We recommend using Azure Native.
Azure v6.10.0 published on Tuesday, Nov 19, 2024 by Pulumi
azure.pim.getRoleManagementPolicy
Explore with Pulumi AI
Use this data source to get information on a role policy for an Azure Management Group, Subscription, Resource Group or resource.
Example Usage
Resource Group
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = azure.core.getResourceGroup({
name: "example-rg",
});
const rgContributor = example.then(example => azure.authorization.getRoleDefinition({
name: "Contributor",
scope: example.id,
}));
const exampleGetRoleManagementPolicy = azure.pim.getRoleManagementPolicy({
scope: test.id,
roleDefinitionId: contributor.id,
});
import pulumi
import pulumi_azure as azure
example = azure.core.get_resource_group(name="example-rg")
rg_contributor = azure.authorization.get_role_definition(name="Contributor",
scope=example.id)
example_get_role_management_policy = azure.pim.get_role_management_policy(scope=test["id"],
role_definition_id=contributor["id"])
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/pim"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.LookupResourceGroup(ctx, &core.LookupResourceGroupArgs{
Name: "example-rg",
}, nil)
if err != nil {
return err
}
_, err = authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
Name: pulumi.StringRef("Contributor"),
Scope: pulumi.StringRef(example.Id),
}, nil)
if err != nil {
return err
}
_, err = pim.LookupRoleManagementPolicy(ctx, &pim.LookupRoleManagementPolicyArgs{
Scope: test.Id,
RoleDefinitionId: contributor.Id,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = Azure.Core.GetResourceGroup.Invoke(new()
{
Name = "example-rg",
});
var rgContributor = Azure.Authorization.GetRoleDefinition.Invoke(new()
{
Name = "Contributor",
Scope = example.Apply(getResourceGroupResult => getResourceGroupResult.Id),
});
var exampleGetRoleManagementPolicy = Azure.Pim.GetRoleManagementPolicy.Invoke(new()
{
Scope = test.Id,
RoleDefinitionId = contributor.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.inputs.GetResourceGroupArgs;
import com.pulumi.azure.authorization.AuthorizationFunctions;
import com.pulumi.azure.authorization.inputs.GetRoleDefinitionArgs;
import com.pulumi.azure.pim.PimFunctions;
import com.pulumi.azure.pim.inputs.GetRoleManagementPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = CoreFunctions.getResourceGroup(GetResourceGroupArgs.builder()
.name("example-rg")
.build());
final var rgContributor = AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
.name("Contributor")
.scope(example.applyValue(getResourceGroupResult -> getResourceGroupResult.id()))
.build());
final var exampleGetRoleManagementPolicy = PimFunctions.getRoleManagementPolicy(GetRoleManagementPolicyArgs.builder()
.scope(test.id())
.roleDefinitionId(contributor.id())
.build());
}
}
variables:
example:
fn::invoke:
Function: azure:core:getResourceGroup
Arguments:
name: example-rg
rgContributor:
fn::invoke:
Function: azure:authorization:getRoleDefinition
Arguments:
name: Contributor
scope: ${example.id}
exampleGetRoleManagementPolicy:
fn::invoke:
Function: azure:pim:getRoleManagementPolicy
Arguments:
scope: ${test.id}
roleDefinitionId: ${contributor.id}
Management Group
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = azure.management.getGroup({
name: "example-group",
});
const mgContributor = azure.authorization.getRoleDefinition({
name: "Contributor",
scope: exampleAzurermManagementGroup.id,
});
const exampleGetRoleManagementPolicy = Promise.all([example, mgContributor]).then(([example, mgContributor]) => azure.pim.getRoleManagementPolicy({
scope: example.id,
roleDefinitionId: mgContributor.id,
}));
import pulumi
import pulumi_azure as azure
example = azure.management.get_group(name="example-group")
mg_contributor = azure.authorization.get_role_definition(name="Contributor",
scope=example_azurerm_management_group["id"])
example_get_role_management_policy = azure.pim.get_role_management_policy(scope=example.id,
role_definition_id=mg_contributor.id)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/management"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/pim"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := management.LookupGroup(ctx, &management.LookupGroupArgs{
