1. Packages
  2. Azure Active Directory (Azure AD)
  3. API Docs
  4. PrivilegedAccessGroupEligibilitySchedule
Azure Active Directory (Azure AD) v6.0.1 published on Monday, Oct 14, 2024 by Pulumi

azuread.PrivilegedAccessGroupEligibilitySchedule

Explore with Pulumi AI

azuread logo
Azure Active Directory (Azure AD) v6.0.1 published on Monday, Oct 14, 2024 by Pulumi

    Manages an eligible assignment to a privileged access group.

    API Permissions

    The following API permissions are required in order to use this resource.

    When authenticated with a service principal, this resource requires the PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup Microsoft Graph API permissions.

    When authenticated with a user principal, this resource requires Global Administrator directory role, or the Privileged Role Administrator role in Identity Governance.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azuread from "@pulumi/azuread";
    
    const example = new azuread.Group("example", {
        displayName: "group-name",
        securityEnabled: true,
    });
    const member = new azuread.User("member", {
        userPrincipalName: "jdoe@example.com",
        displayName: "J. Doe",
        mailNickname: "jdoe",
        password: "SecretP@sswd99!",
    });
    const examplePrivilegedAccessGroupEligibilitySchedule = new azuread.PrivilegedAccessGroupEligibilitySchedule("example", {
        groupId: pim.id,
        principalId: member.id,
        assignmentType: "member",
        duration: "P30D",
        justification: "as requested",
    });
    
    import pulumi
    import pulumi_azuread as azuread
    
    example = azuread.Group("example",
        display_name="group-name",
        security_enabled=True)
    member = azuread.User("member",
        user_principal_name="jdoe@example.com",
        display_name="J. Doe",
        mail_nickname="jdoe",
        password="SecretP@sswd99!")
    example_privileged_access_group_eligibility_schedule = azuread.PrivilegedAccessGroupEligibilitySchedule("example",
        group_id=pim["id"],
        principal_id=member.id,
        assignment_type="member",
        duration="P30D",
        justification="as requested")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azuread.NewGroup(ctx, "example", &azuread.GroupArgs{
    			DisplayName:     pulumi.String("group-name"),
    			SecurityEnabled: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		member, err := azuread.NewUser(ctx, "member", &azuread.UserArgs{
    			UserPrincipalName: pulumi.String("jdoe@example.com"),
    			DisplayName:       pulumi.String("J. Doe"),
    			MailNickname:      pulumi.String("jdoe"),
    			Password:          pulumi.String("SecretP@sswd99!"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = azuread.NewPrivilegedAccessGroupEligibilitySchedule(ctx, "example", &azuread.PrivilegedAccessGroupEligibilityScheduleArgs{
    			GroupId:        pulumi.Any(pim.Id),
    			PrincipalId:    member.ID(),
    			AssignmentType: pulumi.String("member"),
    			Duration:       pulumi.String("P30D"),
    			Justification:  pulumi.String("as requested"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new AzureAD.Group("example", new()
        {
            DisplayName = "group-name",
            SecurityEnabled = true,
        });
    
        var member = new AzureAD.User("member", new()
        {
            UserPrincipalName = "jdoe@example.com",
            DisplayName = "J. Doe",
            MailNickname = "jdoe",
            Password = "SecretP@sswd99!",
        });
    
        var examplePrivilegedAccessGroupEligibilitySchedule = new AzureAD.PrivilegedAccessGroupEligibilitySchedule("example", new()
        {
            GroupId = pim.Id,
            PrincipalId = member.Id,
            AssignmentType = "member",
            Duration = "P30D",
            Justification = "as requested",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azuread.Group;
    import com.pulumi.azuread.GroupArgs;
    import com.pulumi.azuread.User;
    import com.pulumi.azuread.UserArgs;
    import com.pulumi.azuread.PrivilegedAccessGroupEligibilitySchedule;
    import com.pulumi.azuread.PrivilegedAccessGroupEligibilityScheduleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Group("example", GroupArgs.builder()
                .displayName("group-name")
                .securityEnabled(true)
                .build());
    
            var member = new User("member", UserArgs.builder()
                .userPrincipalName("jdoe@example.com")
                .displayName("J. Doe")
                .mailNickname("jdoe")
                .password("SecretP@sswd99!")
                .build());
    
            var examplePrivilegedAccessGroupEligibilitySchedule = new PrivilegedAccessGroupEligibilitySchedule("examplePrivilegedAccessGroupEligibilitySchedule", PrivilegedAccessGroupEligibilityScheduleArgs.builder()
                .groupId(pim.id())
                .principalId(member.id())
                .assignmentType("member")
                .duration("P30D")
                .justification("as requested")
                .build());
    
