", GroupMemberArgs.builder()
                .groupObjectId(dcAdmins.objectId())
                .memberObjectId(admin.objectId())
                .build());
    
            var example = new ServicePrincipal("example", ServicePrincipalArgs.builder()
                .applicationId("2565bd9d-da50-47d4-8b85-4c97f669dc36")
                .build());
    
            var aadds = new ResourceGroup("aadds", ResourceGroupArgs.builder()
                .name("aadds-rg")
                .location("westeurope")
                .build());
    
            var exampleService = new Service("exampleService", ServiceArgs.builder()
                .name("example-aadds")
                .location(aadds.location())
                .resourceGroupName(aadds.name())
                .domainName("widgetslogin.net")
                .sku("Enterprise")
                .filteredSyncEnabled(false)
                .initialReplicaSet(ServiceInitialReplicaSetArgs.builder()
                    .subnetId(deploySubnet.id())
                    .build())
                .notifications(ServiceNotificationsArgs.builder()
                    .additionalRecipients(                
                        "notifyA@example.net",
                        "notifyB@example.org")
                    .notifyDcAdmins(true)
                    .notifyGlobalAdmins(true)
                    .build())
                .security(ServiceSecurityArgs.builder()
                    .syncKerberosPasswords(true)
                    .syncNtlmPasswords(true)
                    .syncOnPremPasswords(true)
                    .build())
                .tags(Map.of("Environment", "prod"))
                .build(), CustomResourceOptions.builder()
                    .dependsOn(                
                        example,
                        deploySubnetNetworkSecurityGroupAssociation)
                    .build());
    
        }
    }
    
    resources:
      deploy:
        type: azure:core:ResourceGroup
        properties:
          name: example-resources
          location: West Europe
      deployVirtualNetwork:
        type: azure:network:VirtualNetwork
        name: deploy
        properties:
          name: deploy-vnet
          location: ${deploy.location}
          resourceGroupName: ${deploy.name}
          addressSpaces:
            - 10.0.1.0/16
      deploySubnet:
        type: azure:network:Subnet
        name: deploy
        properties:
          name: deploy-subnet
          resourceGroupName: ${deploy.name}
          virtualNetworkName: ${deployVirtualNetwork.name}
          addressPrefixes:
            - 10.0.1.0/24
      deployNetworkSecurityGroup:
        type: azure:network:NetworkSecurityGroup
        name: deploy
        properties:
          name: deploy-nsg
          location: ${deploy.location}
          resourceGroupName: ${deploy.name}
          securityRules:
            - name: AllowSyncWithAzureAD
              priority: 101
              direction: Inbound
              access: Allow
              protocol: Tcp
              sourcePortRange: '*'
              destinationPortRange: '443'
              sourceAddressPrefix: AzureActiveDirectoryDomainServices
              destinationAddressPrefix: '*'
            - name: AllowRD
              priority: 201
              direction: Inbound
              access: Allow
              protocol: Tcp
              sourcePortRange: '*'
              destinationPortRange: '3389'
              sourceAddressPrefix: CorpNetSaw
              destinationAddressPrefix: '*'
            - name: AllowPSRemoting
              priority: 301
              direction: Inbound
              access: Allow
              protocol: Tcp
              sourcePortRange: '*'
              destinationPortRange: '5986'
              sourceAddressPrefix: AzureActiveDirectoryDomainServices
              destinationAddressPrefix: '*'
            - name: AllowLDAPS
              priority: 401
              direction: Inbound
              access: Allow
              protocol: Tcp
              sourcePortRange: '*'
              destinationPortRange: '636'
              sourceAddressPrefix: '*'
              destinationAddressPrefix: '*'
      deploySubnetNetworkSecurityGroupAssociation:
        type: azure:network:SubnetNetworkSecurityGroupAssociation
        name: deploy
        properties:
          subnetId: ${deploySubnet.id}
          networkSecurityGroupId: ${deployNetworkSecurityGroup.id}
      dcAdmins:
        type: azuread:Group
        name: dc_admins
        properties:
          displayName: AAD DC Administrators
          securityEnabled: true
      admin:
        type: azuread:User
        properties:
          userPrincipalName: dc-admin@hashicorp-example.com
          displayName: DC Administrator
          password: Pa55w0Rd!!1
      adminGroupMember:
        type: azuread:GroupMember
        name: admin
        properties:
          groupObjectId: ${dcAdmins.objectId}
          memberObjectId: ${admin.objectId}
      example:
        type: azuread:ServicePrincipal
        properties:
          applicationId: 2565bd9d-da50-47d4-8b85-4c97f669dc36
      aadds:
        type: azure:core:ResourceGroup
        properties:
          name: aadds-rg
          location: westeurope
      exampleService:
        type: azure:domainservices:Service
        name: example
        properties:
          name: example-aadds
          location: ${aadds.location}
          resourceGroupName: ${aadds.name}
          domainName: widgetslogin.net
          sku: Enterprise
          filteredSyncEnabled: false
          initialReplicaSet:
            subnetId: ${deploySubnet.id}
          notifications:
            additionalRecipients:
              - notifyA@example.net
              - notifyB@example.org
            notifyDcAdmins: true
            notifyGlobalAdmins: true
          security:
            syncKerberosPasswords: true
            syncNtlmPasswords: true
            syncOnPremPasswords: true
          tags:
            Environment: prod
        options:
          dependson:
            - ${example}
            - ${deploySubnetNetworkSecurityGroupAssociation}
    