Name: pulumi.StringRef("example-group"),
}, nil)
if err != nil {
return err
}
mgContributor, err := authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
Name: pulumi.StringRef("Contributor"),
Scope: pulumi.StringRef(exampleAzurermManagementGroup.Id),
}, nil)
if err != nil {
return err
}
_, err = pim.LookupRoleManagementPolicy(ctx, &pim.LookupRoleManagementPolicyArgs{
Scope: example.Id,
RoleDefinitionId: mgContributor.Id,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = Azure.Management.GetGroup.Invoke(new()
{
Name = "example-group",
});
var mgContributor = Azure.Authorization.GetRoleDefinition.Invoke(new()
{
Name = "Contributor",
Scope = exampleAzurermManagementGroup.Id,
});
var exampleGetRoleManagementPolicy = Azure.Pim.GetRoleManagementPolicy.Invoke(new()
{
Scope = example.Apply(getGroupResult => getGroupResult.Id),
RoleDefinitionId = mgContributor.Apply(getRoleDefinitionResult => getRoleDefinitionResult.Id),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.management.ManagementFunctions;
import com.pulumi.azure.management.inputs.GetGroupArgs;
import com.pulumi.azure.authorization.AuthorizationFunctions;
import com.pulumi.azure.authorization.inputs.GetRoleDefinitionArgs;
import com.pulumi.azure.pim.PimFunctions;
import com.pulumi.azure.pim.inputs.GetRoleManagementPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = ManagementFunctions.getGroup(GetGroupArgs.builder()
.name("example-group")
.build());
final var mgContributor = AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
.name("Contributor")
.scope(exampleAzurermManagementGroup.id())
.build());
final var exampleGetRoleManagementPolicy = PimFunctions.getRoleManagementPolicy(GetRoleManagementPolicyArgs.builder()
.scope(example.applyValue(getGroupResult -> getGroupResult.id()))
.roleDefinitionId(mgContributor.applyValue(getRoleDefinitionResult -> getRoleDefinitionResult.id()))
.build());
}
}
variables:
example:
fn::invoke:
Function: azure:management:getGroup
Arguments:
name: example-group
mgContributor:
fn::invoke:
Function: azure:authorization:getRoleDefinition
Arguments:
name: Contributor
scope: ${exampleAzurermManagementGroup.id}
exampleGetRoleManagementPolicy:
fn::invoke:
Function: azure:pim:getRoleManagementPolicy
Arguments:
scope: ${example.id}
roleDefinitionId: ${mgContributor.id}
Using getRoleManagementPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getRoleManagementPolicy(args: GetRoleManagementPolicyArgs, opts?: InvokeOptions): Promise<GetRoleManagementPolicyResult>
function getRoleManagementPolicyOutput(args: GetRoleManagementPolicyOutputArgs, opts?: InvokeOptions): Output<GetRoleManagementPolicyResult>
def get_role_management_policy(role_definition_id: Optional[str] = None,
scope: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetRoleManagementPolicyResult
def get_role_management_policy_output(role_definition_id: Optional[pulumi.Input[str]] = None,
scope: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetRoleManagementPolicyResult]
func LookupRoleManagementPolicy(ctx *Context, args *LookupRoleManagementPolicyArgs, opts ...InvokeOption) (*LookupRoleManagementPolicyResult, error)
func LookupRoleManagementPolicyOutput(ctx *Context, args *LookupRoleManagementPolicyOutputArgs, opts ...InvokeOption) LookupRoleManagementPolicyResultOutput
> Note: This function is named LookupRoleManagementPolicy
in the Go SDK.
public static class GetRoleManagementPolicy
{
public static Task<GetRoleManagementPolicyResult> InvokeAsync(GetRoleManagementPolicyArgs args, InvokeOptions? opts = null)
public static Output<GetRoleManagementPolicyResult> Invoke(GetRoleManagementPolicyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetRoleManagementPolicyResult> getRoleManagementPolicy(GetRoleManagementPolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: azure:pim/getRoleManagementPolicy:getRoleManagementPolicy
arguments:
# arguments dictionary
The following arguments are supported:
- Role
Definition stringId - The scoped Role Definition ID of the role for which this policy applies.