        }
    }
    
    resources:
      example:
        type: azuread:Group
        properties:
          displayName: group-name
          securityEnabled: true
      member:
        type: azuread:User
        properties:
          userPrincipalName: jdoe@example.com
          displayName: J. Doe
          mailNickname: jdoe
          password: SecretP@sswd99!
      examplePrivilegedAccessGroupEligibilitySchedule:
        type: azuread:PrivilegedAccessGroupEligibilitySchedule
        name: example
        properties:
          groupId: ${pim.id}
          principalId: ${member.id}
          assignmentType: member
          duration: P30D
          justification: as requested
    

    Create PrivilegedAccessGroupEligibilitySchedule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new PrivilegedAccessGroupEligibilitySchedule(name: string, args: PrivilegedAccessGroupEligibilityScheduleArgs, opts?: CustomResourceOptions);
    @overload
    def PrivilegedAccessGroupEligibilitySchedule(resource_name: str,
                                                 args: PrivilegedAccessGroupEligibilityScheduleArgs,
                                                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def PrivilegedAccessGroupEligibilitySchedule(resource_name: str,
                                                 opts: Optional[ResourceOptions] = None,
                                                 assignment_type: Optional[str] = None,
                                                 group_id: Optional[str] = None,
                                                 principal_id: Optional[str] = None,
                                                 duration: Optional[str] = None,
                                                 expiration_date: Optional[str] = None,
                                                 justification: Optional[str] = None,
                                                 permanent_assignment: Optional[bool] = None,
                                                 start_date: Optional[str] = None,
                                                 ticket_number: Optional[str] = None,
                                                 ticket_system: Optional[str] = None)
    func NewPrivilegedAccessGroupEligibilitySchedule(ctx *Context, name string, args PrivilegedAccessGroupEligibilityScheduleArgs, opts ...ResourceOption) (*PrivilegedAccessGroupEligibilitySchedule, error)
    public PrivilegedAccessGroupEligibilitySchedule(string name, PrivilegedAccessGroupEligibilityScheduleArgs args, CustomResourceOptions? opts = null)
    public PrivilegedAccessGroupEligibilitySchedule(String name, PrivilegedAccessGroupEligibilityScheduleArgs args)
    public PrivilegedAccessGroupEligibilitySchedule(String name, PrivilegedAccessGroupEligibilityScheduleArgs args, CustomResourceOptions options)
    
    type: azuread:PrivilegedAccessGroupEligibilitySchedule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args PrivilegedAccessGroupEligibilityScheduleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args PrivilegedAccessGroupEligibilityScheduleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args PrivilegedAccessGroupEligibilityScheduleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args PrivilegedAccessGroupEligibilityScheduleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args PrivilegedAccessGroupEligibilityScheduleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var privilegedAccessGroupEligibilityScheduleResource = new AzureAD.PrivilegedAccessGroupEligibilitySchedule("privilegedAccessGroupEligibilityScheduleResource", new()
    {
        AssignmentType = "string",
        GroupId = "string",
        PrincipalId = "string",
        Duration = "string",
        ExpirationDate = "string",
        Justification = "string",
        PermanentAssignment = false,
        StartDate = "string",
        TicketNumber = "string",
        TicketSystem = "string",
    });
    
    example, err := azuread.NewPrivilegedAccessGroupEligibilitySchedule(ctx, "privilegedAccessGroupEligibilityScheduleResource", &azuread.PrivilegedAccessGroupEligibilityScheduleArgs{
    	AssignmentType:      pulumi.String("string"),
    	GroupId:             pulumi.String("string"),
    	PrincipalId:         pulumi.String("string"),
    	Duration:            pulumi.String("string"),
    	ExpirationDate:      pulumi.String("string"),
    	Justification:       pulumi.String("string"),
    	PermanentAssignment: pulumi.Bool(false),
    	StartDate:           pulumi.String("string"),
    	TicketNumber:        pulumi.String("string"),
    	TicketSystem:        pulumi.String("string"),
    })
    
    var privilegedAccessGroupEligibilityScheduleResource = new PrivilegedAccessGroupEligibilitySchedule("privilegedAccessGroupEligibilityScheduleResource", PrivilegedAccessGroupEligibilityScheduleArgs.builder()
        .assignmentType("string")
        .groupId("string")
        .principalId("string")
        .duration("string")
        .expirationDate("string")
        .justification("string")
        .permanentAssignment(false)
        .startDate("string")
        .ticketNumber("string")
        .ticketSystem("string")
        .build());
    