    Create Service Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Service(name: string, args: ServiceArgs, opts?: CustomResourceOptions);
    @overload
    def Service(resource_name: str,
                args: ServiceArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Service(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                domain_name: Optional[str] = None,
                initial_replica_set: Optional[ServiceInitialReplicaSetArgs] = None,
                resource_group_name: Optional[str] = None,
                sku: Optional[str] = None,
                domain_configuration_type: Optional[str] = None,
                filtered_sync_enabled: Optional[bool] = None,
                location: Optional[str] = None,
                name: Optional[str] = None,
                notifications: Optional[ServiceNotificationsArgs] = None,
                secure_ldap: Optional[ServiceSecureLdapArgs] = None,
                security: Optional[ServiceSecurityArgs] = None,
                tags: Optional[Mapping[str, str]] = None)
    func NewService(ctx *Context, name string, args ServiceArgs, opts ...ResourceOption) (*Service, error)
    public Service(string name, ServiceArgs args, CustomResourceOptions? opts = null)
    public Service(String name, ServiceArgs args)
    public Service(String name, ServiceArgs args, CustomResourceOptions options)
    
    type: azure:domainservices:Service
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ServiceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ServiceArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ServiceArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ServiceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ServiceArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var exampleserviceResourceResourceFromDomainservicesservice = new Azure.DomainServices.Service("exampleserviceResourceResourceFromDomainservicesservice", new()
    {
        DomainName = "string",
        InitialReplicaSet = new Azure.DomainServices.Inputs.ServiceInitialReplicaSetArgs
        {
            SubnetId = "string",
            DomainControllerIpAddresses = new[]
            {
                "string",
            },
            ExternalAccessIpAddress = "string",
            Id = "string",
            Location = "string",
            ServiceStatus = "string",
        },
        ResourceGroupName = "string",
        Sku = "string",
        DomainConfigurationType = "string",
        FilteredSyncEnabled = false,
        Location = "string",
        Name = "string",
        Notifications = new Azure.DomainServices.Inputs.ServiceNotificationsArgs
        {
            AdditionalRecipients = new[]
            {
                "string",
            },
            NotifyDcAdmins = false,
            NotifyGlobalAdmins = false,
        },
        SecureLdap = new Azure.DomainServices.Inputs.ServiceSecureLdapArgs
        {
            Enabled = false,
            PfxCertificate = "string",
            PfxCertificatePassword = "string",
            CertificateExpiry = "string",
            CertificateThumbprint = "string",
            ExternalAccessEnabled = false,
            PublicCertificate = "string",
        },
        Security = new Azure.DomainServices.Inputs.ServiceSecurityArgs
        {
            KerberosArmoringEnabled = false,
            KerberosRc4EncryptionEnabled = false,
            NtlmV1Enabled = false,
            SyncKerberosPasswords = false,
            SyncNtlmPasswords = false,
            SyncOnPremPasswords = false,
            TlsV1Enabled = false,
        },
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := domainservices.NewService(ctx, "exampleserviceResourceResourceFromDomainservicesservice", &domainservices.ServiceArgs{
    	DomainName: pulumi.String("string"),
    	InitialReplicaSet: &domainservices.ServiceInitialReplicaSetArgs{
    		SubnetId: pulumi.String("string"),
    		DomainControllerIpAddresses: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		ExternalAccessIpAddress: pulumi.String("string"),
    		Id:                      pulumi.String("string"),
    		Location:                pulumi.String("string"),
    		ServiceStatus:           pulumi.String("string"),
    	},
    	ResourceGroupName:       pulumi.String("string"),
    	Sku:                     pulumi.String("string"),
    	DomainConfigurationType: pulumi.String("string"),
    	FilteredSyncEnabled:     pulumi.Bool(false),
    	Location:                pulumi.String("string"),
    	Name:                    pulumi.String("string"),
    	Notifications: &domainservices.ServiceNotificationsArgs{
    		AdditionalRecipients: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		NotifyDcAdmins:     pulumi.Bool(false),
    		NotifyGlobalAdmins: pulumi.Bool(false),
    	},
    	SecureLdap: &domainservices.ServiceSecureLdapArgs{
    		Enabled:                pulumi.Bool(false),
    		PfxCertificate:         pulumi.String("string"),
    		PfxCertificatePassword: pulumi.String("string"),
    		CertificateExpiry:      pulumi.String("string"),
    		CertificateThumbprint:  pulumi.String("string"),
    		ExternalAccessEnabled:  pulumi.Bool(false),
    		PublicCertificate:      pulumi.String("string"),
    	},
    	Security: &domainservices.ServiceSecurityArgs{
    		KerberosArmoringEnabled:      pulumi.Bool(false),
    		KerberosRc4EncryptionEnabled: pulumi.Bool(false),
    		NtlmV1Enabled:                pulumi.Bool(false),
    		SyncKerberosPasswords:        pulumi.Bool(false),
    		SyncNtlmPasswords:            pulumi.Bool(false),
    		SyncOnPremPasswords:          pulumi.Bool(false),
    		TlsV1Enabled:                 pulumi.Bool(false),
    	},
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var exampleserviceResourceResourceFromDomainservicesservice = new Service("exampleserviceResourceResourceFromDomainservicesservice", ServiceArgs.builder()
        .domainName("string")
        .initialReplicaSet(ServiceInitialReplicaSetArgs.builder()
            .subnetId("string")
            .domainControllerIpAddresses("string")
            .externalAccessIpAddress("string")
            .id("string")
            .location("string")
            .serviceStatus("string")
            .build())
        .resourceGroupName("string")
        .sku("string")
        .domainConfigurationType("string")
        .filteredSyncEnabled(false)
        .location("string")
        .name("string")
        .notifications(ServiceNotificationsArgs.builder()
            .additionalRecipients("string")
            .notifyDcAdmins(false)
            .notifyGlobalAdmins(false)
            .build())
        .secureLdap(ServiceSecureLdapArgs.builder()
            .enabled(false)
            .pfxCertificate("string")
            .pfxCertificatePassword("string")
            .certificateExpiry("string")
            .certificateThumbprint("string")
            .externalAccessEnabled(false)
            .publicCertificate("string")
            .build())
        .security(ServiceSecurityArgs.builder()
            .kerberosArmoringEnabled(false)
            .kerberosRc4EncryptionEnabled(false)
            .ntlmV1Enabled(false)
            .syncKerberosPasswords(false)
            .syncNtlmPasswords(false)
            .syncOnPremPasswords(false)
            .tlsV1Enabled(false)
            .build())
        .tags(Map.of("string", "string"))
        .build());
    