- Scope string
- The scope to which this Role Management Policy applies. Can refer to a management group, a subscription, a resource group or a resource.
- Role
Definition stringId - The scoped Role Definition ID of the role for which this policy applies.
- Scope string
- The scope to which this Role Management Policy applies. Can refer to a management group, a subscription, a resource group or a resource.
- role
Definition StringId - The scoped Role Definition ID of the role for which this policy applies.
- scope String
- The scope to which this Role Management Policy applies. Can refer to a management group, a subscription, a resource group or a resource.
- role
Definition stringId - The scoped Role Definition ID of the role for which this policy applies.
- scope string
- The scope to which this Role Management Policy applies. Can refer to a management group, a subscription, a resource group or a resource.
- role_
definition_ strid - The scoped Role Definition ID of the role for which this policy applies.
- scope str
- The scope to which this Role Management Policy applies. Can refer to a management group, a subscription, a resource group or a resource.
- role
Definition StringId - The scoped Role Definition ID of the role for which this policy applies.
- scope String
- The scope to which this Role Management Policy applies. Can refer to a management group, a subscription, a resource group or a resource.
getRoleManagementPolicy Result
The following output properties are available:
- Activation
Rules List<GetRole Management Policy Activation Rule> - An
activation_rules
block as defined below. - Active
Assignment List<GetRules Role Management Policy Active Assignment Rule> - An
active_assignment_rules
block as defined below. - Description string
- (String) The description of this policy.
- Eligible
Assignment List<GetRules Role Management Policy Eligible Assignment Rule> - An
eligible_assignment_rules
block as defined below. - Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- (String) The name of this policy, which is typically a UUID and may change over time.
- Notification
Rules List<GetRole Management Policy Notification Rule> - A
notification_rules
block as defined below. - Role
Definition stringId - Scope string
- Activation
Rules []GetRole Management Policy Activation Rule - An
activation_rules
block as defined below. - Active
Assignment []GetRules Role Management Policy Active Assignment Rule - An
active_assignment_rules
block as defined below. - Description string
- (String) The description of this policy.
- Eligible
Assignment []GetRules Role Management Policy Eligible Assignment Rule - An
eligible_assignment_rules
block as defined below. - Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- (String) The name of this policy, which is typically a UUID and may change over time.
- Notification
Rules []GetRole Management Policy Notification Rule - A
notification_rules
block as defined below. - Role
Definition stringId - Scope string
- activation
Rules List<GetRole Management Policy Activation Rule> - An
activation_rules
block as defined below. - active
Assignment List<GetRules Role Management Policy Active Assignment Rule> - An
active_assignment_rules
block as defined below. - description String
- (String) The description of this policy.
- eligible
Assignment List<GetRules Role Management Policy Eligible Assignment Rule> - An
eligible_assignment_rules
block as defined below. - id String
- The provider-assigned unique ID for this managed resource.
- name String
- (String) The name of this policy, which is typically a UUID and may change over time.
- notification
Rules List<GetRole Management Policy Notification Rule> - A
notification_rules
block as defined below. - role
Definition StringId - scope String
- activation
Rules GetRole Management Policy Activation Rule[] - An
activation_rules
block as defined below. - active
Assignment GetRules Role Management Policy Active Assignment Rule[] - An
active_assignment_rules
block as defined below. - description string
- (String) The description of this policy.
- eligible
Assignment GetRules Role Management Policy Eligible Assignment Rule[] - An
eligible_assignment_rules
block as defined below. - id string
- The provider-assigned unique ID for this managed resource.
- name string
- (String) The name of this policy, which is typically a UUID and may change over time.