    privileged_access_group_eligibility_schedule_resource = azuread.PrivilegedAccessGroupEligibilitySchedule("privilegedAccessGroupEligibilityScheduleResource",
        assignment_type="string",
        group_id="string",
        principal_id="string",
        duration="string",
        expiration_date="string",
        justification="string",
        permanent_assignment=False,
        start_date="string",
        ticket_number="string",
        ticket_system="string")
    
    const privilegedAccessGroupEligibilityScheduleResource = new azuread.PrivilegedAccessGroupEligibilitySchedule("privilegedAccessGroupEligibilityScheduleResource", {
        assignmentType: "string",
        groupId: "string",
        principalId: "string",
        duration: "string",
        expirationDate: "string",
        justification: "string",
        permanentAssignment: false,
        startDate: "string",
        ticketNumber: "string",
        ticketSystem: "string",
    });
    
    type: azuread:PrivilegedAccessGroupEligibilitySchedule
    properties:
        assignmentType: string
        duration: string
        expirationDate: string
        groupId: string
        justification: string
        permanentAssignment: false
        principalId: string
        startDate: string
        ticketNumber: string
        ticketSystem: string
    

    PrivilegedAccessGroupEligibilitySchedule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The PrivilegedAccessGroupEligibilitySchedule resource accepts the following input properties:

    AssignmentType string
    The type of assignment to the group. Can be either member or owner.
    GroupId string
    The Object ID of the Azure AD group to which the principal will be assigned.
    PrincipalId string
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    Duration string
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    ExpirationDate string
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    Justification string
    The justification for this assignment. May be required by the role policy.
    PermanentAssignment bool

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    StartDate string
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    TicketNumber string
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    TicketSystem string
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    AssignmentType string
    The type of assignment to the group. Can be either member or owner.
    GroupId string
    The Object ID of the Azure AD group to which the principal will be assigned.
    PrincipalId string
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    Duration string
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    ExpirationDate string
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    Justification string
    The justification for this assignment. May be required by the role policy.
    PermanentAssignment bool

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    StartDate string
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    TicketNumber string
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    TicketSystem string
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignmentType String
    The type of assignment to the group. Can be either member or owner.
    groupId String
    The Object ID of the Azure AD group to which the principal will be assigned.
    principalId String
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    duration String
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expirationDate String
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    justification String
    The justification for this assignment. May be required by the role policy.
    permanentAssignment Boolean

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    startDate String
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    ticketNumber String
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticketSystem String
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignmentType string
    The type of assignment to the group. Can be either member or owner.
    groupId string
    The Object ID of the Azure AD group to which the principal will be assigned.
    principalId string
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    duration string
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expirationDate string
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    justification string
    The justification for this assignment. May be required by the role policy.
    permanentAssignment boolean

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    startDate string
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    ticketNumber string
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticketSystem string
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignment_type str
    The type of assignment to the group. Can be either member or owner.
    group_id str
    The Object ID of the Azure AD group to which the principal will be assigned.
    principal_id str
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    duration str
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expiration_date str
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    justification str
    The justification for this assignment. May be required by the role policy.
    permanent_assignment bool

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    start_date str
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    ticket_number str
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticket_system str
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignmentType String
    The type of assignment to the group. Can be either member or owner.
    groupId String
    The Object ID of the Azure AD group to which the principal will be assigned.
    principalId String
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    duration String
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expirationDate String
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    justification String
    The justification for this assignment. May be required by the role policy.
    permanentAssignment Boolean

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    startDate String
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    ticketNumber String
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticketSystem String
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the PrivilegedAccessGroupEligibilitySchedule resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Status string
    (String) The provisioning status of this request.
    Id string
    The provider-assigned unique ID for this managed resource.
    Status string
    (String) The provisioning status of this request.
    id String
    The provider-assigned unique ID for this managed resource.
    status String
    (String) The provisioning status of this request.
    id string
    The provider-assigned unique ID for this managed resource.
    status string
    (String) The provisioning status of this request.
    id str
    The provider-assigned unique ID for this managed resource.
    status str
    (String) The provisioning status of this request.
    id String
    The provider-assigned unique ID for this managed resource.
    status String
    (String) The provisioning status of this request.