    exampleservice_resource_resource_from_domainservicesservice = azure.domainservices.Service("exampleserviceResourceResourceFromDomainservicesservice",
        domain_name="string",
        initial_replica_set={
            "subnet_id": "string",
            "domain_controller_ip_addresses": ["string"],
            "external_access_ip_address": "string",
            "id": "string",
            "location": "string",
            "service_status": "string",
        },
        resource_group_name="string",
        sku="string",
        domain_configuration_type="string",
        filtered_sync_enabled=False,
        location="string",
        name="string",
        notifications={
            "additional_recipients": ["string"],
            "notify_dc_admins": False,
            "notify_global_admins": False,
        },
        secure_ldap={
            "enabled": False,
            "pfx_certificate": "string",
            "pfx_certificate_password": "string",
            "certificate_expiry": "string",
            "certificate_thumbprint": "string",
            "external_access_enabled": False,
            "public_certificate": "string",
        },
        security={
            "kerberos_armoring_enabled": False,
            "kerberos_rc4_encryption_enabled": False,
            "ntlm_v1_enabled": False,
            "sync_kerberos_passwords": False,
            "sync_ntlm_passwords": False,
            "sync_on_prem_passwords": False,
            "tls_v1_enabled": False,
        },
        tags={
            "string": "string",
        })
    
    const exampleserviceResourceResourceFromDomainservicesservice = new azure.domainservices.Service("exampleserviceResourceResourceFromDomainservicesservice", {
        domainName: "string",
        initialReplicaSet: {
            subnetId: "string",
            domainControllerIpAddresses: ["string"],
            externalAccessIpAddress: "string",
            id: "string",
            location: "string",
            serviceStatus: "string",
        },
        resourceGroupName: "string",
        sku: "string",
        domainConfigurationType: "string",
        filteredSyncEnabled: false,
        location: "string",
        name: "string",
        notifications: {
            additionalRecipients: ["string"],
            notifyDcAdmins: false,
            notifyGlobalAdmins: false,
        },
        secureLdap: {
            enabled: false,
            pfxCertificate: "string",
            pfxCertificatePassword: "string",
            certificateExpiry: "string",
            certificateThumbprint: "string",
            externalAccessEnabled: false,
            publicCertificate: "string",
        },
        security: {
            kerberosArmoringEnabled: false,
            kerberosRc4EncryptionEnabled: false,
            ntlmV1Enabled: false,
            syncKerberosPasswords: false,
            syncNtlmPasswords: false,
            syncOnPremPasswords: false,
            tlsV1Enabled: false,
        },
        tags: {
            string: "string",
        },
    });
    
    type: azure:domainservices:Service
    properties:
        domainConfigurationType: string
        domainName: string
        filteredSyncEnabled: false
        initialReplicaSet:
            domainControllerIpAddresses:
                - string
            externalAccessIpAddress: string
            id: string
            location: string
            serviceStatus: string
            subnetId: string
        location: string
        name: string
        notifications:
            additionalRecipients:
                - string
            notifyDcAdmins: false
            notifyGlobalAdmins: false
        resourceGroupName: string
        secureLdap:
            certificateExpiry: string
            certificateThumbprint: string
            enabled: false
            externalAccessEnabled: false
            pfxCertificate: string
            pfxCertificatePassword: string
            publicCertificate: string
        security:
            kerberosArmoringEnabled: false
            kerberosRc4EncryptionEnabled: false
            ntlmV1Enabled: false
            syncKerberosPasswords: false
            syncNtlmPasswords: false
            syncOnPremPasswords: false
            tlsV1Enabled: false
        sku: string
        tags:
            string: string
    