- notification
Rules GetRole Management Policy Notification Rule[] - A
notification_rules
block as defined below. - role
Definition stringId - scope string
- activation_
rules Sequence[GetRole Management Policy Activation Rule] - An
activation_rules
block as defined below. - active_
assignment_ Sequence[Getrules Role Management Policy Active Assignment Rule] - An
active_assignment_rules
block as defined below. - description str
- (String) The description of this policy.
- eligible_
assignment_ Sequence[Getrules Role Management Policy Eligible Assignment Rule] - An
eligible_assignment_rules
block as defined below. - id str
- The provider-assigned unique ID for this managed resource.
- name str
- (String) The name of this policy, which is typically a UUID and may change over time.
- notification_
rules Sequence[GetRole Management Policy Notification Rule] - A
notification_rules
block as defined below. - role_
definition_ strid - scope str
- activation
Rules List<Property Map> - An
activation_rules
block as defined below. - active
Assignment List<Property Map>Rules - An
active_assignment_rules
block as defined below. - description String
- (String) The description of this policy.
- eligible
Assignment List<Property Map>Rules - An
eligible_assignment_rules
block as defined below. - id String
- The provider-assigned unique ID for this managed resource.
- name String
- (String) The name of this policy, which is typically a UUID and may change over time.
- notification
Rules List<Property Map> - A
notification_rules
block as defined below. - role
Definition StringId - scope String
Supporting Types
GetRoleManagementPolicyActivationRule
- Approval
Stages List<GetRole Management Policy Activation Rule Approval Stage> - An
approval_stage
block as defined below. - Maximum
Duration string - (String) The maximum length of time an activated role can be valid, in an ISO8601 Duration format.
- Require
Approval bool - (Boolean) Is approval required for activation.
- Require
Justification bool - (Boolean) Is a justification required to create new assignments.
- Require
Multifactor boolAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- Require
Ticket boolInfo - (Boolean) Is ticket information required to create new assignments.
- Required
Conditional stringAccess Authentication Context - (String) The Entra ID Conditional Access context that must be present for activation.
- Approval
Stages []GetRole Management Policy Activation Rule Approval Stage - An
approval_stage
block as defined below. - Maximum
Duration string - (String) The maximum length of time an activated role can be valid, in an ISO8601 Duration format.
- Require
Approval bool - (Boolean) Is approval required for activation.
- Require
Justification bool - (Boolean) Is a justification required to create new assignments.
- Require
Multifactor boolAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- Require
Ticket boolInfo - (Boolean) Is ticket information required to create new assignments.
- Required
Conditional stringAccess Authentication Context - (String) The Entra ID Conditional Access context that must be present for activation.
- approval
Stages List<GetRole Management Policy Activation Rule Approval Stage> - An
approval_stage
block as defined below. - maximum
Duration String - (String) The maximum length of time an activated role can be valid, in an ISO8601 Duration format.
- require
Approval Boolean - (Boolean) Is approval required for activation.
- require
Justification Boolean - (Boolean) Is a justification required to create new assignments.
- require
Multifactor BooleanAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require
Ticket BooleanInfo - (Boolean) Is ticket information required to create new assignments.
- required
Conditional StringAccess Authentication Context - (String) The Entra ID Conditional Access context that must be present for activation.
- approval
Stages GetRole Management Policy Activation Rule Approval Stage[] - An
approval_stage
block as defined below. - maximum
Duration string - (String) The maximum length of time an activated role can be valid, in an ISO8601 Duration format.
- require
Approval boolean - (Boolean) Is approval required for activation.
- require
Justification boolean - (Boolean) Is a justification required to create new assignments.
- require
Multifactor booleanAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require
Ticket booleanInfo - (Boolean) Is ticket information required to create new assignments.
- required
Conditional stringAccess Authentication Context - (String) The Entra ID Conditional Access context that must be present for activation.