    Look up Existing PrivilegedAccessGroupEligibilitySchedule Resource

    Get an existing PrivilegedAccessGroupEligibilitySchedule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: PrivilegedAccessGroupEligibilityScheduleState, opts?: CustomResourceOptions): PrivilegedAccessGroupEligibilitySchedule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            assignment_type: Optional[str] = None,
            duration: Optional[str] = None,
            expiration_date: Optional[str] = None,
            group_id: Optional[str] = None,
            justification: Optional[str] = None,
            permanent_assignment: Optional[bool] = None,
            principal_id: Optional[str] = None,
            start_date: Optional[str] = None,
            status: Optional[str] = None,
            ticket_number: Optional[str] = None,
            ticket_system: Optional[str] = None) -> PrivilegedAccessGroupEligibilitySchedule
    func GetPrivilegedAccessGroupEligibilitySchedule(ctx *Context, name string, id IDInput, state *PrivilegedAccessGroupEligibilityScheduleState, opts ...ResourceOption) (*PrivilegedAccessGroupEligibilitySchedule, error)
    public static PrivilegedAccessGroupEligibilitySchedule Get(string name, Input<string> id, PrivilegedAccessGroupEligibilityScheduleState? state, CustomResourceOptions? opts = null)
    public static PrivilegedAccessGroupEligibilitySchedule get(String name, Output<String> id, PrivilegedAccessGroupEligibilityScheduleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AssignmentType string
    The type of assignment to the group. Can be either member or owner.
    Duration string
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    ExpirationDate string
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    GroupId string
    The Object ID of the Azure AD group to which the principal will be assigned.
    Justification string
    The justification for this assignment. May be required by the role policy.
    PermanentAssignment bool

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    PrincipalId string
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    StartDate string
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    Status string
    (String) The provisioning status of this request.
    TicketNumber string
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    TicketSystem string
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    AssignmentType string
    The type of assignment to the group. Can be either member or owner.
    Duration string
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    ExpirationDate string
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    GroupId string
    The Object ID of the Azure AD group to which the principal will be assigned.
    Justification string
    The justification for this assignment. May be required by the role policy.
    PermanentAssignment bool

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    PrincipalId string
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    StartDate string
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    Status string
    (String) The provisioning status of this request.
    TicketNumber string
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    TicketSystem string
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignmentType String
    The type of assignment to the group. Can be either member or owner.
    duration String
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expirationDate String
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    groupId String
    The Object ID of the Azure AD group to which the principal will be assigned.
    justification String
    The justification for this assignment. May be required by the role policy.
    permanentAssignment Boolean

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    principalId String
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    startDate String
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    status String
    (String) The provisioning status of this request.
    ticketNumber String
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticketSystem String
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignmentType string
    The type of assignment to the group. Can be either member or owner.
    duration string
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expirationDate string
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    groupId string
    The Object ID of the Azure AD group to which the principal will be assigned.
    justification string
    The justification for this assignment. May be required by the role policy.
    permanentAssignment boolean

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    principalId string
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    startDate string
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    status string
    (String) The provisioning status of this request.
    ticketNumber string
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticketSystem string
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignment_type str
    The type of assignment to the group. Can be either member or owner.
    duration str
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expiration_date str
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    group_id str
    The Object ID of the Azure AD group to which the principal will be assigned.
    justification str
    The justification for this assignment. May be required by the role policy.
    permanent_assignment bool

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    principal_id str
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    start_date str
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    status str
    (String) The provisioning status of this request.
    ticket_number str
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticket_system str
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.
    assignmentType String
    The type of assignment to the group. Can be either member or owner.
    duration String
    The duration that this assignment is valid for, formatted as an ISO8601 duration (e.g. P30D for 30 days, PT3H for three hours).
    expirationDate String
    The date that this assignment expires, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
    groupId String
    The Object ID of the Azure AD group to which the principal will be assigned.
    justification String
    The justification for this assignment. May be required by the role policy.
    permanentAssignment Boolean

    Is this assigment permanently valid.

    At least one of expiration_date, duration, or permanent_assignment must be supplied. The role policy may limit the maximum duration which can be supplied.

    principalId String
    The Object ID of the principal to be assigned to the above group. Can be either a user or a group.
    startDate String
    The date from which this assignment is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If not provided, the assignment is immediately valid.
    status String
    (String) The provisioning status of this request.
    ticketNumber String
    The ticket number in the ticket system approving this assignment. May be required by the role policy.
    ticketSystem String
    The ticket system containing the ticket number approving this assignment. May be required by the role policy.

    Import

    An assignment schedule can be imported using the schedule ID, e.g.

    $ pulumi import azuread:index/privilegedAccessGroupEligibilitySchedule:PrivilegedAccessGroupEligibilitySchedule example 00000000-0000-0000-0000-000000000000_member_00000000-0000-0000-0000-000000000000
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Active Directory (Azure AD) pulumi/pulumi-azuread
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azuread Terraform Provider.
    azuread logo
    Azure Active Directory (Azure AD) v6.0.1 published on Monday, Oct 14, 2024 by Pulumi