    Service Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Service resource accepts the following input properties:

    DomainName string
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    InitialReplicaSet ServiceInitialReplicaSet
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    ResourceGroupName string
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    Sku string
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    DomainConfigurationType string
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    FilteredSyncEnabled bool
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    Location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    Name string
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    Notifications ServiceNotifications
    A notifications block as defined below.
    SecureLdap ServiceSecureLdap
    A secure_ldap block as defined below.
    Security ServiceSecurity
    A security block as defined below.
    Tags Dictionary<string, string>
    A mapping of tags assigned to the resource.
    DomainName string
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    InitialReplicaSet ServiceInitialReplicaSetArgs
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    ResourceGroupName string
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    Sku string
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    DomainConfigurationType string
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    FilteredSyncEnabled bool
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    Location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    Name string
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    Notifications ServiceNotificationsArgs
    A notifications block as defined below.
    SecureLdap ServiceSecureLdapArgs
    A secure_ldap block as defined below.
    Security ServiceSecurityArgs
    A security block as defined below.
    Tags map[string]string
    A mapping of tags assigned to the resource.
    domainName String
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    initialReplicaSet ServiceInitialReplicaSet
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    resourceGroupName String
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    sku String
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    domainConfigurationType String
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    filteredSyncEnabled Boolean
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    location String
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name String
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications ServiceNotifications
    A notifications block as defined below.
    secureLdap ServiceSecureLdap
    A secure_ldap block as defined below.
    security ServiceSecurity
    A security block as defined below.
    tags Map<String,String>
    A mapping of tags assigned to the resource.
    domainName string
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    initialReplicaSet ServiceInitialReplicaSet
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    resourceGroupName string
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    sku string
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    domainConfigurationType string
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    filteredSyncEnabled boolean
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name string
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications ServiceNotifications
    A notifications block as defined below.
    secureLdap ServiceSecureLdap
    A secure_ldap block as defined below.
    security ServiceSecurity
    A security block as defined below.
    tags {[key: string]: string}
    A mapping of tags assigned to the resource.
    domain_name str
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    initial_replica_set ServiceInitialReplicaSetArgs
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    resource_group_name str
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    sku str
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    domain_configuration_type str
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    filtered_sync_enabled bool
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    location str
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name str
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications ServiceNotificationsArgs
    A notifications block as defined below.
    secure_ldap ServiceSecureLdapArgs
    A secure_ldap block as defined below.
    security ServiceSecurityArgs
    A security block as defined below.
    tags Mapping[str, str]
    A mapping of tags assigned to the resource.
    domainName String
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    initialReplicaSet Property Map
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    resourceGroupName String
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    sku String
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    domainConfigurationType String
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    filteredSyncEnabled Boolean
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    location String
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name String
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications Property Map
    A notifications block as defined below.
    secureLdap Property Map
    A secure_ldap block as defined below.
    security Property Map
    A security block as defined below.
    tags Map<String>
    A mapping of tags assigned to the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Service resource produces the following output properties:

    DeploymentId string
    A unique ID for the managed domain deployment.
    Id string
    The provider-assigned unique ID for this managed resource.
    ResourceId string
    The Azure resource ID for the domain service.
    SyncOwner string
    TenantId string
    Version int
    DeploymentId string
    A unique ID for the managed domain deployment.
    Id string
    The provider-assigned unique ID for this managed resource.
    ResourceId string
    The Azure resource ID for the domain service.
    SyncOwner string
    TenantId string
    Version int
    deploymentId String
    A unique ID for the managed domain deployment.
    id String
    The provider-assigned unique ID for this managed resource.
    resourceId String
    The Azure resource ID for the domain service.
    syncOwner String
    tenantId String
    version Integer
    deploymentId string
    A unique ID for the managed domain deployment.
    id string
    The provider-assigned unique ID for this managed resource.
    resourceId string
    The Azure resource ID for the domain service.
    syncOwner string
    tenantId string
    version number
    deployment_id str
    A unique ID for the managed domain deployment.
    id str
    The provider-assigned unique ID for this managed resource.
    resource_id str
    The Azure resource ID for the domain service.
    sync_owner str
    tenant_id str
    version int
    deploymentId String
    A unique ID for the managed domain deployment.
    id String
    The provider-assigned unique ID for this managed resource.
    resourceId String
    The Azure resource ID for the domain service.
    syncOwner String
    tenantId String
    version Number