- approval_
stages Sequence[GetRole Management Policy Activation Rule Approval Stage] - An
approval_stage
block as defined below. - maximum_
duration str - (String) The maximum length of time an activated role can be valid, in an ISO8601 Duration format.
- require_
approval bool - (Boolean) Is approval required for activation.
- require_
justification bool - (Boolean) Is a justification required to create new assignments.
- require_
multifactor_ boolauthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require_
ticket_ boolinfo - (Boolean) Is ticket information required to create new assignments.
- required_
conditional_ straccess_ authentication_ context - (String) The Entra ID Conditional Access context that must be present for activation.
- approval
Stages List<Property Map> - An
approval_stage
block as defined below. - maximum
Duration String - (String) The maximum length of time an activated role can be valid, in an ISO8601 Duration format.
- require
Approval Boolean - (Boolean) Is approval required for activation.
- require
Justification Boolean - (Boolean) Is a justification required to create new assignments.
- require
Multifactor BooleanAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require
Ticket BooleanInfo - (Boolean) Is ticket information required to create new assignments.
- required
Conditional StringAccess Authentication Context - (String) The Entra ID Conditional Access context that must be present for activation.
GetRoleManagementPolicyActivationRuleApprovalStage
- Primary
Approvers List<GetRole Management Policy Activation Rule Approval Stage Primary Approver> - The IDs of the users or groups who can approve the activation
- Primary
Approvers []GetRole Management Policy Activation Rule Approval Stage Primary Approver - The IDs of the users or groups who can approve the activation
- primary
Approvers List<GetRole Management Policy Activation Rule Approval Stage Primary Approver> - The IDs of the users or groups who can approve the activation
- primary
Approvers GetRole Management Policy Activation Rule Approval Stage Primary Approver[] - The IDs of the users or groups who can approve the activation
- primary_
approvers Sequence[GetRole Management Policy Activation Rule Approval Stage Primary Approver] - The IDs of the users or groups who can approve the activation
- primary
Approvers List<Property Map> - The IDs of the users or groups who can approve the activation
GetRoleManagementPolicyActivationRuleApprovalStagePrimaryApprover
GetRoleManagementPolicyActiveAssignmentRule
- Expiration
Required bool - (Boolean) Must an assignment have an expiry date.
- Expire
After string - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- Require
Justification bool - (Boolean) Is a justification required to create new assignments.
- Require
Multifactor boolAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- Require
Ticket boolInfo - (Boolean) Is ticket information required to create new assignments.
- Expiration
Required bool - (Boolean) Must an assignment have an expiry date.
- Expire
After string - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- Require
Justification bool - (Boolean) Is a justification required to create new assignments.
- Require
Multifactor boolAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- Require
Ticket boolInfo - (Boolean) Is ticket information required to create new assignments.
- expiration
Required Boolean - (Boolean) Must an assignment have an expiry date.
- expire
After String - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- require
Justification Boolean - (Boolean) Is a justification required to create new assignments.
- require
Multifactor BooleanAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require
Ticket BooleanInfo - (Boolean) Is ticket information required to create new assignments.
- expiration
Required boolean - (Boolean) Must an assignment have an expiry date.
- expire
After string - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- require
Justification boolean - (Boolean) Is a justification required to create new assignments.
- require
Multifactor booleanAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require
Ticket booleanInfo - (Boolean) Is ticket information required to create new assignments.
- expiration_
required bool - (Boolean) Must an assignment have an expiry date.
- expire_
after str - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- require_
justification bool - (Boolean) Is a justification required to create new assignments.
- require_
multifactor_ boolauthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require_
ticket_ boolinfo - (Boolean) Is ticket information required to create new assignments.
- expiration
Required Boolean - (Boolean) Must an assignment have an expiry date.
- expire
After String - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- require
Justification Boolean - (Boolean) Is a justification required to create new assignments.
- require
Multifactor BooleanAuthentication - (Boolean) Is multi-factor authentication required to create new assignments.
- require
Ticket BooleanInfo - (Boolean) Is ticket information required to create new assignments.