    Look up Existing Service Resource

    Get an existing Service resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ServiceState, opts?: CustomResourceOptions): Service
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            deployment_id: Optional[str] = None,
            domain_configuration_type: Optional[str] = None,
            domain_name: Optional[str] = None,
            filtered_sync_enabled: Optional[bool] = None,
            initial_replica_set: Optional[ServiceInitialReplicaSetArgs] = None,
            location: Optional[str] = None,
            name: Optional[str] = None,
            notifications: Optional[ServiceNotificationsArgs] = None,
            resource_group_name: Optional[str] = None,
            resource_id: Optional[str] = None,
            secure_ldap: Optional[ServiceSecureLdapArgs] = None,
            security: Optional[ServiceSecurityArgs] = None,
            sku: Optional[str] = None,
            sync_owner: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tenant_id: Optional[str] = None,
            version: Optional[int] = None) -> Service
    func GetService(ctx *Context, name string, id IDInput, state *ServiceState, opts ...ResourceOption) (*Service, error)
    public static Service Get(string name, Input<string> id, ServiceState? state, CustomResourceOptions? opts = null)
    public static Service get(String name, Output<String> id, ServiceState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    DeploymentId string
    A unique ID for the managed domain deployment.
    DomainConfigurationType string
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    DomainName string
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    FilteredSyncEnabled bool
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    InitialReplicaSet ServiceInitialReplicaSet
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    Location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    Name string
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    Notifications ServiceNotifications
    A notifications block as defined below.
    ResourceGroupName string
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    ResourceId string
    The Azure resource ID for the domain service.
    SecureLdap ServiceSecureLdap
    A secure_ldap block as defined below.
    Security ServiceSecurity
    A security block as defined below.
    Sku string
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    SyncOwner string
    Tags Dictionary<string, string>
    A mapping of tags assigned to the resource.
    TenantId string
    Version int
    DeploymentId string
    A unique ID for the managed domain deployment.
    DomainConfigurationType string
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    DomainName string
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    FilteredSyncEnabled bool
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    InitialReplicaSet ServiceInitialReplicaSetArgs
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    Location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    Name string
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    Notifications ServiceNotificationsArgs
    A notifications block as defined below.
    ResourceGroupName string
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    ResourceId string
    The Azure resource ID for the domain service.
    SecureLdap ServiceSecureLdapArgs
    A secure_ldap block as defined below.
    Security ServiceSecurityArgs
    A security block as defined below.
    Sku string
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    SyncOwner string
    Tags map[string]string
    A mapping of tags assigned to the resource.
    TenantId string
    Version int
    deploymentId String
    A unique ID for the managed domain deployment.
    domainConfigurationType String
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    domainName String
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    filteredSyncEnabled Boolean
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    initialReplicaSet ServiceInitialReplicaSet
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    location String
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name String
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications ServiceNotifications
    A notifications block as defined below.
    resourceGroupName String
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    resourceId String
    The Azure resource ID for the domain service.
    secureLdap ServiceSecureLdap
    A secure_ldap block as defined below.
    security ServiceSecurity
    A security block as defined below.
    sku String
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    syncOwner String
    tags Map<String,String>
    A mapping of tags assigned to the resource.
    tenantId String
    version Integer
    deploymentId string
    A unique ID for the managed domain deployment.
    domainConfigurationType string
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    domainName string
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    filteredSyncEnabled boolean
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    initialReplicaSet ServiceInitialReplicaSet
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name string
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications ServiceNotifications
    A notifications block as defined below.
    resourceGroupName string
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    resourceId string
    The Azure resource ID for the domain service.
    secureLdap ServiceSecureLdap
    A secure_ldap block as defined below.
    security ServiceSecurity
    A security block as defined below.
    sku string
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    syncOwner string
    tags {[key: string]: string}
    A mapping of tags assigned to the resource.
    tenantId string
    version number
    deployment_id str
    A unique ID for the managed domain deployment.
    domain_configuration_type str
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    domain_name str
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    filtered_sync_enabled bool
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    initial_replica_set ServiceInitialReplicaSetArgs
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    location str
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name str
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications ServiceNotificationsArgs
    A notifications block as defined below.
    resource_group_name str
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    resource_id str
    The Azure resource ID for the domain service.
    secure_ldap ServiceSecureLdapArgs
    A secure_ldap block as defined below.
    security ServiceSecurityArgs
    A security block as defined below.
    sku str
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    sync_owner str
    tags Mapping[str, str]
    A mapping of tags assigned to the resource.
    tenant_id str
    version int
    deploymentId String
    A unique ID for the managed domain deployment.
    domainConfigurationType String
    The configuration type of this Active Directory Domain. Possible values are FullySynced and ResourceTrusting. Changing this forces a new resource to be created.
    domainName String
    The Active Directory domain to use. See official documentation for constraints and recommendations. Changing this forces a new resource to be created.
    filteredSyncEnabled Boolean
    Whether to enable group-based filtered sync (also called scoped synchronisation). Defaults to false.
    initialReplicaSet Property Map
    An initial_replica_set block as defined below. The initial replica set inherits the same location as the Domain Service resource.
    location String
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    name String
    The display name for your managed Active Directory Domain Service resource. Changing this forces a new resource to be created.
    notifications Property Map
    A notifications block as defined below.
    resourceGroupName String
    The name of the Resource Group in which the Domain Service should exist. Changing this forces a new resource to be created.
    resourceId String
    The Azure resource ID for the domain service.
    secureLdap Property Map
    A secure_ldap block as defined below.
    security Property Map
    A security block as defined below.
    sku String
    The SKU to use when provisioning the Domain Service resource. One of Standard, Enterprise or Premium.
    syncOwner String
    tags Map<String>
    A mapping of tags assigned to the resource.
    tenantId String
    version Number

    Supporting Types

    ServiceInitialReplicaSet, ServiceInitialReplicaSetArgs

    SubnetId string
    The ID of the subnet in which to place the initial replica set. Changing this forces a new resource to be created.
    DomainControllerIpAddresses List<string>
    A list of subnet IP addresses for the domain controllers in the initial replica set, typically two.
    ExternalAccessIpAddress string
    The publicly routable IP address for the domain controllers in the initial replica set.
    Id string
    A unique ID for the replica set.
    Location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    ServiceStatus string
    The current service status for the initial replica set.
    SubnetId string
    The ID of the subnet in which to place the initial replica set. Changing this forces a new resource to be created.
    DomainControllerIpAddresses []string
    A list of subnet IP addresses for the domain controllers in the initial replica set, typically two.
    ExternalAccessIpAddress string
    The publicly routable IP address for the domain controllers in the initial replica set.
    Id string
    A unique ID for the replica set.
    Location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    ServiceStatus string
    The current service status for the initial replica set.
    subnetId String
    The ID of the subnet in which to place the initial replica set. Changing this forces a new resource to be created.
    domainControllerIpAddresses List<String>
    A list of subnet IP addresses for the domain controllers in the initial replica set, typically two.
    externalAccessIpAddress String
    The publicly routable IP address for the domain controllers in the initial replica set.
    id String
    A unique ID for the replica set.
    location String
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    serviceStatus String
    The current service status for the initial replica set.
    subnetId string
    The ID of the subnet in which to place the initial replica set. Changing this forces a new resource to be created.
    domainControllerIpAddresses string[]
    A list of subnet IP addresses for the domain controllers in the initial replica set, typically two.
    externalAccessIpAddress string
    The publicly routable IP address for the domain controllers in the initial replica set.
    id string
    A unique ID for the replica set.
    location string
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    serviceStatus string
    The current service status for the initial replica set.
    subnet_id str
    The ID of the subnet in which to place the initial replica set. Changing this forces a new resource to be created.
    domain_controller_ip_addresses Sequence[str]
    A list of subnet IP addresses for the domain controllers in the initial replica set, typically two.
    external_access_ip_address str
    The publicly routable IP address for the domain controllers in the initial replica set.
    id str
    A unique ID for the replica set.
    location str
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    service_status str
    The current service status for the initial replica set.
    subnetId String
    The ID of the subnet in which to place the initial replica set. Changing this forces a new resource to be created.
    domainControllerIpAddresses List<String>
    A list of subnet IP addresses for the domain controllers in the initial replica set, typically two.
    externalAccessIpAddress String
    The publicly routable IP address for the domain controllers in the initial replica set.
    id String
    A unique ID for the replica set.
    location String
    The Azure location where the Domain Service exists. Changing this forces a new resource to be created.
    serviceStatus String
    The current service status for the initial replica set.

    ServiceNotifications, ServiceNotificationsArgs

    AdditionalRecipients List<string>
    A list of additional email addresses to notify when there are alerts in the managed domain.
    NotifyDcAdmins bool
    Whether to notify members of the AAD DC Administrators group when there are alerts in the managed domain.
    NotifyGlobalAdmins bool
    Whether to notify all Global Administrators when there are alerts in the managed domain.
    AdditionalRecipients []string
    A list of additional email addresses to notify when there are alerts in the managed domain.
    NotifyDcAdmins bool
    Whether to notify members of the AAD DC Administrators group when there are alerts in the managed domain.
    NotifyGlobalAdmins bool
    Whether to notify all Global Administrators when there are alerts in the managed domain.
    additionalRecipients List<String>
    A list of additional email addresses to notify when there are alerts in the managed domain.
    notifyDcAdmins Boolean
    Whether to notify members of the AAD DC Administrators group when there are alerts in the managed domain.
    notifyGlobalAdmins Boolean
    Whether to notify all Global Administrators when there are alerts in the managed domain.
    additionalRecipients string[]
    A list of additional email addresses to notify when there are alerts in the managed domain.
    notifyDcAdmins boolean
    Whether to notify members of the AAD DC Administrators group when there are alerts in the managed domain.
    notifyGlobalAdmins boolean
    Whether to notify all Global Administrators when there are alerts in the managed domain.
    additional_recipients Sequence[str]
    A list of additional email addresses to notify when there are alerts in the managed domain.
    notify_dc_admins bool
    Whether to notify members of the AAD DC Administrators group when there are alerts in the managed domain.
    notify_global_admins bool
    Whether to notify all Global Administrators when there are alerts in the managed domain.
    additionalRecipients List<String>
    A list of additional email addresses to notify when there are alerts in the managed domain.
    notifyDcAdmins Boolean
    Whether to notify members of the AAD DC Administrators group when there are alerts in the managed domain.
    notifyGlobalAdmins Boolean
    Whether to notify all Global Administrators when there are alerts in the managed domain.