GetRoleManagementPolicyEligibleAssignmentRule
- Expiration
Required bool - (Boolean) Must an assignment have an expiry date.
- Expire
After string - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- Expiration
Required bool - (Boolean) Must an assignment have an expiry date.
- Expire
After string - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- expiration
Required Boolean - (Boolean) Must an assignment have an expiry date.
- expire
After String - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- expiration
Required boolean - (Boolean) Must an assignment have an expiry date.
- expire
After string - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- expiration_
required bool - (Boolean) Must an assignment have an expiry date.
- expire_
after str - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
- expiration
Required Boolean - (Boolean) Must an assignment have an expiry date.
- expire
After String - (String) The maximum length of time an assignment can be valid, as an ISO8601 duration.
GetRoleManagementPolicyNotificationRule
- Active
Assignments List<GetRole Management Policy Notification Rule Active Assignment> - A
notification_target
block as defined below with the details of notfications on active role assignments. - Eligible
Activations List<GetRole Management Policy Notification Rule Eligible Activation> - A
notification_target
block as defined below with the details of notifications on activation of eligible role. - Eligible
Assignments List<GetRole Management Policy Notification Rule Eligible Assignment> - A
notification_target
block as defined below with the details of notifications on eligible role assignments.
- Active
Assignments []GetRole Management Policy Notification Rule Active Assignment - A
notification_target
block as defined below with the details of notfications on active role assignments. - Eligible
Activations []GetRole Management Policy Notification Rule Eligible Activation - A
notification_target
block as defined below with the details of notifications on activation of eligible role. - Eligible
Assignments []GetRole Management Policy Notification Rule Eligible Assignment - A
notification_target
block as defined below with the details of notifications on eligible role assignments.
- active
Assignments List<GetRole Management Policy Notification Rule Active Assignment> - A
notification_target
block as defined below with the details of notfications on active role assignments. - eligible
Activations List<GetRole Management Policy Notification Rule Eligible Activation> - A
notification_target
block as defined below with the details of notifications on activation of eligible role. - eligible
Assignments List<GetRole Management Policy Notification Rule Eligible Assignment> - A
notification_target
block as defined below with the details of notifications on eligible role assignments.
- active
Assignments GetRole Management Policy Notification Rule Active Assignment[] - A
notification_target
block as defined below with the details of notfications on active role assignments. - eligible
Activations GetRole Management Policy Notification Rule Eligible Activation[] - A
notification_target
block as defined below with the details of notifications on activation of eligible role. - eligible
Assignments GetRole Management Policy Notification Rule Eligible Assignment[] - A
notification_target
block as defined below with the details of notifications on eligible role assignments.
- active_
assignments Sequence[GetRole Management Policy Notification Rule Active Assignment] - A
notification_target
block as defined below with the details of notfications on active role assignments. - eligible_
activations Sequence[GetRole Management Policy Notification Rule Eligible Activation] - A
notification_target
block as defined below with the details of notifications on activation of eligible role. - eligible_
assignments Sequence[GetRole Management Policy Notification Rule Eligible Assignment] - A
notification_target
block as defined below with the details of notifications on eligible role assignments.
- active
Assignments List<Property Map> - A
notification_target
block as defined below with the details of notfications on active role assignments. - eligible
Activations List<Property Map> - A
notification_target
block as defined below with the details of notifications on activation of eligible role. - eligible
Assignments List<Property Map> - A
notification_target
block as defined below with the details of notifications on eligible role assignments.
GetRoleManagementPolicyNotificationRuleActiveAssignment
- Admin
Notifications List<GetRole Management Policy Notification Rule Active Assignment Admin Notification> - A
notification_settings
block as defined above. - Approver
Notifications List<GetRole Management Policy Notification Rule Active Assignment Approver Notification> - A
notification_settings
block as defined above. - Assignee
Notifications List<GetRole Management Policy Notification Rule Active Assignment Assignee Notification> - A
notification_settings
block as defined above.
- Admin
Notifications []GetRole Management Policy Notification Rule Active Assignment Admin Notification - A
notification_settings
block as defined above. - Approver
Notifications []GetRole Management Policy Notification Rule Active Assignment Approver Notification - A
notification_settings
block as defined above. - Assignee
Notifications []GetRole Management Policy Notification Rule Active Assignment Assignee Notification - A
notification_settings
block as defined above.
- admin
Notifications List<GetRole Management Policy Notification Rule Active Assignment Admin Notification> - A
notification_settings
block as defined above. - approver
Notifications List<GetRole Management Policy Notification Rule Active Assignment Approver Notification> - A
notification_settings
block as defined above. - assignee
Notifications List<GetRole Management Policy Notification Rule Active Assignment Assignee Notification> - A
notification_settings
block as defined above.
- admin
Notifications GetRole Management Policy Notification Rule Active Assignment Admin Notification[] - A
notification_settings
block as defined above. - approver
Notifications GetRole Management Policy Notification Rule Active Assignment Approver Notification[] - A
notification_settings
block as defined above. - assignee
Notifications GetRole Management Policy Notification Rule Active Assignment Assignee Notification[] - A
notification_settings
block as defined above.
- admin_
notifications Sequence[GetRole Management Policy Notification Rule Active Assignment Admin Notification] - A
notification_settings
block as defined above. - approver_
notifications Sequence[GetRole Management Policy Notification Rule Active Assignment Approver Notification] - A
notification_settings
block as defined above. - assignee_
notifications Sequence[GetRole Management Policy Notification Rule Active Assignment Assignee Notification] - A
notification_settings
block as defined above.
- admin
Notifications List<Property Map> - A
notification_settings
block as defined above. - approver
Notifications List<Property Map> - A
notification_settings
block as defined above. - assignee
Notifications List<Property Map> - A
notification_settings
block as defined above.
GetRoleManagementPolicyNotificationRuleActiveAssignmentAdminNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleActiveAssignmentApproverNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleActiveAssignmentAssigneeNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleEligibleActivation
- Admin
Notifications List<GetRole Management Policy Notification Rule Eligible Activation Admin Notification> - A
notification_settings
block as defined above. - Approver
Notifications List<GetRole Management Policy Notification Rule Eligible Activation Approver Notification> - A
notification_settings
block as defined above. - Assignee
Notifications List<GetRole Management Policy Notification Rule Eligible Activation Assignee Notification> - A
notification_settings
block as defined above.
- Admin
Notifications []GetRole Management Policy Notification Rule Eligible Activation Admin Notification - A
notification_settings
block as defined above. - Approver
Notifications []GetRole Management Policy Notification Rule Eligible Activation Approver Notification - A
notification_settings
block as defined above. - Assignee
Notifications []GetRole Management Policy Notification Rule Eligible Activation Assignee Notification - A
notification_settings
block as defined above.
- admin
Notifications List<GetRole Management Policy Notification Rule Eligible Activation Admin Notification> - A
notification_settings
block as defined above. - approver
Notifications List<GetRole Management Policy Notification Rule Eligible Activation Approver Notification> - A
notification_settings
block as defined above. - assignee
Notifications List<GetRole Management Policy Notification Rule Eligible Activation Assignee Notification> - A
notification_settings
block as defined above.
- admin
Notifications GetRole Management Policy Notification Rule Eligible Activation Admin Notification[] - A
notification_settings
block as defined above. - approver
Notifications GetRole Management Policy Notification Rule Eligible Activation Approver Notification[] - A
notification_settings
block as defined above. - assignee
Notifications GetRole Management Policy Notification Rule Eligible Activation Assignee Notification[] - A
notification_settings
block as defined above.
- admin_
notifications Sequence[GetRole Management Policy Notification Rule Eligible Activation Admin Notification] - A
notification_settings
block as defined above. - approver_
notifications Sequence[GetRole Management Policy Notification Rule Eligible Activation Approver Notification] - A
notification_settings
block as defined above. - assignee_
notifications Sequence[GetRole Management Policy Notification Rule Eligible Activation Assignee Notification] - A
notification_settings
block as defined above.