    ServiceSecureLdap, ServiceSecureLdapArgs

    Enabled bool
    Whether to enable secure LDAP for the managed domain. For more information, please see official documentation on enabling LDAPS, paying particular attention to the section on network security to avoid unnecessarily exposing your service to Internet-borne bruteforce attacks.
    PfxCertificate string
    The certificate/private key to use for LDAPS, as a base64-encoded TripleDES-SHA1 encrypted PKCS#12 bundle (PFX file).
    PfxCertificatePassword string
    The password to use for decrypting the PKCS#12 bundle (PFX file).
    CertificateExpiry string
    The expiry time of the certificate.
    CertificateThumbprint string
    The thumbprint of the certificate.
    ExternalAccessEnabled bool
    Whether to enable external access to LDAPS over the Internet. Defaults to false.
    PublicCertificate string
    The public certificate.
    Enabled bool
    Whether to enable secure LDAP for the managed domain. For more information, please see official documentation on enabling LDAPS, paying particular attention to the section on network security to avoid unnecessarily exposing your service to Internet-borne bruteforce attacks.
    PfxCertificate string
    The certificate/private key to use for LDAPS, as a base64-encoded TripleDES-SHA1 encrypted PKCS#12 bundle (PFX file).
    PfxCertificatePassword string
    The password to use for decrypting the PKCS#12 bundle (PFX file).
    CertificateExpiry string
    The expiry time of the certificate.
    CertificateThumbprint string
    The thumbprint of the certificate.
    ExternalAccessEnabled bool
    Whether to enable external access to LDAPS over the Internet. Defaults to false.
    PublicCertificate string
    The public certificate.
    enabled Boolean
    Whether to enable secure LDAP for the managed domain. For more information, please see official documentation on enabling LDAPS, paying particular attention to the section on network security to avoid unnecessarily exposing your service to Internet-borne bruteforce attacks.
    pfxCertificate String
    The certificate/private key to use for LDAPS, as a base64-encoded TripleDES-SHA1 encrypted PKCS#12 bundle (PFX file).
    pfxCertificatePassword String
    The password to use for decrypting the PKCS#12 bundle (PFX file).
    certificateExpiry String
    The expiry time of the certificate.
    certificateThumbprint String
    The thumbprint of the certificate.
    externalAccessEnabled Boolean
    Whether to enable external access to LDAPS over the Internet. Defaults to false.
    publicCertificate String
    The public certificate.
    enabled boolean
    Whether to enable secure LDAP for the managed domain. For more information, please see official documentation on enabling LDAPS, paying particular attention to the section on network security to avoid unnecessarily exposing your service to Internet-borne bruteforce attacks.
    pfxCertificate string
    The certificate/private key to use for LDAPS, as a base64-encoded TripleDES-SHA1 encrypted PKCS#12 bundle (PFX file).
    pfxCertificatePassword string
    The password to use for decrypting the PKCS#12 bundle (PFX file).
    certificateExpiry string
    The expiry time of the certificate.
    certificateThumbprint string
    The thumbprint of the certificate.
    externalAccessEnabled boolean
    Whether to enable external access to LDAPS over the Internet. Defaults to false.
    publicCertificate string
    The public certificate.
    enabled bool
    Whether to enable secure LDAP for the managed domain. For more information, please see official documentation on enabling LDAPS, paying particular attention to the section on network security to avoid unnecessarily exposing your service to Internet-borne bruteforce attacks.
    pfx_certificate str
    The certificate/private key to use for LDAPS, as a base64-encoded TripleDES-SHA1 encrypted PKCS#12 bundle (PFX file).
    pfx_certificate_password str
    The password to use for decrypting the PKCS#12 bundle (PFX file).
    certificate_expiry str
    The expiry time of the certificate.
    certificate_thumbprint str
    The thumbprint of the certificate.
    external_access_enabled bool
    Whether to enable external access to LDAPS over the Internet. Defaults to false.
    public_certificate str
    The public certificate.
    enabled Boolean
    Whether to enable secure LDAP for the managed domain. For more information, please see official documentation on enabling LDAPS, paying particular attention to the section on network security to avoid unnecessarily exposing your service to Internet-borne bruteforce attacks.
    pfxCertificate String
    The certificate/private key to use for LDAPS, as a base64-encoded TripleDES-SHA1 encrypted PKCS#12 bundle (PFX file).
    pfxCertificatePassword String
    The password to use for decrypting the PKCS#12 bundle (PFX file).
    certificateExpiry String
    The expiry time of the certificate.
    certificateThumbprint String
    The thumbprint of the certificate.
    externalAccessEnabled Boolean
    Whether to enable external access to LDAPS over the Internet. Defaults to false.
    publicCertificate String
    The public certificate.