- admin
Notifications List<Property Map> - A
notification_settings
block as defined above. - approver
Notifications List<Property Map> - A
notification_settings
block as defined above. - assignee
Notifications List<Property Map> - A
notification_settings
block as defined above.
GetRoleManagementPolicyNotificationRuleEligibleActivationAdminNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleEligibleActivationApproverNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleEligibleActivationAssigneeNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleEligibleAssignment
- Admin
Notifications List<GetRole Management Policy Notification Rule Eligible Assignment Admin Notification> - A
notification_settings
block as defined above. - Approver
Notifications List<GetRole Management Policy Notification Rule Eligible Assignment Approver Notification> - A
notification_settings
block as defined above. - Assignee
Notifications List<GetRole Management Policy Notification Rule Eligible Assignment Assignee Notification> - A
notification_settings
block as defined above.
- Admin
Notifications []GetRole Management Policy Notification Rule Eligible Assignment Admin Notification - A
notification_settings
block as defined above. - Approver
Notifications []GetRole Management Policy Notification Rule Eligible Assignment Approver Notification - A
notification_settings
block as defined above. - Assignee
Notifications []GetRole Management Policy Notification Rule Eligible Assignment Assignee Notification - A
notification_settings
block as defined above.
- admin
Notifications List<GetRole Management Policy Notification Rule Eligible Assignment Admin Notification> - A
notification_settings
block as defined above. - approver
Notifications List<GetRole Management Policy Notification Rule Eligible Assignment Approver Notification> - A
notification_settings
block as defined above. - assignee
Notifications List<GetRole Management Policy Notification Rule Eligible Assignment Assignee Notification> - A
notification_settings
block as defined above.
- admin
Notifications GetRole Management Policy Notification Rule Eligible Assignment Admin Notification[] - A
notification_settings
block as defined above. - approver
Notifications GetRole Management Policy Notification Rule Eligible Assignment Approver Notification[] - A
notification_settings
block as defined above. - assignee
Notifications GetRole Management Policy Notification Rule Eligible Assignment Assignee Notification[] - A
notification_settings
block as defined above.
- admin_
notifications Sequence[GetRole Management Policy Notification Rule Eligible Assignment Admin Notification] - A
notification_settings
block as defined above. - approver_
notifications Sequence[GetRole Management Policy Notification Rule Eligible Assignment Approver Notification] - A
notification_settings
block as defined above. - assignee_
notifications Sequence[GetRole Management Policy Notification Rule Eligible Assignment Assignee Notification] - A
notification_settings
block as defined above.
- admin
Notifications List<Property Map> - A
notification_settings
block as defined above. - approver
Notifications List<Property Map> - A
notification_settings
block as defined above. - assignee
Notifications List<Property Map> - A
notification_settings
block as defined above.
GetRoleManagementPolicyNotificationRuleEligibleAssignmentAdminNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleEligibleAssignmentApproverNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
GetRoleManagementPolicyNotificationRuleEligibleAssignmentAssigneeNotification
- Additional
Recipients List<string> - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- Additional
Recipients []string - A list of additional email addresses that will receive these notifications.
- Default
Recipients bool - (Boolean) Should the default recipients receive these notifications.
- Notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients string[] - A list of additional email addresses that will receive these notifications.
- default
Recipients boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level string - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional_
recipients Sequence[str] - A list of additional email addresses that will receive these notifications.
- default_
recipients bool - (Boolean) Should the default recipients receive these notifications.
- notification_
level str - (String) What level of notifications should be sent. Either
All
orCritical
.
- additional
Recipients List<String> - A list of additional email addresses that will receive these notifications.
- default
Recipients Boolean - (Boolean) Should the default recipients receive these notifications.
- notification
Level String - (String) What level of notifications should be sent. Either
All
orCritical
.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurerm
Terraform Provider.