    ServiceSecurity, ServiceSecurityArgs

    KerberosArmoringEnabled bool
    Whether to enable Kerberos Armoring. Defaults to false.
    KerberosRc4EncryptionEnabled bool
    Whether to enable Kerberos RC4 Encryption. Defaults to false.
    NtlmV1Enabled bool
    Whether to enable legacy NTLM v1 support. Defaults to false.
    SyncKerberosPasswords bool
    Whether to synchronize Kerberos password hashes to the managed domain. Defaults to false.
    SyncNtlmPasswords bool
    Whether to synchronize NTLM password hashes to the managed domain. Defaults to false.
    SyncOnPremPasswords bool
    Whether to synchronize on-premises password hashes to the managed domain. Defaults to false.
    TlsV1Enabled bool
    Whether to enable legacy TLS v1 support. Defaults to false.
    KerberosArmoringEnabled bool
    Whether to enable Kerberos Armoring. Defaults to false.
    KerberosRc4EncryptionEnabled bool
    Whether to enable Kerberos RC4 Encryption. Defaults to false.
    NtlmV1Enabled bool
    Whether to enable legacy NTLM v1 support. Defaults to false.
    SyncKerberosPasswords bool
    Whether to synchronize Kerberos password hashes to the managed domain. Defaults to false.
    SyncNtlmPasswords bool
    Whether to synchronize NTLM password hashes to the managed domain. Defaults to false.
    SyncOnPremPasswords bool
    Whether to synchronize on-premises password hashes to the managed domain. Defaults to false.
    TlsV1Enabled bool
    Whether to enable legacy TLS v1 support. Defaults to false.
    kerberosArmoringEnabled Boolean
    Whether to enable Kerberos Armoring. Defaults to false.
    kerberosRc4EncryptionEnabled Boolean
    Whether to enable Kerberos RC4 Encryption. Defaults to false.
    ntlmV1Enabled Boolean
    Whether to enable legacy NTLM v1 support. Defaults to false.
    syncKerberosPasswords Boolean
    Whether to synchronize Kerberos password hashes to the managed domain. Defaults to false.
    syncNtlmPasswords Boolean
    Whether to synchronize NTLM password hashes to the managed domain. Defaults to false.
    syncOnPremPasswords Boolean
    Whether to synchronize on-premises password hashes to the managed domain. Defaults to false.
    tlsV1Enabled Boolean
    Whether to enable legacy TLS v1 support. Defaults to false.
    kerberosArmoringEnabled boolean
    Whether to enable Kerberos Armoring. Defaults to false.
    kerberosRc4EncryptionEnabled boolean
    Whether to enable Kerberos RC4 Encryption. Defaults to false.
    ntlmV1Enabled boolean
    Whether to enable legacy NTLM v1 support. Defaults to false.
    syncKerberosPasswords boolean
    Whether to synchronize Kerberos password hashes to the managed domain. Defaults to false.
    syncNtlmPasswords boolean
    Whether to synchronize NTLM password hashes to the managed domain. Defaults to false.
    syncOnPremPasswords boolean
    Whether to synchronize on-premises password hashes to the managed domain. Defaults to false.
    tlsV1Enabled boolean
    Whether to enable legacy TLS v1 support. Defaults to false.
    kerberos_armoring_enabled bool
    Whether to enable Kerberos Armoring. Defaults to false.
    kerberos_rc4_encryption_enabled bool
    Whether to enable Kerberos RC4 Encryption. Defaults to false.
    ntlm_v1_enabled bool
    Whether to enable legacy NTLM v1 support. Defaults to false.
    sync_kerberos_passwords bool
    Whether to synchronize Kerberos password hashes to the managed domain. Defaults to false.
    sync_ntlm_passwords bool
    Whether to synchronize NTLM password hashes to the managed domain. Defaults to false.
    sync_on_prem_passwords bool
    Whether to synchronize on-premises password hashes to the managed domain. Defaults to false.
    tls_v1_enabled bool
    Whether to enable legacy TLS v1 support. Defaults to false.
    kerberosArmoringEnabled Boolean
    Whether to enable Kerberos Armoring. Defaults to false.
    kerberosRc4EncryptionEnabled Boolean
    Whether to enable Kerberos RC4 Encryption. Defaults to false.
    ntlmV1Enabled Boolean
    Whether to enable legacy NTLM v1 support. Defaults to false.
    syncKerberosPasswords Boolean
    Whether to synchronize Kerberos password hashes to the managed domain. Defaults to false.
    syncNtlmPasswords Boolean
    Whether to synchronize NTLM password hashes to the managed domain. Defaults to false.
    syncOnPremPasswords Boolean
    Whether to synchronize on-premises password hashes to the managed domain. Defaults to false.
    tlsV1Enabled Boolean
    Whether to enable legacy TLS v1 support. Defaults to false.

    Import

    Domain Services can be imported using the resource ID, together with the Replica Set ID that you wish to designate as the initial replica set, e.g.

    $ pulumi import azure:domainservices/service:Service example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.AAD/domainServices/instance1/initialReplicaSetId/00000000-0000-0000-0000-000000000000
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi