diff --git a/Makefile b/Makefile index 5f7b669b0..e1b447135 100644 --- a/Makefile +++ b/Makefile @@ -92,6 +92,7 @@ install_nodejs_sdk: install_plugins: [ -x "$(shell command -v pulumi 2>/dev/null)" ] || curl -fsSL https://get.pulumi.com | sh + pulumi plugin install resource time 0.0.15 lint_provider: provider cd provider && golangci-lint run -c ../.golangci.yml diff --git a/provider/cmd/pulumi-resource-azuread/bridge-metadata.json b/provider/cmd/pulumi-resource-azuread/bridge-metadata.json index 1aa82bcd5..35eb43710 100644 --- a/provider/cmd/pulumi-resource-azuread/bridge-metadata.json +++ b/provider/cmd/pulumi-resource-azuread/bridge-metadata.json @@ -536,6 +536,19 @@ "maxItemsOne": false, "elem": {} }, + "client_applications": { + "maxItemsOne": true, + "elem": { + "fields": { + "excluded_service_principals": { + "maxItemsOne": false + }, + "included_service_principals": { + "maxItemsOne": false + } + } + } + }, "devices": { "maxItemsOne": true, "elem": { @@ -1125,16 +1138,152 @@ "current": "azuread:index/getAccessPackageCatalogRole:getAccessPackageCatalogRole" }, "azuread_administrative_unit": { - "current": "azuread:index/getAdministrativeUnit:getAdministrativeUnit" + "current": "azuread:index/getAdministrativeUnit:getAdministrativeUnit", + "fields": { + "members": { + "maxItemsOne": false + } + } }, "azuread_application": { - "current": "azuread:index/getApplication:getApplication" + "current": "azuread:index/getApplication:getApplication", + "fields": { + "api": { + "maxItemsOne": false, + "elem": { + "fields": { + "known_client_applications": { + "maxItemsOne": false + }, + "oauth2_permission_scopes": { + "maxItemsOne": false + } + } + } + }, + "app_roles": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_member_types": { + "maxItemsOne": false + } + } + } + }, + "feature_tags": { + "maxItemsOne": false + }, + "group_membership_claims": { + "maxItemsOne": false + }, + "identifier_uris": { + "maxItemsOne": false + }, + "optional_claims": { + "maxItemsOne": false, + "elem": { + "fields": { + "access_token": { + "maxItemsOne": false, + "elem": { + "fields": { + "additional_properties": { + "maxItemsOne": false + } + } + } + }, + "id_token": { + "maxItemsOne": false, + "elem": { + "fields": { + "additional_properties": { + "maxItemsOne": false + } + } + } + }, + "saml2_token": { + "maxItemsOne": false, + "elem": { + "fields": { + "additional_properties": { + "maxItemsOne": false + } + } + } + } + } + } + }, + "owners": { + "maxItemsOne": false + }, + "public_client": { + "maxItemsOne": false, + "elem": { + "fields": { + "redirect_uris": { + "maxItemsOne": false + } + } + } + }, + "required_resource_access": { + "maxItemsOne": false, + "elem": { + "fields": { + "resource_access": { + "maxItemsOne": false + } + } + } + }, + "single_page_application": { + "maxItemsOne": false, + "elem": { + "fields": { + "redirect_uris": { + "maxItemsOne": false + } + } + } + }, + "tags": { + "maxItemsOne": false + }, + "web": { + "maxItemsOne": false, + "elem": { + "fields": { + "implicit_grant": { + "maxItemsOne": false + }, + "redirect_uris": { + "maxItemsOne": false + } + } + } + } + } }, "azuread_application_published_app_ids": { "current": "azuread:index/getApplicationPublishedAppIds:getApplicationPublishedAppIds" }, "azuread_application_template": { - "current": "azuread:index/getApplicationTemplate:getApplicationTemplate" + "current": "azuread:index/getApplicationTemplate:getApplicationTemplate", + "fields": { + "categories": { + "maxItemsOne": false + }, + "supported_provisioning_types": { + "maxItemsOne": false + }, + "supported_single_sign_on_modes": { + "maxItemsOne": false + } + } }, "azuread_client_config": { "current": "azuread:index/getClientConfig:getClientConfig" @@ -1143,28 +1292,179 @@ "current": "azuread:index/getDirectoryObject:getDirectoryObject" }, "azuread_directory_roles": { - "current": "azuread:index/getDirectoryRoles:getDirectoryRoles" + "current": "azuread:index/getDirectoryRoles:getDirectoryRoles", + "fields": { + "object_ids": { + "maxItemsOne": false + }, + "roles": { + "maxItemsOne": false + }, + "template_ids": { + "maxItemsOne": false + } + } }, "azuread_domains": { - "current": "azuread:index/getDomains:getDomains" + "current": "azuread:index/getDomains:getDomains", + "fields": { + "domains": { + "maxItemsOne": false, + "elem": { + "fields": { + "supported_services": { + "maxItemsOne": false + } + } + } + }, + "supports_services": { + "maxItemsOne": false + } + } }, "azuread_group": { - "current": "azuread:index/getGroup:getGroup" + "current": "azuread:index/getGroup:getGroup", + "fields": { + "behaviors": { + "maxItemsOne": false + }, + "dynamic_membership": { + "maxItemsOne": false + }, + "members": { + "maxItemsOne": false + }, + "owners": { + "maxItemsOne": false + }, + "provisioning_options": { + "maxItemsOne": false + }, + "proxy_addresses": { + "maxItemsOne": false + }, + "types": { + "maxItemsOne": false + } + } }, "azuread_groups": { - "current": "azuread:index/getGroups:getGroups" + "current": "azuread:index/getGroups:getGroups", + "fields": { + "display_names": { + "maxItemsOne": false + }, + "object_ids": { + "maxItemsOne": false + } + } }, "azuread_service_principal": { - "current": "azuread:index/getServicePrincipal:getServicePrincipal" + "current": "azuread:index/getServicePrincipal:getServicePrincipal", + "fields": { + "alternative_names": { + "maxItemsOne": false + }, + "app_roles": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_member_types": { + "maxItemsOne": false + } + } + } + }, + "feature_tags": { + "maxItemsOne": false + }, + "features": { + "maxItemsOne": false + }, + "notification_email_addresses": { + "maxItemsOne": false + }, + "oauth2_permission_scopes": { + "maxItemsOne": false + }, + "redirect_uris": { + "maxItemsOne": false + }, + "saml_single_sign_on": { + "maxItemsOne": false + }, + "service_principal_names": { + "maxItemsOne": false + }, + "tags": { + "maxItemsOne": false + } + } }, "azuread_service_principals": { - "current": "azuread:index/getServicePrincipals:getServicePrincipals" + "current": "azuread:index/getServicePrincipals:getServicePrincipals", + "fields": { + "application_ids": { + "maxItemsOne": false + }, + "display_names": { + "maxItemsOne": false + }, + "object_ids": { + "maxItemsOne": false + }, + "service_principals": { + "maxItemsOne": false, + "elem": { + "fields": { + "service_principal_names": { + "maxItemsOne": false + }, + "tags": { + "maxItemsOne": false + } + } + } + } + } }, "azuread_user": { - "current": "azuread:index/getUser:getUser" + "current": "azuread:index/getUser:getUser", + "fields": { + "business_phones": { + "maxItemsOne": false + }, + "im_addresses": { + "maxItemsOne": false + }, + "other_mails": { + "maxItemsOne": false + }, + "proxy_addresses": { + "maxItemsOne": false + } + } }, "azuread_users": { - "current": "azuread:index/getUsers:getUsers" + "current": "azuread:index/getUsers:getUsers", + "fields": { + "employee_ids": { + "maxItemsOne": false + }, + "mail_nicknames": { + "maxItemsOne": false + }, + "object_ids": { + "maxItemsOne": false + }, + "user_principal_names": { + "maxItemsOne": false + }, + "users": { + "maxItemsOne": false + } + } } } }, @@ -1347,6 +1647,7 @@ }, "azuread:index/ConditionalAccessPolicyConditions:ConditionalAccessPolicyConditions": { "clientAppTypes": "client_app_types", + "clientApplications": "client_applications", "signInRiskLevels": "sign_in_risk_levels", "userRiskLevels": "user_risk_levels" }, @@ -1355,6 +1656,10 @@ "includedApplications": "included_applications", "includedUserActions": "included_user_actions" }, + "azuread:index/ConditionalAccessPolicyConditionsClientApplications:ConditionalAccessPolicyConditionsClientApplications": { + "excludedServicePrincipals": "excluded_service_principals", + "includedServicePrincipals": "included_service_principals" + }, "azuread:index/ConditionalAccessPolicyConditionsLocations:ConditionalAccessPolicyConditionsLocations": { "excludedLocations": "excluded_locations", "includedLocations": "included_locations" @@ -1379,6 +1684,7 @@ "azuread:index/ConditionalAccessPolicySessionControls:ConditionalAccessPolicySessionControls": { "applicationEnforcedRestrictionsEnabled": "application_enforced_restrictions_enabled", "cloudAppSecurityPolicy": "cloud_app_security_policy", + "disableResilienceDefaults": "disable_resilience_defaults", "persistentBrowserMode": "persistent_browser_mode", "signInFrequency": "sign_in_frequency", "signInFrequencyPeriod": "sign_in_frequency_period" @@ -1839,6 +2145,7 @@ "userType": "user_type" }, "azuread:index/getUsers:getUsers": { + "employeeIds": "employee_ids", "ignoreMissing": "ignore_missing", "mailNicknames": "mail_nicknames", "objectIds": "object_ids", @@ -1848,6 +2155,7 @@ "azuread:index/getUsersUser:getUsersUser": { "accountEnabled": "account_enabled", "displayName": "display_name", + "employeeId": "employee_id", "mailNickname": "mail_nickname", "objectId": "object_id", "onpremisesImmutableId": "onpremises_immutable_id", diff --git a/provider/cmd/pulumi-resource-azuread/schema.json b/provider/cmd/pulumi-resource-azuread/schema.json index daa28e993..a2203c19c 100644 --- a/provider/cmd/pulumi-resource-azuread/schema.json +++ b/provider/cmd/pulumi-resource-azuread/schema.json @@ -40,6 +40,8 @@ "disableUnionOutputTypes": true, "packageDescription": "A Pulumi package for creating and managing Azure Active Directory (Azure AD) cloud resources.", "packageName": "", + "pluginName": "", + "pluginVersion": "", "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/hashicorp/terraform-provider-azuread)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-azuread` repo](https://github.com/pulumi/pulumi-azuread/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-azuread` repo](https://github.com/hashicorp/terraform-provider-azuread/issues).", "typescriptVersion": "" }, @@ -811,6 +813,10 @@ }, "description": "A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`.\n" }, + "clientApplications": { + "$ref": "#/types/azuread:index/ConditionalAccessPolicyConditionsClientApplications:ConditionalAccessPolicyConditionsClientApplications", + "description": "An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy.\n" + }, "devices": { "$ref": "#/types/azuread:index/ConditionalAccessPolicyConditionsDevices:ConditionalAccessPolicyConditionsDevices", "description": "A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created.\n" @@ -875,6 +881,25 @@ }, "type": "object" }, + "azuread:index/ConditionalAccessPolicyConditionsClientApplications:ConditionalAccessPolicyConditionsClientApplications": { + "properties": { + "excludedServicePrincipals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of service principal IDs explicitly excluded in the policy.\n" + }, + "includedServicePrincipals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set.\n" + } + }, + "type": "object" + }, "azuread:index/ConditionalAccessPolicyConditionsDevices:ConditionalAccessPolicyConditionsDevices": { "properties": { "filter": { @@ -1036,6 +1061,10 @@ "type": "string", "description": "Enables cloud app security and specifies the cloud app security policy to use. Possible values are: `blockDownloads`, `mcasConfigured`, `monitorOnly` or `unknownFutureValue`.\n" }, + "disableResilienceDefaults": { + "type": "boolean", + "description": "Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`.\n" + }, "persistentBrowserMode": { "type": "string", "description": "Session control to define whether to persist cookies or not. Possible values are: `always` or `never`.\n" @@ -2120,6 +2149,10 @@ "type": "string", "description": "The display name of the user.\n" }, + "employeeId": { + "type": "string", + "description": "The employee identifier assigned to the user by the organisation.\n" + }, "mail": { "type": "string", "description": "The primary email address of the user.\n" @@ -2157,6 +2190,7 @@ "required": [ "accountEnabled", "displayName", + "employeeId", "mail", "mailNickname", "objectId", @@ -2422,7 +2456,7 @@ } }, "azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy": { - "description": "Manages an assignment policy for an access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"group-name\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\nconst test = new azuread.AccessPackageAssignmentPolicy(\"test\", {\n accessPackageId: azuread_access_package.test.id,\n displayName: \"assignment-policy\",\n description: \"My assignment policy\",\n durationInDays: 90,\n requestorSettings: {\n scopeType: \"AllExistingDirectoryMemberUsers\",\n },\n approvalSettings: {\n approvalRequired: true,\n approvalStages: [{\n approvalTimeoutInDays: 14,\n primaryApprovers: [{\n objectId: azuread_group.test.object_id,\n subjectType: \"groupMembers\",\n }],\n }],\n },\n assignmentReviewSettings: {\n enabled: true,\n reviewFrequency: \"weekly\",\n durationInDays: 3,\n reviewType: \"Self\",\n accessReviewTimeoutBehavior: \"keepAccess\",\n },\n questions: [{\n text: {\n defaultText: \"hello, how are you?\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"group-name\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\ntest = azuread.AccessPackageAssignmentPolicy(\"test\",\n access_package_id=azuread_access_package[\"test\"][\"id\"],\n display_name=\"assignment-policy\",\n description=\"My assignment policy\",\n duration_in_days=90,\n requestor_settings=azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs(\n scope_type=\"AllExistingDirectoryMemberUsers\",\n ),\n approval_settings=azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs(\n approval_required=True,\n approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(\n approval_timeout_in_days=14,\n primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(\n object_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n subject_type=\"groupMembers\",\n )],\n )],\n ),\n assignment_review_settings=azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(\n enabled=True,\n review_frequency=\"weekly\",\n duration_in_days=3,\n review_type=\"Self\",\n access_review_timeout_behavior=\"keepAccess\",\n ),\n questions=[azuread.AccessPackageAssignmentPolicyQuestionArgs(\n text=azuread.AccessPackageAssignmentPolicyQuestionTextArgs(\n default_text=\"hello, how are you?\",\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"group-name\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n var test = new AzureAD.AccessPackageAssignmentPolicy(\"test\", new()\n {\n AccessPackageId = azuread_access_package.Test.Id,\n DisplayName = \"assignment-policy\",\n Description = \"My assignment policy\",\n DurationInDays = 90,\n RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs\n {\n ScopeType = \"AllExistingDirectoryMemberUsers\",\n },\n ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs\n {\n ApprovalRequired = true,\n ApprovalStages = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs\n {\n ApprovalTimeoutInDays = 14,\n PrimaryApprovers = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs\n {\n ObjectId = azuread_group.Test.Object_id,\n SubjectType = \"groupMembers\",\n },\n },\n },\n },\n },\n AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs\n {\n Enabled = true,\n ReviewFrequency = \"weekly\",\n DurationInDays = 3,\n ReviewType = \"Self\",\n AccessReviewTimeoutBehavior = \"keepAccess\",\n },\n Questions = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs\n {\n Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs\n {\n DefaultText = \"hello, how are you?\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"group-name\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageAssignmentPolicy(ctx, \"test\", \u0026azuread.AccessPackageAssignmentPolicyArgs{\n\t\t\tAccessPackageId: pulumi.Any(azuread_access_package.Test.Id),\n\t\t\tDisplayName: pulumi.String(\"assignment-policy\"),\n\t\t\tDescription: pulumi.String(\"My assignment policy\"),\n\t\t\tDurationInDays: pulumi.Int(90),\n\t\t\tRequestorSettings: \u0026azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{\n\t\t\t\tScopeType: pulumi.String(\"AllExistingDirectoryMemberUsers\"),\n\t\t\t},\n\t\t\tApprovalSettings: \u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{\n\t\t\t\tApprovalRequired: pulumi.Bool(true),\n\t\t\t\tApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{\n\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{\n\t\t\t\t\t\tApprovalTimeoutInDays: pulumi.Int(14),\n\t\t\t\t\t\tPrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{\n\t\t\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{\n\t\t\t\t\t\t\t\tObjectId: pulumi.Any(azuread_group.Test.Object_id),\n\t\t\t\t\t\t\t\tSubjectType: pulumi.String(\"groupMembers\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAssignmentReviewSettings: \u0026azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tReviewFrequency: pulumi.String(\"weekly\"),\n\t\t\t\tDurationInDays: pulumi.Int(3),\n\t\t\t\tReviewType: pulumi.String(\"Self\"),\n\t\t\t\tAccessReviewTimeoutBehavior: pulumi.String(\"keepAccess\"),\n\t\t\t},\n\t\t\tQuestions: azuread.AccessPackageAssignmentPolicyQuestionArray{\n\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyQuestionArgs{\n\t\t\t\t\tText: \u0026azuread.AccessPackageAssignmentPolicyQuestionTextArgs{\n\t\t\t\t\t\tDefaultText: pulumi.String(\"hello, how are you?\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicy;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicyArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"group-name\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n var test = new AccessPackageAssignmentPolicy(\"test\", AccessPackageAssignmentPolicyArgs.builder() \n .accessPackageId(azuread_access_package.test().id())\n .displayName(\"assignment-policy\")\n .description(\"My assignment policy\")\n .durationInDays(90)\n .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder()\n .scopeType(\"AllExistingDirectoryMemberUsers\")\n .build())\n .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder()\n .approvalRequired(true)\n .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder()\n .approvalTimeoutInDays(14)\n .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder()\n .objectId(azuread_group.test().object_id())\n .subjectType(\"groupMembers\")\n .build())\n .build())\n .build())\n .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder()\n .enabled(true)\n .reviewFrequency(\"weekly\")\n .durationInDays(3)\n .reviewType(\"Self\")\n .accessReviewTimeoutBehavior(\"keepAccess\")\n .build())\n .questions(AccessPackageAssignmentPolicyQuestionArgs.builder()\n .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder()\n .defaultText(\"hello, how are you?\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: group-name\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n test:\n type: azuread:AccessPackageAssignmentPolicy\n properties:\n accessPackageId: ${azuread_access_package.test.id}\n displayName: assignment-policy\n description: My assignment policy\n durationInDays: 90\n requestorSettings:\n scopeType: AllExistingDirectoryMemberUsers\n approvalSettings:\n approvalRequired: true\n approvalStages:\n - approvalTimeoutInDays: 14\n primaryApprovers:\n - objectId: ${azuread_group.test.object_id}\n subjectType: groupMembers\n assignmentReviewSettings:\n enabled: true\n reviewFrequency: weekly\n durationInDays: 3\n reviewType: Self\n accessReviewTimeoutBehavior: keepAccess\n questions:\n - text:\n defaultText: hello, how are you?\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn access package assignment policy can be imported using the ID, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages an assignment policy for an access package within Identity Governance in Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `EntitlementManagement.ReadWrite.All`.\n\nWhen authenticated with a user principal, this resource requires `Global Administrator` directory role, or one of the `Catalog Owner` and `Access Package Manager` role in Idneity Governance.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"group-name\",\n securityEnabled: true,\n});\nconst exampleAccessPackageCatalog = new azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\", {\n displayName: \"example-catalog\",\n description: \"Example catalog\",\n});\nconst exampleAccessPackage = new azuread.AccessPackage(\"exampleAccessPackage\", {\n catalogId: exampleAccessPackageCatalog.id,\n displayName: \"access-package\",\n description: \"Access Package\",\n});\nconst test = new azuread.AccessPackageAssignmentPolicy(\"test\", {\n accessPackageId: azuread_access_package.test.id,\n displayName: \"assignment-policy\",\n description: \"My assignment policy\",\n durationInDays: 90,\n requestorSettings: {\n scopeType: \"AllExistingDirectoryMemberUsers\",\n },\n approvalSettings: {\n approvalRequired: true,\n approvalStages: [{\n approvalTimeoutInDays: 14,\n primaryApprovers: [{\n objectId: azuread_group.test.object_id,\n subjectType: \"groupMembers\",\n }],\n }],\n },\n assignmentReviewSettings: {\n enabled: true,\n reviewFrequency: \"weekly\",\n durationInDays: 3,\n reviewType: \"Self\",\n accessReviewTimeoutBehavior: \"keepAccess\",\n },\n questions: [{\n text: {\n defaultText: \"hello, how are you?\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"group-name\",\n security_enabled=True)\nexample_access_package_catalog = azuread.AccessPackageCatalog(\"exampleAccessPackageCatalog\",\n display_name=\"example-catalog\",\n description=\"Example catalog\")\nexample_access_package = azuread.AccessPackage(\"exampleAccessPackage\",\n catalog_id=example_access_package_catalog.id,\n display_name=\"access-package\",\n description=\"Access Package\")\ntest = azuread.AccessPackageAssignmentPolicy(\"test\",\n access_package_id=azuread_access_package[\"test\"][\"id\"],\n display_name=\"assignment-policy\",\n description=\"My assignment policy\",\n duration_in_days=90,\n requestor_settings=azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs(\n scope_type=\"AllExistingDirectoryMemberUsers\",\n ),\n approval_settings=azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs(\n approval_required=True,\n approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs(\n approval_timeout_in_days=14,\n primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs(\n object_id=azuread_group[\"test\"][\"object_id\"],\n subject_type=\"groupMembers\",\n )],\n )],\n ),\n assignment_review_settings=azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs(\n enabled=True,\n review_frequency=\"weekly\",\n duration_in_days=3,\n review_type=\"Self\",\n access_review_timeout_behavior=\"keepAccess\",\n ),\n questions=[azuread.AccessPackageAssignmentPolicyQuestionArgs(\n text=azuread.AccessPackageAssignmentPolicyQuestionTextArgs(\n default_text=\"hello, how are you?\",\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"group-name\",\n SecurityEnabled = true,\n });\n\n var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog(\"exampleAccessPackageCatalog\", new()\n {\n DisplayName = \"example-catalog\",\n Description = \"Example catalog\",\n });\n\n var exampleAccessPackage = new AzureAD.AccessPackage(\"exampleAccessPackage\", new()\n {\n CatalogId = exampleAccessPackageCatalog.Id,\n DisplayName = \"access-package\",\n Description = \"Access Package\",\n });\n\n var test = new AzureAD.AccessPackageAssignmentPolicy(\"test\", new()\n {\n AccessPackageId = azuread_access_package.Test.Id,\n DisplayName = \"assignment-policy\",\n Description = \"My assignment policy\",\n DurationInDays = 90,\n RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs\n {\n ScopeType = \"AllExistingDirectoryMemberUsers\",\n },\n ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs\n {\n ApprovalRequired = true,\n ApprovalStages = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs\n {\n ApprovalTimeoutInDays = 14,\n PrimaryApprovers = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs\n {\n ObjectId = azuread_group.Test.Object_id,\n SubjectType = \"groupMembers\",\n },\n },\n },\n },\n },\n AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs\n {\n Enabled = true,\n ReviewFrequency = \"weekly\",\n DurationInDays = 3,\n ReviewType = \"Self\",\n AccessReviewTimeoutBehavior = \"keepAccess\",\n },\n Questions = new[]\n {\n new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs\n {\n Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs\n {\n DefaultText = \"hello, how are you?\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"group-name\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, \"exampleAccessPackageCatalog\", \u0026azuread.AccessPackageCatalogArgs{\n\t\t\tDisplayName: pulumi.String(\"example-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example catalog\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackage(ctx, \"exampleAccessPackage\", \u0026azuread.AccessPackageArgs{\n\t\t\tCatalogId: exampleAccessPackageCatalog.ID(),\n\t\t\tDisplayName: pulumi.String(\"access-package\"),\n\t\t\tDescription: pulumi.String(\"Access Package\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAccessPackageAssignmentPolicy(ctx, \"test\", \u0026azuread.AccessPackageAssignmentPolicyArgs{\n\t\t\tAccessPackageId: pulumi.Any(azuread_access_package.Test.Id),\n\t\t\tDisplayName: pulumi.String(\"assignment-policy\"),\n\t\t\tDescription: pulumi.String(\"My assignment policy\"),\n\t\t\tDurationInDays: pulumi.Int(90),\n\t\t\tRequestorSettings: \u0026azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{\n\t\t\t\tScopeType: pulumi.String(\"AllExistingDirectoryMemberUsers\"),\n\t\t\t},\n\t\t\tApprovalSettings: \u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{\n\t\t\t\tApprovalRequired: pulumi.Bool(true),\n\t\t\t\tApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{\n\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{\n\t\t\t\t\t\tApprovalTimeoutInDays: pulumi.Int(14),\n\t\t\t\t\t\tPrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{\n\t\t\t\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{\n\t\t\t\t\t\t\t\tObjectId: pulumi.Any(azuread_group.Test.Object_id),\n\t\t\t\t\t\t\t\tSubjectType: pulumi.String(\"groupMembers\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAssignmentReviewSettings: \u0026azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tReviewFrequency: pulumi.String(\"weekly\"),\n\t\t\t\tDurationInDays: pulumi.Int(3),\n\t\t\t\tReviewType: pulumi.String(\"Self\"),\n\t\t\t\tAccessReviewTimeoutBehavior: pulumi.String(\"keepAccess\"),\n\t\t\t},\n\t\t\tQuestions: azuread.AccessPackageAssignmentPolicyQuestionArray{\n\t\t\t\t\u0026azuread.AccessPackageAssignmentPolicyQuestionArgs{\n\t\t\t\t\tText: \u0026azuread.AccessPackageAssignmentPolicyQuestionTextArgs{\n\t\t\t\t\t\tDefaultText: pulumi.String(\"hello, how are you?\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AccessPackageCatalog;\nimport com.pulumi.azuread.AccessPackageCatalogArgs;\nimport com.pulumi.azuread.AccessPackage;\nimport com.pulumi.azuread.AccessPackageArgs;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicy;\nimport com.pulumi.azuread.AccessPackageAssignmentPolicyArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs;\nimport com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"group-name\")\n .securityEnabled(true)\n .build());\n\n var exampleAccessPackageCatalog = new AccessPackageCatalog(\"exampleAccessPackageCatalog\", AccessPackageCatalogArgs.builder() \n .displayName(\"example-catalog\")\n .description(\"Example catalog\")\n .build());\n\n var exampleAccessPackage = new AccessPackage(\"exampleAccessPackage\", AccessPackageArgs.builder() \n .catalogId(exampleAccessPackageCatalog.id())\n .displayName(\"access-package\")\n .description(\"Access Package\")\n .build());\n\n var test = new AccessPackageAssignmentPolicy(\"test\", AccessPackageAssignmentPolicyArgs.builder() \n .accessPackageId(azuread_access_package.test().id())\n .displayName(\"assignment-policy\")\n .description(\"My assignment policy\")\n .durationInDays(90)\n .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder()\n .scopeType(\"AllExistingDirectoryMemberUsers\")\n .build())\n .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder()\n .approvalRequired(true)\n .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder()\n .approvalTimeoutInDays(14)\n .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder()\n .objectId(azuread_group.test().object_id())\n .subjectType(\"groupMembers\")\n .build())\n .build())\n .build())\n .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder()\n .enabled(true)\n .reviewFrequency(\"weekly\")\n .durationInDays(3)\n .reviewType(\"Self\")\n .accessReviewTimeoutBehavior(\"keepAccess\")\n .build())\n .questions(AccessPackageAssignmentPolicyQuestionArgs.builder()\n .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder()\n .defaultText(\"hello, how are you?\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: group-name\n securityEnabled: true\n exampleAccessPackageCatalog:\n type: azuread:AccessPackageCatalog\n properties:\n displayName: example-catalog\n description: Example catalog\n exampleAccessPackage:\n type: azuread:AccessPackage\n properties:\n catalogId: ${exampleAccessPackageCatalog.id}\n displayName: access-package\n description: Access Package\n test:\n type: azuread:AccessPackageAssignmentPolicy\n properties:\n accessPackageId: ${azuread_access_package.test.id}\n displayName: assignment-policy\n description: My assignment policy\n durationInDays: 90\n requestorSettings:\n scopeType: AllExistingDirectoryMemberUsers\n approvalSettings:\n approvalRequired: true\n approvalStages:\n - approvalTimeoutInDays: 14\n primaryApprovers:\n - objectId: ${azuread_group.test.object_id}\n subjectType: groupMembers\n assignmentReviewSettings:\n enabled: true\n reviewFrequency: weekly\n durationInDays: 3\n reviewType: Self\n accessReviewTimeoutBehavior: keepAccess\n questions:\n - text:\n defaultText: hello, how are you?\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAn access package assignment policy can be imported using the ID, e.g.\n\n```sh\n $ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "accessPackageId": { "type": "string", @@ -2836,7 +2870,7 @@ } }, "azuread:index/administrativeUnit:AdministrativeUnit": { - "description": "Manages an Administrative Unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AdministrativeUnit(\"example\", AdministrativeUnitArgs.builder() \n .description(\"Just an example\")\n .displayName(\"Example-AU\")\n .visibility(\"Public\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AdministrativeUnit\n properties:\n description: Just an example\n displayName: Example-AU\n visibility: Public\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative units can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages an Administrative Unit within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AdministrativeUnit.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.AdministrativeUnit(\"example\", {\n description: \"Just an example\",\n displayName: \"Example-AU\",\n hiddenMembershipEnabled: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.AdministrativeUnit(\"example\",\n description=\"Just an example\",\n display_name=\"Example-AU\",\n hidden_membership_enabled=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.AdministrativeUnit(\"example\", new()\n {\n Description = \"Just an example\",\n DisplayName = \"Example-AU\",\n HiddenMembershipEnabled = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewAdministrativeUnit(ctx, \"example\", \u0026azuread.AdministrativeUnitArgs{\n\t\t\tDescription: pulumi.String(\"Just an example\"),\n\t\t\tDisplayName: pulumi.String(\"Example-AU\"),\n\t\t\tHiddenMembershipEnabled: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AdministrativeUnit;\nimport com.pulumi.azuread.AdministrativeUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AdministrativeUnit(\"example\", AdministrativeUnitArgs.builder() \n .description(\"Just an example\")\n .displayName(\"Example-AU\")\n .hiddenMembershipEnabled(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:AdministrativeUnit\n properties:\n description: Just an example\n displayName: Example-AU\n hiddenMembershipEnabled: false\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAdministrative units can be imported using their object ID, e.g.\n\n```sh\n $ pulumi import azuread:index/administrativeUnit:AdministrativeUnit example 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "description": { "type": "string", @@ -2848,7 +2882,7 @@ }, "hiddenMembershipEnabled": { "type": "boolean", - "description": "Whether the administrative unit and its members are hidden or publicly viewable in the directory\n" + "description": "Whether the administrative unit and its members are hidden or publicly viewable in the directory.\n" }, "members": { "type": "array", @@ -2882,7 +2916,7 @@ }, "hiddenMembershipEnabled": { "type": "boolean", - "description": "Whether the administrative unit and its members are hidden or publicly viewable in the directory\n" + "description": "Whether the administrative unit and its members are hidden or publicly viewable in the directory.\n" }, "members": { "type": "array", @@ -2912,7 +2946,7 @@ }, "hiddenMembershipEnabled": { "type": "boolean", - "description": "Whether the administrative unit and its members are hidden or publicly viewable in the directory\n" + "description": "Whether the administrative unit and its members are hidden or publicly viewable in the directory.\n" }, "members": { "type": "array", @@ -3040,7 +3074,7 @@ } }, "azuread:index/appRoleAssignment:AppRoleAssignment": { - "description": "Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AppRoleAssignment.ReadWrite.All` and `Application.Read.All`, or `AppRoleAssignment.ReadWrite.All` and `Directory.Read.All`, or `Application.ReadWrite.All`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*App role assignment for accessing Microsoft Graph*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: msgraph.appRoleIds[\"User.Read.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: msgraph.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=msgraph.app_role_ids[\"User.Read.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=msgraph.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = msgraph.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: msgraph.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(msgraph.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${msgraph.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*App role assignment for internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\"Application\"],\n description: \"Apps can query the database\",\n displayName: \"Query\",\n enabled: true,\n id: \"00000000-0000-0000-0000-111111111111\",\n value: \"Query.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: internalApplication.applicationId,\n resourceAccesses: [{\n id: internalServicePrincipal.appRoleIds[\"Query.All\"],\n type: \"Role\",\n }],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Query.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\"Application\"],\n description=\"Apps can query the database\",\n display_name=\"Query\",\n enabled=True,\n id=\"00000000-0000-0000-0000-111111111111\",\n value=\"Query.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=internal_application.application_id,\n resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Role\",\n )],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Query.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n },\n Description = \"Apps can query the database\",\n DisplayName = \"Query\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-111111111111\",\n Value = \"Query.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = internalApplication.ApplicationId,\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n Type = \"Role\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Apps can query the database\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Query\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-111111111111\"),\n\t\t\t\t\tValue: pulumi.String(\"Query.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: internalApplication.ApplicationId,\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"Application\")\n .description(\"Apps can query the database\")\n .displayName(\"Query\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-111111111111\")\n .value(\"Query.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(internalApplication.applicationId())\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .type(\"Role\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n description: Apps can query the database\n displayName: Query\n enabled: true\n id: 00000000-0000-0000-0000-111111111111\n value: Query.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${internalApplication.applicationId}\n resourceAccesses:\n - id: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n type: Role\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n\n*Assign a user and group to an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleDomains = azuread.getDomains({\n onlyInitial: true,\n});\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\n \"Application\",\n \"User\",\n ],\n description: \"Admins can perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"00000000-0000-0000-0000-222222222222\",\n value: \"Admin.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"D. Duck\",\n password: \"SecretP@sswd99!\",\n userPrincipalName: exampleDomains.then(exampleDomains =\u003e `d.duck@${exampleDomains.domains?.[0]?.domainName}`),\n});\nconst exampleIndex_appRoleAssignmentAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleUser.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_domains = azuread.get_domains(only_initial=True)\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\n \"Application\",\n \"User\",\n ],\n description=\"Admins can perform all task actions\",\n display_name=\"Admin\",\n enabled=True,\n id=\"00000000-0000-0000-0000-222222222222\",\n value=\"Admin.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"D. Duck\",\n password=\"SecretP@sswd99!\",\n user_principal_name=f\"d.duck@{example_domains.domains[0].domain_name}\")\nexample_index_app_role_assignment_app_role_assignment = azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_user.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomains = AzureAD.GetDomains.Invoke(new()\n {\n OnlyInitial = true,\n });\n\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n \"User\",\n },\n Description = \"Admins can perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-222222222222\",\n Value = \"Admin.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"D. Duck\",\n Password = \"SecretP@sswd99!\",\n UserPrincipalName = $\"d.duck@{exampleDomains.Apply(getDomainsResult =\u003e getDomainsResult.Domains[0]?.DomainName)}\",\n });\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleUser.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomains, err := azuread.GetDomains(ctx, \u0026azuread.GetDomainsArgs{\n\t\t\tOnlyInitial: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-222222222222\"),\n\t\t\t\t\tValue: pulumi.String(\"Admin.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"D. Duck\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t\tUserPrincipalName: pulumi.String(fmt.Sprintf(\"d.duck@%v\", exampleDomains.Domains[0].DomainName)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleIndex/appRoleAssignmentAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleUser.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetDomainsArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleDomains = AzureadFunctions.getDomains(GetDomainsArgs.builder()\n .onlyInitial(true)\n .build());\n\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"Application\",\n \"User\")\n .description(\"Admins can perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-222222222222\")\n .value(\"Admin.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"D. Duck\")\n .password(\"SecretP@sswd99!\")\n .userPrincipalName(String.format(\"d.duck@%s\", exampleDomains.applyValue(getDomainsResult -\u003e getDomainsResult.domains()[0].domainName())))\n .build());\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleUser.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n - User\n description: Admins can perform all task actions\n displayName: Admin\n enabled: true\n id: 00000000-0000-0000-0000-222222222222\n value: Admin.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: D. Duck\n password: SecretP@sswd99!\n userPrincipalName: d.duck@${exampleDomains.domains[0].domainName}\n exampleIndex/appRoleAssignmentAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleUser.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\nvariables:\n exampleDomains:\n fn::invoke:\n Function: azuread:getDomains\n Arguments:\n onlyInitial: true\n```\n\n*Assign a group to the default app role for an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {displayName: \"internal\"});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: \"00000000-0000-0000-0000-000000000000\",\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\", display_name=\"internal\")\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=\"00000000-0000-0000-0000-000000000000\",\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = \"00000000-0000-0000-0000-000000000000\",\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(\"00000000-0000-0000-0000-000000000000\")\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: 00000000-0000-0000-0000-000000000000\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApp role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g.\n\n```sh\n $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. ", + "description": "Manages an app role assignment for a group, user or service principal. Can be used to grant admin consent for application permissions.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `AppRoleAssignment.ReadWrite.All` and `Application.Read.All`, or `AppRoleAssignment.ReadWrite.All` and `Directory.Read.All`, or `Application.ReadWrite.All`, or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*App role assignment for accessing Microsoft Graph*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: msgraph.appRoleIds[\"User.Read.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: msgraph.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.app_role_ids[\"User.Read.All\"],\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=msgraph.app_role_ids[\"User.Read.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=msgraph.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = msgraph.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: msgraph.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(msgraph.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${msgraph.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*App role assignment for internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\"Application\"],\n description: \"Apps can query the database\",\n displayName: \"Query\",\n enabled: true,\n id: \"00000000-0000-0000-0000-111111111111\",\n value: \"Query.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: internalApplication.applicationId,\n resourceAccesses: [{\n id: internalServicePrincipal.appRoleIds[\"Query.All\"],\n type: \"Role\",\n }],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Query.All\"],\n principalObjectId: exampleServicePrincipal.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\"Application\"],\n description=\"Apps can query the database\",\n display_name=\"Query\",\n enabled=True,\n id=\"00000000-0000-0000-0000-111111111111\",\n value=\"Query.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=internal_application.application_id,\n resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=internal_service_principal.app_role_ids[\"Query.All\"],\n type=\"Role\",\n )],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Query.All\"],\n principal_object_id=example_service_principal.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n },\n Description = \"Apps can query the database\",\n DisplayName = \"Query\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-111111111111\",\n Value = \"Query.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = internalApplication.ApplicationId,\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n Type = \"Role\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Query_All),\n PrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Apps can query the database\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Query\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-111111111111\"),\n\t\t\t\t\tValue: pulumi.String(\"Query.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: internalApplication.ApplicationId,\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Query.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes(\"Application\")\n .description(\"Apps can query the database\")\n .displayName(\"Query\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-111111111111\")\n .value(\"Query.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(internalApplication.applicationId())\n .resourceAccesses(ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .type(\"Role\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Query.All()))\n .principalObjectId(exampleServicePrincipal.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n description: Apps can query the database\n displayName: Query\n enabled: true\n id: 00000000-0000-0000-0000-111111111111\n value: Query.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${internalApplication.applicationId}\n resourceAccesses:\n - id: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n type: Role\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Query.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleServicePrincipal.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n\n*Assign a user and group to an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleDomains = azuread.getDomains({\n onlyInitial: true,\n});\nconst internalApplication = new azuread.Application(\"internalApplication\", {\n displayName: \"internal\",\n appRoles: [{\n allowedMemberTypes: [\n \"Application\",\n \"User\",\n ],\n description: \"Admins can perform all task actions\",\n displayName: \"Admin\",\n enabled: true,\n id: \"00000000-0000-0000-0000-222222222222\",\n value: \"Admin.All\",\n }],\n});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"D. Duck\",\n password: \"SecretP@sswd99!\",\n userPrincipalName: exampleDomains.then(exampleDomains =\u003e `d.duck@${exampleDomains.domains?.[0]?.domainName}`),\n});\nconst exampleIndex_appRoleAssignmentAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", {\n appRoleId: internalServicePrincipal.appRoleIds[\"Admin.All\"],\n principalObjectId: exampleUser.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_domains = azuread.get_domains(only_initial=True)\ninternal_application = azuread.Application(\"internalApplication\",\n display_name=\"internal\",\n app_roles=[azuread.ApplicationAppRoleArgs(\n allowed_member_types=[\n \"Application\",\n \"User\",\n ],\n description=\"Admins can perform all task actions\",\n display_name=\"Admin\",\n enabled=True,\n id=\"00000000-0000-0000-0000-222222222222\",\n value=\"Admin.All\",\n )])\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"D. Duck\",\n password=\"SecretP@sswd99!\",\n user_principal_name=f\"d.duck@{example_domains.domains[0].domain_name}\")\nexample_index_app_role_assignment_app_role_assignment = azuread.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\",\n app_role_id=internal_service_principal.app_role_ids[\"Admin.All\"],\n principal_object_id=example_user.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomains = AzureAD.GetDomains.Invoke(new()\n {\n OnlyInitial = true,\n });\n\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n AppRoles = new[]\n {\n new AzureAD.Inputs.ApplicationAppRoleArgs\n {\n AllowedMemberTypes = new[]\n {\n \"Application\",\n \"User\",\n },\n Description = \"Admins can perform all task actions\",\n DisplayName = \"Admin\",\n Enabled = true,\n Id = \"00000000-0000-0000-0000-222222222222\",\n Value = \"Admin.All\",\n },\n },\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"D. Duck\",\n Password = \"SecretP@sswd99!\",\n UserPrincipalName = $\"d.duck@{exampleDomains.Apply(getDomainsResult =\u003e getDomainsResult.Domains[0]?.DomainName)}\",\n });\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", new()\n {\n AppRoleId = internalServicePrincipal.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.Admin_All),\n PrincipalObjectId = exampleUser.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomains, err := azuread.GetDomains(ctx, \u0026azuread.GetDomainsArgs{\n\t\t\tOnlyInitial: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t\tAppRoles: azuread.ApplicationAppRoleArray{\n\t\t\t\t\u0026azuread.ApplicationAppRoleArgs{\n\t\t\t\t\tAllowedMemberTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Application\"),\n\t\t\t\t\t\tpulumi.String(\"User\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"Admins can perform all task actions\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tId: pulumi.String(\"00000000-0000-0000-0000-222222222222\"),\n\t\t\t\t\tValue: pulumi.String(\"Admin.All\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"D. Duck\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t\tUserPrincipalName: pulumi.String(fmt.Sprintf(\"d.duck@%v\", exampleDomains.Domains[0].DomainName)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleIndex/appRoleAssignmentAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: internalServicePrincipal.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\treturn appRoleIds.Admin.All, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPrincipalObjectId: exampleUser.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.inputs.GetDomainsArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationAppRoleArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleDomains = AzureadFunctions.getDomains(GetDomainsArgs.builder()\n .onlyInitial(true)\n .build());\n\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .appRoles(ApplicationAppRoleArgs.builder()\n .allowedMemberTypes( \n \"Application\",\n \"User\")\n .description(\"Admins can perform all task actions\")\n .displayName(\"Admin\")\n .enabled(true)\n .id(\"00000000-0000-0000-0000-222222222222\")\n .value(\"Admin.All\")\n .build())\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"D. Duck\")\n .password(\"SecretP@sswd99!\")\n .userPrincipalName(String.format(\"d.duck@%s\", exampleDomains.applyValue(getDomainsResult -\u003e getDomainsResult.domains()[0].domainName())))\n .build());\n\n var exampleIndex_appRoleAssignmentAppRoleAssignment = new AppRoleAssignment(\"exampleIndex/appRoleAssignmentAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(internalServicePrincipal.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.Admin.All()))\n .principalObjectId(exampleUser.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n appRoles:\n - allowedMemberTypes:\n - Application\n - User\n description: Admins can perform all task actions\n displayName: Admin\n enabled: true\n id: 00000000-0000-0000-0000-222222222222\n value: Admin.All\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: D. Duck\n password: SecretP@sswd99!\n userPrincipalName: d.duck@${exampleDomains.domains[0].domainName}\n exampleIndex/appRoleAssignmentAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: ${internalServicePrincipal.appRoleIds\"Admin.All\"[%!s(MISSING)]}\n principalObjectId: ${exampleUser.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\nvariables:\n exampleDomains:\n fn::invoke:\n Function: azuread:getDomains\n Arguments:\n onlyInitial: true\n```\n\n*Assign a group to the default app role for an internal application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst internalApplication = new azuread.Application(\"internalApplication\", {displayName: \"internal\"});\nconst internalServicePrincipal = new azuread.ServicePrincipal(\"internalServicePrincipal\", {applicationId: internalApplication.applicationId});\nconst exampleGroup = new azuread.Group(\"exampleGroup\", {\n displayName: \"example\",\n securityEnabled: true,\n});\nconst exampleAppRoleAssignment = new azuread.AppRoleAssignment(\"exampleAppRoleAssignment\", {\n appRoleId: \"00000000-0000-0000-0000-000000000000\",\n principalObjectId: exampleGroup.objectId,\n resourceObjectId: internalServicePrincipal.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ninternal_application = azuread.Application(\"internalApplication\", display_name=\"internal\")\ninternal_service_principal = azuread.ServicePrincipal(\"internalServicePrincipal\", application_id=internal_application.application_id)\nexample_group = azuread.Group(\"exampleGroup\",\n display_name=\"example\",\n security_enabled=True)\nexample_app_role_assignment = azuread.AppRoleAssignment(\"exampleAppRoleAssignment\",\n app_role_id=\"00000000-0000-0000-0000-000000000000\",\n principal_object_id=example_group.object_id,\n resource_object_id=internal_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalApplication = new AzureAD.Application(\"internalApplication\", new()\n {\n DisplayName = \"internal\",\n });\n\n var internalServicePrincipal = new AzureAD.ServicePrincipal(\"internalServicePrincipal\", new()\n {\n ApplicationId = internalApplication.ApplicationId,\n });\n\n var exampleGroup = new AzureAD.Group(\"exampleGroup\", new()\n {\n DisplayName = \"example\",\n SecurityEnabled = true,\n });\n\n var exampleAppRoleAssignment = new AzureAD.AppRoleAssignment(\"exampleAppRoleAssignment\", new()\n {\n AppRoleId = \"00000000-0000-0000-0000-000000000000\",\n PrincipalObjectId = exampleGroup.ObjectId,\n ResourceObjectId = internalServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternalApplication, err := azuread.NewApplication(ctx, \"internalApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinternalServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"internalServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: internalApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := azuread.NewGroup(ctx, \"exampleGroup\", \u0026azuread.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tSecurityEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewAppRoleAssignment(ctx, \"exampleAppRoleAssignment\", \u0026azuread.AppRoleAssignmentArgs{\n\t\t\tAppRoleId: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tPrincipalObjectId: exampleGroup.ObjectId,\n\t\t\tResourceObjectId: internalServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Group;\nimport com.pulumi.azuread.GroupArgs;\nimport com.pulumi.azuread.AppRoleAssignment;\nimport com.pulumi.azuread.AppRoleAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalApplication = new Application(\"internalApplication\", ApplicationArgs.builder() \n .displayName(\"internal\")\n .build());\n\n var internalServicePrincipal = new ServicePrincipal(\"internalServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(internalApplication.applicationId())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .displayName(\"example\")\n .securityEnabled(true)\n .build());\n\n var exampleAppRoleAssignment = new AppRoleAssignment(\"exampleAppRoleAssignment\", AppRoleAssignmentArgs.builder() \n .appRoleId(\"00000000-0000-0000-0000-000000000000\")\n .principalObjectId(exampleGroup.objectId())\n .resourceObjectId(internalServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalApplication:\n type: azuread:Application\n properties:\n displayName: internal\n internalServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${internalApplication.applicationId}\n exampleGroup:\n type: azuread:Group\n properties:\n displayName: example\n securityEnabled: true\n exampleAppRoleAssignment:\n type: azuread:AppRoleAssignment\n properties:\n appRoleId: 00000000-0000-0000-0000-000000000000\n principalObjectId: ${exampleGroup.objectId}\n resourceObjectId: ${internalServicePrincipal.objectId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nApp role assignments can be imported using the object ID of the service principal representing the resource and the ID of the app role assignment (note_not_ the ID of the app role), e.g.\n\n```sh\n $ pulumi import azuread:index/appRoleAssignment:AppRoleAssignment example 00000000-0000-0000-0000-000000000000/appRoleAssignment/aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n -\u003e This ID format is unique to Terraform and is composed of the Resource Service Principal Object ID and the ID of the App Role Assignment in the format `{ResourcePrincipalID}/appRoleAssignment/{AppRoleAssignmentID}`. ", "properties": { "appRoleId": { "type": "string", @@ -3878,7 +3912,7 @@ } }, "azuread:index/applicationPassword:ApplicationPassword": { - "description": "\n\n## Import\n\nThis resource does not support importing. ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleApplicationPassword = new azuread.ApplicationPassword(\"exampleApplicationPassword\", {applicationObjectId: exampleApplication.objectId});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_application_password = azuread.ApplicationPassword(\"exampleApplicationPassword\", application_object_id=example_application.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleApplicationPassword = new AzureAD.ApplicationPassword(\"exampleApplicationPassword\", new()\n {\n ApplicationObjectId = exampleApplication.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPassword(ctx, \"exampleApplicationPassword\", \u0026azuread.ApplicationPasswordArgs{\n\t\t\tApplicationObjectId: exampleApplication.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ApplicationPassword;\nimport com.pulumi.azuread.ApplicationPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleApplicationPassword = new ApplicationPassword(\"exampleApplicationPassword\", ApplicationPasswordArgs.builder() \n .applicationObjectId(exampleApplication.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleApplicationPassword:\n type: azuread:ApplicationPassword\n properties:\n applicationObjectId: ${exampleApplication.objectId}\n```\n\n*Time-based rotation*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as time from \"@pulumiverse/time\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleRotating = new time.Rotating(\"exampleRotating\", {rotationDays: 7});\nconst exampleApplicationPassword = new azuread.ApplicationPassword(\"exampleApplicationPassword\", {\n applicationObjectId: exampleApplication.objectId,\n rotateWhenChanged: {\n rotation: exampleRotating.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumiverse_time as time\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_rotating = time.Rotating(\"exampleRotating\", rotation_days=7)\nexample_application_password = azuread.ApplicationPassword(\"exampleApplicationPassword\",\n application_object_id=example_application.object_id,\n rotate_when_changed={\n \"rotation\": example_rotating.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Time = Pulumiverse.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleRotating = new Time.Rotating(\"exampleRotating\", new()\n {\n RotationDays = 7,\n });\n\n var exampleApplicationPassword = new AzureAD.ApplicationPassword(\"exampleApplicationPassword\", new()\n {\n ApplicationObjectId = exampleApplication.ObjectId,\n RotateWhenChanged = \n {\n { \"rotation\", exampleRotating.Id },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRotating, err := time.NewRotating(ctx, \"exampleRotating\", \u0026time.RotatingArgs{\n\t\t\tRotationDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplicationPassword(ctx, \"exampleApplicationPassword\", \u0026azuread.ApplicationPasswordArgs{\n\t\t\tApplicationObjectId: exampleApplication.ObjectId,\n\t\t\tRotateWhenChanged: pulumi.StringMap{\n\t\t\t\t\"rotation\": exampleRotating.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.time.Rotating;\nimport com.pulumi.time.RotatingArgs;\nimport com.pulumi.azuread.ApplicationPassword;\nimport com.pulumi.azuread.ApplicationPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleRotating = new Rotating(\"exampleRotating\", RotatingArgs.builder() \n .rotationDays(7)\n .build());\n\n var exampleApplicationPassword = new ApplicationPassword(\"exampleApplicationPassword\", ApplicationPasswordArgs.builder() \n .applicationObjectId(exampleApplication.objectId())\n .rotateWhenChanged(Map.of(\"rotation\", exampleRotating.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleRotating:\n type: time:Rotating\n properties:\n rotationDays: 7\n exampleApplicationPassword:\n type: azuread:ApplicationPassword\n properties:\n applicationObjectId: ${exampleApplication.objectId}\n rotateWhenChanged:\n rotation: ${exampleRotating.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", "properties": { "applicationObjectId": { "type": "string", @@ -4139,7 +4173,7 @@ } }, "azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy": { - "description": "Manages a Conditional Access Policy within Azure Active Directory.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n conditions: {\n applications: {\n excludedApplications: [],\n includedApplications: [\"All\"],\n },\n clientAppTypes: [\"all\"],\n devices: {\n filter: {\n mode: \"exclude\",\n rule: \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n locations: {\n excludedLocations: [\"AllTrusted\"],\n includedLocations: [\"All\"],\n },\n platforms: {\n excludedPlatforms: [\"iOS\"],\n includedPlatforms: [\"android\"],\n },\n signInRiskLevels: [\"medium\"],\n userRiskLevels: [\"medium\"],\n users: {\n excludedUsers: [\"GuestsOrExternalUsers\"],\n includedUsers: [\"All\"],\n },\n },\n displayName: \"example policy\",\n grantControls: {\n builtInControls: [\"mfa\"],\n operator: \"OR\",\n },\n sessionControls: {\n applicationEnforcedRestrictionsEnabled: true,\n cloudAppSecurityPolicy: \"monitorOnly\",\n signInFrequency: 10,\n signInFrequencyPeriod: \"hours\",\n },\n state: \"disabled\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ConditionalAccessPolicy(\"example\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n excluded_applications=[],\n included_applications=[\"All\"],\n ),\n client_app_types=[\"all\"],\n devices=azuread.ConditionalAccessPolicyConditionsDevicesArgs(\n filter=azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs(\n mode=\"exclude\",\n rule=\"device.operatingSystem eq \\\"Doors\\\"\",\n ),\n ),\n locations=azuread.ConditionalAccessPolicyConditionsLocationsArgs(\n excluded_locations=[\"AllTrusted\"],\n included_locations=[\"All\"],\n ),\n platforms=azuread.ConditionalAccessPolicyConditionsPlatformsArgs(\n excluded_platforms=[\"iOS\"],\n included_platforms=[\"android\"],\n ),\n sign_in_risk_levels=[\"medium\"],\n user_risk_levels=[\"medium\"],\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n excluded_users=[\"GuestsOrExternalUsers\"],\n included_users=[\"All\"],\n ),\n ),\n display_name=\"example policy\",\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n built_in_controls=[\"mfa\"],\n operator=\"OR\",\n ),\n session_controls=azuread.ConditionalAccessPolicySessionControlsArgs(\n application_enforced_restrictions_enabled=True,\n cloud_app_security_policy=\"monitorOnly\",\n sign_in_frequency=10,\n sign_in_frequency_period=\"hours\",\n ),\n state=\"disabled\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n ExcludedApplications = new[] {},\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Devices = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesArgs\n {\n Filter = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs\n {\n Mode = \"exclude\",\n Rule = \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n Locations = new AzureAD.Inputs.ConditionalAccessPolicyConditionsLocationsArgs\n {\n ExcludedLocations = new[]\n {\n \"AllTrusted\",\n },\n IncludedLocations = new[]\n {\n \"All\",\n },\n },\n Platforms = new AzureAD.Inputs.ConditionalAccessPolicyConditionsPlatformsArgs\n {\n ExcludedPlatforms = new[]\n {\n \"iOS\",\n },\n IncludedPlatforms = new[]\n {\n \"android\",\n },\n },\n SignInRiskLevels = new[]\n {\n \"medium\",\n },\n UserRiskLevels = new[]\n {\n \"medium\",\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n ExcludedUsers = new[]\n {\n \"GuestsOrExternalUsers\",\n },\n IncludedUsers = new[]\n {\n \"All\",\n },\n },\n },\n DisplayName = \"example policy\",\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n BuiltInControls = new[]\n {\n \"mfa\",\n },\n Operator = \"OR\",\n },\n SessionControls = new AzureAD.Inputs.ConditionalAccessPolicySessionControlsArgs\n {\n ApplicationEnforcedRestrictionsEnabled = true,\n CloudAppSecurityPolicy = \"monitorOnly\",\n SignInFrequency = 10,\n SignInFrequencyPeriod = \"hours\",\n },\n State = \"disabled\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tExcludedApplications: pulumi.StringArray{},\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tDevices: \u0026azuread.ConditionalAccessPolicyConditionsDevicesArgs{\n\t\t\t\t\tFilter: \u0026azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs{\n\t\t\t\t\t\tMode: pulumi.String(\"exclude\"),\n\t\t\t\t\t\tRule: pulumi.String(\"device.operatingSystem eq \\\"Doors\\\"\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLocations: \u0026azuread.ConditionalAccessPolicyConditionsLocationsArgs{\n\t\t\t\t\tExcludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AllTrusted\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tPlatforms: \u0026azuread.ConditionalAccessPolicyConditionsPlatformsArgs{\n\t\t\t\t\tExcludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"iOS\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"android\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSignInRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUserRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tExcludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GuestsOrExternalUsers\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"mfa\"),\n\t\t\t\t},\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t},\n\t\t\tSessionControls: \u0026azuread.ConditionalAccessPolicySessionControlsArgs{\n\t\t\t\tApplicationEnforcedRestrictionsEnabled: pulumi.Bool(true),\n\t\t\t\tCloudAppSecurityPolicy: pulumi.String(\"monitorOnly\"),\n\t\t\t\tSignInFrequency: pulumi.Int(10),\n\t\t\t\tSignInFrequencyPeriod: pulumi.String(\"hours\"),\n\t\t\t},\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsLocationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsPlatformsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicySessionControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .excludedApplications()\n .includedApplications(\"All\")\n .build())\n .clientAppTypes(\"all\")\n .devices(ConditionalAccessPolicyConditionsDevicesArgs.builder()\n .filter(ConditionalAccessPolicyConditionsDevicesFilterArgs.builder()\n .mode(\"exclude\")\n .rule(\"device.operatingSystem eq \\\"Doors\\\"\")\n .build())\n .build())\n .locations(ConditionalAccessPolicyConditionsLocationsArgs.builder()\n .excludedLocations(\"AllTrusted\")\n .includedLocations(\"All\")\n .build())\n .platforms(ConditionalAccessPolicyConditionsPlatformsArgs.builder()\n .excludedPlatforms(\"iOS\")\n .includedPlatforms(\"android\")\n .build())\n .signInRiskLevels(\"medium\")\n .userRiskLevels(\"medium\")\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .excludedUsers(\"GuestsOrExternalUsers\")\n .includedUsers(\"All\")\n .build())\n .build())\n .displayName(\"example policy\")\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .builtInControls(\"mfa\")\n .operator(\"OR\")\n .build())\n .sessionControls(ConditionalAccessPolicySessionControlsArgs.builder()\n .applicationEnforcedRestrictionsEnabled(true)\n .cloudAppSecurityPolicy(\"monitorOnly\")\n .signInFrequency(10)\n .signInFrequencyPeriod(\"hours\")\n .build())\n .state(\"disabled\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n conditions:\n applications:\n excludedApplications: []\n includedApplications:\n - All\n clientAppTypes:\n - all\n devices:\n filter:\n mode: exclude\n rule: device.operatingSystem eq \"Doors\"\n locations:\n excludedLocations:\n - AllTrusted\n includedLocations:\n - All\n platforms:\n excludedPlatforms:\n - iOS\n includedPlatforms:\n - android\n signInRiskLevels:\n - medium\n userRiskLevels:\n - medium\n users:\n excludedUsers:\n - GuestsOrExternalUsers\n includedUsers:\n - All\n displayName: example policy\n grantControls:\n builtInControls:\n - mfa\n operator: OR\n sessionControls:\n applicationEnforcedRestrictionsEnabled: true\n cloudAppSecurityPolicy: monitorOnly\n signInFrequency: 10\n signInFrequencyPeriod: hours\n state: disabled\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nConditional Access Policies can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000\n```\n\n ", + "description": "Manages a Conditional Access Policy within Azure Active Directory.\n\n\u003e **Licensing Requirements** Specifying `client_applications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access).\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application roles: `Policy.ReadWrite.ConditionalAccess` and `Policy.Read.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### All users except guests or external users\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n conditions: {\n applications: {\n excludedApplications: [],\n includedApplications: [\"All\"],\n },\n clientAppTypes: [\"all\"],\n devices: {\n filter: {\n mode: \"exclude\",\n rule: \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n locations: {\n excludedLocations: [\"AllTrusted\"],\n includedLocations: [\"All\"],\n },\n platforms: {\n excludedPlatforms: [\"iOS\"],\n includedPlatforms: [\"android\"],\n },\n signInRiskLevels: [\"medium\"],\n userRiskLevels: [\"medium\"],\n users: {\n excludedUsers: [\"GuestsOrExternalUsers\"],\n includedUsers: [\"All\"],\n },\n },\n displayName: \"example policy\",\n grantControls: {\n builtInControls: [\"mfa\"],\n operator: \"OR\",\n },\n sessionControls: {\n applicationEnforcedRestrictionsEnabled: true,\n cloudAppSecurityPolicy: \"monitorOnly\",\n disableResilienceDefaults: false,\n signInFrequency: 10,\n signInFrequencyPeriod: \"hours\",\n },\n state: \"disabled\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample = azuread.ConditionalAccessPolicy(\"example\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n excluded_applications=[],\n included_applications=[\"All\"],\n ),\n client_app_types=[\"all\"],\n devices=azuread.ConditionalAccessPolicyConditionsDevicesArgs(\n filter=azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs(\n mode=\"exclude\",\n rule=\"device.operatingSystem eq \\\"Doors\\\"\",\n ),\n ),\n locations=azuread.ConditionalAccessPolicyConditionsLocationsArgs(\n excluded_locations=[\"AllTrusted\"],\n included_locations=[\"All\"],\n ),\n platforms=azuread.ConditionalAccessPolicyConditionsPlatformsArgs(\n excluded_platforms=[\"iOS\"],\n included_platforms=[\"android\"],\n ),\n sign_in_risk_levels=[\"medium\"],\n user_risk_levels=[\"medium\"],\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n excluded_users=[\"GuestsOrExternalUsers\"],\n included_users=[\"All\"],\n ),\n ),\n display_name=\"example policy\",\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n built_in_controls=[\"mfa\"],\n operator=\"OR\",\n ),\n session_controls=azuread.ConditionalAccessPolicySessionControlsArgs(\n application_enforced_restrictions_enabled=True,\n cloud_app_security_policy=\"monitorOnly\",\n disable_resilience_defaults=False,\n sign_in_frequency=10,\n sign_in_frequency_period=\"hours\",\n ),\n state=\"disabled\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n ExcludedApplications = new[] {},\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Devices = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesArgs\n {\n Filter = new AzureAD.Inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs\n {\n Mode = \"exclude\",\n Rule = \"device.operatingSystem eq \\\"Doors\\\"\",\n },\n },\n Locations = new AzureAD.Inputs.ConditionalAccessPolicyConditionsLocationsArgs\n {\n ExcludedLocations = new[]\n {\n \"AllTrusted\",\n },\n IncludedLocations = new[]\n {\n \"All\",\n },\n },\n Platforms = new AzureAD.Inputs.ConditionalAccessPolicyConditionsPlatformsArgs\n {\n ExcludedPlatforms = new[]\n {\n \"iOS\",\n },\n IncludedPlatforms = new[]\n {\n \"android\",\n },\n },\n SignInRiskLevels = new[]\n {\n \"medium\",\n },\n UserRiskLevels = new[]\n {\n \"medium\",\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n ExcludedUsers = new[]\n {\n \"GuestsOrExternalUsers\",\n },\n IncludedUsers = new[]\n {\n \"All\",\n },\n },\n },\n DisplayName = \"example policy\",\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n BuiltInControls = new[]\n {\n \"mfa\",\n },\n Operator = \"OR\",\n },\n SessionControls = new AzureAD.Inputs.ConditionalAccessPolicySessionControlsArgs\n {\n ApplicationEnforcedRestrictionsEnabled = true,\n CloudAppSecurityPolicy = \"monitorOnly\",\n DisableResilienceDefaults = false,\n SignInFrequency = 10,\n SignInFrequencyPeriod = \"hours\",\n },\n State = \"disabled\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tExcludedApplications: pulumi.StringArray{},\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tDevices: \u0026azuread.ConditionalAccessPolicyConditionsDevicesArgs{\n\t\t\t\t\tFilter: \u0026azuread.ConditionalAccessPolicyConditionsDevicesFilterArgs{\n\t\t\t\t\t\tMode: pulumi.String(\"exclude\"),\n\t\t\t\t\t\tRule: pulumi.String(\"device.operatingSystem eq \\\"Doors\\\"\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLocations: \u0026azuread.ConditionalAccessPolicyConditionsLocationsArgs{\n\t\t\t\t\tExcludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AllTrusted\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tPlatforms: \u0026azuread.ConditionalAccessPolicyConditionsPlatformsArgs{\n\t\t\t\t\tExcludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"iOS\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedPlatforms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"android\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSignInRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUserRiskLevels: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"medium\"),\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tExcludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GuestsOrExternalUsers\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"mfa\"),\n\t\t\t\t},\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t},\n\t\t\tSessionControls: \u0026azuread.ConditionalAccessPolicySessionControlsArgs{\n\t\t\t\tApplicationEnforcedRestrictionsEnabled: pulumi.Bool(true),\n\t\t\t\tCloudAppSecurityPolicy: pulumi.String(\"monitorOnly\"),\n\t\t\t\tDisableResilienceDefaults: pulumi.Bool(false),\n\t\t\t\tSignInFrequency: pulumi.Int(10),\n\t\t\t\tSignInFrequencyPeriod: pulumi.String(\"hours\"),\n\t\t\t},\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesFilterArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsLocationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsPlatformsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicySessionControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .excludedApplications()\n .includedApplications(\"All\")\n .build())\n .clientAppTypes(\"all\")\n .devices(ConditionalAccessPolicyConditionsDevicesArgs.builder()\n .filter(ConditionalAccessPolicyConditionsDevicesFilterArgs.builder()\n .mode(\"exclude\")\n .rule(\"device.operatingSystem eq \\\"Doors\\\"\")\n .build())\n .build())\n .locations(ConditionalAccessPolicyConditionsLocationsArgs.builder()\n .excludedLocations(\"AllTrusted\")\n .includedLocations(\"All\")\n .build())\n .platforms(ConditionalAccessPolicyConditionsPlatformsArgs.builder()\n .excludedPlatforms(\"iOS\")\n .includedPlatforms(\"android\")\n .build())\n .signInRiskLevels(\"medium\")\n .userRiskLevels(\"medium\")\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .excludedUsers(\"GuestsOrExternalUsers\")\n .includedUsers(\"All\")\n .build())\n .build())\n .displayName(\"example policy\")\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .builtInControls(\"mfa\")\n .operator(\"OR\")\n .build())\n .sessionControls(ConditionalAccessPolicySessionControlsArgs.builder()\n .applicationEnforcedRestrictionsEnabled(true)\n .cloudAppSecurityPolicy(\"monitorOnly\")\n .disableResilienceDefaults(false)\n .signInFrequency(10)\n .signInFrequencyPeriod(\"hours\")\n .build())\n .state(\"disabled\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n conditions:\n applications:\n excludedApplications: []\n includedApplications:\n - All\n clientAppTypes:\n - all\n devices:\n filter:\n mode: exclude\n rule: device.operatingSystem eq \"Doors\"\n locations:\n excludedLocations:\n - AllTrusted\n includedLocations:\n - All\n platforms:\n excludedPlatforms:\n - iOS\n includedPlatforms:\n - android\n signInRiskLevels:\n - medium\n userRiskLevels:\n - medium\n users:\n excludedUsers:\n - GuestsOrExternalUsers\n includedUsers:\n - All\n displayName: example policy\n grantControls:\n builtInControls:\n - mfa\n operator: OR\n sessionControls:\n applicationEnforcedRestrictionsEnabled: true\n cloudAppSecurityPolicy: monitorOnly\n disableResilienceDefaults: false\n signInFrequency: 10\n signInFrequencyPeriod: hours\n state: disabled\n```\n{{% /example %}}\n{{% example %}}\n### Included client applications / service principals\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [current.then(current =\u003e current.objectId)],\n excludedServicePrincipals: [],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n client_app_types=[\"all\"],\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n included_applications=[\"All\"],\n ),\n client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs(\n included_service_principals=[current.object_id],\n excluded_service_principals=[],\n ),\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n included_users=[\"None\"],\n ),\n ),\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n operator=\"OR\",\n built_in_controls=[\"block\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n ExcludedServicePrincipals = new[] {},\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .excludedServicePrincipals()\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ${current.objectId}\n excludedServicePrincipals: []\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% example %}}\n### Excluded client applications / service principals\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst current = azuread.getClientConfig({});\nconst example = new azuread.ConditionalAccessPolicy(\"example\", {\n displayName: \"example policy\",\n state: \"disabled\",\n conditions: {\n clientAppTypes: [\"all\"],\n applications: {\n includedApplications: [\"All\"],\n },\n clientApplications: {\n includedServicePrincipals: [\"ServicePrincipalsInMyTenant\"],\n excludedServicePrincipals: [current.then(current =\u003e current.objectId)],\n },\n users: {\n includedUsers: [\"None\"],\n },\n },\n grantControls: {\n operator: \"OR\",\n builtInControls: [\"block\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\ncurrent = azuread.get_client_config()\nexample = azuread.ConditionalAccessPolicy(\"example\",\n display_name=\"example policy\",\n state=\"disabled\",\n conditions=azuread.ConditionalAccessPolicyConditionsArgs(\n client_app_types=[\"all\"],\n applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs(\n included_applications=[\"All\"],\n ),\n client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs(\n included_service_principals=[\"ServicePrincipalsInMyTenant\"],\n excluded_service_principals=[current.object_id],\n ),\n users=azuread.ConditionalAccessPolicyConditionsUsersArgs(\n included_users=[\"None\"],\n ),\n ),\n grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs(\n operator=\"OR\",\n built_in_controls=[\"block\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = AzureAD.GetClientConfig.Invoke();\n\n var example = new AzureAD.ConditionalAccessPolicy(\"example\", new()\n {\n DisplayName = \"example policy\",\n State = \"disabled\",\n Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs\n {\n ClientAppTypes = new[]\n {\n \"all\",\n },\n Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs\n {\n IncludedApplications = new[]\n {\n \"All\",\n },\n },\n ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs\n {\n IncludedServicePrincipals = new[]\n {\n \"ServicePrincipalsInMyTenant\",\n },\n ExcludedServicePrincipals = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n },\n },\n Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs\n {\n IncludedUsers = new[]\n {\n \"None\",\n },\n },\n },\n GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs\n {\n Operator = \"OR\",\n BuiltInControls = new[]\n {\n \"block\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := azuread.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewConditionalAccessPolicy(ctx, \"example\", \u0026azuread.ConditionalAccessPolicyArgs{\n\t\t\tDisplayName: pulumi.String(\"example policy\"),\n\t\t\tState: pulumi.String(\"disabled\"),\n\t\t\tConditions: \u0026azuread.ConditionalAccessPolicyConditionsArgs{\n\t\t\t\tClientAppTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t},\n\t\t\t\tApplications: \u0026azuread.ConditionalAccessPolicyConditionsApplicationsArgs{\n\t\t\t\t\tIncludedApplications: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tClientApplications: \u0026azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{\n\t\t\t\t\tIncludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ServicePrincipalsInMyTenant\"),\n\t\t\t\t\t},\n\t\t\t\t\tExcludedServicePrincipals: pulumi.StringArray{\n\t\t\t\t\t\t*pulumi.String(current.ObjectId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUsers: \u0026azuread.ConditionalAccessPolicyConditionsUsersArgs{\n\t\t\t\t\tIncludedUsers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"None\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGrantControls: \u0026azuread.ConditionalAccessPolicyGrantControlsArgs{\n\t\t\t\tOperator: pulumi.String(\"OR\"),\n\t\t\t\tBuiltInControls: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"block\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ConditionalAccessPolicy;\nimport com.pulumi.azuread.ConditionalAccessPolicyArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs;\nimport com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AzureadFunctions.getClientConfig();\n\n var example = new ConditionalAccessPolicy(\"example\", ConditionalAccessPolicyArgs.builder() \n .displayName(\"example policy\")\n .state(\"disabled\")\n .conditions(ConditionalAccessPolicyConditionsArgs.builder()\n .clientAppTypes(\"all\")\n .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder()\n .includedApplications(\"All\")\n .build())\n .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder()\n .includedServicePrincipals(\"ServicePrincipalsInMyTenant\")\n .excludedServicePrincipals(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .build())\n .users(ConditionalAccessPolicyConditionsUsersArgs.builder()\n .includedUsers(\"None\")\n .build())\n .build())\n .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder()\n .operator(\"OR\")\n .builtInControls(\"block\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azuread:ConditionalAccessPolicy\n properties:\n displayName: example policy\n state: disabled\n conditions:\n clientAppTypes:\n - all\n applications:\n includedApplications:\n - All\n clientApplications:\n includedServicePrincipals:\n - ServicePrincipalsInMyTenant\n excludedServicePrincipals:\n - ${current.objectId}\n users:\n includedUsers:\n - None\n grantControls:\n operator: OR\n builtInControls:\n - block\nvariables:\n current:\n fn::invoke:\n Function: azuread:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nConditional Access Policies can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import azuread:index/conditionalAccessPolicy:ConditionalAccessPolicy my_location 00000000-0000-0000-0000-000000000000\n```\n\n ", "properties": { "conditions": { "$ref": "#/types/azuread:index/ConditionalAccessPolicyConditions:ConditionalAccessPolicyConditions", @@ -5829,7 +5863,7 @@ } }, "azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant": { - "description": "Manages a delegated permission grant for a service principal, on behalf of a single user, or all users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one the following directory role: `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Delegated permission grant for all users*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*Delegated permission grant for a single user*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"J. Doe\",\n userPrincipalName: \"jdoe@hashicorp.com\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n userObjectId: exampleUser.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"J. Doe\",\n user_principal_name=\"jdoe@hashicorp.com\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\")\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ],\n user_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"J. Doe\",\n UserPrincipalName = \"jdoe@hashicorp.com\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n UserObjectId = exampleUser.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@hashicorp.com\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t\tUserObjectId: exampleUser.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J. Doe\")\n .userPrincipalName(\"jdoe@hashicorp.com\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .userObjectId(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: J. Doe\n userPrincipalName: jdoe@hashicorp.com\n mailNickname: jdoe\n password: SecretP@sswd99!\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\n userObjectId: ${exampleUser.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDelegated permission grants can be imported using their ID, e.g.\n\n```sh\n $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n ", + "description": "Manages a delegated permission grant for a service principal, on behalf of a single user, or all users.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires the following application role: `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one the following directory role: `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Delegated permission grant for all users*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"openid\"],\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n\n*Delegated permission grant for a single user*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.oauth2PermissionScopeIds.openid,\n type: \"Scope\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.Read\"],\n type: \"Scope\",\n },\n ],\n }],\n});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleUser = new azuread.User(\"exampleUser\", {\n displayName: \"J. Doe\",\n userPrincipalName: \"jdoe@hashicorp.com\",\n mailNickname: \"jdoe\",\n password: \"SecretP@sswd99!\",\n});\nconst exampleServicePrincipalDelegatedPermissionGrant = new azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", {\n servicePrincipalObjectId: exampleServicePrincipal.objectId,\n resourceServicePrincipalObjectId: msgraph.objectId,\n claimValues: [\n \"openid\",\n \"User.Read.All\",\n ],\n userObjectId: exampleUser.objectId,\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample_application = azuread.Application(\"exampleApplication\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"openid\"],\n type=\"Scope\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.Read\"],\n type=\"Scope\",\n ),\n ],\n )])\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_user = azuread.User(\"exampleUser\",\n display_name=\"J. Doe\",\n user_principal_name=\"jdoe@hashicorp.com\",\n mail_nickname=\"jdoe\",\n password=\"SecretP@sswd99!\")\nexample_service_principal_delegated_permission_grant = azuread.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\",\n service_principal_object_id=example_service_principal.object_id,\n resource_service_principal_object_id=msgraph.object_id,\n claim_values=[\n \"openid\",\n \"User.Read.All\",\n ],\n user_object_id=example_user.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.Openid),\n Type = \"Scope\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_Read),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleUser = new AzureAD.User(\"exampleUser\", new()\n {\n DisplayName = \"J. Doe\",\n UserPrincipalName = \"jdoe@hashicorp.com\",\n MailNickname = \"jdoe\",\n Password = \"SecretP@sswd99!\",\n });\n\n var exampleServicePrincipalDelegatedPermissionGrant = new AzureAD.ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", new()\n {\n ServicePrincipalObjectId = exampleServicePrincipal.ObjectId,\n ResourceServicePrincipalObjectId = msgraph.ObjectId,\n ClaimValues = new[]\n {\n \"openid\",\n \"User.Read.All\",\n },\n UserObjectId = exampleUser.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.Openid, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.Read, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := azuread.NewUser(ctx, \"exampleUser\", \u0026azuread.UserArgs{\n\t\t\tDisplayName: pulumi.String(\"J. Doe\"),\n\t\t\tUserPrincipalName: pulumi.String(\"jdoe@hashicorp.com\"),\n\t\t\tMailNickname: pulumi.String(\"jdoe\"),\n\t\t\tPassword: pulumi.String(\"SecretP@sswd99!\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalDelegatedPermissionGrant(ctx, \"exampleServicePrincipalDelegatedPermissionGrant\", \u0026azuread.ServicePrincipalDelegatedPermissionGrantArgs{\n\t\t\tServicePrincipalObjectId: exampleServicePrincipal.ObjectId,\n\t\t\tResourceServicePrincipalObjectId: msgraph.ObjectId,\n\t\t\tClaimValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t\tpulumi.String(\"User.Read.All\"),\n\t\t\t},\n\t\t\tUserObjectId: exampleUser.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport com.pulumi.azuread.User;\nimport com.pulumi.azuread.UserArgs;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrant;\nimport com.pulumi.azuread.ServicePrincipalDelegatedPermissionGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.openid()))\n .type(\"Scope\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.Read()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder() \n .displayName(\"J. Doe\")\n .userPrincipalName(\"jdoe@hashicorp.com\")\n .mailNickname(\"jdoe\")\n .password(\"SecretP@sswd99!\")\n .build());\n\n var exampleServicePrincipalDelegatedPermissionGrant = new ServicePrincipalDelegatedPermissionGrant(\"exampleServicePrincipalDelegatedPermissionGrant\", ServicePrincipalDelegatedPermissionGrantArgs.builder() \n .servicePrincipalObjectId(exampleServicePrincipal.objectId())\n .resourceServicePrincipalObjectId(msgraph.objectId())\n .claimValues( \n \"openid\",\n \"User.Read.All\")\n .userObjectId(exampleUser.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.oauth2PermissionScopeIds.openid}\n type: Scope\n - id: ${msgraph.oauth2PermissionScopeIds\"User.Read\"[%!s(MISSING)]}\n type: Scope\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleUser:\n type: azuread:User\n properties:\n displayName: J. Doe\n userPrincipalName: jdoe@hashicorp.com\n mailNickname: jdoe\n password: SecretP@sswd99!\n exampleServicePrincipalDelegatedPermissionGrant:\n type: azuread:ServicePrincipalDelegatedPermissionGrant\n properties:\n servicePrincipalObjectId: ${exampleServicePrincipal.objectId}\n resourceServicePrincipalObjectId: ${msgraph.objectId}\n claimValues:\n - openid\n - User.Read.All\n userObjectId: ${exampleUser.objectId}\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDelegated permission grants can be imported using their ID, e.g.\n\n```sh\n $ pulumi import azuread:index/servicePrincipalDelegatedPermissionGrant:ServicePrincipalDelegatedPermissionGrant example aaBBcDDeFG6h5JKLMN2PQrrssTTUUvWWxxxxxyyyzzz\n```\n\n ", "properties": { "claimValues": { "type": "array", @@ -5915,7 +5949,7 @@ } }, "azuread:index/servicePrincipalPassword:ServicePrincipalPassword": { - "description": "Manages a password credential associated with a service principal within Azure Active Directory. See also the azuread.ApplicationPassword resource.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n\n## Import\n\nThis resource does not support importing. ", + "description": "Manages a password credential associated with a service principal within Azure Active Directory. See also the azuread.ApplicationPassword resource.\n\n## API Permissions\n\nThe following API permissions are required in order to use this resource.\n\nWhen authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.All` or `Directory.ReadWrite.All`\n\nWhen authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator`\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Basic example*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", {servicePrincipalId: exampleServicePrincipal.objectId});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_service_principal_password = azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", service_principal_id=example_service_principal.object_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.ObjectId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalPassword(ctx, \"exampleServicePrincipalPassword\", \u0026azuread.ServicePrincipalPasswordArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ObjectId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.ServicePrincipalPassword;\nimport com.pulumi.azuread.ServicePrincipalPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleServicePrincipalPassword = new ServicePrincipalPassword(\"exampleServicePrincipalPassword\", ServicePrincipalPasswordArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.objectId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleServicePrincipalPassword:\n type: azuread:ServicePrincipalPassword\n properties:\n servicePrincipalId: ${exampleServicePrincipal.objectId}\n```\n\n*Time-based rotation*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as time from \"@pulumiverse/time\";\n\nconst exampleApplication = new azuread.Application(\"exampleApplication\", {displayName: \"example\"});\nconst exampleServicePrincipal = new azuread.ServicePrincipal(\"exampleServicePrincipal\", {applicationId: exampleApplication.applicationId});\nconst exampleRotating = new time.Rotating(\"exampleRotating\", {rotationDays: 7});\nconst exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", {\n servicePrincipalId: exampleServicePrincipal.objectId,\n rotateWhenChanged: {\n rotation: exampleRotating.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\nimport pulumiverse_time as time\n\nexample_application = azuread.Application(\"exampleApplication\", display_name=\"example\")\nexample_service_principal = azuread.ServicePrincipal(\"exampleServicePrincipal\", application_id=example_application.application_id)\nexample_rotating = time.Rotating(\"exampleRotating\", rotation_days=7)\nexample_service_principal_password = azuread.ServicePrincipalPassword(\"exampleServicePrincipalPassword\",\n service_principal_id=example_service_principal.object_id,\n rotate_when_changed={\n \"rotation\": example_rotating.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\nusing Time = Pulumiverse.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new AzureAD.Application(\"exampleApplication\", new()\n {\n DisplayName = \"example\",\n });\n\n var exampleServicePrincipal = new AzureAD.ServicePrincipal(\"exampleServicePrincipal\", new()\n {\n ApplicationId = exampleApplication.ApplicationId,\n });\n\n var exampleRotating = new Time.Rotating(\"exampleRotating\", new()\n {\n RotationDays = 7,\n });\n\n var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword(\"exampleServicePrincipalPassword\", new()\n {\n ServicePrincipalId = exampleServicePrincipal.ObjectId,\n RotateWhenChanged = \n {\n { \"rotation\", exampleRotating.Id },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := azuread.NewApplication(ctx, \"exampleApplication\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, \"exampleServicePrincipal\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: exampleApplication.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRotating, err := time.NewRotating(ctx, \"exampleRotating\", \u0026time.RotatingArgs{\n\t\t\tRotationDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewServicePrincipalPassword(ctx, \"exampleServicePrincipalPassword\", \u0026azuread.ServicePrincipalPasswordArgs{\n\t\t\tServicePrincipalId: exampleServicePrincipal.ObjectId,\n\t\t\tRotateWhenChanged: pulumi.StringMap{\n\t\t\t\t\"rotation\": exampleRotating.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.time.Rotating;\nimport com.pulumi.time.RotatingArgs;\nimport com.pulumi.azuread.ServicePrincipalPassword;\nimport com.pulumi.azuread.ServicePrincipalPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder() \n .displayName(\"example\")\n .build());\n\n var exampleServicePrincipal = new ServicePrincipal(\"exampleServicePrincipal\", ServicePrincipalArgs.builder() \n .applicationId(exampleApplication.applicationId())\n .build());\n\n var exampleRotating = new Rotating(\"exampleRotating\", RotatingArgs.builder() \n .rotationDays(7)\n .build());\n\n var exampleServicePrincipalPassword = new ServicePrincipalPassword(\"exampleServicePrincipalPassword\", ServicePrincipalPasswordArgs.builder() \n .servicePrincipalId(exampleServicePrincipal.objectId())\n .rotateWhenChanged(Map.of(\"rotation\", exampleRotating.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: azuread:Application\n properties:\n displayName: example\n exampleServicePrincipal:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${exampleApplication.applicationId}\n exampleRotating:\n type: time:Rotating\n properties:\n rotationDays: 7\n exampleServicePrincipalPassword:\n type: azuread:ServicePrincipalPassword\n properties:\n servicePrincipalId: ${exampleServicePrincipal.objectId}\n rotateWhenChanged:\n rotation: ${exampleRotating.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource does not support importing. ", "properties": { "displayName": { "type": "string", @@ -6320,7 +6354,7 @@ }, "country": { "type": "string", - "description": "The country/region in which the user is located, e.g. `US` or `UK`.\n" + "description": "The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`.\n" }, "creationType": { "type": "string", @@ -6545,7 +6579,7 @@ }, "country": { "type": "string", - "description": "The country/region in which the user is located, e.g. `US` or `UK`.\n" + "description": "The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`.\n" }, "department": { "type": "string", @@ -6704,7 +6738,7 @@ }, "country": { "type": "string", - "description": "The country/region in which the user is located, e.g. `US` or `UK`.\n" + "description": "The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`.\n" }, "creationType": { "type": "string", @@ -7398,7 +7432,7 @@ } }, "azuread:index/getApplicationPublishedAppIds:getApplicationPublishedAppIds": { - "description": "Use this data source to discover application IDs for APIs published by Microsoft.\n\nThis data source uses an [unofficial source of application IDs](https://github.com/hashicorp/go-azure-sdk/blob/main/sdk/environments/application_ids.go), as there is currently no available official indexed source for applications or APIs published by Microsoft.\n\nThe app IDs returned by this data source are sourced from the Azure Global (Public) Cloud, however some of them are known to work in government and national clouds.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Listing well-known application IDs*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nexport const publishedAppIds = wellKnown.then(wellKnown =\u003e wellKnown.result);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\npulumi.export(\"publishedAppIds\", well_known.result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"publishedAppIds\"] = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"publishedAppIds\", wellKnown.Result)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n ctx.export(\"publishedAppIds\", wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result()));\n }\n}\n```\n```yaml\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\noutputs:\n publishedAppIds: ${wellKnown.result}\n```\n\n*Granting access to an application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n type=\"Scope\",\n ),\n ],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Use this data source to discover application IDs for APIs published by Microsoft.\n\nThis data source uses an [unofficial source of application IDs](https://github.com/hashicorp/go-azure-sdk/blob/main/sdk/environments/application_ids.go), as there is currently no available official indexed source for applications or APIs published by Microsoft.\n\nThe app IDs returned by this data source are sourced from the Azure Global (Public) Cloud, however some of them are known to work in government and national clouds.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n*Listing well-known application IDs*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nexport const publishedAppIds = wellKnown.then(wellKnown =\u003e wellKnown.result);\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\npulumi.export(\"publishedAppIds\", well_known.result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"publishedAppIds\"] = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"publishedAppIds\", wellKnown.Result)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n ctx.export(\"publishedAppIds\", wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result()));\n }\n}\n```\n```yaml\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\noutputs:\n publishedAppIds: ${wellKnown.result}\n```\n\n*Granting access to an application*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azuread from \"@pulumi/azuread\";\n\nconst wellKnown = azuread.getApplicationPublishedAppIds({});\nconst msgraph = new azuread.ServicePrincipal(\"msgraph\", {\n applicationId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n useExisting: true,\n});\nconst example = new azuread.Application(\"example\", {\n displayName: \"example\",\n requiredResourceAccesses: [{\n resourceAppId: wellKnown.then(wellKnown =\u003e wellKnown.result?.MicrosoftGraph),\n resourceAccesses: [\n {\n id: msgraph.appRoleIds[\"User.Read.All\"],\n type: \"Role\",\n },\n {\n id: msgraph.oauth2PermissionScopeIds[\"User.ReadWrite\"],\n type: \"Scope\",\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azuread as azuread\n\nwell_known = azuread.get_application_published_app_ids()\nmsgraph = azuread.ServicePrincipal(\"msgraph\",\n application_id=well_known.result[\"MicrosoftGraph\"],\n use_existing=True)\nexample = azuread.Application(\"example\",\n display_name=\"example\",\n required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs(\n resource_app_id=well_known.result[\"MicrosoftGraph\"],\n resource_accesses=[\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.app_role_ids[\"User.Read.All\"],\n type=\"Role\",\n ),\n azuread.ApplicationRequiredResourceAccessResourceAccessArgs(\n id=msgraph.oauth2_permission_scope_ids[\"User.ReadWrite\"],\n type=\"Scope\",\n ),\n ],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AzureAD = Pulumi.AzureAD;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wellKnown = AzureAD.GetApplicationPublishedAppIds.Invoke();\n\n var msgraph = new AzureAD.ServicePrincipal(\"msgraph\", new()\n {\n ApplicationId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n UseExisting = true,\n });\n\n var example = new AzureAD.Application(\"example\", new()\n {\n DisplayName = \"example\",\n RequiredResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessArgs\n {\n ResourceAppId = wellKnown.Apply(getApplicationPublishedAppIdsResult =\u003e getApplicationPublishedAppIdsResult.Result?.MicrosoftGraph),\n ResourceAccesses = new[]\n {\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.AppRoleIds.Apply(appRoleIds =\u003e appRoleIds.User_Read_All),\n Type = \"Role\",\n },\n new AzureAD.Inputs.ApplicationRequiredResourceAccessResourceAccessArgs\n {\n Id = msgraph.Oauth2PermissionScopeIds.Apply(oauth2PermissionScopeIds =\u003e oauth2PermissionScopeIds.User_ReadWrite),\n Type = \"Scope\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twellKnown, err := azuread.GetApplicationPublishedAppIds(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmsgraph, err := azuread.NewServicePrincipal(ctx, \"msgraph\", \u0026azuread.ServicePrincipalArgs{\n\t\t\tApplicationId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\tUseExisting: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azuread.NewApplication(ctx, \"example\", \u0026azuread.ApplicationArgs{\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tRequiredResourceAccesses: azuread.ApplicationRequiredResourceAccessArray{\n\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessArgs{\n\t\t\t\t\tResourceAppId: *pulumi.String(wellKnown.Result.MicrosoftGraph),\n\t\t\t\t\tResourceAccesses: azuread.ApplicationRequiredResourceAccessResourceAccessArray{\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.AppRoleIds.ApplyT(func(appRoleIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn appRoleIds.User.Read.All, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Role\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026azuread.ApplicationRequiredResourceAccessResourceAccessArgs{\n\t\t\t\t\t\t\tId: msgraph.Oauth2PermissionScopeIds.ApplyT(func(oauth2PermissionScopeIds map[string]string) (string, error) {\n\t\t\t\t\t\t\t\treturn oauth2PermissionScopeIds.User.ReadWrite, nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tType: pulumi.String(\"Scope\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azuread.AzureadFunctions;\nimport com.pulumi.azuread.ServicePrincipal;\nimport com.pulumi.azuread.ServicePrincipalArgs;\nimport com.pulumi.azuread.Application;\nimport com.pulumi.azuread.ApplicationArgs;\nimport com.pulumi.azuread.inputs.ApplicationRequiredResourceAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var wellKnown = AzureadFunctions.getApplicationPublishedAppIds();\n\n var msgraph = new ServicePrincipal(\"msgraph\", ServicePrincipalArgs.builder() \n .applicationId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .useExisting(true)\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder() \n .displayName(\"example\")\n .requiredResourceAccesses(ApplicationRequiredResourceAccessArgs.builder()\n .resourceAppId(wellKnown.applyValue(getApplicationPublishedAppIdsResult -\u003e getApplicationPublishedAppIdsResult.result().MicrosoftGraph()))\n .resourceAccesses( \n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.appRoleIds().applyValue(appRoleIds -\u003e appRoleIds.User.Read.All()))\n .type(\"Role\")\n .build(),\n ApplicationRequiredResourceAccessResourceAccessArgs.builder()\n .id(msgraph.oauth2PermissionScopeIds().applyValue(oauth2PermissionScopeIds -\u003e oauth2PermissionScopeIds.User.ReadWrite()))\n .type(\"Scope\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n msgraph:\n type: azuread:ServicePrincipal\n properties:\n applicationId: ${wellKnown.result.MicrosoftGraph}\n useExisting: true\n example:\n type: azuread:Application\n properties:\n displayName: example\n requiredResourceAccesses:\n - resourceAppId: ${wellKnown.result.MicrosoftGraph}\n resourceAccesses:\n - id: ${msgraph.appRoleIds\"User.Read.All\"[%!s(MISSING)]}\n type: Role\n - id: ${msgraph.oauth2PermissionScopeIds\"User.ReadWrite\"[%!s(MISSING)]}\n type: Scope\nvariables:\n wellKnown:\n fn::invoke:\n Function: azuread:getApplicationPublishedAppIds\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}", "outputs": { "description": "A collection of values returned by getApplicationPublishedAppIds.\n", "properties": { @@ -8280,6 +8314,10 @@ "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { + "employeeId": { + "type": "string", + "description": "The employee identifier assigned to the user by the organisation.\n" + }, "mail": { "type": "string", "description": "The SMTP address for the user.\n" @@ -8294,7 +8332,7 @@ }, "userPrincipalName": { "type": "string", - "description": "The user principal name (UPN) of the user.\n\n\u003e One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified.\n" + "description": "The user principal name (UPN) of the user.\n\n\u003e One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified.\n" } }, "type": "object" @@ -8545,6 +8583,13 @@ "inputs": { "description": "A collection of arguments for invoking getUsers.\n", "properties": { + "employeeIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The employee identifiers assigned to the users by the organisation.\n" + }, "ignoreMissing": { "type": "boolean", "description": "Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`.\n" @@ -8572,7 +8617,7 @@ "items": { "type": "string" }, - "description": "The user principal names (UPNs) of the users.\n\n\u003e Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned.\n" + "description": "The user principal names (UPNs) of the users.\n\n\u003e Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned.\n" } }, "type": "object" @@ -8580,6 +8625,13 @@ "outputs": { "description": "A collection of values returned by getUsers.\n", "properties": { + "employeeIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The employee identifiers assigned to the users by the organisation.\n" + }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" @@ -8621,6 +8673,7 @@ }, "type": "object", "required": [ + "employeeIds", "mailNicknames", "objectIds", "userPrincipalNames", diff --git a/provider/go.mod b/provider/go.mod index da3d56602..c634c0d29 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -5,25 +5,25 @@ go 1.19 require ( github.com/hashicorp/go-azure-sdk v0.20230511.1094507 github.com/hashicorp/terraform-provider-azuread/shim v0.0.0 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.49.0 - github.com/pulumi/pulumi/sdk/v3 v3.69.0 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.53.0 + github.com/pulumi/pulumi/sdk/v3 v3.73.1-0.20230623071431-db579129f4c9 ) replace ( - github.com/hashicorp/terraform-plugin-sdk/v2 => github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230327102345-3fa930f86570 + github.com/hashicorp/terraform-plugin-sdk/v2 => github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230710100801-03a71d0fca3d github.com/hashicorp/terraform-provider-azuread/shim => ./shim github.com/hashicorp/vault => github.com/hashicorp/vault v1.2.0 ) require ( - cloud.google.com/go v0.107.0 // indirect - cloud.google.com/go/compute v1.15.1 // indirect + cloud.google.com/go v0.110.0 // indirect + cloud.google.com/go/compute v1.19.1 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect - cloud.google.com/go/iam v0.8.0 // indirect - cloud.google.com/go/kms v1.6.0 // indirect - cloud.google.com/go/logging v1.6.1 // indirect - cloud.google.com/go/longrunning v0.3.0 // indirect - cloud.google.com/go/storage v1.27.0 // indirect + cloud.google.com/go/iam v0.13.0 // indirect + cloud.google.com/go/kms v1.10.1 // indirect + cloud.google.com/go/logging v1.7.0 // indirect + cloud.google.com/go/longrunning v0.4.1 // indirect + cloud.google.com/go/storage v1.29.0 // indirect github.com/AlecAivazis/survey/v2 v2.0.5 // indirect github.com/Azure/azure-sdk-for-go v66.0.0+incompatible // indirect github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1 // indirect @@ -45,10 +45,10 @@ require ( github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/semver/v3 v3.1.1 // indirect - github.com/Masterminds/sprig/v3 v3.2.1 // indirect + github.com/Masterminds/sprig/v3 v3.2.2 // indirect github.com/Microsoft/go-winio v0.5.2 // indirect - github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4 // indirect - github.com/acomagu/bufpipe v1.0.3 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect + github.com/acomagu/bufpipe v1.0.4 // indirect github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-cidr v1.1.0 // indirect @@ -91,13 +91,13 @@ require ( github.com/fatih/color v1.13.0 // indirect github.com/gedex/inflector v0.0.0-20170307190818-16278e9db813 // indirect github.com/go-git/gcfg v1.5.0 // indirect - github.com/go-git/go-billy/v5 v5.4.0 // indirect - github.com/go-git/go-git/v5 v5.6.0 // indirect + github.com/go-git/go-billy/v5 v5.4.1 // indirect + github.com/go-git/go-git/v5 v5.6.1 // indirect github.com/gofrs/uuid v4.2.0+incompatible // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt v3.2.1+incompatible // indirect github.com/golang-jwt/jwt/v4 v4.5.0 // indirect - github.com/golang/glog v1.0.0 // indirect + github.com/golang/glog v1.1.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/golang/snappy v0.0.4 // indirect @@ -106,8 +106,8 @@ require ( github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.3.0 // indirect github.com/google/wire v0.5.0 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.2.0 // indirect - github.com/googleapis/gax-go/v2 v2.7.0 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect + github.com/googleapis/gax-go/v2 v2.7.1 // indirect github.com/gorilla/mux v1.8.0 // indirect github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -116,10 +116,10 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect github.com/hashicorp/go-getter v1.7.1 // indirect - github.com/hashicorp/go-hclog v1.4.0 // indirect + github.com/hashicorp/go-hclog v1.5.0 // indirect github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.4.8 // indirect + github.com/hashicorp/go-plugin v1.4.10 // indirect github.com/hashicorp/go-retryablehttp v0.7.2 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect @@ -130,19 +130,19 @@ require ( github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect - github.com/hashicorp/hc-install v0.5.0 // indirect + github.com/hashicorp/hc-install v0.5.2 // indirect github.com/hashicorp/hcl v1.0.0 // indirect - github.com/hashicorp/hcl/v2 v2.16.2 // indirect + github.com/hashicorp/hcl/v2 v2.17.0 // indirect github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 // indirect github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/terraform-exec v0.18.1 // indirect - github.com/hashicorp/terraform-json v0.16.0 // indirect - github.com/hashicorp/terraform-plugin-go v0.14.3 // indirect - github.com/hashicorp/terraform-plugin-log v0.8.0 // indirect + github.com/hashicorp/terraform-json v0.17.0 // indirect + github.com/hashicorp/terraform-plugin-go v0.16.0 // indirect + github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1 // indirect - github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230512004120-f94624387682 // indirect - github.com/hashicorp/terraform-registry-address v0.1.0 // indirect - github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 // indirect + github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230714014117-c3f4885eda69 // indirect + github.com/hashicorp/terraform-registry-address v0.2.1 // indirect + github.com/hashicorp/terraform-svchost v0.1.1 // indirect github.com/hashicorp/vault/api v1.8.2 // indirect github.com/hashicorp/vault/sdk v0.6.1 // indirect github.com/hashicorp/yamux v0.1.1 // indirect @@ -158,9 +158,9 @@ require ( github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.15.11 // indirect github.com/kylelemons/godebug v1.1.0 // indirect - github.com/manicminer/hamilton v0.61.0 // indirect + github.com/manicminer/hamilton v0.62.0 // indirect github.com/mattn/go-colorable v0.1.12 // indirect - github.com/mattn/go-isatty v0.0.14 // indirect + github.com/mattn/go-isatty v0.0.16 // indirect github.com/mattn/go-runewidth v0.0.13 // indirect github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect github.com/mitchellh/cli v1.1.5 // indirect @@ -187,12 +187,12 @@ require ( github.com/pkg/term v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/posener/complete v1.2.3 // indirect - github.com/pulumi/pulumi-java/pkg v0.9.2 // indirect + github.com/pulumi/pulumi-java/pkg v0.9.4 // indirect github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4 // indirect github.com/pulumi/pulumi-yaml v1.1.1 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.69.0 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.73.1-0.20230623071431-db579129f4c9 // indirect github.com/pulumi/schema-tools v0.1.2 // indirect - github.com/pulumi/terraform-diff-reader v0.0.0-20201211191010-ad4715e9285e // indirect + github.com/pulumi/terraform-diff-reader v0.0.2 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.9.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect @@ -202,45 +202,45 @@ require ( github.com/segmentio/asm v1.1.3 // indirect github.com/segmentio/encoding v0.3.5 // indirect github.com/sergi/go-diff v1.2.0 // indirect - github.com/shopspring/decimal v1.2.0 // indirect + github.com/shopspring/decimal v1.3.1 // indirect github.com/skeema/knownhosts v1.1.0 // indirect github.com/spf13/afero v1.9.5 // indirect - github.com/spf13/cast v1.4.1 // indirect + github.com/spf13/cast v1.5.0 // indirect github.com/spf13/cobra v1.7.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/stretchr/testify v1.8.2 // indirect + github.com/stretchr/testify v1.8.3 // indirect github.com/texttheater/golang-levenshtein v1.0.1 // indirect github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7 // indirect github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect github.com/uber/jaeger-lib v2.4.1+incompatible // indirect github.com/ulikunitz/xz v0.5.10 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect - github.com/vmihailenco/msgpack/v4 v4.3.12 // indirect - github.com/vmihailenco/tagparser v0.1.2 // indirect + github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect + github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect - github.com/zclconf/go-cty v1.13.1 // indirect + github.com/zclconf/go-cty v1.13.2 // indirect go.opencensus.io v0.24.0 // indirect go.uber.org/atomic v1.9.0 // indirect gocloud.dev v0.27.0 // indirect gocloud.dev/secrets/hashivault v0.27.0 // indirect - golang.org/x/crypto v0.9.0 // indirect + golang.org/x/crypto v0.10.0 // indirect golang.org/x/mod v0.10.0 // indirect - golang.org/x/net v0.10.0 // indirect - golang.org/x/oauth2 v0.4.0 // indirect + golang.org/x/net v0.11.0 // indirect + golang.org/x/oauth2 v0.7.0 // indirect golang.org/x/sync v0.1.0 // indirect - golang.org/x/sys v0.8.0 // indirect - golang.org/x/term v0.8.0 // indirect - golang.org/x/text v0.9.0 // indirect - golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 // indirect + golang.org/x/sys v0.9.0 // indirect + golang.org/x/term v0.9.0 // indirect + golang.org/x/text v0.10.0 // indirect + golang.org/x/time v0.3.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect - google.golang.org/api v0.103.0 // indirect + google.golang.org/api v0.114.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect - google.golang.org/grpc v1.54.0 // indirect - google.golang.org/protobuf v1.29.1 // indirect + google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect + google.golang.org/grpc v1.56.0 // indirect + google.golang.org/protobuf v1.30.0 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/provider/go.sum b/provider/go.sum index 94b6d2afb..bcd02528b 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -37,24 +37,86 @@ cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+ cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU= cloud.google.com/go v0.103.0/go.mod h1:vwLx1nqLrzLX/fpwSMOXmFIqBOyHsvHbnAdbGSJ+mKk= cloud.google.com/go v0.104.0/go.mod h1:OO6xxXdJyvuJPcEPBLN9BJPD+jep5G1+2U5B5gkRYtA= -cloud.google.com/go v0.107.0 h1:qkj22L7bgkl6vIeZDlOY2po43Mx/TIa2Wsa7VR+PEww= +cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= +cloud.google.com/go v0.110.0 h1:Zc8gqp3+a9/Eyph2KDmcGaPtbKRIoqq4YTlL4NMD0Ys= +cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= +cloud.google.com/go/accessapproval v1.4.0/go.mod h1:zybIuC3KpDOvotz59lFe5qxRZx6C75OtwbisN56xYB4= +cloud.google.com/go/accessapproval v1.5.0/go.mod h1:HFy3tuiGvMdcd/u+Cu5b9NkO1pEICJ46IR82PoUdplw= +cloud.google.com/go/accessapproval v1.6.0/go.mod h1:R0EiYnwV5fsRFiKZkPHr6mwyk2wxUJ30nL4j2pcFY2E= +cloud.google.com/go/accesscontextmanager v1.3.0/go.mod h1:TgCBehyr5gNMz7ZaH9xubp+CE8dkrszb4oK9CWyvD4o= +cloud.google.com/go/accesscontextmanager v1.4.0/go.mod h1:/Kjh7BBu/Gh83sv+K60vN9QE5NJcd80sU33vIe2IFPE= +cloud.google.com/go/accesscontextmanager v1.6.0/go.mod h1:8XCvZWfYw3K/ji0iVnp+6pu7huxoQTLmxAbVjbloTtM= +cloud.google.com/go/accesscontextmanager v1.7.0/go.mod h1:CEGLewx8dwa33aDAZQujl7Dx+uYhS0eay198wB/VumQ= cloud.google.com/go/aiplatform v1.22.0/go.mod h1:ig5Nct50bZlzV6NvKaTwmplLLddFx0YReh9WfTO5jKw= cloud.google.com/go/aiplatform v1.24.0/go.mod h1:67UUvRBKG6GTayHKV8DBv2RtR1t93YRu5B1P3x99mYY= +cloud.google.com/go/aiplatform v1.27.0/go.mod h1:Bvxqtl40l0WImSb04d0hXFU7gDOiq9jQmorivIiWcKg= +cloud.google.com/go/aiplatform v1.35.0/go.mod h1:7MFT/vCaOyZT/4IIFfxH4ErVg/4ku6lKv3w0+tFTgXQ= +cloud.google.com/go/aiplatform v1.36.1/go.mod h1:WTm12vJRPARNvJ+v6P52RDHCNe4AhvjcIZ/9/RRHy/k= +cloud.google.com/go/aiplatform v1.37.0/go.mod h1:IU2Cv29Lv9oCn/9LkFiiuKfwrRTq+QQMbW+hPCxJGZw= cloud.google.com/go/analytics v0.11.0/go.mod h1:DjEWCu41bVbYcKyvlws9Er60YE4a//bK6mnhWvQeFNI= cloud.google.com/go/analytics v0.12.0/go.mod h1:gkfj9h6XRf9+TS4bmuhPEShsh3hH8PAZzm/41OOhQd4= +cloud.google.com/go/analytics v0.17.0/go.mod h1:WXFa3WSym4IZ+JiKmavYdJwGG/CvpqiqczmL59bTD9M= +cloud.google.com/go/analytics v0.18.0/go.mod h1:ZkeHGQlcIPkw0R/GW+boWHhCOR43xz9RN/jn7WcqfIE= +cloud.google.com/go/analytics v0.19.0/go.mod h1:k8liqf5/HCnOUkbawNtrWWc+UAzyDlW89doe8TtoDsE= +cloud.google.com/go/apigateway v1.3.0/go.mod h1:89Z8Bhpmxu6AmUxuVRg/ECRGReEdiP3vQtk4Z1J9rJk= +cloud.google.com/go/apigateway v1.4.0/go.mod h1:pHVY9MKGaH9PQ3pJ4YLzoj6U5FUDeDFBllIz7WmzJoc= +cloud.google.com/go/apigateway v1.5.0/go.mod h1:GpnZR3Q4rR7LVu5951qfXPJCHquZt02jf7xQx7kpqN8= +cloud.google.com/go/apigeeconnect v1.3.0/go.mod h1:G/AwXFAKo0gIXkPTVfZDd2qA1TxBXJ3MgMRBQkIi9jc= +cloud.google.com/go/apigeeconnect v1.4.0/go.mod h1:kV4NwOKqjvt2JYR0AoIWo2QGfoRtn/pkS3QlHp0Ni04= +cloud.google.com/go/apigeeconnect v1.5.0/go.mod h1:KFaCqvBRU6idyhSNyn3vlHXc8VMDJdRmwDF6JyFRqZ8= +cloud.google.com/go/apigeeregistry v0.4.0/go.mod h1:EUG4PGcsZvxOXAdyEghIdXwAEi/4MEaoqLMLDMIwKXY= +cloud.google.com/go/apigeeregistry v0.5.0/go.mod h1:YR5+s0BVNZfVOUkMa5pAR2xGd0A473vA5M7j247o1wM= +cloud.google.com/go/apigeeregistry v0.6.0/go.mod h1:BFNzW7yQVLZ3yj0TKcwzb8n25CFBri51GVGOEUcgQsc= +cloud.google.com/go/apikeys v0.4.0/go.mod h1:XATS/yqZbaBK0HOssf+ALHp8jAlNHUgyfprvNcBIszU= +cloud.google.com/go/apikeys v0.5.0/go.mod h1:5aQfwY4D+ewMMWScd3hm2en3hCj+BROlyrt3ytS7KLI= +cloud.google.com/go/apikeys v0.6.0/go.mod h1:kbpXu5upyiAlGkKrJgQl8A0rKNNJ7dQ377pdroRSSi8= +cloud.google.com/go/appengine v1.4.0/go.mod h1:CS2NhuBuDXM9f+qscZ6V86m1MIIqPj3WC/UoEuR1Sno= +cloud.google.com/go/appengine v1.5.0/go.mod h1:TfasSozdkFI0zeoxW3PTBLiNqRmzraodCWatWI9Dmak= +cloud.google.com/go/appengine v1.6.0/go.mod h1:hg6i0J/BD2cKmDJbaFSYHFyZkgBEfQrDg/X0V5fJn84= +cloud.google.com/go/appengine v1.7.0/go.mod h1:eZqpbHFCqRGa2aCdope7eC0SWLV1j0neb/QnMJVWx6A= +cloud.google.com/go/appengine v1.7.1/go.mod h1:IHLToyb/3fKutRysUlFO0BPt5j7RiQ45nrzEJmKTo6E= cloud.google.com/go/area120 v0.5.0/go.mod h1:DE/n4mp+iqVyvxHN41Vf1CR602GiHQjFPusMFW6bGR4= cloud.google.com/go/area120 v0.6.0/go.mod h1:39yFJqWVgm0UZqWTOdqkLhjoC7uFfgXRC8g/ZegeAh0= +cloud.google.com/go/area120 v0.7.0/go.mod h1:a3+8EUD1SX5RUcCs3MY5YasiO1z6yLiNLRiFrykbynY= +cloud.google.com/go/area120 v0.7.1/go.mod h1:j84i4E1RboTWjKtZVWXPqvK5VHQFJRF2c1Nm69pWm9k= cloud.google.com/go/artifactregistry v1.6.0/go.mod h1:IYt0oBPSAGYj/kprzsBjZ/4LnG/zOcHyFHjWPCi6SAQ= cloud.google.com/go/artifactregistry v1.7.0/go.mod h1:mqTOFOnGZx8EtSqK/ZWcsm/4U8B77rbcLP6ruDU2Ixk= +cloud.google.com/go/artifactregistry v1.8.0/go.mod h1:w3GQXkJX8hiKN0v+at4b0qotwijQbYUqF2GWkZzAhC0= +cloud.google.com/go/artifactregistry v1.9.0/go.mod h1:2K2RqvA2CYvAeARHRkLDhMDJ3OXy26h3XW+3/Jh2uYc= +cloud.google.com/go/artifactregistry v1.11.1/go.mod h1:lLYghw+Itq9SONbCa1YWBoWs1nOucMH0pwXN1rOBZFI= +cloud.google.com/go/artifactregistry v1.11.2/go.mod h1:nLZns771ZGAwVLzTX/7Al6R9ehma4WUEhZGWV6CeQNQ= +cloud.google.com/go/artifactregistry v1.12.0/go.mod h1:o6P3MIvtzTOnmvGagO9v/rOjjA0HmhJ+/6KAXrmYDCI= +cloud.google.com/go/artifactregistry v1.13.0/go.mod h1:uy/LNfoOIivepGhooAUpL1i30Hgee3Cu0l4VTWHUC08= cloud.google.com/go/asset v1.5.0/go.mod h1:5mfs8UvcM5wHhqtSv8J1CtxxaQq3AdBxxQi2jGW/K4o= cloud.google.com/go/asset v1.7.0/go.mod h1:YbENsRK4+xTiL+Ofoj5Ckf+O17kJtgp3Y3nn4uzZz5s= cloud.google.com/go/asset v1.8.0/go.mod h1:mUNGKhiqIdbr8X7KNayoYvyc4HbbFO9URsjbytpUaW0= +cloud.google.com/go/asset v1.9.0/go.mod h1:83MOE6jEJBMqFKadM9NLRcs80Gdw76qGuHn8m3h8oHQ= +cloud.google.com/go/asset v1.10.0/go.mod h1:pLz7uokL80qKhzKr4xXGvBQXnzHn5evJAEAtZiIb0wY= +cloud.google.com/go/asset v1.11.1/go.mod h1:fSwLhbRvC9p9CXQHJ3BgFeQNM4c9x10lqlrdEUYXlJo= +cloud.google.com/go/asset v1.12.0/go.mod h1:h9/sFOa4eDIyKmH6QMpm4eUK3pDojWnUhTgJlk762Hg= +cloud.google.com/go/asset v1.13.0/go.mod h1:WQAMyYek/b7NBpYq/K4KJWcRqzoalEsxz/t/dTk4THw= cloud.google.com/go/assuredworkloads v1.5.0/go.mod h1:n8HOZ6pff6re5KYfBXcFvSViQjDwxFkAkmUFffJRbbY= cloud.google.com/go/assuredworkloads v1.6.0/go.mod h1:yo2YOk37Yc89Rsd5QMVECvjaMKymF9OP+QXWlKXUkXw= cloud.google.com/go/assuredworkloads v1.7.0/go.mod h1:z/736/oNmtGAyU47reJgGN+KVoYoxeLBoj4XkKYscNI= +cloud.google.com/go/assuredworkloads v1.8.0/go.mod h1:AsX2cqyNCOvEQC8RMPnoc0yEarXQk6WEKkxYfL6kGIo= +cloud.google.com/go/assuredworkloads v1.9.0/go.mod h1:kFuI1P78bplYtT77Tb1hi0FMxM0vVpRC7VVoJC3ZoT0= +cloud.google.com/go/assuredworkloads v1.10.0/go.mod h1:kwdUQuXcedVdsIaKgKTp9t0UJkE5+PAVNhdQm4ZVq2E= cloud.google.com/go/automl v1.5.0/go.mod h1:34EjfoFGMZ5sgJ9EoLsRtdPSNZLcfflJR39VbVNS2M0= cloud.google.com/go/automl v1.6.0/go.mod h1:ugf8a6Fx+zP0D59WLhqgTDsQI9w07o64uf/Is3Nh5p8= +cloud.google.com/go/automl v1.7.0/go.mod h1:RL9MYCCsJEOmt0Wf3z9uzG0a7adTT1fe+aObgSpkCt8= +cloud.google.com/go/automl v1.8.0/go.mod h1:xWx7G/aPEe/NP+qzYXktoBSDfjO+vnKMGgsApGJJquM= +cloud.google.com/go/automl v1.12.0/go.mod h1:tWDcHDp86aMIuHmyvjuKeeHEGq76lD7ZqfGLN6B0NuU= +cloud.google.com/go/baremetalsolution v0.3.0/go.mod h1:XOrocE+pvK1xFfleEnShBlNAXf+j5blPPxrhjKgnIFc= +cloud.google.com/go/baremetalsolution v0.4.0/go.mod h1:BymplhAadOO/eBa7KewQ0Ppg4A4Wplbn+PsFKRLo0uI= +cloud.google.com/go/baremetalsolution v0.5.0/go.mod h1:dXGxEkmR9BMwxhzBhV0AioD0ULBmuLZI8CdwalUxuss= +cloud.google.com/go/batch v0.3.0/go.mod h1:TR18ZoAekj1GuirsUsR1ZTKN3FC/4UDnScjT8NXImFE= +cloud.google.com/go/batch v0.4.0/go.mod h1:WZkHnP43R/QCGQsZ+0JyG4i79ranE2u8xvjq/9+STPE= +cloud.google.com/go/batch v0.7.0/go.mod h1:vLZN95s6teRUqRQ4s3RLDsH8PvboqBK+rn1oevL159g= +cloud.google.com/go/beyondcorp v0.2.0/go.mod h1:TB7Bd+EEtcw9PCPQhCJtJGjk/7TC6ckmnSFS+xwTfm4= +cloud.google.com/go/beyondcorp v0.3.0/go.mod h1:E5U5lcrcXMsCuoDNyGrpyTm/hn7ne941Jz2vmksAxW8= +cloud.google.com/go/beyondcorp v0.4.0/go.mod h1:3ApA0mbhHx6YImmuubf5pyW8srKnCEPON32/5hj+RmM= +cloud.google.com/go/beyondcorp v0.5.0/go.mod h1:uFqj9X+dSfrheVp7ssLTaRHd2EHqSL4QZmH4e8WXGGU= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -62,12 +124,44 @@ cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUM cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= cloud.google.com/go/bigquery v1.42.0/go.mod h1:8dRTJxhtG+vwBKzE5OseQn/hiydoQN3EedCaOdYmxRA= +cloud.google.com/go/bigquery v1.43.0/go.mod h1:ZMQcXHsl+xmU1z36G2jNGZmKp9zNY5BUua5wDgmNCfw= +cloud.google.com/go/bigquery v1.44.0/go.mod h1:0Y33VqXTEsbamHJvJHdFmtqHvMIY28aK1+dFsvaChGc= +cloud.google.com/go/bigquery v1.47.0/go.mod h1:sA9XOgy0A8vQK9+MWhEQTY6Tix87M/ZurWFIxmF9I/E= +cloud.google.com/go/bigquery v1.48.0/go.mod h1:QAwSz+ipNgfL5jxiaK7weyOhzdoAy1zFm0Nf1fysJac= +cloud.google.com/go/bigquery v1.49.0/go.mod h1:Sv8hMmTFFYBlt/ftw2uN6dFdQPzBlREY9yBh7Oy7/4Q= +cloud.google.com/go/bigquery v1.50.0/go.mod h1:YrleYEh2pSEbgTBZYMJ5SuSr0ML3ypjRB1zgf7pvQLU= cloud.google.com/go/billing v1.4.0/go.mod h1:g9IdKBEFlItS8bTtlrZdVLWSSdSyFUZKXNS02zKMOZY= cloud.google.com/go/billing v1.5.0/go.mod h1:mztb1tBc3QekhjSgmpf/CV4LzWXLzCArwpLmP2Gm88s= +cloud.google.com/go/billing v1.6.0/go.mod h1:WoXzguj+BeHXPbKfNWkqVtDdzORazmCjraY+vrxcyvI= +cloud.google.com/go/billing v1.7.0/go.mod h1:q457N3Hbj9lYwwRbnlD7vUpyjq6u5U1RAOArInEiD5Y= +cloud.google.com/go/billing v1.12.0/go.mod h1:yKrZio/eu+okO/2McZEbch17O5CB5NpZhhXG6Z766ss= +cloud.google.com/go/billing v1.13.0/go.mod h1:7kB2W9Xf98hP9Sr12KfECgfGclsH3CQR0R08tnRlRbc= cloud.google.com/go/binaryauthorization v1.1.0/go.mod h1:xwnoWu3Y84jbuHa0zd526MJYmtnVXn0syOjaJgy4+dM= cloud.google.com/go/binaryauthorization v1.2.0/go.mod h1:86WKkJHtRcv5ViNABtYMhhNWRrD1Vpi//uKEy7aYEfI= +cloud.google.com/go/binaryauthorization v1.3.0/go.mod h1:lRZbKgjDIIQvzYQS1p99A7/U1JqvqeZg0wiI5tp6tg0= +cloud.google.com/go/binaryauthorization v1.4.0/go.mod h1:tsSPQrBd77VLplV70GUhBf/Zm3FsKmgSqgm4UmiDItk= +cloud.google.com/go/binaryauthorization v1.5.0/go.mod h1:OSe4OU1nN/VswXKRBmciKpo9LulY41gch5c68htf3/Q= +cloud.google.com/go/certificatemanager v1.3.0/go.mod h1:n6twGDvcUBFu9uBgt4eYvvf3sQ6My8jADcOVwHmzadg= +cloud.google.com/go/certificatemanager v1.4.0/go.mod h1:vowpercVFyqs8ABSmrdV+GiFf2H/ch3KyudYQEMM590= +cloud.google.com/go/certificatemanager v1.6.0/go.mod h1:3Hh64rCKjRAX8dXgRAyOcY5vQ/fE1sh8o+Mdd6KPgY8= +cloud.google.com/go/channel v1.8.0/go.mod h1:W5SwCXDJsq/rg3tn3oG0LOxpAo6IMxNa09ngphpSlnk= +cloud.google.com/go/channel v1.9.0/go.mod h1:jcu05W0my9Vx4mt3/rEHpfxc9eKi9XwsdDL8yBMbKUk= +cloud.google.com/go/channel v1.11.0/go.mod h1:IdtI0uWGqhEeatSB62VOoJ8FSUhJ9/+iGkJVqp74CGE= +cloud.google.com/go/channel v1.12.0/go.mod h1:VkxCGKASi4Cq7TbXxlaBezonAYpp1GCnKMY6tnMQnLU= +cloud.google.com/go/cloudbuild v1.3.0/go.mod h1:WequR4ULxlqvMsjDEEEFnOG5ZSRSgWOywXYDb1vPE6U= +cloud.google.com/go/cloudbuild v1.4.0/go.mod h1:5Qwa40LHiOXmz3386FrjrYM93rM/hdRr7b53sySrTqA= +cloud.google.com/go/cloudbuild v1.6.0/go.mod h1:UIbc/w9QCbH12xX+ezUsgblrWv+Cv4Tw83GiSMHOn9M= +cloud.google.com/go/cloudbuild v1.7.0/go.mod h1:zb5tWh2XI6lR9zQmsm1VRA+7OCuve5d8S+zJUul8KTg= +cloud.google.com/go/cloudbuild v1.9.0/go.mod h1:qK1d7s4QlO0VwfYn5YuClDGg2hfmLZEb4wQGAbIgL1s= +cloud.google.com/go/clouddms v1.3.0/go.mod h1:oK6XsCDdW4Ib3jCCBugx+gVjevp2TMXFtgxvPSee3OM= +cloud.google.com/go/clouddms v1.4.0/go.mod h1:Eh7sUGCC+aKry14O1NRljhjyrr0NFC0G2cjwX0cByRk= +cloud.google.com/go/clouddms v1.5.0/go.mod h1:QSxQnhikCLUw13iAbffF2CZxAER3xDGNHjsTAkQJcQA= cloud.google.com/go/cloudtasks v1.5.0/go.mod h1:fD92REy1x5woxkKEkLdvavGnPJGEn8Uic9nWuLzqCpY= cloud.google.com/go/cloudtasks v1.6.0/go.mod h1:C6Io+sxuke9/KNRkbQpihnW93SWDU3uXt92nu85HkYI= +cloud.google.com/go/cloudtasks v1.7.0/go.mod h1:ImsfdYWwlWNJbdgPIIGJWC+gemEGTBK/SunNQQNCAb4= +cloud.google.com/go/cloudtasks v1.8.0/go.mod h1:gQXUIwCSOI4yPVK7DgTVFiiP0ZW/eQkydWzwVMdHxrI= +cloud.google.com/go/cloudtasks v1.9.0/go.mod h1:w+EyLsVkLWHcOaqNEyvcKAsWp9p29dL6uL9Nst1cI7Y= +cloud.google.com/go/cloudtasks v1.10.0/go.mod h1:NDSoTLkZ3+vExFEWu2UJV1arUyzVDAiZtdWcsUyNwBs= cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= @@ -75,116 +169,370 @@ cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= cloud.google.com/go/compute v1.7.0/go.mod h1:435lt8av5oL9P3fv1OEzSbSUe+ybHXGMPQHHZWZxy9U= cloud.google.com/go/compute v1.10.0/go.mod h1:ER5CLbMxl90o2jtNbGSbtfOpQKR0t15FOtRsugnLrlU= -cloud.google.com/go/compute v1.15.1 h1:7UGq3QknM33pw5xATlpzeoomNxsacIVvTqTTvbfajmE= +cloud.google.com/go/compute v1.12.0/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= +cloud.google.com/go/compute v1.12.1/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= +cloud.google.com/go/compute v1.13.0/go.mod h1:5aPTS0cUNMIc1CE546K+Th6weJUNQErARyZtRXDJ8GE= +cloud.google.com/go/compute v1.14.0/go.mod h1:YfLtxrj9sU4Yxv+sXzZkyPjEyPBZfXHUvjxega5vAdo= cloud.google.com/go/compute v1.15.1/go.mod h1:bjjoF/NtFUrkD/urWfdHaKuOPDR5nWIs63rR+SXhcpA= +cloud.google.com/go/compute v1.18.0/go.mod h1:1X7yHxec2Ga+Ss6jPyjxRxpu2uu7PLgsOVXvgU0yacs= +cloud.google.com/go/compute v1.19.0/go.mod h1:rikpw2y+UMidAe9tISo04EHNOIf42RLYF/q8Bs93scU= +cloud.google.com/go/compute v1.19.1 h1:am86mquDUgjGNWxiGn+5PGLbmgiWXlE/yNWpIpNvuXY= +cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE= +cloud.google.com/go/compute/metadata v0.1.0/go.mod h1:Z1VN+bulIf6bt4P/C37K4DyZYZEXYonfTBHHFPO/4UU= cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= +cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= +cloud.google.com/go/contactcenterinsights v1.3.0/go.mod h1:Eu2oemoePuEFc/xKFPjbTuPSj0fYJcPls9TFlPNnHHY= +cloud.google.com/go/contactcenterinsights v1.4.0/go.mod h1:L2YzkGbPsv+vMQMCADxJoT9YiTTnSEd6fEvCeHTYVck= +cloud.google.com/go/contactcenterinsights v1.6.0/go.mod h1:IIDlT6CLcDoyv79kDv8iWxMSTZhLxSCofVV5W6YFM/w= +cloud.google.com/go/container v1.6.0/go.mod h1:Xazp7GjJSeUYo688S+6J5V+n/t+G5sKBTFkKNudGRxg= +cloud.google.com/go/container v1.7.0/go.mod h1:Dp5AHtmothHGX3DwwIHPgq45Y8KmNsgN3amoYfxVkLo= +cloud.google.com/go/container v1.13.1/go.mod h1:6wgbMPeQRw9rSnKBCAJXnds3Pzj03C4JHamr8asWKy4= +cloud.google.com/go/container v1.14.0/go.mod h1:3AoJMPhHfLDxLvrlVWaK57IXzaPnLaZq63WX59aQBfM= +cloud.google.com/go/container v1.15.0/go.mod h1:ft+9S0WGjAyjDggg5S06DXj+fHJICWg8L7isCQe9pQA= cloud.google.com/go/containeranalysis v0.5.1/go.mod h1:1D92jd8gRR/c0fGMlymRgxWD3Qw9C1ff6/T7mLgVL8I= cloud.google.com/go/containeranalysis v0.6.0/go.mod h1:HEJoiEIu+lEXM+k7+qLCci0h33lX3ZqoYFdmPcoO7s4= +cloud.google.com/go/containeranalysis v0.7.0/go.mod h1:9aUL+/vZ55P2CXfuZjS4UjQ9AgXoSw8Ts6lemfmxBxI= +cloud.google.com/go/containeranalysis v0.9.0/go.mod h1:orbOANbwk5Ejoom+s+DUCTTJ7IBdBQJDcSylAx/on9s= cloud.google.com/go/datacatalog v1.3.0/go.mod h1:g9svFY6tuR+j+hrTw3J2dNcmI0dzmSiyOzm8kpLq0a0= cloud.google.com/go/datacatalog v1.5.0/go.mod h1:M7GPLNQeLfWqeIm3iuiruhPzkt65+Bx8dAKvScX8jvs= cloud.google.com/go/datacatalog v1.6.0/go.mod h1:+aEyF8JKg+uXcIdAmmaMUmZ3q1b/lKLtXCmXdnc0lbc= +cloud.google.com/go/datacatalog v1.7.0/go.mod h1:9mEl4AuDYWw81UGc41HonIHH7/sn52H0/tc8f8ZbZIE= +cloud.google.com/go/datacatalog v1.8.0/go.mod h1:KYuoVOv9BM8EYz/4eMFxrr4DUKhGIOXxZoKYF5wdISM= +cloud.google.com/go/datacatalog v1.8.1/go.mod h1:RJ58z4rMp3gvETA465Vg+ag8BGgBdnRPEMMSTr5Uv+M= +cloud.google.com/go/datacatalog v1.12.0/go.mod h1:CWae8rFkfp6LzLumKOnmVh4+Zle4A3NXLzVJ1d1mRm0= +cloud.google.com/go/datacatalog v1.13.0/go.mod h1:E4Rj9a5ZtAxcQJlEBTLgMTphfP11/lNaAshpoBgemX8= cloud.google.com/go/dataflow v0.6.0/go.mod h1:9QwV89cGoxjjSR9/r7eFDqqjtvbKxAK2BaYU6PVk9UM= cloud.google.com/go/dataflow v0.7.0/go.mod h1:PX526vb4ijFMesO1o202EaUmouZKBpjHsTlCtB4parQ= +cloud.google.com/go/dataflow v0.8.0/go.mod h1:Rcf5YgTKPtQyYz8bLYhFoIV/vP39eL7fWNcSOyFfLJE= cloud.google.com/go/dataform v0.3.0/go.mod h1:cj8uNliRlHpa6L3yVhDOBrUXH+BPAO1+KFMQQNSThKo= cloud.google.com/go/dataform v0.4.0/go.mod h1:fwV6Y4Ty2yIFL89huYlEkwUPtS7YZinZbzzj5S9FzCE= +cloud.google.com/go/dataform v0.5.0/go.mod h1:GFUYRe8IBa2hcomWplodVmUx/iTL0FrsauObOM3Ipr0= +cloud.google.com/go/dataform v0.6.0/go.mod h1:QPflImQy33e29VuapFdf19oPbE4aYTJxr31OAPV+ulA= +cloud.google.com/go/dataform v0.7.0/go.mod h1:7NulqnVozfHvWUBpMDfKMUESr+85aJsC/2O0o3jWPDE= +cloud.google.com/go/datafusion v1.4.0/go.mod h1:1Zb6VN+W6ALo85cXnM1IKiPw+yQMKMhB9TsTSRDo/38= +cloud.google.com/go/datafusion v1.5.0/go.mod h1:Kz+l1FGHB0J+4XF2fud96WMmRiq/wj8N9u007vyXZ2w= +cloud.google.com/go/datafusion v1.6.0/go.mod h1:WBsMF8F1RhSXvVM8rCV3AeyWVxcC2xY6vith3iw3S+8= cloud.google.com/go/datalabeling v0.5.0/go.mod h1:TGcJ0G2NzcsXSE/97yWjIZO0bXj0KbVlINXMG9ud42I= cloud.google.com/go/datalabeling v0.6.0/go.mod h1:WqdISuk/+WIGeMkpw/1q7bK/tFEZxsrFJOJdY2bXvTQ= +cloud.google.com/go/datalabeling v0.7.0/go.mod h1:WPQb1y08RJbmpM3ww0CSUAGweL0SxByuW2E+FU+wXcM= +cloud.google.com/go/dataplex v1.3.0/go.mod h1:hQuRtDg+fCiFgC8j0zV222HvzFQdRd+SVX8gdmFcZzA= +cloud.google.com/go/dataplex v1.4.0/go.mod h1:X51GfLXEMVJ6UN47ESVqvlsRplbLhcsAt0kZCCKsU0A= +cloud.google.com/go/dataplex v1.5.2/go.mod h1:cVMgQHsmfRoI5KFYq4JtIBEUbYwc3c7tXmIDhRmNNVQ= +cloud.google.com/go/dataplex v1.6.0/go.mod h1:bMsomC/aEJOSpHXdFKFGQ1b0TDPIeL28nJObeO1ppRs= +cloud.google.com/go/dataproc v1.7.0/go.mod h1:CKAlMjII9H90RXaMpSxQ8EU6dQx6iAYNPcYPOkSbi8s= +cloud.google.com/go/dataproc v1.8.0/go.mod h1:5OW+zNAH0pMpw14JVrPONsxMQYMBqJuzORhIBfBn9uI= +cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4= cloud.google.com/go/dataqna v0.5.0/go.mod h1:90Hyk596ft3zUQ8NkFfvICSIfHFh1Bc7C4cK3vbhkeo= cloud.google.com/go/dataqna v0.6.0/go.mod h1:1lqNpM7rqNLVgWBJyk5NF6Uen2PHym0jtVJonplVsDA= +cloud.google.com/go/dataqna v0.7.0/go.mod h1:Lx9OcIIeqCrw1a6KdO3/5KMP1wAmTc0slZWwP12Qq3c= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/datastore v1.10.0/go.mod h1:PC5UzAmDEkAmkfaknstTYbNpgE49HAgW2J1gcgUfmdM= +cloud.google.com/go/datastore v1.11.0/go.mod h1:TvGxBIHCS50u8jzG+AW/ppf87v1of8nwzFNgEZU1D3c= cloud.google.com/go/datastream v1.2.0/go.mod h1:i/uTP8/fZwgATHS/XFu0TcNUhuA0twZxxQ3EyCUQMwo= cloud.google.com/go/datastream v1.3.0/go.mod h1:cqlOX8xlyYF/uxhiKn6Hbv6WjwPPuI9W2M9SAXwaLLQ= +cloud.google.com/go/datastream v1.4.0/go.mod h1:h9dpzScPhDTs5noEMQVWP8Wx8AFBRyS0s8KWPx/9r0g= +cloud.google.com/go/datastream v1.5.0/go.mod h1:6TZMMNPwjUqZHBKPQ1wwXpb0d5VDVPl2/XoS5yi88q4= +cloud.google.com/go/datastream v1.6.0/go.mod h1:6LQSuswqLa7S4rPAOZFVjHIG3wJIjZcZrw8JDEDJuIs= +cloud.google.com/go/datastream v1.7.0/go.mod h1:uxVRMm2elUSPuh65IbZpzJNMbuzkcvu5CjMqVIUHrww= +cloud.google.com/go/deploy v1.4.0/go.mod h1:5Xghikd4VrmMLNaF6FiRFDlHb59VM59YoDQnOUdsH/c= +cloud.google.com/go/deploy v1.5.0/go.mod h1:ffgdD0B89tToyW/U/D2eL0jN2+IEV/3EMuXHA0l4r+s= +cloud.google.com/go/deploy v1.6.0/go.mod h1:f9PTHehG/DjCom3QH0cntOVRm93uGBDt2vKzAPwpXQI= +cloud.google.com/go/deploy v1.8.0/go.mod h1:z3myEJnA/2wnB4sgjqdMfgxCA0EqC3RBTNcVPs93mtQ= cloud.google.com/go/dialogflow v1.15.0/go.mod h1:HbHDWs33WOGJgn6rfzBW1Kv807BE3O1+xGbn59zZWI4= cloud.google.com/go/dialogflow v1.16.1/go.mod h1:po6LlzGfK+smoSmTBnbkIZY2w8ffjz/RcGSS+sh1el0= cloud.google.com/go/dialogflow v1.17.0/go.mod h1:YNP09C/kXA1aZdBgC/VtXX74G/TKn7XVCcVumTflA+8= +cloud.google.com/go/dialogflow v1.18.0/go.mod h1:trO7Zu5YdyEuR+BhSNOqJezyFQ3aUzz0njv7sMx/iek= +cloud.google.com/go/dialogflow v1.19.0/go.mod h1:JVmlG1TwykZDtxtTXujec4tQ+D8SBFMoosgy+6Gn0s0= +cloud.google.com/go/dialogflow v1.29.0/go.mod h1:b+2bzMe+k1s9V+F2jbJwpHPzrnIyHihAdRFMtn2WXuM= +cloud.google.com/go/dialogflow v1.31.0/go.mod h1:cuoUccuL1Z+HADhyIA7dci3N5zUssgpBJmCzI6fNRB4= +cloud.google.com/go/dialogflow v1.32.0/go.mod h1:jG9TRJl8CKrDhMEcvfcfFkkpp8ZhgPz3sBGmAUYJ2qE= +cloud.google.com/go/dlp v1.6.0/go.mod h1:9eyB2xIhpU0sVwUixfBubDoRwP+GjeUoxxeueZmqvmM= +cloud.google.com/go/dlp v1.7.0/go.mod h1:68ak9vCiMBjbasxeVD17hVPxDEck+ExiHavX8kiHG+Q= +cloud.google.com/go/dlp v1.9.0/go.mod h1:qdgmqgTyReTz5/YNSSuueR8pl7hO0o9bQ39ZhtgkWp4= cloud.google.com/go/documentai v1.7.0/go.mod h1:lJvftZB5NRiFSX4moiye1SMxHx0Bc3x1+p9e/RfXYiU= cloud.google.com/go/documentai v1.8.0/go.mod h1:xGHNEB7CtsnySCNrCFdCyyMz44RhFEEX2Q7UD0c5IhU= +cloud.google.com/go/documentai v1.9.0/go.mod h1:FS5485S8R00U10GhgBC0aNGrJxBP8ZVpEeJ7PQDZd6k= +cloud.google.com/go/documentai v1.10.0/go.mod h1:vod47hKQIPeCfN2QS/jULIvQTugbmdc0ZvxxfQY1bg4= +cloud.google.com/go/documentai v1.16.0/go.mod h1:o0o0DLTEZ+YnJZ+J4wNfTxmDVyrkzFvttBXXtYRMHkM= +cloud.google.com/go/documentai v1.18.0/go.mod h1:F6CK6iUH8J81FehpskRmhLq/3VlwQvb7TvwOceQ2tbs= cloud.google.com/go/domains v0.6.0/go.mod h1:T9Rz3GasrpYk6mEGHh4rymIhjlnIuB4ofT1wTxDeT4Y= cloud.google.com/go/domains v0.7.0/go.mod h1:PtZeqS1xjnXuRPKE/88Iru/LdfoRyEHYA9nFQf4UKpg= +cloud.google.com/go/domains v0.8.0/go.mod h1:M9i3MMDzGFXsydri9/vW+EWz9sWb4I6WyHqdlAk0idE= cloud.google.com/go/edgecontainer v0.1.0/go.mod h1:WgkZ9tp10bFxqO8BLPqv2LlfmQF1X8lZqwW4r1BTajk= cloud.google.com/go/edgecontainer v0.2.0/go.mod h1:RTmLijy+lGpQ7BXuTDa4C4ssxyXT34NIuHIgKuP4s5w= +cloud.google.com/go/edgecontainer v0.3.0/go.mod h1:FLDpP4nykgwwIfcLt6zInhprzw0lEi2P1fjO6Ie0qbc= +cloud.google.com/go/edgecontainer v1.0.0/go.mod h1:cttArqZpBB2q58W/upSG++ooo6EsblxDIolxa3jSjbY= +cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU= +cloud.google.com/go/essentialcontacts v1.3.0/go.mod h1:r+OnHa5jfj90qIfZDO/VztSFqbQan7HV75p8sA+mdGI= +cloud.google.com/go/essentialcontacts v1.4.0/go.mod h1:8tRldvHYsmnBCHdFpvU+GL75oWiBKl80BiqlFh9tp+8= +cloud.google.com/go/essentialcontacts v1.5.0/go.mod h1:ay29Z4zODTuwliK7SnX8E86aUF2CTzdNtvv42niCX0M= +cloud.google.com/go/eventarc v1.7.0/go.mod h1:6ctpF3zTnaQCxUjHUdcfgcA1A2T309+omHZth7gDfmc= +cloud.google.com/go/eventarc v1.8.0/go.mod h1:imbzxkyAU4ubfsaKYdQg04WS1NvncblHEup4kvF+4gw= +cloud.google.com/go/eventarc v1.10.0/go.mod h1:u3R35tmZ9HvswGRBnF48IlYgYeBcPUCjkr4BTdem2Kw= +cloud.google.com/go/eventarc v1.11.0/go.mod h1:PyUjsUKPWoRBCHeOxZd/lbOOjahV41icXyUY5kSTvVY= +cloud.google.com/go/filestore v1.3.0/go.mod h1:+qbvHGvXU1HaKX2nD0WEPo92TP/8AQuCVEBXNY9z0+w= +cloud.google.com/go/filestore v1.4.0/go.mod h1:PaG5oDfo9r224f8OYXURtAsY+Fbyq/bLYoINEK8XQAI= +cloud.google.com/go/filestore v1.5.0/go.mod h1:FqBXDWBp4YLHqRnVGveOkHDf8svj9r5+mUDLupOWEDs= +cloud.google.com/go/filestore v1.6.0/go.mod h1:di5unNuss/qfZTw2U9nhFqo8/ZDSc466dre85Kydllg= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= cloud.google.com/go/firestore v1.6.1/go.mod h1:asNXNOzBdyVQmEU+ggO8UPodTkEVFW5Qx+rwHnAz+EY= +cloud.google.com/go/firestore v1.9.0/go.mod h1:HMkjKHNTtRyZNiMzu7YAsLr9K3X2udY2AMwDaMEQiiE= cloud.google.com/go/functions v1.6.0/go.mod h1:3H1UA3qiIPRWD7PeZKLvHZ9SaQhR26XIJcC0A5GbvAk= cloud.google.com/go/functions v1.7.0/go.mod h1:+d+QBcWM+RsrgZfV9xo6KfA1GlzJfxcfZcRPEhDDfzg= +cloud.google.com/go/functions v1.8.0/go.mod h1:RTZ4/HsQjIqIYP9a9YPbU+QFoQsAlYgrwOXJWHn1POY= +cloud.google.com/go/functions v1.9.0/go.mod h1:Y+Dz8yGguzO3PpIjhLTbnqV1CWmgQ5UwtlpzoyquQ08= +cloud.google.com/go/functions v1.10.0/go.mod h1:0D3hEOe3DbEvCXtYOZHQZmD+SzYsi1YbI7dGvHfldXw= +cloud.google.com/go/functions v1.12.0/go.mod h1:AXWGrF3e2C/5ehvwYo/GH6O5s09tOPksiKhz+hH8WkA= +cloud.google.com/go/functions v1.13.0/go.mod h1:EU4O007sQm6Ef/PwRsI8N2umygGqPBS/IZQKBQBcJ3c= cloud.google.com/go/gaming v1.5.0/go.mod h1:ol7rGcxP/qHTRQE/RO4bxkXq+Fix0j6D4LFPzYTIrDM= cloud.google.com/go/gaming v1.6.0/go.mod h1:YMU1GEvA39Qt3zWGyAVA9bpYz/yAhTvaQ1t2sK4KPUA= +cloud.google.com/go/gaming v1.7.0/go.mod h1:LrB8U7MHdGgFG851iHAfqUdLcKBdQ55hzXy9xBJz0+w= +cloud.google.com/go/gaming v1.8.0/go.mod h1:xAqjS8b7jAVW0KFYeRUxngo9My3f33kFmua++Pi+ggM= +cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0= +cloud.google.com/go/gkebackup v0.2.0/go.mod h1:XKvv/4LfG829/B8B7xRkk8zRrOEbKtEam6yNfuQNH60= +cloud.google.com/go/gkebackup v0.3.0/go.mod h1:n/E671i1aOQvUxT541aTkCwExO/bTer2HDlj4TsBRAo= +cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg= cloud.google.com/go/gkeconnect v0.5.0/go.mod h1:c5lsNAg5EwAy7fkqX/+goqFsU1Da/jQFqArp+wGNr/o= cloud.google.com/go/gkeconnect v0.6.0/go.mod h1:Mln67KyU/sHJEBY8kFZ0xTeyPtzbq9StAVvEULYK16A= +cloud.google.com/go/gkeconnect v0.7.0/go.mod h1:SNfmVqPkaEi3bF/B3CNZOAYPYdg7sU+obZ+QTky2Myw= cloud.google.com/go/gkehub v0.9.0/go.mod h1:WYHN6WG8w9bXU0hqNxt8rm5uxnk8IH+lPY9J2TV7BK0= cloud.google.com/go/gkehub v0.10.0/go.mod h1:UIPwxI0DsrpsVoWpLB0stwKCP+WFVG9+y977wO+hBH0= +cloud.google.com/go/gkehub v0.11.0/go.mod h1:JOWHlmN+GHyIbuWQPl47/C2RFhnFKH38jH9Ascu3n0E= +cloud.google.com/go/gkehub v0.12.0/go.mod h1:djiIwwzTTBrF5NaXCGv3mf7klpEMcST17VBTVVDcuaw= +cloud.google.com/go/gkemulticloud v0.3.0/go.mod h1:7orzy7O0S+5kq95e4Hpn7RysVA7dPs8W/GgfUtsPbrA= +cloud.google.com/go/gkemulticloud v0.4.0/go.mod h1:E9gxVBnseLWCk24ch+P9+B2CoDFJZTyIgLKSalC7tuI= +cloud.google.com/go/gkemulticloud v0.5.0/go.mod h1:W0JDkiyi3Tqh0TJr//y19wyb1yf8llHVto2Htf2Ja3Y= cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc= +cloud.google.com/go/gsuiteaddons v1.3.0/go.mod h1:EUNK/J1lZEZO8yPtykKxLXI6JSVN2rg9bN8SXOa0bgM= +cloud.google.com/go/gsuiteaddons v1.4.0/go.mod h1:rZK5I8hht7u7HxFQcFei0+AtfS9uSushomRlg+3ua1o= +cloud.google.com/go/gsuiteaddons v1.5.0/go.mod h1:TFCClYLd64Eaa12sFVmUyG62tk4mdIsI7pAnSXRkcFo= cloud.google.com/go/iam v0.1.0/go.mod h1:vcUNEa0pEm0qRVpmWepWaFMIAI8/hjB9mO8rNCJtF6c= cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= cloud.google.com/go/iam v0.5.0/go.mod h1:wPU9Vt0P4UmCux7mqtRu6jcpPAb74cP1fh50J3QpkUc= -cloud.google.com/go/iam v0.8.0 h1:E2osAkZzxI/+8pZcxVLcDtAQx/u+hZXVryUaYQ5O0Kk= +cloud.google.com/go/iam v0.6.0/go.mod h1:+1AH33ueBne5MzYccyMHtEKqLE4/kJOibtffMHDMFMc= +cloud.google.com/go/iam v0.7.0/go.mod h1:H5Br8wRaDGNc8XP3keLc4unfUUZeyH3Sfl9XpQEYOeg= cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGESjkE= +cloud.google.com/go/iam v0.11.0/go.mod h1:9PiLDanza5D+oWFZiH1uG+RnRCfEGKoyl6yo4cgWZGY= +cloud.google.com/go/iam v0.12.0/go.mod h1:knyHGviacl11zrtZUoDuYpDgLjvr28sLQaG0YB2GYAY= +cloud.google.com/go/iam v0.13.0 h1:+CmB+K0J/33d0zSQ9SlFWUeCCEn5XJA0ZMZ3pHE9u8k= +cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= +cloud.google.com/go/iap v1.4.0/go.mod h1:RGFwRJdihTINIe4wZ2iCP0zF/qu18ZwyKxrhMhygBEc= +cloud.google.com/go/iap v1.5.0/go.mod h1:UH/CGgKd4KyohZL5Pt0jSKE4m3FR51qg6FKQ/z/Ix9A= +cloud.google.com/go/iap v1.6.0/go.mod h1:NSuvI9C/j7UdjGjIde7t7HBz+QTwBcapPE07+sSRcLk= +cloud.google.com/go/iap v1.7.0/go.mod h1:beqQx56T9O1G1yNPph+spKpNibDlYIiIixiqsQXxLIo= +cloud.google.com/go/iap v1.7.1/go.mod h1:WapEwPc7ZxGt2jFGB/C/bm+hP0Y6NXzOYGjpPnmMS74= +cloud.google.com/go/ids v1.1.0/go.mod h1:WIuwCaYVOzHIj2OhN9HAwvW+DBdmUAdcWlFxRl+KubM= +cloud.google.com/go/ids v1.2.0/go.mod h1:5WXvp4n25S0rA/mQWAg1YEEBBq6/s+7ml1RDCW1IrcY= +cloud.google.com/go/ids v1.3.0/go.mod h1:JBdTYwANikFKaDP6LtW5JAi4gubs57SVNQjemdt6xV4= +cloud.google.com/go/iot v1.3.0/go.mod h1:r7RGh2B61+B8oz0AGE+J72AhA0G7tdXItODWsaA2oLs= +cloud.google.com/go/iot v1.4.0/go.mod h1:dIDxPOn0UvNDUMD8Ger7FIaTuvMkj+aGk94RPP0iV+g= +cloud.google.com/go/iot v1.5.0/go.mod h1:mpz5259PDl3XJthEmh9+ap0affn/MqNSP4My77Qql9o= +cloud.google.com/go/iot v1.6.0/go.mod h1:IqdAsmE2cTYYNO1Fvjfzo9po179rAtJeVGUvkLN3rLE= cloud.google.com/go/kms v1.4.0/go.mod h1:fajBHndQ+6ubNw6Ss2sSd+SWvjL26RNo/dr7uxsnnOA= -cloud.google.com/go/kms v1.6.0 h1:OWRZzrPmOZUzurjI2FBGtgY2mB1WaJkqhw6oIwSj0Yg= +cloud.google.com/go/kms v1.5.0/go.mod h1:QJS2YY0eJGBg3mnDfuaCyLauWwBJiHRboYxJ++1xJNg= cloud.google.com/go/kms v1.6.0/go.mod h1:Jjy850yySiasBUDi6KFUwUv2n1+o7QZFyuUJg6OgjA0= +cloud.google.com/go/kms v1.8.0/go.mod h1:4xFEhYFqvW+4VMELtZyxomGSYtSQKzM178ylFW4jMAg= +cloud.google.com/go/kms v1.9.0/go.mod h1:qb1tPTgfF9RQP8e1wq4cLFErVuTJv7UsSC915J8dh3w= +cloud.google.com/go/kms v1.10.0/go.mod h1:ng3KTUtQQU9bPX3+QGLsflZIHlkbn8amFAMY63m8d24= +cloud.google.com/go/kms v1.10.1 h1:7hm1bRqGCA1GBRQUrp831TwJ9TWhP+tvLuP497CQS2g= +cloud.google.com/go/kms v1.10.1/go.mod h1:rIWk/TryCkR59GMC3YtHtXeLzd634lBbKenvyySAyYI= cloud.google.com/go/language v1.4.0/go.mod h1:F9dRpNFQmJbkaop6g0JhSBXCNlO90e1KWx5iDdxbWic= cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQnWM3mdEbhI= +cloud.google.com/go/language v1.7.0/go.mod h1:DJ6dYN/W+SQOjF8e1hLQXMF21AkH2w9wiPzPCJa2MIE= +cloud.google.com/go/language v1.8.0/go.mod h1:qYPVHf7SPoNNiCL2Dr0FfEFNil1qi3pQEyygwpgVKB8= +cloud.google.com/go/language v1.9.0/go.mod h1:Ns15WooPM5Ad/5no/0n81yUetis74g3zrbeJBE+ptUY= cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8= cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08= -cloud.google.com/go/logging v1.6.1 h1:ZBsZK+JG+oCDT+vaxwqF2egKNRjz8soXiS6Xv79benI= +cloud.google.com/go/lifesciences v0.8.0/go.mod h1:lFxiEOMqII6XggGbOnKiyZ7IBwoIqA84ClvoezaA/bo= cloud.google.com/go/logging v1.6.1/go.mod h1:5ZO0mHHbvm8gEmeEUHrmDlTDSu5imF6MUP9OfilNXBw= -cloud.google.com/go/longrunning v0.3.0 h1:NjljC+FYPV3uh5/OwWT6pVU+doBqMg2x/rZlE+CamDs= +cloud.google.com/go/logging v1.7.0 h1:CJYxlNNNNAMkHp9em/YEXcfJg+rPDg7YfwoRpMU+t5I= +cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M= +cloud.google.com/go/longrunning v0.1.1/go.mod h1:UUFxuDWkv22EuY93jjmDMFT5GPQKeFVJBIF6QlTqdsE= cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc= +cloud.google.com/go/longrunning v0.4.1 h1:v+yFJOfKC3yZdY6ZUI933pIYdhyhV8S3NpWrXWmg7jM= +cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= +cloud.google.com/go/managedidentities v1.3.0/go.mod h1:UzlW3cBOiPrzucO5qWkNkh0w33KFtBJU281hacNvsdE= +cloud.google.com/go/managedidentities v1.4.0/go.mod h1:NWSBYbEMgqmbZsLIyKvxrYbtqOsxY1ZrGM+9RgDqInM= +cloud.google.com/go/managedidentities v1.5.0/go.mod h1:+dWcZ0JlUmpuxpIDfyP5pP5y0bLdRwOS4Lp7gMni/LA= +cloud.google.com/go/maps v0.1.0/go.mod h1:BQM97WGyfw9FWEmQMpZ5T6cpovXXSd1cGmFma94eubI= +cloud.google.com/go/maps v0.6.0/go.mod h1:o6DAMMfb+aINHz/p/jbcY+mYeXBoZoxTfdSQ8VAJaCw= +cloud.google.com/go/maps v0.7.0/go.mod h1:3GnvVl3cqeSvgMcpRlQidXsPYuDGQ8naBis7MVzpXsY= cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4= cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w= +cloud.google.com/go/mediatranslation v0.7.0/go.mod h1:LCnB/gZr90ONOIQLgSXagp8XUW1ODs2UmUMvcgMfI2I= cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE= cloud.google.com/go/memcache v1.5.0/go.mod h1:dk3fCK7dVo0cUU2c36jKb4VqKPS22BTkf81Xq617aWM= +cloud.google.com/go/memcache v1.6.0/go.mod h1:XS5xB0eQZdHtTuTF9Hf8eJkKtR3pVRCcvJwtm68T3rA= +cloud.google.com/go/memcache v1.7.0/go.mod h1:ywMKfjWhNtkQTxrWxCkCFkoPjLHPW6A7WOTVI8xy3LY= +cloud.google.com/go/memcache v1.9.0/go.mod h1:8oEyzXCu+zo9RzlEaEjHl4KkgjlNDaXbCQeQWlzNFJM= cloud.google.com/go/metastore v1.5.0/go.mod h1:2ZNrDcQwghfdtCwJ33nM0+GrBGlVuh8rakL3vdPY3XY= cloud.google.com/go/metastore v1.6.0/go.mod h1:6cyQTls8CWXzk45G55x57DVQ9gWg7RiH65+YgPsNh9s= +cloud.google.com/go/metastore v1.7.0/go.mod h1:s45D0B4IlsINu87/AsWiEVYbLaIMeUSoxlKKDqBGFS8= +cloud.google.com/go/metastore v1.8.0/go.mod h1:zHiMc4ZUpBiM7twCIFQmJ9JMEkDSyZS9U12uf7wHqSI= +cloud.google.com/go/metastore v1.10.0/go.mod h1:fPEnH3g4JJAk+gMRnrAnoqyv2lpUCqJPWOodSaf45Eo= cloud.google.com/go/monitoring v1.1.0/go.mod h1:L81pzz7HKn14QCMaCs6NTQkdBnE87TElyanS95vIcl4= cloud.google.com/go/monitoring v1.5.0/go.mod h1:/o9y8NYX5j91JjD/JvGLYbi86kL11OjyJXq2XziLJu4= +cloud.google.com/go/monitoring v1.7.0/go.mod h1:HpYse6kkGo//7p6sT0wsIC6IBDET0RhIsnmlA53dvEk= +cloud.google.com/go/monitoring v1.8.0/go.mod h1:E7PtoMJ1kQXWxPjB6mv2fhC5/15jInuulFdYYtlcvT4= +cloud.google.com/go/monitoring v1.12.0/go.mod h1:yx8Jj2fZNEkL/GYZyTLS4ZtZEZN8WtDEiEqG4kLK50w= +cloud.google.com/go/monitoring v1.13.0/go.mod h1:k2yMBAB1H9JT/QETjNkgdCGD9bPF712XiLTVr+cBrpw= cloud.google.com/go/networkconnectivity v1.4.0/go.mod h1:nOl7YL8odKyAOtzNX73/M5/mGZgqqMeryi6UPZTk/rA= cloud.google.com/go/networkconnectivity v1.5.0/go.mod h1:3GzqJx7uhtlM3kln0+x5wyFvuVH1pIBJjhCpjzSt75o= +cloud.google.com/go/networkconnectivity v1.6.0/go.mod h1:OJOoEXW+0LAxHh89nXd64uGG+FbQoeH8DtxCHVOMlaM= +cloud.google.com/go/networkconnectivity v1.7.0/go.mod h1:RMuSbkdbPwNMQjB5HBWD5MpTBnNm39iAVpC3TmsExt8= +cloud.google.com/go/networkconnectivity v1.10.0/go.mod h1:UP4O4sWXJG13AqrTdQCD9TnLGEbtNRqjuaaA7bNjF5E= +cloud.google.com/go/networkconnectivity v1.11.0/go.mod h1:iWmDD4QF16VCDLXUqvyspJjIEtBR/4zq5hwnY2X3scM= +cloud.google.com/go/networkmanagement v1.4.0/go.mod h1:Q9mdLLRn60AsOrPc8rs8iNV6OHXaGcDdsIQe1ohekq8= +cloud.google.com/go/networkmanagement v1.5.0/go.mod h1:ZnOeZ/evzUdUsnvRt792H0uYEnHQEMaz+REhhzJRcf4= +cloud.google.com/go/networkmanagement v1.6.0/go.mod h1:5pKPqyXjB/sgtvB5xqOemumoQNB7y95Q7S+4rjSOPYY= cloud.google.com/go/networksecurity v0.5.0/go.mod h1:xS6fOCoqpVC5zx15Z/MqkfDwH4+m/61A3ODiDV1xmiQ= cloud.google.com/go/networksecurity v0.6.0/go.mod h1:Q5fjhTr9WMI5mbpRYEbiexTzROf7ZbDzvzCrNl14nyU= +cloud.google.com/go/networksecurity v0.7.0/go.mod h1:mAnzoxx/8TBSyXEeESMy9OOYwo1v+gZ5eMRnsT5bC8k= +cloud.google.com/go/networksecurity v0.8.0/go.mod h1:B78DkqsxFG5zRSVuwYFRZ9Xz8IcQ5iECsNrPn74hKHU= cloud.google.com/go/notebooks v1.2.0/go.mod h1:9+wtppMfVPUeJ8fIWPOq1UnATHISkGXGqTkxeieQ6UY= cloud.google.com/go/notebooks v1.3.0/go.mod h1:bFR5lj07DtCPC7YAAJ//vHskFBxA5JzYlH68kXVdk34= +cloud.google.com/go/notebooks v1.4.0/go.mod h1:4QPMngcwmgb6uw7Po99B2xv5ufVoIQ7nOGDyL4P8AgA= +cloud.google.com/go/notebooks v1.5.0/go.mod h1:q8mwhnP9aR8Hpfnrc5iN5IBhrXUy8S2vuYs+kBJ/gu0= +cloud.google.com/go/notebooks v1.7.0/go.mod h1:PVlaDGfJgj1fl1S3dUwhFMXFgfYGhYQt2164xOMONmE= +cloud.google.com/go/notebooks v1.8.0/go.mod h1:Lq6dYKOYOWUCTvw5t2q1gp1lAp0zxAxRycayS0iJcqQ= +cloud.google.com/go/optimization v1.1.0/go.mod h1:5po+wfvX5AQlPznyVEZjGJTMr4+CAkJf2XSTQOOl9l4= +cloud.google.com/go/optimization v1.2.0/go.mod h1:Lr7SOHdRDENsh+WXVmQhQTrzdu9ybg0NecjHidBq6xs= +cloud.google.com/go/optimization v1.3.1/go.mod h1:IvUSefKiwd1a5p0RgHDbWCIbDFgKuEdB+fPPuP0IDLI= +cloud.google.com/go/orchestration v1.3.0/go.mod h1:Sj5tq/JpWiB//X/q3Ngwdl5K7B7Y0KZ7bfv0wL6fqVA= +cloud.google.com/go/orchestration v1.4.0/go.mod h1:6W5NLFWs2TlniBphAViZEVhrXRSMgUGDfW7vrWKvsBk= +cloud.google.com/go/orchestration v1.6.0/go.mod h1:M62Bevp7pkxStDfFfTuCOaXgaaqRAga1yKyoMtEoWPQ= +cloud.google.com/go/orgpolicy v1.4.0/go.mod h1:xrSLIV4RePWmP9P3tBl8S93lTmlAxjm06NSm2UTmKvE= +cloud.google.com/go/orgpolicy v1.5.0/go.mod h1:hZEc5q3wzwXJaKrsx5+Ewg0u1LxJ51nNFlext7Tanwc= +cloud.google.com/go/orgpolicy v1.10.0/go.mod h1:w1fo8b7rRqlXlIJbVhOMPrwVljyuW5mqssvBtU18ONc= cloud.google.com/go/osconfig v1.7.0/go.mod h1:oVHeCeZELfJP7XLxcBGTMBvRO+1nQ5tFG9VQTmYS2Fs= cloud.google.com/go/osconfig v1.8.0/go.mod h1:EQqZLu5w5XA7eKizepumcvWx+m8mJUhEwiPqWiZeEdg= +cloud.google.com/go/osconfig v1.9.0/go.mod h1:Yx+IeIZJ3bdWmzbQU4fxNl8xsZ4amB+dygAwFPlvnNo= +cloud.google.com/go/osconfig v1.10.0/go.mod h1:uMhCzqC5I8zfD9zDEAfvgVhDS8oIjySWh+l4WK6GnWw= +cloud.google.com/go/osconfig v1.11.0/go.mod h1:aDICxrur2ogRd9zY5ytBLV89KEgT2MKB2L/n6x1ooPw= cloud.google.com/go/oslogin v1.4.0/go.mod h1:YdgMXWRaElXz/lDk1Na6Fh5orF7gvmJ0FGLIs9LId4E= cloud.google.com/go/oslogin v1.5.0/go.mod h1:D260Qj11W2qx/HVF29zBg+0fd6YCSjSqLUkY/qEenQU= +cloud.google.com/go/oslogin v1.6.0/go.mod h1:zOJ1O3+dTU8WPlGEkFSh7qeHPPSoxrcMbbK1Nm2iX70= +cloud.google.com/go/oslogin v1.7.0/go.mod h1:e04SN0xO1UNJ1M5GP0vzVBFicIe4O53FOfcixIqTyXo= +cloud.google.com/go/oslogin v1.9.0/go.mod h1:HNavntnH8nzrn8JCTT5fj18FuJLFJc4NaZJtBnQtKFs= cloud.google.com/go/phishingprotection v0.5.0/go.mod h1:Y3HZknsK9bc9dMi+oE8Bim0lczMU6hrX0UpADuMefr0= cloud.google.com/go/phishingprotection v0.6.0/go.mod h1:9Y3LBLgy0kDTcYET8ZH3bq/7qni15yVUoAxiFxnlSUA= +cloud.google.com/go/phishingprotection v0.7.0/go.mod h1:8qJI4QKHoda/sb/7/YmMQ2omRLSLYSu9bU0EKCNI+Lk= +cloud.google.com/go/policytroubleshooter v1.3.0/go.mod h1:qy0+VwANja+kKrjlQuOzmlvscn4RNsAc0e15GGqfMxg= +cloud.google.com/go/policytroubleshooter v1.4.0/go.mod h1:DZT4BcRw3QoO8ota9xw/LKtPa8lKeCByYeKTIf/vxdE= +cloud.google.com/go/policytroubleshooter v1.5.0/go.mod h1:Rz1WfV+1oIpPdN2VvvuboLVRsB1Hclg3CKQ53j9l8vw= +cloud.google.com/go/policytroubleshooter v1.6.0/go.mod h1:zYqaPTsmfvpjm5ULxAyD/lINQxJ0DDsnWOP/GZ7xzBc= cloud.google.com/go/privatecatalog v0.5.0/go.mod h1:XgosMUvvPyxDjAVNDYxJ7wBW8//hLDDYmnsNcMGq1K0= cloud.google.com/go/privatecatalog v0.6.0/go.mod h1:i/fbkZR0hLN29eEWiiwue8Pb+GforiEIBnV9yrRUOKI= +cloud.google.com/go/privatecatalog v0.7.0/go.mod h1:2s5ssIFO69F5csTXcwBP7NPFTZvps26xGzvQ2PQaBYg= +cloud.google.com/go/privatecatalog v0.8.0/go.mod h1:nQ6pfaegeDAq/Q5lrfCQzQLhubPiZhSaNhIgfJlnIXs= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= cloud.google.com/go/pubsub v1.24.0/go.mod h1:rWv09Te1SsRpRGPiWOMDKraMQTJyJps4MkUCoMGUgqw= +cloud.google.com/go/pubsub v1.26.0/go.mod h1:QgBH3U/jdJy/ftjPhTkyXNj543Tin1pRYcdcPRnFIRI= +cloud.google.com/go/pubsub v1.27.1/go.mod h1:hQN39ymbV9geqBnfQq6Xf63yNhUAhv9CZhzp5O6qsW0= +cloud.google.com/go/pubsub v1.28.0/go.mod h1:vuXFpwaVoIPQMGXqRyUQigu/AX1S3IWugR9xznmcXX8= +cloud.google.com/go/pubsub v1.30.0/go.mod h1:qWi1OPS0B+b5L+Sg6Gmc9zD1Y+HaM0MdUr7LsupY1P4= +cloud.google.com/go/pubsublite v1.5.0/go.mod h1:xapqNQ1CuLfGi23Yda/9l4bBCKz/wC3KIJ5gKcxveZg= +cloud.google.com/go/pubsublite v1.6.0/go.mod h1:1eFCS0U11xlOuMFV/0iBqw3zP12kddMeCbj/F3FSj9k= +cloud.google.com/go/pubsublite v1.7.0/go.mod h1:8hVMwRXfDfvGm3fahVbtDbiLePT3gpoiJYJY+vxWxVM= cloud.google.com/go/recaptchaenterprise v1.3.1/go.mod h1:OdD+q+y4XGeAlxRaMn1Y7/GveP6zmq76byL6tjPE7d4= cloud.google.com/go/recaptchaenterprise/v2 v2.1.0/go.mod h1:w9yVqajwroDNTfGuhmOjPDN//rZGySaf6PtFVcSCa7o= cloud.google.com/go/recaptchaenterprise/v2 v2.2.0/go.mod h1:/Zu5jisWGeERrd5HnlS3EUGb/D335f9k51B/FVil0jk= cloud.google.com/go/recaptchaenterprise/v2 v2.3.0/go.mod h1:O9LwGCjrhGHBQET5CA7dd5NwwNQUErSgEDit1DLNTdo= +cloud.google.com/go/recaptchaenterprise/v2 v2.4.0/go.mod h1:Am3LHfOuBstrLrNCBrlI5sbwx9LBg3te2N6hGvHn2mE= +cloud.google.com/go/recaptchaenterprise/v2 v2.5.0/go.mod h1:O8LzcHXN3rz0j+LBC91jrwI3R+1ZSZEWrfL7XHgNo9U= +cloud.google.com/go/recaptchaenterprise/v2 v2.6.0/go.mod h1:RPauz9jeLtB3JVzg6nCbe12qNoaa8pXc4d/YukAmcnA= +cloud.google.com/go/recaptchaenterprise/v2 v2.7.0/go.mod h1:19wVj/fs5RtYtynAPJdDTb69oW0vNHYDBTbB4NvMD9c= cloud.google.com/go/recommendationengine v0.5.0/go.mod h1:E5756pJcVFeVgaQv3WNpImkFP8a+RptV6dDLGPILjvg= cloud.google.com/go/recommendationengine v0.6.0/go.mod h1:08mq2umu9oIqc7tDy8sx+MNJdLG0fUi3vaSVbztHgJ4= +cloud.google.com/go/recommendationengine v0.7.0/go.mod h1:1reUcE3GIu6MeBz/h5xZJqNLuuVjNg1lmWMPyjatzac= cloud.google.com/go/recommender v1.5.0/go.mod h1:jdoeiBIVrJe9gQjwd759ecLJbxCDED4A6p+mqoqDvTg= cloud.google.com/go/recommender v1.6.0/go.mod h1:+yETpm25mcoiECKh9DEScGzIRyDKpZ0cEhWGo+8bo+c= +cloud.google.com/go/recommender v1.7.0/go.mod h1:XLHs/W+T8olwlGOgfQenXBTbIseGclClff6lhFVe9Bs= +cloud.google.com/go/recommender v1.8.0/go.mod h1:PkjXrTT05BFKwxaUxQmtIlrtj0kph108r02ZZQ5FE70= +cloud.google.com/go/recommender v1.9.0/go.mod h1:PnSsnZY7q+VL1uax2JWkt/UegHssxjUVVCrX52CuEmQ= cloud.google.com/go/redis v1.7.0/go.mod h1:V3x5Jq1jzUcg+UNsRvdmsfuFnit1cfe3Z/PGyq/lm4Y= cloud.google.com/go/redis v1.8.0/go.mod h1:Fm2szCDavWzBk2cDKxrkmWBqoCiL1+Ctwq7EyqBCA/A= +cloud.google.com/go/redis v1.9.0/go.mod h1:HMYQuajvb2D0LvMgZmLDZW8V5aOC/WxstZHiy4g8OiA= +cloud.google.com/go/redis v1.10.0/go.mod h1:ThJf3mMBQtW18JzGgh41/Wld6vnDDc/F/F35UolRZPM= +cloud.google.com/go/redis v1.11.0/go.mod h1:/X6eicana+BWcUda5PpwZC48o37SiFVTFSs0fWAJ7uQ= +cloud.google.com/go/resourcemanager v1.3.0/go.mod h1:bAtrTjZQFJkiWTPDb1WBjzvc6/kifjj4QBYuKCCoqKA= +cloud.google.com/go/resourcemanager v1.4.0/go.mod h1:MwxuzkumyTX7/a3n37gmsT3py7LIXwrShilPh3P1tR0= +cloud.google.com/go/resourcemanager v1.5.0/go.mod h1:eQoXNAiAvCf5PXxWxXjhKQoTMaUSNrEfg+6qdf/wots= +cloud.google.com/go/resourcemanager v1.6.0/go.mod h1:YcpXGRs8fDzcUl1Xw8uOVmI8JEadvhRIkoXXUNVYcVo= +cloud.google.com/go/resourcemanager v1.7.0/go.mod h1:HlD3m6+bwhzj9XCouqmeiGuni95NTrExfhoSrkC/3EI= +cloud.google.com/go/resourcesettings v1.3.0/go.mod h1:lzew8VfESA5DQ8gdlHwMrqZs1S9V87v3oCnKCWoOuQU= +cloud.google.com/go/resourcesettings v1.4.0/go.mod h1:ldiH9IJpcrlC3VSuCGvjR5of/ezRrOxFtpJoJo5SmXg= +cloud.google.com/go/resourcesettings v1.5.0/go.mod h1:+xJF7QSG6undsQDfsCJyqWXyBwUoJLhetkRMDRnIoXA= cloud.google.com/go/retail v1.8.0/go.mod h1:QblKS8waDmNUhghY2TI9O3JLlFk8jybHeV4BF19FrE4= cloud.google.com/go/retail v1.9.0/go.mod h1:g6jb6mKuCS1QKnH/dpu7isX253absFl6iE92nHwlBUY= +cloud.google.com/go/retail v1.10.0/go.mod h1:2gDk9HsL4HMS4oZwz6daui2/jmKvqShXKQuB2RZ+cCc= +cloud.google.com/go/retail v1.11.0/go.mod h1:MBLk1NaWPmh6iVFSz9MeKG/Psyd7TAgm6y/9L2B4x9Y= +cloud.google.com/go/retail v1.12.0/go.mod h1:UMkelN/0Z8XvKymXFbD4EhFJlYKRx1FGhQkVPU5kF14= +cloud.google.com/go/run v0.2.0/go.mod h1:CNtKsTA1sDcnqqIFR3Pb5Tq0usWxJJvsWOCPldRU3Do= +cloud.google.com/go/run v0.3.0/go.mod h1:TuyY1+taHxTjrD0ZFk2iAR+xyOXEA0ztb7U3UNA0zBo= +cloud.google.com/go/run v0.8.0/go.mod h1:VniEnuBwqjigv0A7ONfQUaEItaiCRVujlMqerPPiktM= +cloud.google.com/go/run v0.9.0/go.mod h1:Wwu+/vvg8Y+JUApMwEDfVfhetv30hCG4ZwDR/IXl2Qg= cloud.google.com/go/scheduler v1.4.0/go.mod h1:drcJBmxF3aqZJRhmkHQ9b3uSSpQoltBPGPxGAWROx6s= cloud.google.com/go/scheduler v1.5.0/go.mod h1:ri073ym49NW3AfT6DZi21vLZrG07GXr5p3H1KxN5QlI= +cloud.google.com/go/scheduler v1.6.0/go.mod h1:SgeKVM7MIwPn3BqtcBntpLyrIJftQISRrYB5ZtT+KOk= +cloud.google.com/go/scheduler v1.7.0/go.mod h1:jyCiBqWW956uBjjPMMuX09n3x37mtyPJegEWKxRsn44= +cloud.google.com/go/scheduler v1.8.0/go.mod h1:TCET+Y5Gp1YgHT8py4nlg2Sew8nUHMqcpousDgXJVQc= +cloud.google.com/go/scheduler v1.9.0/go.mod h1:yexg5t+KSmqu+njTIh3b7oYPheFtBWGcbVUYF1GGMIc= cloud.google.com/go/secretmanager v1.5.0/go.mod h1:5C9kM+RwSpkURNovKySkNvGQLUaOgyoR5W0RUx2SyHQ= cloud.google.com/go/secretmanager v1.6.0/go.mod h1:awVa/OXF6IiyaU1wQ34inzQNc4ISIDIrId8qE5QGgKA= +cloud.google.com/go/secretmanager v1.8.0/go.mod h1:hnVgi/bN5MYHd3Gt0SPuTPPp5ENina1/LxM+2W9U9J4= +cloud.google.com/go/secretmanager v1.9.0/go.mod h1:b71qH2l1yHmWQHt9LC80akm86mX8AL6X1MA01dW8ht4= +cloud.google.com/go/secretmanager v1.10.0/go.mod h1:MfnrdvKMPNra9aZtQFvBcvRU54hbPD8/HayQdlUgJpU= cloud.google.com/go/security v1.5.0/go.mod h1:lgxGdyOKKjHL4YG3/YwIL2zLqMFCKs0UbQwgyZmfJl4= cloud.google.com/go/security v1.7.0/go.mod h1:mZklORHl6Bg7CNnnjLH//0UlAlaXqiG7Lb9PsPXLfD0= cloud.google.com/go/security v1.8.0/go.mod h1:hAQOwgmaHhztFhiQ41CjDODdWP0+AE1B3sX4OFlq+GU= +cloud.google.com/go/security v1.9.0/go.mod h1:6Ta1bO8LXI89nZnmnsZGp9lVoVWXqsVbIq/t9dzI+2Q= +cloud.google.com/go/security v1.10.0/go.mod h1:QtOMZByJVlibUT2h9afNDWRZ1G96gVywH8T5GUSb9IA= +cloud.google.com/go/security v1.12.0/go.mod h1:rV6EhrpbNHrrxqlvW0BWAIawFWq3X90SduMJdFwtLB8= +cloud.google.com/go/security v1.13.0/go.mod h1:Q1Nvxl1PAgmeW0y3HTt54JYIvUdtcpYKVfIB8AOMZ+0= cloud.google.com/go/securitycenter v1.13.0/go.mod h1:cv5qNAqjY84FCN6Y9z28WlkKXyWsgLO832YiWwkCWcU= cloud.google.com/go/securitycenter v1.14.0/go.mod h1:gZLAhtyKv85n52XYWt6RmeBdydyxfPeTrpToDPw4Auc= +cloud.google.com/go/securitycenter v1.15.0/go.mod h1:PeKJ0t8MoFmmXLXWm41JidyzI3PJjd8sXWaVqg43WWk= +cloud.google.com/go/securitycenter v1.16.0/go.mod h1:Q9GMaLQFUD+5ZTabrbujNWLtSLZIZF7SAR0wWECrjdk= +cloud.google.com/go/securitycenter v1.18.1/go.mod h1:0/25gAzCM/9OL9vVx4ChPeM/+DlfGQJDwBy/UC8AKK0= +cloud.google.com/go/securitycenter v1.19.0/go.mod h1:LVLmSg8ZkkyaNy4u7HCIshAngSQ8EcIRREP3xBnyfag= +cloud.google.com/go/servicecontrol v1.4.0/go.mod h1:o0hUSJ1TXJAmi/7fLJAedOovnujSEvjKCAFNXPQ1RaU= +cloud.google.com/go/servicecontrol v1.5.0/go.mod h1:qM0CnXHhyqKVuiZnGKrIurvVImCs8gmqWsDoqe9sU1s= +cloud.google.com/go/servicecontrol v1.10.0/go.mod h1:pQvyvSRh7YzUF2efw7H87V92mxU8FnFDawMClGCNuAA= +cloud.google.com/go/servicecontrol v1.11.0/go.mod h1:kFmTzYzTUIuZs0ycVqRHNaNhgR+UMUpw9n02l/pY+mc= +cloud.google.com/go/servicecontrol v1.11.1/go.mod h1:aSnNNlwEFBY+PWGQ2DoM0JJ/QUXqV5/ZD9DOLB7SnUk= cloud.google.com/go/servicedirectory v1.4.0/go.mod h1:gH1MUaZCgtP7qQiI+F+A+OpeKF/HQWgtAddhTbhL2bs= cloud.google.com/go/servicedirectory v1.5.0/go.mod h1:QMKFL0NUySbpZJ1UZs3oFAmdvVxhhxB6eJ/Vlp73dfg= +cloud.google.com/go/servicedirectory v1.6.0/go.mod h1:pUlbnWsLH9c13yGkxCmfumWEPjsRs1RlmJ4pqiNjVL4= +cloud.google.com/go/servicedirectory v1.7.0/go.mod h1:5p/U5oyvgYGYejufvxhgwjL8UVXjkuw7q5XcG10wx1U= +cloud.google.com/go/servicedirectory v1.8.0/go.mod h1:srXodfhY1GFIPvltunswqXpVxFPpZjf8nkKQT7XcXaY= +cloud.google.com/go/servicedirectory v1.9.0/go.mod h1:29je5JjiygNYlmsGz8k6o+OZ8vd4f//bQLtvzkPPT/s= +cloud.google.com/go/servicemanagement v1.4.0/go.mod h1:d8t8MDbezI7Z2R1O/wu8oTggo3BI2GKYbdG4y/SJTco= +cloud.google.com/go/servicemanagement v1.5.0/go.mod h1:XGaCRe57kfqu4+lRxaFEAuqmjzF0r+gWHjWqKqBvKFo= +cloud.google.com/go/servicemanagement v1.6.0/go.mod h1:aWns7EeeCOtGEX4OvZUWCCJONRZeFKiptqKf1D0l/Jc= +cloud.google.com/go/servicemanagement v1.8.0/go.mod h1:MSS2TDlIEQD/fzsSGfCdJItQveu9NXnUniTrq/L8LK4= +cloud.google.com/go/serviceusage v1.3.0/go.mod h1:Hya1cozXM4SeSKTAgGXgj97GlqUvF5JaoXacR1JTP/E= +cloud.google.com/go/serviceusage v1.4.0/go.mod h1:SB4yxXSaYVuUBYUml6qklyONXNLt83U0Rb+CXyhjEeU= +cloud.google.com/go/serviceusage v1.5.0/go.mod h1:w8U1JvqUqwJNPEOTQjrMHkw3IaIFLoLsPLvsE3xueec= +cloud.google.com/go/serviceusage v1.6.0/go.mod h1:R5wwQcbOWsyuOfbP9tGdAnCAc6B9DRwPG1xtWMDeuPA= +cloud.google.com/go/shell v1.3.0/go.mod h1:VZ9HmRjZBsjLGXusm7K5Q5lzzByZmJHf1d0IWHEN5X4= +cloud.google.com/go/shell v1.4.0/go.mod h1:HDxPzZf3GkDdhExzD/gs8Grqk+dmYcEjGShZgYa9URw= +cloud.google.com/go/shell v1.6.0/go.mod h1:oHO8QACS90luWgxP3N9iZVuEiSF84zNyLytb+qE2f9A= +cloud.google.com/go/spanner v1.41.0/go.mod h1:MLYDBJR/dY4Wt7ZaMIQ7rXOTLjYrmxLE/5ve9vFfWos= +cloud.google.com/go/spanner v1.44.0/go.mod h1:G8XIgYdOK+Fbcpbs7p2fiprDw4CaZX63whnSMLVBxjk= +cloud.google.com/go/spanner v1.45.0/go.mod h1:FIws5LowYz8YAE1J8fOS7DJup8ff7xJeetWEo5REA2M= cloud.google.com/go/speech v1.6.0/go.mod h1:79tcr4FHCimOp56lwC01xnt/WPJZc4v3gzyT7FoBkCM= cloud.google.com/go/speech v1.7.0/go.mod h1:KptqL+BAQIhMsj1kOP2la5DSEEerPDuOP/2mmkhHhZQ= +cloud.google.com/go/speech v1.8.0/go.mod h1:9bYIl1/tjsAnMgKGHKmBZzXKEkGgtU+MpdDPTE9f7y0= +cloud.google.com/go/speech v1.9.0/go.mod h1:xQ0jTcmnRFFM2RfX/U+rk6FQNUF6DQlydUSyoooSpco= +cloud.google.com/go/speech v1.14.1/go.mod h1:gEosVRPJ9waG7zqqnsHpYTOoAS4KouMRLDFMekpJ0J0= +cloud.google.com/go/speech v1.15.0/go.mod h1:y6oH7GhqCaZANH7+Oe0BhgIogsNInLlz542tg3VqeYI= cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= @@ -194,26 +542,84 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y= cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc= cloud.google.com/go/storage v1.24.0/go.mod h1:3xrJEFMXBsQLgxwThyjuD3aYlroL0TMRec1ypGUQ0KE= -cloud.google.com/go/storage v1.27.0 h1:YOO045NZI9RKfCj1c5A/ZtuuENUc8OAW+gHdGnDgyMQ= cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= +cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= +cloud.google.com/go/storage v1.29.0 h1:6weCgzRvMg7lzuUurI4697AqIRPU1SvzHhynwpW31jI= +cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= +cloud.google.com/go/storagetransfer v1.5.0/go.mod h1:dxNzUopWy7RQevYFHewchb29POFv3/AaBgnhqzqiK0w= +cloud.google.com/go/storagetransfer v1.6.0/go.mod h1:y77xm4CQV/ZhFZH75PLEXY0ROiS7Gh6pSKrM8dJyg6I= +cloud.google.com/go/storagetransfer v1.7.0/go.mod h1:8Giuj1QNb1kfLAiWM1bN6dHzfdlDAVC9rv9abHot2W4= +cloud.google.com/go/storagetransfer v1.8.0/go.mod h1:JpegsHHU1eXg7lMHkvf+KE5XDJ7EQu0GwNJbbVGanEw= cloud.google.com/go/talent v1.1.0/go.mod h1:Vl4pt9jiHKvOgF9KoZo6Kob9oV4lwd/ZD5Cto54zDRw= cloud.google.com/go/talent v1.2.0/go.mod h1:MoNF9bhFQbiJ6eFD3uSsg0uBALw4n4gaCaEjBw9zo8g= +cloud.google.com/go/talent v1.3.0/go.mod h1:CmcxwJ/PKfRgd1pBjQgU6W3YBwiewmUzQYH5HHmSCmM= +cloud.google.com/go/talent v1.4.0/go.mod h1:ezFtAgVuRf8jRsvyE6EwmbTK5LKciD4KVnHuDEFmOOA= +cloud.google.com/go/talent v1.5.0/go.mod h1:G+ODMj9bsasAEJkQSzO2uHQWXHHXUomArjWQQYkqK6c= +cloud.google.com/go/texttospeech v1.4.0/go.mod h1:FX8HQHA6sEpJ7rCMSfXuzBcysDAuWusNNNvN9FELDd8= +cloud.google.com/go/texttospeech v1.5.0/go.mod h1:oKPLhR4n4ZdQqWKURdwxMy0uiTS1xU161C8W57Wkea4= +cloud.google.com/go/texttospeech v1.6.0/go.mod h1:YmwmFT8pj1aBblQOI3TfKmwibnsfvhIBzPXcW4EBovc= +cloud.google.com/go/tpu v1.3.0/go.mod h1:aJIManG0o20tfDQlRIej44FcwGGl/cD0oiRyMKG19IQ= +cloud.google.com/go/tpu v1.4.0/go.mod h1:mjZaX8p0VBgllCzF6wcU2ovUXN9TONFLd7iz227X2Xg= +cloud.google.com/go/tpu v1.5.0/go.mod h1:8zVo1rYDFuW2l4yZVY0R0fb/v44xLh3llq7RuV61fPM= cloud.google.com/go/trace v1.0.0/go.mod h1:4iErSByzxkyHWzzlAj63/Gmjz0NH1ASqhJguHpGcr6A= cloud.google.com/go/trace v1.2.0/go.mod h1:Wc8y/uYyOhPy12KEnXG9XGrvfMz5F5SrYecQlbW1rwM= +cloud.google.com/go/trace v1.3.0/go.mod h1:FFUE83d9Ca57C+K8rDl/Ih8LwOzWIV1krKgxg6N0G28= +cloud.google.com/go/trace v1.4.0/go.mod h1:UG0v8UBqzusp+z63o7FK74SdFE+AXpCLdFb1rshXG+Y= +cloud.google.com/go/trace v1.8.0/go.mod h1:zH7vcsbAhklH8hWFig58HvxcxyQbaIqMarMg9hn5ECA= +cloud.google.com/go/trace v1.9.0/go.mod h1:lOQqpE5IaWY0Ixg7/r2SjixMuc6lfTFeO4QGM4dQWOk= +cloud.google.com/go/translate v1.3.0/go.mod h1:gzMUwRjvOqj5i69y/LYLd8RrNQk+hOmIXTi9+nb3Djs= +cloud.google.com/go/translate v1.4.0/go.mod h1:06Dn/ppvLD6WvA5Rhdp029IX2Mi3Mn7fpMRLPvXT5Wg= +cloud.google.com/go/translate v1.5.0/go.mod h1:29YDSYveqqpA1CQFD7NQuP49xymq17RXNaUDdc0mNu0= +cloud.google.com/go/translate v1.6.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= +cloud.google.com/go/translate v1.7.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= +cloud.google.com/go/video v1.8.0/go.mod h1:sTzKFc0bUSByE8Yoh8X0mn8bMymItVGPfTuUBUyRgxk= +cloud.google.com/go/video v1.9.0/go.mod h1:0RhNKFRF5v92f8dQt0yhaHrEuH95m068JYOvLZYnJSw= +cloud.google.com/go/video v1.12.0/go.mod h1:MLQew95eTuaNDEGriQdcYn0dTwf9oWiA4uYebxM5kdg= +cloud.google.com/go/video v1.13.0/go.mod h1:ulzkYlYgCp15N2AokzKjy7MQ9ejuynOJdf1tR5lGthk= +cloud.google.com/go/video v1.14.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= +cloud.google.com/go/video v1.15.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= cloud.google.com/go/videointelligence v1.6.0/go.mod h1:w0DIDlVRKtwPCn/C4iwZIJdvC69yInhW0cfi+p546uU= cloud.google.com/go/videointelligence v1.7.0/go.mod h1:k8pI/1wAhjznARtVT9U1llUaFNPh7muw8QyOUpavru4= +cloud.google.com/go/videointelligence v1.8.0/go.mod h1:dIcCn4gVDdS7yte/w+koiXn5dWVplOZkE+xwG9FgK+M= +cloud.google.com/go/videointelligence v1.9.0/go.mod h1:29lVRMPDYHikk3v8EdPSaL8Ku+eMzDljjuvRs105XoU= +cloud.google.com/go/videointelligence v1.10.0/go.mod h1:LHZngX1liVtUhZvi2uNS0VQuOzNi2TkY1OakiuoUOjU= cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0= cloud.google.com/go/vision/v2 v2.2.0/go.mod h1:uCdV4PpN1S0jyCyq8sIM42v2Y6zOLkZs+4R9LrGYwFo= cloud.google.com/go/vision/v2 v2.3.0/go.mod h1:UO61abBx9QRMFkNBbf1D8B1LXdS2cGiiCRx0vSpZoUo= +cloud.google.com/go/vision/v2 v2.4.0/go.mod h1:VtI579ll9RpVTrdKdkMzckdnwMyX2JILb+MhPqRbPsY= +cloud.google.com/go/vision/v2 v2.5.0/go.mod h1:MmaezXOOE+IWa+cS7OhRRLK2cNv1ZL98zhqFFZaaH2E= +cloud.google.com/go/vision/v2 v2.6.0/go.mod h1:158Hes0MvOS9Z/bDMSFpjwsUrZ5fPrdwuyyvKSGAGMY= +cloud.google.com/go/vision/v2 v2.7.0/go.mod h1:H89VysHy21avemp6xcf9b9JvZHVehWbET0uT/bcuY/0= +cloud.google.com/go/vmmigration v1.2.0/go.mod h1:IRf0o7myyWFSmVR1ItrBSFLFD/rJkfDCUTO4vLlJvsE= +cloud.google.com/go/vmmigration v1.3.0/go.mod h1:oGJ6ZgGPQOFdjHuocGcLqX4lc98YQ7Ygq8YQwHh9A7g= +cloud.google.com/go/vmmigration v1.5.0/go.mod h1:E4YQ8q7/4W9gobHjQg4JJSgXXSgY21nA5r8swQV+Xxc= +cloud.google.com/go/vmmigration v1.6.0/go.mod h1:bopQ/g4z+8qXzichC7GW1w2MjbErL54rk3/C843CjfY= +cloud.google.com/go/vmwareengine v0.1.0/go.mod h1:RsdNEf/8UDvKllXhMz5J40XxDrNJNN4sagiox+OI208= +cloud.google.com/go/vmwareengine v0.2.2/go.mod h1:sKdctNJxb3KLZkE/6Oui94iw/xs9PRNC2wnNLXsHvH8= +cloud.google.com/go/vmwareengine v0.3.0/go.mod h1:wvoyMvNWdIzxMYSpH/R7y2h5h3WFkx6d+1TIsP39WGY= +cloud.google.com/go/vpcaccess v1.4.0/go.mod h1:aQHVbTWDYUR1EbTApSVvMq1EnT57ppDmQzZ3imqIk4w= +cloud.google.com/go/vpcaccess v1.5.0/go.mod h1:drmg4HLk9NkZpGfCmZ3Tz0Bwnm2+DKqViEpeEpOq0m8= +cloud.google.com/go/vpcaccess v1.6.0/go.mod h1:wX2ILaNhe7TlVa4vC5xce1bCnqE3AeH27RV31lnmZes= cloud.google.com/go/webrisk v1.4.0/go.mod h1:Hn8X6Zr+ziE2aNd8SliSDWpEnSS1u4R9+xXZmFiHmGE= cloud.google.com/go/webrisk v1.5.0/go.mod h1:iPG6fr52Tv7sGk0H6qUFzmL3HHZev1htXuWDEEsqMTg= +cloud.google.com/go/webrisk v1.6.0/go.mod h1:65sW9V9rOosnc9ZY7A7jsy1zoHS5W9IAXv6dGqhMQMc= +cloud.google.com/go/webrisk v1.7.0/go.mod h1:mVMHgEYH0r337nmt1JyLthzMr6YxwN1aAIEc2fTcq7A= +cloud.google.com/go/webrisk v1.8.0/go.mod h1:oJPDuamzHXgUc+b8SiHRcVInZQuybnvEW72PqTc7sSg= +cloud.google.com/go/websecurityscanner v1.3.0/go.mod h1:uImdKm2wyeXQevQJXeh8Uun/Ym1VqworNDlBXQevGMo= +cloud.google.com/go/websecurityscanner v1.4.0/go.mod h1:ebit/Fp0a+FWu5j4JOmJEV8S8CzdTkAS77oDsiSqYWQ= +cloud.google.com/go/websecurityscanner v1.5.0/go.mod h1:Y6xdCPy81yi0SQnDY1xdNTNpfY1oAgXUlcfN3B3eSng= cloud.google.com/go/workflows v1.6.0/go.mod h1:6t9F5h/unJz41YqfBmqSASJSXccBLtD1Vwf+KmJENM0= cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoISEXH2bcHC3M= +cloud.google.com/go/workflows v1.8.0/go.mod h1:ysGhmEajwZxGn1OhGOGKsTXc5PyxOc0vfKf5Af+to4M= +cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT3ujaO/WwSA= +cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= code.cloudfoundry.org/clock v0.0.0-20180518195852-02e53af36e6c/go.mod h1:QD9Lzhd/ux6eNQVUDVRJX/RKTigpewimNYBi7ivZKY8= contrib.go.opencensus.io/exporter/aws v0.0.0-20200617204711-c478e41e60e9/go.mod h1:uu1P0UCM/6RbsMrgPa98ll8ZcHM858i/AD06a9aLRCA= contrib.go.opencensus.io/exporter/stackdriver v0.13.13/go.mod h1:5pSSGY0Bhuk7waTHuDf4aQ8D2DrhgETRo9fy6k3Xlzc= contrib.go.opencensus.io/integrations/ocsql v0.1.7/go.mod h1:8DsSdjz3F+APR+0z0WkU1aRorQCFfRxvqjUUPMbF3fE= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= +git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc= github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h1:CzsSbkDixRphAF5hS6wbMKq0eI6ccJRb7/A0M6JBnwg= github.com/AlecAivazis/survey/v2 v2.0.5 h1:xpZp+Q55wi5C7Iaze+40onHnEkex1jSc34CltJjOoPM= github.com/AlecAivazis/survey/v2 v2.0.5/go.mod h1:WYBhg6f0y/fNYUuesWQc0PKbJcEliGcYHB9sNT3Bg74= @@ -290,6 +696,7 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/GoogleCloudPlatform/cloudsql-proxy v1.31.2/go.mod h1:qR6jVnZTKDCW3j+fC9mOEPHm++1nKDMkqbbkD6KNsfo= github.com/HdrHistogram/hdrhistogram-go v1.1.2 h1:5IcZpTvzydCQeHzK4Ef/D5rrSqwxob0t8PQPMybUNFM= +github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= @@ -297,8 +704,9 @@ github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3Q github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= -github.com/Masterminds/sprig/v3 v3.2.1 h1:n6EPaDyLSvCEa3frruQvAiHuNp2dhBlMSmkEr+HuzGc= github.com/Masterminds/sprig/v3 v3.2.1/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= +github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= +github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -329,8 +737,8 @@ github.com/Netflix/go-expect v0.0.0-20180615182759-c93bf25de8e8/go.mod h1:oX5x61 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4 h1:ra2OtmuW0AE5csawV4YXMNGNQQXvLRps3z2Z59OPO+I= -github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4/go.mod h1:UBYPn8k0D56RtnR8RFQMjmh4KrZzWJ5o7Z9SYjossQ8= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= @@ -339,8 +747,9 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:H github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= -github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= +github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= +github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA= github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= @@ -349,6 +758,10 @@ github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412/go.mod h1:WPjqKcmVOxf0XSf3YxCJs6N6AOSrOx3obionmG7T0y0= +github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY= +github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk= +github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= +github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= @@ -357,12 +770,16 @@ github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk5 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/alexflint/go-filemutex v1.1.0/go.mod h1:7P4iRhttt/nUvUOrYIhcpMzv2G6CY9UnI16Z+UJqRyk= +github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/apache/arrow/go/v10 v10.0.1/go.mod h1:YvhnlEePVnBS4+0z3fhPfUy7W1Ikj0Ih0vcRo/gZ1M0= +github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI= github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= +github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= github.com/apparentlymart/go-cidr v1.0.1/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4tdgBZjnU= github.com/apparentlymart/go-cidr v1.1.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= @@ -467,6 +884,8 @@ github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnweb github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= +github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= @@ -474,6 +893,7 @@ github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8n github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= +github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= @@ -484,11 +904,13 @@ github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInq github.com/cenkalti/backoff/v4 v4.1.3/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= @@ -518,12 +940,15 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= @@ -723,8 +1148,11 @@ github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go. github.com/envoyproxy/go-control-plane v0.10.1/go.mod h1:AY7fTTXNdv/aJ2O5jwpxAPOWUZ7hQAEvzN5Pf27BkQQ= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34= +github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f/go.mod h1:sfYdkwUW4BA3PbKjySwjJy+O4Pu0h62rlqCMHNk+K+Q= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo= +github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w= +github.com/envoyproxy/protoc-gen-validate v0.10.1/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss= github.com/ettle/strcase v0.1.1 h1:htFueZyVeE1XNnMEfbqp5r67qAN/4r6ya1ysq8Q+Zcw= github.com/ettle/strcase v0.1.1/go.mod h1:hzDLsPC7/lwKyBOywSHEP89nt2pDgdy+No1NBA9o9VY= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -742,6 +1170,8 @@ github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSw github.com/felixge/httpsnoop v1.0.2/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= +github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= +github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= @@ -749,8 +1179,8 @@ github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVB github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20= github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= -github.com/frankban/quicktest v1.13.0 h1:yNZif1OkDfNoDfb9zZa9aXIpejNR4F23Wely0c+Qdqk= github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= +github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= @@ -770,18 +1200,23 @@ github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aev github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= +github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= +github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= +github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-billy/v5 v5.4.0 h1:Vaw7LaSTRJOUric7pe4vnzBSgyuf2KrLsu2Y4ZpQBDE= -github.com/go-git/go-billy/v5 v5.4.0/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= +github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= +github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= github.com/go-git/go-git-fixtures/v4 v4.3.1 h1:y5z6dd3qi8Hl+stezc8p3JxDkoTRqMAlKnXHuzrfjTQ= github.com/go-git/go-git-fixtures/v4 v4.3.1/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= -github.com/go-git/go-git/v5 v5.6.0 h1:JvBdYfcttd+0kdpuWO7KTu0FYgCf5W0t5VwkWGobaa4= -github.com/go-git/go-git/v5 v5.6.0/go.mod h1:6nmJ0tJ3N4noMV1Omv7rC5FG3/o8Cm51TB4CJp7mRmE= +github.com/go-git/go-git/v5 v5.6.1 h1:q4ZRqQl4pR/ZJHc1L5CFjGA1a10u76aV1iC+nh+bHsk= +github.com/go-git/go-git/v5 v5.6.1/go.mod h1:mvyoL6Unz0PiTQrGQfSfiLFhBH1c1e84ylC2MDs4ee8= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -792,6 +1227,8 @@ github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgO github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= github.com/go-kit/log v0.2.1/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= +github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= +github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= @@ -834,6 +1271,8 @@ github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/ github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= +github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= +github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= @@ -876,6 +1315,7 @@ github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY9 github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo= github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/EM= +github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/goccy/go-yaml v1.9.5/go.mod h1:U/jl18uSupI5rdI2jmuCswEA2htH9eXfferR3KfscvA= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= @@ -908,9 +1348,11 @@ github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOW github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI= +github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= +github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE= +github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -955,6 +1397,7 @@ github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEW github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= +github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -1023,8 +1466,10 @@ github.com/google/wire v0.5.0 h1:I7ELFeVBr3yfPIcc8+MWvrjk+3VjbcSzoXm3JVa+jD8= github.com/google/wire v0.5.0/go.mod h1:ngWDr9Qvq3yZA10YrxfyGELY/AFWGVpy9c1LTRi1EoU= github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= -github.com/googleapis/enterprise-certificate-proxy v0.2.0 h1:y8Yozv7SZtlU//QXbezB6QkpuE6jMD2/gfzk4AftXjs= github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= +github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/googleapis/enterprise-certificate-proxy v0.2.3 h1:yk9/cqRKtT9wXZSsRH9aurXEpJX+U6FLtpYTdC3R06k= +github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= @@ -1034,8 +1479,9 @@ github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99 github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c= github.com/googleapis/gax-go/v2 v2.5.1/go.mod h1:h6B0KMMFNtI2ddbGJn3T3ZbwkeT6yqEF02fYlzkUCyo= github.com/googleapis/gax-go/v2 v2.6.0/go.mod h1:1mjbznJAPHFpesgE5ucqfYEscaz5kMdcIDwU/6+DDoY= -github.com/googleapis/gax-go/v2 v2.7.0 h1:IcsPKeInNvYi7eqSaDjiZqDDKu5rsmunY0Y1YupQSSQ= github.com/googleapis/gax-go/v2 v2.7.0/go.mod h1:TEop28CZZQ2y+c0VxMUmu1lV+fQx57QpBWsYpwqHJx8= +github.com/googleapis/gax-go/v2 v2.7.1 h1:gF4c0zjUP2H/s/hEGyLA3I0fA2ZWjzYiONAD6cvPr8A= +github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= @@ -1066,6 +1512,7 @@ github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks= github.com/grpc-ecosystem/grpc-gateway/v2 v2.10.2/go.mod h1:chrfS3YoLAlKTRE5cFWvCbt8uGAjshktT4PveTUpsFQ= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3/go.mod h1:o//XUCC/F+yRGJoPO/VU0GSB0f8Nhgmxx0VIRUvaC0w= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645/go.mod h1:6iZfnjpejD4L/4DwD7NryNaJyCQdzwWwH2MWhCA90Kw= github.com/hanwen/go-fuse v1.0.0/go.mod h1:unqXarDXqzAk0rt98O2tVndEPIpUgLD9+rwFisZH3Ok= @@ -1107,8 +1554,8 @@ github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39 github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v1.2.1/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-hclog v1.2.2/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-hclog v1.4.0 h1:ctuWFGrhFha8BnnzxqeRGidlEcQkDyL5u8J8t5eA11I= -github.com/hashicorp/go-hclog v1.4.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-immutable-radix v1.2.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc= @@ -1124,8 +1571,8 @@ github.com/hashicorp/go-plugin v1.0.1/go.mod h1:++UyYGoz3o5w9ZzAdZxtQKrWWP+iqPBn github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= github.com/hashicorp/go-plugin v1.4.4/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= github.com/hashicorp/go-plugin v1.4.6/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= -github.com/hashicorp/go-plugin v1.4.8 h1:CHGwpxYDOttQOY7HOWgETU9dyVjOXzniXDqJcYJE1zM= -github.com/hashicorp/go-plugin v1.4.8/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= +github.com/hashicorp/go-plugin v1.4.10 h1:xUbmA4jC6Dq163/fWcp8P3JuHilrHHMLNRxzGQJ9hNk= +github.com/hashicorp/go-plugin v1.4.10/go.mod h1:6/1TEzT0eQznvI/gV2CM29DLSkAK/e58mUWKVsPaph0= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.1/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= @@ -1166,15 +1613,16 @@ github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hashicorp/hc-install v0.5.0 h1:D9bl4KayIYKEeJ4vUDe9L5huqxZXczKaykSRcmQ0xY0= github.com/hashicorp/hc-install v0.5.0/go.mod h1:JyzMfbzfSBSjoDCRPna1vi/24BEDxFaCPfdHtM5SCdo= +github.com/hashicorp/hc-install v0.5.2 h1:SfwMFnEXVVirpwkDuSF5kymUOhrUxrTq3udEseZdOD0= +github.com/hashicorp/hc-install v0.5.2/go.mod h1:9QISwe6newMWIfEiXpzuu1k9HAGtQYgnSH8H9T8wmoI= github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f/go.mod h1:oZtUIOe8dh44I2q6ScRibXws4Ajl+d+nod3AaR9vL5w= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl/v2 v2.0.0/go.mod h1:oVVDG71tEinNGYCxinCYadcmKU9bglqW9pV3txagJ90= github.com/hashicorp/hcl/v2 v2.15.0/go.mod h1:JRmR89jycNkrrqnMmvPDMd56n1rQJ2Q6KocSLCMCXng= -github.com/hashicorp/hcl/v2 v2.16.2 h1:mpkHZh/Tv+xet3sy3F9Ld4FyI2tUpWe9x3XtPx9f1a0= -github.com/hashicorp/hcl/v2 v2.16.2/go.mod h1:JRmR89jycNkrrqnMmvPDMd56n1rQJ2Q6KocSLCMCXng= +github.com/hashicorp/hcl/v2 v2.17.0 h1:z1XvSUyXd1HP10U4lrLg5e0JMVz6CPaJvAgxM0KNZVY= +github.com/hashicorp/hcl/v2 v2.17.0/go.mod h1:gJyW2PTShkJqQBKpAmPO3yxMxIuoXkOF2TpqXzrQyx4= github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 h1:T1Q6ag9tCwun16AW+XK3tAql24P4uTGUMIn1/92WsQQ= github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93/go.mod h1:n2TSygSNwsLJ76m8qFXTSc7beTb+auJxYdqrnoqwZWE= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= @@ -1192,25 +1640,26 @@ github.com/hashicorp/terraform-exec v0.18.1 h1:LAbfDvNQU1l0NOQlTuudjczVhHj061fNX github.com/hashicorp/terraform-exec v0.18.1/go.mod h1:58wg4IeuAJ6LVsLUeD2DWZZoc/bYi6dzhLHzxM41980= github.com/hashicorp/terraform-json v0.4.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= github.com/hashicorp/terraform-json v0.15.0/go.mod h1:+L1RNzjDU5leLFZkHTFTbJXaoqUC6TqXlFgDoOXrtvk= -github.com/hashicorp/terraform-json v0.16.0 h1:UKkeWRWb23do5LNAFlh/K3N0ymn1qTOO8c+85Albo3s= -github.com/hashicorp/terraform-json v0.16.0/go.mod h1:v0Ufk9jJnk6tcIZvScHvetlKfiNTC+WS21mnXIlc0B0= +github.com/hashicorp/terraform-json v0.17.0 h1:EiA1Wp07nknYQAiv+jIt4dX4Cq5crgP+TsTE45MjMmM= +github.com/hashicorp/terraform-json v0.17.0/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= github.com/hashicorp/terraform-plugin-go v0.14.1/go.mod h1:Bc/K6K26BQ2FHqIELPbpKtt2CzzbQou+0UQF3/0NsCQ= -github.com/hashicorp/terraform-plugin-go v0.14.3 h1:nlnJ1GXKdMwsC8g1Nh05tK2wsC3+3BL/DBBxFEki+j0= -github.com/hashicorp/terraform-plugin-go v0.14.3/go.mod h1:7ees7DMZ263q8wQ6E4RdIdR6nHHJtrdt4ogX5lPkX1A= +github.com/hashicorp/terraform-plugin-go v0.16.0 h1:DSOQ0rz5FUiVO4NUzMs8ln9gsPgHMTsfns7Nk+6gPuE= +github.com/hashicorp/terraform-plugin-go v0.16.0/go.mod h1:4sn8bFuDbt+2+Yztt35IbOrvZc0zyEi87gJzsTgCES8= github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4= -github.com/hashicorp/terraform-plugin-log v0.8.0 h1:pX2VQ/TGKu+UU1rCay0OlzosNKe4Nz1pepLXj95oyy0= -github.com/hashicorp/terraform-plugin-log v0.8.0/go.mod h1:1myFrhVsBLeylQzYYEV17VVjtG8oYPRFdaZs7xdW2xs= +github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= +github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230512004120-f94624387682 h1:SSeCQ1llOwbGtYZW3iVUD8/W87AZMKltXk1Xo5Df32k= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230512004120-f94624387682/go.mod h1:4ZWMDrlX4qPFCcAntylAGh3YGHLn+36aZIep7xHwDN0= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230714014117-c3f4885eda69 h1:Otx9uxPOPP0A5ItvDAjMjwbwizDC+EKmJ3IGBdLJiGk= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230714014117-c3f4885eda69/go.mod h1:xu61NBBpb7JnKfSjnX2vib0ZlqfACCEwXBO/0/+BEQ4= github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c/go.mod h1:Wn3Na71knbXc1G8Lh+yu/dQWWJeFQEpDeJMtWMtlmNI= -github.com/hashicorp/terraform-registry-address v0.1.0 h1:W6JkV9wbum+m516rCl5/NjKxCyTVaaUBbzYcMzBDO3U= -github.com/hashicorp/terraform-registry-address v0.1.0/go.mod h1:EnyO2jYO6j29DTHbJcm00E5nQTFeTtyZH3H5ycydQ5A= +github.com/hashicorp/terraform-registry-address v0.2.1 h1:QuTf6oJ1+WSflJw6WYOHhLgwUiQ0FrROpHPYFtwTYWM= +github.com/hashicorp/terraform-registry-address v0.2.1/go.mod h1:BSE9fIFzp0qWsJUUyGquo4ldV9k2n+psif6NYkBRS3Y= github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= -github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 h1:HKLsbzeOsfXmKNpr3GiT18XAblV0BjCbzL8KQAMZGa0= github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= +github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= +github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= github.com/hashicorp/vault/api v1.7.2/go.mod h1:xbfA+1AvxFseDzxxdWaL0uO99n1+tndus4GCrtouy0M= github.com/hashicorp/vault/api v1.8.2 h1:C7OL9YtOtwQbTKI9ogB0A1wffRbCN+rH/LLCHO3d8HM= github.com/hashicorp/vault/api v1.8.2/go.mod h1:ML8aYzBIhY5m1MD1B2Q0JV89cC85YVH4t5kBaZiyVaE= @@ -1327,6 +1776,8 @@ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/X github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= +github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= +github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= @@ -1339,13 +1790,16 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE= github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/compress v1.15.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.11 h1:Lcadnb3RKGin4FYM/orgq0qde+nc15E5Cbqg4B9Sx9c= github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/kolo/xmlrpc v0.0.0-20201022064351-38db28db192b/go.mod h1:pcaDhQK0/NJZEvtCO0qQPPropqV0sJOJ6YW7X+9kRwM= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -1379,6 +1833,8 @@ github.com/linode/linodego v1.4.0/go.mod h1:PVsRxSlOiJyvG4/scTszpmZDTdgS+to3X6eS github.com/linode/linodego v1.8.0/go.mod h1:heqhl91D8QTPVm2k9qZHP78zzbOdTFLXE9NJc3bcc50= github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= +github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= +github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WVYF7/opLeUgcQs/o= github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= @@ -1388,8 +1844,8 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/manicminer/hamilton v0.61.0 h1:Hp25wOIkArXUJ9++U9J+jpVL+nXCzUtsvzVa/vE3Or4= -github.com/manicminer/hamilton v0.61.0/go.mod h1:va/X2sztcgQ5+BSxc2eU3FTHYIyxLnHvB4LudlPUZdE= +github.com/manicminer/hamilton v0.62.0 h1:auy910L0VntDUDHMG6K6e6jr5QUk3OHSldt13NHztwY= +github.com/manicminer/hamilton v0.62.0/go.mod h1:va/X2sztcgQ5+BSxc2eU3FTHYIyxLnHvB4LudlPUZdE= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= @@ -1412,8 +1868,9 @@ github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= @@ -1421,6 +1878,7 @@ github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= +github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= @@ -1433,6 +1891,8 @@ github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJys github.com/miekg/dns v1.1.48/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= +github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= +github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= @@ -1600,16 +2060,21 @@ github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pgavlin/goldmark v1.1.33-0.20200616210433-b5eb04559386 h1:LoCV5cscNVWyK5ChN/uCoIFJz8jZD63VQiGJIRgr6uo= github.com/pgavlin/goldmark v1.1.33-0.20200616210433-b5eb04559386/go.mod h1:MRxHTJrf9FhdfNQ8Hdeh9gmHevC9RJE/fu8M3JIGjoE= +github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= +github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= +github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc= github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= github.com/pierrec/lz4 v2.6.1+incompatible h1:9UY3+iC23yxF0UfGaYrGplQ+79Rg+h/q9FV9ix19jjM= github.com/pierrec/lz4 v2.6.1+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= +github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4= github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI= github.com/pkg/browser v0.0.0-20180916011732-0a3d74bf9ce4/go.mod h1:4OwLy04Bl9Ef3GJJCoec+30X3LQs/0/m4HFRt/2LUSA= github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4 h1:Qj1ukM4GlMWXNdMBuXcXfz/Kw9s1qm0CLY32QxuSImI= github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4/go.mod h1:N6UoU20jOqggOuDwUaBQpluzLNDqif3kq9z2wpdYEfQ= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -1648,6 +2113,7 @@ github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1: github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= @@ -1683,27 +2149,28 @@ github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1 github.com/prometheus/prometheus v0.35.0/go.mod h1:7HaLx5kEPKJ0GDgbODG0fZgXbQ8K/XjZNJXQmbmgQlY= github.com/prometheus/prometheus v0.37.0/go.mod h1:egARUgz+K93zwqsVIAneFlLZefyGOON44WyAp4Xqbbk= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/pulumi/pulumi-java/pkg v0.9.2 h1:fpBwf1NHf3j5YuigOWsXPvJCAFivEp1D6aOlYIrSbr0= -github.com/pulumi/pulumi-java/pkg v0.9.2/go.mod h1:+5V4jggi3063hksi28zYvLm42UWVg3VqpR6qGZraIdM= +github.com/pulumi/pulumi-java/pkg v0.9.4 h1:gIQZmlUI1o9ye8CL2XFqtmAX6Lwr9uj/+HzjboiSmK4= +github.com/pulumi/pulumi-java/pkg v0.9.4/go.mod h1:c6rSw/+q4O0IImgJ9axxoC6QesbPYWBaG5gimbHouUQ= github.com/pulumi/pulumi-terraform-bridge/testing v0.0.1 h1:SCg1gjfY9N4yn8U8peIUYATifjoDABkyR7H9lmefsfc= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.49.0 h1:bjPwHGfMFdX/UjEX0VCjuQAD6eQvn1tI42atlixECC8= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.49.0/go.mod h1:QdMHrg7J/OnXdm68lQROGLivbJlwMpHq75kdnigDSWw= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.53.0 h1:XP754+36CpyiT5tEzqd43U8gYGqDML9hkiWMaoV0WG0= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.53.0/go.mod h1:Bm1kuEs0xouFxEG2Lv/I3OhnME+VId9DbkRClnwFqsI= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4 h1:rIzMmtcVpPX8ynaz6/nW5AHNY63DiNfCohqmxWvMpM4= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4/go.mod h1:Kt8RIZWa/N8rW3+0g6NrqCBmF3o+HuIhFaZpssEkG6w= github.com/pulumi/pulumi-yaml v1.1.1 h1:8pyBNIU8+ym0wYpjhsCqN+cutygfK1XbhY2YEeNfyXY= github.com/pulumi/pulumi-yaml v1.1.1/go.mod h1:GhpdS6rFpwqvUtKdA+fQy8P28iNvncng39IXh5q68vE= -github.com/pulumi/pulumi/pkg/v3 v3.69.0 h1:IP9WCBFYRXWzbEFNsSquBoHKF5ux32XImKpRdju8HjU= -github.com/pulumi/pulumi/pkg/v3 v3.69.0/go.mod h1:GbsJqE2bGotPY+mj07LKlpps9ZzAlV7qRQ/u77kw9yk= -github.com/pulumi/pulumi/sdk/v3 v3.69.0 h1:WENc7menQMT10I34kVg1ZatQTMlifovuZ9i8CcTrk7A= -github.com/pulumi/pulumi/sdk/v3 v3.69.0/go.mod h1:BUUBfQZsH0FPuznRfFHkR+b96VlXELnn+DgidFj4XSQ= +github.com/pulumi/pulumi/pkg/v3 v3.73.1-0.20230623071431-db579129f4c9 h1:kZqHt7gZIhBxzE2N+WuyI6Z9nN/YnR6x1mNie3Wldvw= +github.com/pulumi/pulumi/pkg/v3 v3.73.1-0.20230623071431-db579129f4c9/go.mod h1:uioQQOTP9OUSIDga3MuDVnR3OThhWjByoe1M38VxhwI= +github.com/pulumi/pulumi/sdk/v3 v3.73.1-0.20230623071431-db579129f4c9 h1:w/8QHBnDZz8d+aHhBSjyuH7G67LkFgY3xVtAkbE2OII= +github.com/pulumi/pulumi/sdk/v3 v3.73.1-0.20230623071431-db579129f4c9/go.mod h1:BUUBfQZsH0FPuznRfFHkR+b96VlXELnn+DgidFj4XSQ= github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= -github.com/pulumi/terraform-diff-reader v0.0.0-20201211191010-ad4715e9285e h1:Dik4Qe/+xguB8JagPyXNlbOnRiXGmq/PSPQTGunYnTk= -github.com/pulumi/terraform-diff-reader v0.0.0-20201211191010-ad4715e9285e/go.mod h1:sZ9FUzGO+yM41hsQHs/yIcj/Y993qMdBxBU5mpDmAfQ= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230327102345-3fa930f86570 h1:tolpgmAY4Mc19AMxaed9nRRaeqKMOonDu4oDwU0cISs= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230327102345-3fa930f86570/go.mod h1:xcOSYlRVdPLmDUoqPhO9fiO/YCN/l6MGYeTzGt5jgkQ= +github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= +github.com/pulumi/terraform-diff-reader v0.0.2/go.mod h1:sZ9FUzGO+yM41hsQHs/yIcj/Y993qMdBxBU5mpDmAfQ= +github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230710100801-03a71d0fca3d h1:DfAVBLi3G5hXbqiWs9wIGYZXF1VZu6+9kbl2CQO6cOE= +github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230710100801-03a71d0fca3d/go.mod h1:cUEP4ly/nxlHy5HzD6YRrHydtlheGvGRJDhiWqqVik4= github.com/rakyll/embedmd v0.0.0-20171029212350-c8060a0752a2/go.mod h1:7jOTMgqac46PZcF54q6l2hkLEG8op93fZu61KmxWDV4= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= +github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= @@ -1722,6 +2189,8 @@ github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThC github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= +github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= @@ -1750,8 +2219,9 @@ github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNX github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= -github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= +github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shurcooL/go-goon v0.0.0-20210110234559-7585751d9a17 h1:lRAUE0dIvigSSFAmaM2dfg7OH8T+a8zJ5smEh09a/GI= github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= @@ -1778,12 +2248,13 @@ github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/afero v1.9.5 h1:stMpOSZFs//0Lv29HduCmli3GUfpFoF3Y1Q/aXj/wVM= github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA= -github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= +github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= @@ -1825,8 +2296,9 @@ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1F github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= +github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= @@ -1869,13 +2341,10 @@ github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6Ac github.com/vmihailenco/msgpack v4.0.1+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= -github.com/vmihailenco/msgpack/v4 v4.3.12 h1:07s4sz9IReOgdikxLTKNbBdqDMLsjPKXwvCazn8G65U= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= -github.com/vmihailenco/tagparser v0.1.2 h1:gnjoVuB/kljJ5wICEEOpx98oXMWPLj22G67Vbd1qPqc= -github.com/vmihailenco/tagparser v0.1.2/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= github.com/vultr/govultr/v2 v2.17.2/go.mod h1:ZFOKGWmgjytfyjeyAdhQlSWwTjh2ig+X49cAp50dzXI= @@ -1915,11 +2384,15 @@ github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.12.1/go.mod h1:s9IfD1LK5ccNMSWCVFCE2rJfHiZgi7JijgeWIMfhLvA= github.com/zclconf/go-cty v1.13.0/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= -github.com/zclconf/go-cty v1.13.1 h1:0a6bRwuiSHtAmqCqNOE+c2oHgepv0ctoxU4FUe43kwc= github.com/zclconf/go-cty v1.13.1/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= +github.com/zclconf/go-cty v1.13.2 h1:4GvrUxe/QUDYuJKAav4EYqdM47/kZa672LwmXFmEKT0= +github.com/zclconf/go-cty v1.13.2/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= +github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b h1:FosyBZYxY34Wul7O/MSKey3txpPYyCqVO5ZyceuQJEI= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= github.com/zclconf/go-cty-yaml v1.0.1 h1:up11wlgAaDvlAGENcFDnZgkn0qUJurso7k6EpURKNF8= github.com/zclconf/go-cty-yaml v1.0.1/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0= +github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= +github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA= github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= @@ -1994,6 +2467,7 @@ go.opentelemetry.io/proto/otlp v0.11.0/go.mod h1:QpEjXPrNQzrFDZgoTo49dgHR9RYRSrg go.opentelemetry.io/proto/otlp v0.12.1/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.opentelemetry.io/proto/otlp v0.16.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= +go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= @@ -2054,6 +2528,7 @@ golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -2065,24 +2540,40 @@ golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= -golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= +golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= +golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM= +golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= +golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= +golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210607152325-775e3b0c77b9/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20211028202545-6944b10bf410/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20220302094943-723b81ca9867/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -2113,6 +2604,7 @@ golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91 golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -2199,15 +2691,19 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.0.0-20220802222814-0bcc04d9c69b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU= +golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2235,10 +2731,14 @@ golang.org/x/oauth2 v0.0.0-20220628200809-02e64fa58f26/go.mod h1:jaDAt6Dkxork7Lm golang.org/x/oauth2 v0.0.0-20220722155238-128564f6959c/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A= -golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M= golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= +golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= +golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= +golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= +golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -2253,6 +2753,7 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -2349,6 +2850,7 @@ golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -2404,15 +2906,19 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220731174439-a90be440212d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= +golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -2421,11 +2927,14 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= +golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= +golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28= +golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -2437,11 +2946,13 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58= +golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -2453,14 +2964,19 @@ golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220224211638-0e9765cccd65/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220609170525-579cf78fd858/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 h1:ftMN5LMiBFjbzleLqtoBZk7KdJwhuybIU+FckUHgoyQ= golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -2485,6 +3001,7 @@ golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -2522,6 +3039,7 @@ golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= golang.org/x/tools v0.0.0-20200916195026-c9a70fc28ce3/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -2540,8 +3058,10 @@ golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= +golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4= +golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2553,6 +3073,14 @@ golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNq golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= +gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0= +gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0= +gonum.org/v1/gonum v0.11.0/go.mod h1:fSG4YDCxxUZQJ7rKsQrj0gMOg00Il0Z96/qMA4bVQhA= +gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= +gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc= +gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY= +gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo= google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= @@ -2607,9 +3135,17 @@ google.golang.org/api v0.95.0/go.mod h1:eADj+UBuxkh5zlrSntJghuNeg8HwQ1w5lTKkuqaE google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= google.golang.org/api v0.97.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= google.golang.org/api v0.98.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.99.0/go.mod h1:1YOf74vkVndF7pG6hIHuINsM7eWwpVTAfNMNiL91A08= google.golang.org/api v0.100.0/go.mod h1:ZE3Z2+ZOr87Rx7dqFsdRQkRBk36kDtp/h+QpHbB7a70= -google.golang.org/api v0.103.0 h1:9yuVqlu2JCvcLg9p8S3fcFLZij8EPSyvODIY1rkMizQ= +google.golang.org/api v0.102.0/go.mod h1:3VFl6/fzoA+qNuS1N1/VfXY4LjoXN/wzeIp7TweWwGo= google.golang.org/api v0.103.0/go.mod h1:hGtW6nK1AC+d9si/UBhw8Xli+QMOf6xyNAyJw4qU9w0= +google.golang.org/api v0.106.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.107.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI= +google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0= +google.golang.org/api v0.114.0 h1:1xQPji6cO2E2vLiI+C/XiFAnsn1WV3mjaEwGLhi3grE= +google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -2653,7 +3189,6 @@ google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1m google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200527145253-8367513e4ece/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200711021454-869866162049/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -2741,9 +3276,37 @@ google.golang.org/genproto v0.0.0-20220926220553-6981cbe3cfce/go.mod h1:woMGP53B google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e/go.mod h1:3526vdqwhZAwq4wsRUaVG555sVgsNmIjRtO7t/JH29U= google.golang.org/genproto v0.0.0-20221014173430-6e2ab493f96b/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= +google.golang.org/genproto v0.0.0-20221024153911-1573dae28c9c/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= +google.golang.org/genproto v0.0.0-20221024183307-1bc688fe9f3e/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= google.golang.org/genproto v0.0.0-20221025140454-527a21cfbd71/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= -google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f h1:BWUVssLB0HVOSY78gIdvk1dTVYtT1y8SBWtPYuTJ/6w= +google.golang.org/genproto v0.0.0-20221027153422-115e99e71e1c/go.mod h1:CGI5F/G+E5bKwmfYo09AXuVN4dD894kIKUFmVbP2/Fo= +google.golang.org/genproto v0.0.0-20221109142239-94d6d90a7d66/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221117204609-8f9c96812029/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221201164419-0e50fba7f41c/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221201204527-e3fa12d562f3/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd/go.mod h1:cTsE614GARnxrLsqKREzmNYJACSWWpAWdNMwnD7c2BE= +google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230112194545-e10362b5ecf9/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230113154510-dbe35b8444a5/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230124163310-31e0e69b6fc2/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230125152338-dcaf20b6aeaa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230209215440-0dfe4f8abfcc/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230216225411-c8e22ba71e44/go.mod h1:8B0gmkoRebU8ukX6HP+4wrVQUY1+6PkQ44BSyIlflHA= +google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= +google.golang.org/genproto v0.0.0-20230223222841-637eb2293923/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= +google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488/go.mod h1:TvhZT5f700eVlTNwND1xoEZQeWTB2RY/65kplwl/bFA= +google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= +google.golang.org/genproto v0.0.0-20230320184635-7606e756e683/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= +google.golang.org/genproto v0.0.0-20230323212658-478b75c54725/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230330154414-c0448cd141ea/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230331144136-dcfb400f0633/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 h1:KpwkzHKEF7B9Zxg18WzOa7djJ+Ha5DzthMyZYQfEn2A= +google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= @@ -2792,8 +3355,11 @@ google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCD google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= -google.golang.org/grpc v1.54.0 h1:EhTqbhiYeixwWQtAEZAxmV9MGqcjEU2mFx52xCzNyag= +google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= +google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= +google.golang.org/grpc v1.56.0 h1:+y7Bs8rtMd07LeXmL3NxcTLn7mUkbKZqEpPhMNkwJEE= +google.golang.org/grpc v1.56.0/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.2.0/go.mod h1:DNq5QpG7LJqD2AamLZ7zvKE0DEpVl2BSEVjFycAAjRY= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= @@ -2811,8 +3377,9 @@ google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQ google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.29.1 h1:7QBf+IK2gx70Ap/hDsOmam3GE0v9HicjfEdAxE62UoM= google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -2871,6 +3438,7 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= @@ -2932,9 +3500,43 @@ k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= lukechampine.com/frand v1.4.2 h1:RzFIpOvkMXuPMBb9maa4ND4wjBn71E1Jpf8BzJHMaVw= lukechampine.com/frand v1.4.2/go.mod h1:4S/TM2ZgrKejMcKMbeLjISpJMO+/eZ1zu3vYX9dtj3s= +lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc= +modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw= +modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws= +modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo= +modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ= +modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= +modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A= +modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU= +modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU= +modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0= +modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s= +modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= +modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4= +modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw= +modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= +modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= +modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= +modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= mvdan.cc/gofumpt v0.1.0 h1:hsVv+Y9UsZ/mFZTxJZuHVI6shSQCtzZ11h1JEFPAZLw= nhooyr.io/websocket v1.8.6/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= -pgregory.net/rapid v0.5.5 h1:jkgx1TjbQPD/feRoK+S/mXw9e1uj6WilpHrXJowi6oA= +pgregory.net/rapid v0.6.1 h1:4eyrDxyht86tT4Ztm+kvlyNBLIk071gR+ZQdhphc9dQ= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= diff --git a/provider/resources.go b/provider/resources.go index ed143baa3..d7fbe6426 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -28,12 +28,11 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/common/resource" "github.com/pulumi/pulumi/sdk/v3/go/common/tokens" - "github.com/pulumi/pulumi/sdk/v3/go/common/util/contract" "github.com/hashicorp/terraform-provider-azuread/shim" "github.com/pulumi/pulumi-azuread/provider/v5/pkg/version" "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfbridge" - "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfbridge/x" + tfbridgetokens "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfbridge/tokens" tfshim "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfshim" shimv2 "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfshim/sdk-v2" ) @@ -285,14 +284,10 @@ func Provider() tfbridge.ProviderInfo { }, MetadataInfo: tfbridge.NewProviderMetadata(metadata), } - err := x.ComputeDefaults(&prov, x.TokensSingleModule("azuread_", mainMod, - x.MakeStandardToken(mainPkg))) - contract.AssertNoErrorf(err, "failed to apply auto token mapping") - + prov.MustComputeTokens(tfbridgetokens.SingleModule("azuread_", mainMod, + tfbridgetokens.MakeStandard(mainPkg))) prov.SetAutonaming(255, "-") - - err = x.AutoAliasing(&prov, prov.GetMetadata()) - contract.AssertNoErrorf(err, "auto aliasing apply failed") + prov.MustApplyAutoAliases() return prov } diff --git a/provider/shim/go.mod b/provider/shim/go.mod index 31ac93698..448e4524d 100644 --- a/provider/shim/go.mod +++ b/provider/shim/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1 - github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230512004120-f94624387682 + github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230714014117-c3f4885eda69 ) require ( @@ -37,7 +37,7 @@ require ( github.com/hashicorp/terraform-registry-address v0.1.0 // indirect github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 // indirect github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87 // indirect - github.com/manicminer/hamilton v0.61.0 // indirect + github.com/manicminer/hamilton v0.62.0 // indirect github.com/mattn/go-colorable v0.1.12 // indirect github.com/mattn/go-isatty v0.0.14 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect @@ -57,8 +57,8 @@ require ( golang.org/x/sys v0.8.0 // indirect golang.org/x/text v0.9.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac // indirect - google.golang.org/grpc v1.51.0 // indirect + google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect + google.golang.org/grpc v1.53.0 // indirect google.golang.org/protobuf v1.28.1 // indirect software.sslmate.com/src/go-pkcs12 v0.2.0 // indirect ) diff --git a/provider/shim/go.sum b/provider/shim/go.sum index 21bd7fa83..f45c4a013 100644 --- a/provider/shim/go.sum +++ b/provider/shim/go.sum @@ -48,7 +48,6 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= @@ -62,7 +61,6 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= @@ -173,8 +171,8 @@ github.com/hashicorp/terraform-plugin-go v0.14.3/go.mod h1:7ees7DMZ263q8wQ6E4RdI github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4= github.com/hashicorp/terraform-plugin-log v0.8.0 h1:pX2VQ/TGKu+UU1rCay0OlzosNKe4Nz1pepLXj95oyy0= github.com/hashicorp/terraform-plugin-log v0.8.0/go.mod h1:1myFrhVsBLeylQzYYEV17VVjtG8oYPRFdaZs7xdW2xs= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230512004120-f94624387682 h1:SSeCQ1llOwbGtYZW3iVUD8/W87AZMKltXk1Xo5Df32k= -github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230512004120-f94624387682/go.mod h1:4ZWMDrlX4qPFCcAntylAGh3YGHLn+36aZIep7xHwDN0= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230714014117-c3f4885eda69 h1:Otx9uxPOPP0A5ItvDAjMjwbwizDC+EKmJ3IGBdLJiGk= +github.com/hashicorp/terraform-provider-azuread v1.6.1-0.20230714014117-c3f4885eda69/go.mod h1:xu61NBBpb7JnKfSjnX2vib0ZlqfACCEwXBO/0/+BEQ4= github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c/go.mod h1:Wn3Na71knbXc1G8Lh+yu/dQWWJeFQEpDeJMtWMtlmNI= github.com/hashicorp/terraform-registry-address v0.1.0 h1:W6JkV9wbum+m516rCl5/NjKxCyTVaaUBbzYcMzBDO3U= github.com/hashicorp/terraform-registry-address v0.1.0/go.mod h1:EnyO2jYO6j29DTHbJcm00E5nQTFeTtyZH3H5ycydQ5A= @@ -207,8 +205,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/manicminer/hamilton v0.61.0 h1:Hp25wOIkArXUJ9++U9J+jpVL+nXCzUtsvzVa/vE3Or4= -github.com/manicminer/hamilton v0.61.0/go.mod h1:va/X2sztcgQ5+BSxc2eU3FTHYIyxLnHvB4LudlPUZdE= +github.com/manicminer/hamilton v0.62.0 h1:auy910L0VntDUDHMG6K6e6jr5QUk3OHSldt13NHztwY= +github.com/manicminer/hamilton v0.62.0/go.mod h1:va/X2sztcgQ5+BSxc2eU3FTHYIyxLnHvB4LudlPUZdE= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= @@ -336,7 +334,6 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= @@ -371,10 +368,8 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -424,8 +419,8 @@ google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98 google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200711021454-869866162049/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac h1:qSNTkEN+L2mvWcLgJOR+8bdHX9rN/IdU3A1Ghpfb1Rg= -google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f h1:BWUVssLB0HVOSY78gIdvk1dTVYtT1y8SBWtPYuTJ/6w= +google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= @@ -434,10 +429,9 @@ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8 google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= -google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U= -google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= +google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc= +google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.2.0/go.mod h1:DNq5QpG7LJqD2AamLZ7zvKE0DEpVl2BSEVjFycAAjRY= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= diff --git a/sdk/dotnet/AdministrativeUnit.cs b/sdk/dotnet/AdministrativeUnit.cs index b75346a0c..2c755cd93 100644 --- a/sdk/dotnet/AdministrativeUnit.cs +++ b/sdk/dotnet/AdministrativeUnit.cs @@ -20,6 +20,26 @@ namespace Pulumi.AzureAD /// /// When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new AzureAD.AdministrativeUnit("example", new() + /// { + /// Description = "Just an example", + /// DisplayName = "Example-AU", + /// HiddenMembershipEnabled = false, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// Administrative units can be imported using their object ID, e.g. @@ -44,7 +64,7 @@ public partial class AdministrativeUnit : global::Pulumi.CustomResource public Output DisplayName { get; private set; } = null!; /// - /// Whether the administrative unit and its members are hidden or publicly viewable in the directory + /// Whether the administrative unit and its members are hidden or publicly viewable in the directory. /// [Output("hiddenMembershipEnabled")] public Output HiddenMembershipEnabled { get; private set; } = null!; @@ -128,7 +148,7 @@ public sealed class AdministrativeUnitArgs : global::Pulumi.ResourceArgs public Input DisplayName { get; set; } = null!; /// - /// Whether the administrative unit and its members are hidden or publicly viewable in the directory + /// Whether the administrative unit and its members are hidden or publicly viewable in the directory. /// [Input("hiddenMembershipEnabled")] public Input? HiddenMembershipEnabled { get; set; } @@ -174,7 +194,7 @@ public sealed class AdministrativeUnitState : global::Pulumi.ResourceArgs public Input? DisplayName { get; set; } /// - /// Whether the administrative unit and its members are hidden or publicly viewable in the directory + /// Whether the administrative unit and its members are hidden or publicly viewable in the directory. /// [Input("hiddenMembershipEnabled")] public Input? HiddenMembershipEnabled { get; set; } diff --git a/sdk/dotnet/ApplicationPassword.cs b/sdk/dotnet/ApplicationPassword.cs index 4ec665e0a..384cda447 100644 --- a/sdk/dotnet/ApplicationPassword.cs +++ b/sdk/dotnet/ApplicationPassword.cs @@ -10,6 +10,64 @@ namespace Pulumi.AzureAD { /// + /// ## Example Usage + /// + /// *Basic example* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleApplication = new AzureAD.Application("exampleApplication", new() + /// { + /// DisplayName = "example", + /// }); + /// + /// var exampleApplicationPassword = new AzureAD.ApplicationPassword("exampleApplicationPassword", new() + /// { + /// ApplicationObjectId = exampleApplication.ObjectId, + /// }); + /// + /// }); + /// ``` + /// + /// *Time-based rotation* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// using Time = Pulumiverse.Time; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleApplication = new AzureAD.Application("exampleApplication", new() + /// { + /// DisplayName = "example", + /// }); + /// + /// var exampleRotating = new Time.Rotating("exampleRotating", new() + /// { + /// RotationDays = 7, + /// }); + /// + /// var exampleApplicationPassword = new AzureAD.ApplicationPassword("exampleApplicationPassword", new() + /// { + /// ApplicationObjectId = exampleApplication.ObjectId, + /// RotateWhenChanged = + /// { + /// { "rotation", exampleRotating.Id }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// This resource does not support importing. diff --git a/sdk/dotnet/ConditionalAccessPolicy.cs b/sdk/dotnet/ConditionalAccessPolicy.cs index 809aa0022..782ca7a40 100644 --- a/sdk/dotnet/ConditionalAccessPolicy.cs +++ b/sdk/dotnet/ConditionalAccessPolicy.cs @@ -12,6 +12,8 @@ namespace Pulumi.AzureAD /// /// Manages a Conditional Access Policy within Azure Active Directory. /// + /// > **Licensing Requirements** Specifying `client_applications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access). + /// /// ## API Permissions /// /// The following API permissions are required in order to use this resource. @@ -21,6 +23,7 @@ namespace Pulumi.AzureAD /// When authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator` /// /// ## Example Usage + /// ### All users except guests or external users /// /// ```csharp /// using System.Collections.Generic; @@ -109,6 +112,7 @@ namespace Pulumi.AzureAD /// { /// ApplicationEnforcedRestrictionsEnabled = true, /// CloudAppSecurityPolicy = "monitorOnly", + /// DisableResilienceDefaults = false, /// SignInFrequency = 10, /// SignInFrequencyPeriod = "hours", /// }, @@ -117,6 +121,123 @@ namespace Pulumi.AzureAD /// /// }); /// ``` + /// ### Included client applications / service principals + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var current = AzureAD.GetClientConfig.Invoke(); + /// + /// var example = new AzureAD.ConditionalAccessPolicy("example", new() + /// { + /// DisplayName = "example policy", + /// State = "disabled", + /// Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs + /// { + /// ClientAppTypes = new[] + /// { + /// "all", + /// }, + /// Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs + /// { + /// IncludedApplications = new[] + /// { + /// "All", + /// }, + /// }, + /// ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs + /// { + /// IncludedServicePrincipals = new[] + /// { + /// current.Apply(getClientConfigResult => getClientConfigResult.ObjectId), + /// }, + /// ExcludedServicePrincipals = new[] {}, + /// }, + /// Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs + /// { + /// IncludedUsers = new[] + /// { + /// "None", + /// }, + /// }, + /// }, + /// GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs + /// { + /// Operator = "OR", + /// BuiltInControls = new[] + /// { + /// "block", + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Excluded client applications / service principals + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var current = AzureAD.GetClientConfig.Invoke(); + /// + /// var example = new AzureAD.ConditionalAccessPolicy("example", new() + /// { + /// DisplayName = "example policy", + /// State = "disabled", + /// Conditions = new AzureAD.Inputs.ConditionalAccessPolicyConditionsArgs + /// { + /// ClientAppTypes = new[] + /// { + /// "all", + /// }, + /// Applications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsApplicationsArgs + /// { + /// IncludedApplications = new[] + /// { + /// "All", + /// }, + /// }, + /// ClientApplications = new AzureAD.Inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs + /// { + /// IncludedServicePrincipals = new[] + /// { + /// "ServicePrincipalsInMyTenant", + /// }, + /// ExcludedServicePrincipals = new[] + /// { + /// current.Apply(getClientConfigResult => getClientConfigResult.ObjectId), + /// }, + /// }, + /// Users = new AzureAD.Inputs.ConditionalAccessPolicyConditionsUsersArgs + /// { + /// IncludedUsers = new[] + /// { + /// "None", + /// }, + /// }, + /// }, + /// GrantControls = new AzureAD.Inputs.ConditionalAccessPolicyGrantControlsArgs + /// { + /// Operator = "OR", + /// BuiltInControls = new[] + /// { + /// "block", + /// }, + /// }, + /// }); + /// + /// }); + /// ``` /// /// ## Import /// diff --git a/sdk/dotnet/GetUser.cs b/sdk/dotnet/GetUser.cs index 1dca2ccc8..595d4c26f 100644 --- a/sdk/dotnet/GetUser.cs +++ b/sdk/dotnet/GetUser.cs @@ -87,6 +87,12 @@ public static Output Invoke(GetUserInvokeArgs? args = null, Invok public sealed class GetUserArgs : global::Pulumi.InvokeArgs { + /// + /// The employee identifier assigned to the user by the organisation. + /// + [Input("employeeId")] + public string? EmployeeId { get; set; } + /// /// The SMTP address for the user. /// @@ -108,7 +114,7 @@ public sealed class GetUserArgs : global::Pulumi.InvokeArgs /// /// The user principal name (UPN) of the user. /// - /// > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + /// > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. /// [Input("userPrincipalName")] public string? UserPrincipalName { get; set; } @@ -121,6 +127,12 @@ public GetUserArgs() public sealed class GetUserInvokeArgs : global::Pulumi.InvokeArgs { + /// + /// The employee identifier assigned to the user by the organisation. + /// + [Input("employeeId")] + public Input? EmployeeId { get; set; } + /// /// The SMTP address for the user. /// @@ -142,7 +154,7 @@ public sealed class GetUserInvokeArgs : global::Pulumi.InvokeArgs /// /// The user principal name (UPN) of the user. /// - /// > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + /// > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. /// [Input("userPrincipalName")] public Input? UserPrincipalName { get; set; } diff --git a/sdk/dotnet/GetUsers.cs b/sdk/dotnet/GetUsers.cs index ae01da452..bf56c3b69 100644 --- a/sdk/dotnet/GetUsers.cs +++ b/sdk/dotnet/GetUsers.cs @@ -95,6 +95,18 @@ public static Output Invoke(GetUsersInvokeArgs? args = null, Inv public sealed class GetUsersArgs : global::Pulumi.InvokeArgs { + [Input("employeeIds")] + private List? _employeeIds; + + /// + /// The employee identifiers assigned to the users by the organisation. + /// + public List EmployeeIds + { + get => _employeeIds ?? (_employeeIds = new List()); + set => _employeeIds = value; + } + /// /// Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. /// @@ -137,7 +149,7 @@ public List ObjectIds /// /// The user principal names (UPNs) of the users. /// - /// > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + /// > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. /// public List UserPrincipalNames { @@ -153,6 +165,18 @@ public GetUsersArgs() public sealed class GetUsersInvokeArgs : global::Pulumi.InvokeArgs { + [Input("employeeIds")] + private InputList? _employeeIds; + + /// + /// The employee identifiers assigned to the users by the organisation. + /// + public InputList EmployeeIds + { + get => _employeeIds ?? (_employeeIds = new InputList()); + set => _employeeIds = value; + } + /// /// Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. /// @@ -195,7 +219,7 @@ public InputList ObjectIds /// /// The user principal names (UPNs) of the users. /// - /// > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + /// > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. /// public InputList UserPrincipalNames { @@ -213,6 +237,10 @@ public GetUsersInvokeArgs() [OutputType] public sealed class GetUsersResult { + /// + /// The employee identifiers assigned to the users by the organisation. + /// + public readonly ImmutableArray EmployeeIds; /// /// The provider-assigned unique ID for this managed resource. /// @@ -238,6 +266,8 @@ public sealed class GetUsersResult [OutputConstructor] private GetUsersResult( + ImmutableArray employeeIds, + string id, bool? ignoreMissing, @@ -252,6 +282,7 @@ private GetUsersResult( ImmutableArray users) { + EmployeeIds = employeeIds; Id = id; IgnoreMissing = ignoreMissing; MailNicknames = mailNicknames; diff --git a/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsArgs.cs b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsArgs.cs index 62aab3921..1d36051c5 100644 --- a/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsArgs.cs +++ b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsArgs.cs @@ -30,6 +30,12 @@ public InputList ClientAppTypes set => _clientAppTypes = value; } + /// + /// An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + /// + [Input("clientApplications")] + public Input? ClientApplications { get; set; } + /// /// A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. /// diff --git a/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsClientApplicationsArgs.cs b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsClientApplicationsArgs.cs new file mode 100644 index 000000000..6edf8b58a --- /dev/null +++ b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsClientApplicationsArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class ConditionalAccessPolicyConditionsClientApplicationsArgs : global::Pulumi.ResourceArgs + { + [Input("excludedServicePrincipals")] + private InputList? _excludedServicePrincipals; + + /// + /// A list of service principal IDs explicitly excluded in the policy. + /// + public InputList ExcludedServicePrincipals + { + get => _excludedServicePrincipals ?? (_excludedServicePrincipals = new InputList()); + set => _excludedServicePrincipals = value; + } + + [Input("includedServicePrincipals")] + private InputList? _includedServicePrincipals; + + /// + /// A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + /// + public InputList IncludedServicePrincipals + { + get => _includedServicePrincipals ?? (_includedServicePrincipals = new InputList()); + set => _includedServicePrincipals = value; + } + + public ConditionalAccessPolicyConditionsClientApplicationsArgs() + { + } + public static new ConditionalAccessPolicyConditionsClientApplicationsArgs Empty => new ConditionalAccessPolicyConditionsClientApplicationsArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsClientApplicationsGetArgs.cs b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsClientApplicationsGetArgs.cs new file mode 100644 index 000000000..a5854eef5 --- /dev/null +++ b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsClientApplicationsGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Inputs +{ + + public sealed class ConditionalAccessPolicyConditionsClientApplicationsGetArgs : global::Pulumi.ResourceArgs + { + [Input("excludedServicePrincipals")] + private InputList? _excludedServicePrincipals; + + /// + /// A list of service principal IDs explicitly excluded in the policy. + /// + public InputList ExcludedServicePrincipals + { + get => _excludedServicePrincipals ?? (_excludedServicePrincipals = new InputList()); + set => _excludedServicePrincipals = value; + } + + [Input("includedServicePrincipals")] + private InputList? _includedServicePrincipals; + + /// + /// A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + /// + public InputList IncludedServicePrincipals + { + get => _includedServicePrincipals ?? (_includedServicePrincipals = new InputList()); + set => _includedServicePrincipals = value; + } + + public ConditionalAccessPolicyConditionsClientApplicationsGetArgs() + { + } + public static new ConditionalAccessPolicyConditionsClientApplicationsGetArgs Empty => new ConditionalAccessPolicyConditionsClientApplicationsGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsGetArgs.cs b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsGetArgs.cs index 9a8aa6b80..f39e92d86 100644 --- a/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsGetArgs.cs +++ b/sdk/dotnet/Inputs/ConditionalAccessPolicyConditionsGetArgs.cs @@ -30,6 +30,12 @@ public InputList ClientAppTypes set => _clientAppTypes = value; } + /// + /// An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + /// + [Input("clientApplications")] + public Input? ClientApplications { get; set; } + /// /// A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. /// diff --git a/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsArgs.cs b/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsArgs.cs index 22774f8bd..263db9482 100644 --- a/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsArgs.cs +++ b/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsArgs.cs @@ -26,6 +26,12 @@ public sealed class ConditionalAccessPolicySessionControlsArgs : global::Pulumi. [Input("cloudAppSecurityPolicy")] public Input? CloudAppSecurityPolicy { get; set; } + /// + /// Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + /// + [Input("disableResilienceDefaults")] + public Input? DisableResilienceDefaults { get; set; } + /// /// Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. /// diff --git a/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsGetArgs.cs b/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsGetArgs.cs index 2d896990c..207b36f06 100644 --- a/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsGetArgs.cs +++ b/sdk/dotnet/Inputs/ConditionalAccessPolicySessionControlsGetArgs.cs @@ -26,6 +26,12 @@ public sealed class ConditionalAccessPolicySessionControlsGetArgs : global::Pulu [Input("cloudAppSecurityPolicy")] public Input? CloudAppSecurityPolicy { get; set; } + /// + /// Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + /// + [Input("disableResilienceDefaults")] + public Input? DisableResilienceDefaults { get; set; } + /// /// Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. /// diff --git a/sdk/dotnet/Outputs/ConditionalAccessPolicyConditions.cs b/sdk/dotnet/Outputs/ConditionalAccessPolicyConditions.cs index a116f2cb4..64d8b1a99 100644 --- a/sdk/dotnet/Outputs/ConditionalAccessPolicyConditions.cs +++ b/sdk/dotnet/Outputs/ConditionalAccessPolicyConditions.cs @@ -22,6 +22,10 @@ public sealed class ConditionalAccessPolicyConditions /// public readonly ImmutableArray ClientAppTypes; /// + /// An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + /// + public readonly Outputs.ConditionalAccessPolicyConditionsClientApplications? ClientApplications; + /// /// A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. /// public readonly Outputs.ConditionalAccessPolicyConditionsDevices? Devices; @@ -52,6 +56,8 @@ private ConditionalAccessPolicyConditions( ImmutableArray clientAppTypes, + Outputs.ConditionalAccessPolicyConditionsClientApplications? clientApplications, + Outputs.ConditionalAccessPolicyConditionsDevices? devices, Outputs.ConditionalAccessPolicyConditionsLocations? locations, @@ -66,6 +72,7 @@ private ConditionalAccessPolicyConditions( { Applications = applications; ClientAppTypes = clientAppTypes; + ClientApplications = clientApplications; Devices = devices; Locations = locations; Platforms = platforms; diff --git a/sdk/dotnet/Outputs/ConditionalAccessPolicyConditionsClientApplications.cs b/sdk/dotnet/Outputs/ConditionalAccessPolicyConditionsClientApplications.cs new file mode 100644 index 000000000..10c7fc4be --- /dev/null +++ b/sdk/dotnet/Outputs/ConditionalAccessPolicyConditionsClientApplications.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AzureAD.Outputs +{ + + [OutputType] + public sealed class ConditionalAccessPolicyConditionsClientApplications + { + /// + /// A list of service principal IDs explicitly excluded in the policy. + /// + public readonly ImmutableArray ExcludedServicePrincipals; + /// + /// A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + /// + public readonly ImmutableArray IncludedServicePrincipals; + + [OutputConstructor] + private ConditionalAccessPolicyConditionsClientApplications( + ImmutableArray excludedServicePrincipals, + + ImmutableArray includedServicePrincipals) + { + ExcludedServicePrincipals = excludedServicePrincipals; + IncludedServicePrincipals = includedServicePrincipals; + } + } +} diff --git a/sdk/dotnet/Outputs/ConditionalAccessPolicySessionControls.cs b/sdk/dotnet/Outputs/ConditionalAccessPolicySessionControls.cs index ef851bf37..405e5507a 100644 --- a/sdk/dotnet/Outputs/ConditionalAccessPolicySessionControls.cs +++ b/sdk/dotnet/Outputs/ConditionalAccessPolicySessionControls.cs @@ -24,6 +24,10 @@ public sealed class ConditionalAccessPolicySessionControls /// public readonly string? CloudAppSecurityPolicy; /// + /// Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + /// + public readonly bool? DisableResilienceDefaults; + /// /// Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. /// public readonly string? PersistentBrowserMode; @@ -42,6 +46,8 @@ private ConditionalAccessPolicySessionControls( string? cloudAppSecurityPolicy, + bool? disableResilienceDefaults, + string? persistentBrowserMode, int? signInFrequency, @@ -50,6 +56,7 @@ private ConditionalAccessPolicySessionControls( { ApplicationEnforcedRestrictionsEnabled = applicationEnforcedRestrictionsEnabled; CloudAppSecurityPolicy = cloudAppSecurityPolicy; + DisableResilienceDefaults = disableResilienceDefaults; PersistentBrowserMode = persistentBrowserMode; SignInFrequency = signInFrequency; SignInFrequencyPeriod = signInFrequencyPeriod; diff --git a/sdk/dotnet/Outputs/GetUsersUserResult.cs b/sdk/dotnet/Outputs/GetUsersUserResult.cs index 56014a6df..35e52c8de 100644 --- a/sdk/dotnet/Outputs/GetUsersUserResult.cs +++ b/sdk/dotnet/Outputs/GetUsersUserResult.cs @@ -22,6 +22,10 @@ public sealed class GetUsersUserResult /// public readonly string DisplayName; /// + /// The employee identifier assigned to the user by the organisation. + /// + public readonly string EmployeeId; + /// /// The primary email address of the user. /// public readonly string Mail; @@ -60,6 +64,8 @@ private GetUsersUserResult( string displayName, + string employeeId, + string mail, string mailNickname, @@ -78,6 +84,7 @@ private GetUsersUserResult( { AccountEnabled = accountEnabled; DisplayName = displayName; + EmployeeId = employeeId; Mail = mail; MailNickname = mailNickname; ObjectId = objectId; diff --git a/sdk/dotnet/Pulumi.AzureAD.csproj b/sdk/dotnet/Pulumi.AzureAD.csproj index 06f218efd..a3bb54249 100644 --- a/sdk/dotnet/Pulumi.AzureAD.csproj +++ b/sdk/dotnet/Pulumi.AzureAD.csproj @@ -12,7 +12,6 @@ net6.0 enable - false diff --git a/sdk/dotnet/ServicePrincipalPassword.cs b/sdk/dotnet/ServicePrincipalPassword.cs index 937bee372..88e220097 100644 --- a/sdk/dotnet/ServicePrincipalPassword.cs +++ b/sdk/dotnet/ServicePrincipalPassword.cs @@ -20,6 +20,74 @@ namespace Pulumi.AzureAD /// /// When authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator` /// + /// ## Example Usage + /// + /// *Basic example* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleApplication = new AzureAD.Application("exampleApplication", new() + /// { + /// DisplayName = "example", + /// }); + /// + /// var exampleServicePrincipal = new AzureAD.ServicePrincipal("exampleServicePrincipal", new() + /// { + /// ApplicationId = exampleApplication.ApplicationId, + /// }); + /// + /// var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword("exampleServicePrincipalPassword", new() + /// { + /// ServicePrincipalId = exampleServicePrincipal.ObjectId, + /// }); + /// + /// }); + /// ``` + /// + /// *Time-based rotation* + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using AzureAD = Pulumi.AzureAD; + /// using Time = Pulumiverse.Time; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleApplication = new AzureAD.Application("exampleApplication", new() + /// { + /// DisplayName = "example", + /// }); + /// + /// var exampleServicePrincipal = new AzureAD.ServicePrincipal("exampleServicePrincipal", new() + /// { + /// ApplicationId = exampleApplication.ApplicationId, + /// }); + /// + /// var exampleRotating = new Time.Rotating("exampleRotating", new() + /// { + /// RotationDays = 7, + /// }); + /// + /// var exampleServicePrincipalPassword = new AzureAD.ServicePrincipalPassword("exampleServicePrincipalPassword", new() + /// { + /// ServicePrincipalId = exampleServicePrincipal.ObjectId, + /// RotateWhenChanged = + /// { + /// { "rotation", exampleRotating.Id }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// This resource does not support importing. diff --git a/sdk/dotnet/User.cs b/sdk/dotnet/User.cs index c10dad6f7..5831297ca 100644 --- a/sdk/dotnet/User.cs +++ b/sdk/dotnet/User.cs @@ -101,7 +101,7 @@ public partial class User : global::Pulumi.CustomResource public Output CostCenter { get; private set; } = null!; /// - /// The country/region in which the user is located, e.g. `US` or `UK`. + /// The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. /// [Output("country")] public Output Country { get; private set; } = null!; @@ -440,7 +440,7 @@ public InputList BusinessPhones public Input? CostCenter { get; set; } /// - /// The country/region in which the user is located, e.g. `US` or `UK`. + /// The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. /// [Input("country")] public Input? Country { get; set; } @@ -687,7 +687,7 @@ public InputList BusinessPhones public Input? CostCenter { get; set; } /// - /// The country/region in which the user is located, e.g. `US` or `UK`. + /// The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. /// [Input("country")] public Input? Country { get; set; } diff --git a/sdk/go/azuread/administrativeUnit.go b/sdk/go/azuread/administrativeUnit.go index 94443980c..b7fa2f341 100644 --- a/sdk/go/azuread/administrativeUnit.go +++ b/sdk/go/azuread/administrativeUnit.go @@ -21,6 +21,34 @@ import ( // // When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` // +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := azuread.NewAdministrativeUnit(ctx, "example", &azuread.AdministrativeUnitArgs{ +// Description: pulumi.String("Just an example"), +// DisplayName: pulumi.String("Example-AU"), +// HiddenMembershipEnabled: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // Administrative units can be imported using their object ID, e.g. @@ -37,7 +65,7 @@ type AdministrativeUnit struct { Description pulumi.StringPtrOutput `pulumi:"description"` // The display name of the administrative unit. DisplayName pulumi.StringOutput `pulumi:"displayName"` - // Whether the administrative unit and its members are hidden or publicly viewable in the directory + // Whether the administrative unit and its members are hidden or publicly viewable in the directory. HiddenMembershipEnabled pulumi.BoolPtrOutput `pulumi:"hiddenMembershipEnabled"` // A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. // @@ -85,7 +113,7 @@ type administrativeUnitState struct { Description *string `pulumi:"description"` // The display name of the administrative unit. DisplayName *string `pulumi:"displayName"` - // Whether the administrative unit and its members are hidden or publicly viewable in the directory + // Whether the administrative unit and its members are hidden or publicly viewable in the directory. HiddenMembershipEnabled *bool `pulumi:"hiddenMembershipEnabled"` // A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. // @@ -102,7 +130,7 @@ type AdministrativeUnitState struct { Description pulumi.StringPtrInput // The display name of the administrative unit. DisplayName pulumi.StringPtrInput - // Whether the administrative unit and its members are hidden or publicly viewable in the directory + // Whether the administrative unit and its members are hidden or publicly viewable in the directory. HiddenMembershipEnabled pulumi.BoolPtrInput // A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. // @@ -123,7 +151,7 @@ type administrativeUnitArgs struct { Description *string `pulumi:"description"` // The display name of the administrative unit. DisplayName string `pulumi:"displayName"` - // Whether the administrative unit and its members are hidden or publicly viewable in the directory + // Whether the administrative unit and its members are hidden or publicly viewable in the directory. HiddenMembershipEnabled *bool `pulumi:"hiddenMembershipEnabled"` // A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. // @@ -139,7 +167,7 @@ type AdministrativeUnitArgs struct { Description pulumi.StringPtrInput // The display name of the administrative unit. DisplayName pulumi.StringInput - // Whether the administrative unit and its members are hidden or publicly viewable in the directory + // Whether the administrative unit and its members are hidden or publicly viewable in the directory. HiddenMembershipEnabled pulumi.BoolPtrInput // A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. // @@ -246,7 +274,7 @@ func (o AdministrativeUnitOutput) DisplayName() pulumi.StringOutput { return o.ApplyT(func(v *AdministrativeUnit) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) } -// Whether the administrative unit and its members are hidden or publicly viewable in the directory +// Whether the administrative unit and its members are hidden or publicly viewable in the directory. func (o AdministrativeUnitOutput) HiddenMembershipEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *AdministrativeUnit) pulumi.BoolPtrOutput { return v.HiddenMembershipEnabled }).(pulumi.BoolPtrOutput) } diff --git a/sdk/go/azuread/applicationPassword.go b/sdk/go/azuread/applicationPassword.go index c0b08b2e5..f5d2a9c0c 100644 --- a/sdk/go/azuread/applicationPassword.go +++ b/sdk/go/azuread/applicationPassword.go @@ -11,6 +11,82 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// ## Example Usage +// +// *Basic example* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleApplication, err := azuread.NewApplication(ctx, "exampleApplication", &azuread.ApplicationArgs{ +// DisplayName: pulumi.String("example"), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewApplicationPassword(ctx, "exampleApplicationPassword", &azuread.ApplicationPasswordArgs{ +// ApplicationObjectId: exampleApplication.ObjectId, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// *Time-based rotation* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi-time/sdk/go/time" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleApplication, err := azuread.NewApplication(ctx, "exampleApplication", &azuread.ApplicationArgs{ +// DisplayName: pulumi.String("example"), +// }) +// if err != nil { +// return err +// } +// exampleRotating, err := time.NewRotating(ctx, "exampleRotating", &time.RotatingArgs{ +// RotationDays: pulumi.Int(7), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewApplicationPassword(ctx, "exampleApplicationPassword", &azuread.ApplicationPasswordArgs{ +// ApplicationObjectId: exampleApplication.ObjectId, +// RotateWhenChanged: pulumi.StringMap{ +// "rotation": exampleRotating.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // This resource does not support importing. diff --git a/sdk/go/azuread/conditionalAccessPolicy.go b/sdk/go/azuread/conditionalAccessPolicy.go index aa3abfb71..8cbabb45a 100644 --- a/sdk/go/azuread/conditionalAccessPolicy.go +++ b/sdk/go/azuread/conditionalAccessPolicy.go @@ -13,6 +13,8 @@ import ( // Manages a Conditional Access Policy within Azure Active Directory. // +// > **Licensing Requirements** Specifying `clientApplications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access). +// // ## API Permissions // // The following API permissions are required in order to use this resource. @@ -22,6 +24,7 @@ import ( // When authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator` // // ## Example Usage +// ### All users except guests or external users // // ```go // package main @@ -93,6 +96,7 @@ import ( // SessionControls: &azuread.ConditionalAccessPolicySessionControlsArgs{ // ApplicationEnforcedRestrictionsEnabled: pulumi.Bool(true), // CloudAppSecurityPolicy: pulumi.String("monitorOnly"), +// DisableResilienceDefaults: pulumi.Bool(false), // SignInFrequency: pulumi.Int(10), // SignInFrequencyPeriod: pulumi.String("hours"), // }, @@ -106,6 +110,122 @@ import ( // } // // ``` +// ### Included client applications / service principals +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// current, err := azuread.GetClientConfig(ctx, nil, nil) +// if err != nil { +// return err +// } +// _, err = azuread.NewConditionalAccessPolicy(ctx, "example", &azuread.ConditionalAccessPolicyArgs{ +// DisplayName: pulumi.String("example policy"), +// State: pulumi.String("disabled"), +// Conditions: &azuread.ConditionalAccessPolicyConditionsArgs{ +// ClientAppTypes: pulumi.StringArray{ +// pulumi.String("all"), +// }, +// Applications: &azuread.ConditionalAccessPolicyConditionsApplicationsArgs{ +// IncludedApplications: pulumi.StringArray{ +// pulumi.String("All"), +// }, +// }, +// ClientApplications: &azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{ +// IncludedServicePrincipals: pulumi.StringArray{ +// *pulumi.String(current.ObjectId), +// }, +// ExcludedServicePrincipals: pulumi.StringArray{}, +// }, +// Users: &azuread.ConditionalAccessPolicyConditionsUsersArgs{ +// IncludedUsers: pulumi.StringArray{ +// pulumi.String("None"), +// }, +// }, +// }, +// GrantControls: &azuread.ConditionalAccessPolicyGrantControlsArgs{ +// Operator: pulumi.String("OR"), +// BuiltInControls: pulumi.StringArray{ +// pulumi.String("block"), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Excluded client applications / service principals +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// current, err := azuread.GetClientConfig(ctx, nil, nil) +// if err != nil { +// return err +// } +// _, err = azuread.NewConditionalAccessPolicy(ctx, "example", &azuread.ConditionalAccessPolicyArgs{ +// DisplayName: pulumi.String("example policy"), +// State: pulumi.String("disabled"), +// Conditions: &azuread.ConditionalAccessPolicyConditionsArgs{ +// ClientAppTypes: pulumi.StringArray{ +// pulumi.String("all"), +// }, +// Applications: &azuread.ConditionalAccessPolicyConditionsApplicationsArgs{ +// IncludedApplications: pulumi.StringArray{ +// pulumi.String("All"), +// }, +// }, +// ClientApplications: &azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs{ +// IncludedServicePrincipals: pulumi.StringArray{ +// pulumi.String("ServicePrincipalsInMyTenant"), +// }, +// ExcludedServicePrincipals: pulumi.StringArray{ +// *pulumi.String(current.ObjectId), +// }, +// }, +// Users: &azuread.ConditionalAccessPolicyConditionsUsersArgs{ +// IncludedUsers: pulumi.StringArray{ +// pulumi.String("None"), +// }, +// }, +// }, +// GrantControls: &azuread.ConditionalAccessPolicyGrantControlsArgs{ +// Operator: pulumi.String("OR"), +// BuiltInControls: pulumi.StringArray{ +// pulumi.String("block"), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` // // ## Import // diff --git a/sdk/go/azuread/getUser.go b/sdk/go/azuread/getUser.go index 58dd6f773..2ee317a81 100644 --- a/sdk/go/azuread/getUser.go +++ b/sdk/go/azuread/getUser.go @@ -56,6 +56,8 @@ func LookupUser(ctx *pulumi.Context, args *LookupUserArgs, opts ...pulumi.Invoke // A collection of arguments for invoking getUser. type LookupUserArgs struct { + // The employee identifier assigned to the user by the organisation. + EmployeeId *string `pulumi:"employeeId"` // The SMTP address for the user. Mail *string `pulumi:"mail"` // The email alias of the user. @@ -64,7 +66,7 @@ type LookupUserArgs struct { ObjectId *string `pulumi:"objectId"` // The user principal name (UPN) of the user. // - // > One of `userPrincipalName`, `objectId`, `mail` or `mailNickname` must be specified. + // > One of `userPrincipalName`, `objectId`, `mail`, `mailNickname` or `employeeId` must be specified. UserPrincipalName *string `pulumi:"userPrincipalName"` } @@ -175,6 +177,8 @@ func LookupUserOutput(ctx *pulumi.Context, args LookupUserOutputArgs, opts ...pu // A collection of arguments for invoking getUser. type LookupUserOutputArgs struct { + // The employee identifier assigned to the user by the organisation. + EmployeeId pulumi.StringPtrInput `pulumi:"employeeId"` // The SMTP address for the user. Mail pulumi.StringPtrInput `pulumi:"mail"` // The email alias of the user. @@ -183,7 +187,7 @@ type LookupUserOutputArgs struct { ObjectId pulumi.StringPtrInput `pulumi:"objectId"` // The user principal name (UPN) of the user. // - // > One of `userPrincipalName`, `objectId`, `mail` or `mailNickname` must be specified. + // > One of `userPrincipalName`, `objectId`, `mail`, `mailNickname` or `employeeId` must be specified. UserPrincipalName pulumi.StringPtrInput `pulumi:"userPrincipalName"` } diff --git a/sdk/go/azuread/getUsers.go b/sdk/go/azuread/getUsers.go index bfe5a744a..6fbd45ece 100644 --- a/sdk/go/azuread/getUsers.go +++ b/sdk/go/azuread/getUsers.go @@ -59,6 +59,8 @@ func GetUsers(ctx *pulumi.Context, args *GetUsersArgs, opts ...pulumi.InvokeOpti // A collection of arguments for invoking getUsers. type GetUsersArgs struct { + // The employee identifiers assigned to the users by the organisation. + EmployeeIds []string `pulumi:"employeeIds"` // Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `returnAll`. Defaults to `false`. IgnoreMissing *bool `pulumi:"ignoreMissing"` // The email aliases of the users. @@ -69,12 +71,14 @@ type GetUsersArgs struct { ReturnAll *bool `pulumi:"returnAll"` // The user principal names (UPNs) of the users. // - // > Either `returnAll`, or one of `userPrincipalNames`, `objectIds` or `mailNicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + // > Either `returnAll`, or one of `userPrincipalNames`, `objectIds`, `mailNicknames` or `employeeIds` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. UserPrincipalNames []string `pulumi:"userPrincipalNames"` } // A collection of values returned by getUsers. type GetUsersResult struct { + // The employee identifiers assigned to the users by the organisation. + EmployeeIds []string `pulumi:"employeeIds"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` IgnoreMissing *bool `pulumi:"ignoreMissing"` @@ -104,6 +108,8 @@ func GetUsersOutput(ctx *pulumi.Context, args GetUsersOutputArgs, opts ...pulumi // A collection of arguments for invoking getUsers. type GetUsersOutputArgs struct { + // The employee identifiers assigned to the users by the organisation. + EmployeeIds pulumi.StringArrayInput `pulumi:"employeeIds"` // Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `returnAll`. Defaults to `false`. IgnoreMissing pulumi.BoolPtrInput `pulumi:"ignoreMissing"` // The email aliases of the users. @@ -114,7 +120,7 @@ type GetUsersOutputArgs struct { ReturnAll pulumi.BoolPtrInput `pulumi:"returnAll"` // The user principal names (UPNs) of the users. // - // > Either `returnAll`, or one of `userPrincipalNames`, `objectIds` or `mailNicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + // > Either `returnAll`, or one of `userPrincipalNames`, `objectIds`, `mailNicknames` or `employeeIds` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. UserPrincipalNames pulumi.StringArrayInput `pulumi:"userPrincipalNames"` } @@ -137,6 +143,11 @@ func (o GetUsersResultOutput) ToGetUsersResultOutputWithContext(ctx context.Cont return o } +// The employee identifiers assigned to the users by the organisation. +func (o GetUsersResultOutput) EmployeeIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetUsersResult) []string { return v.EmployeeIds }).(pulumi.StringArrayOutput) +} + // The provider-assigned unique ID for this managed resource. func (o GetUsersResultOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v GetUsersResult) string { return v.Id }).(pulumi.StringOutput) diff --git a/sdk/go/azuread/pulumiTypes.go b/sdk/go/azuread/pulumiTypes.go index ce2828f6a..476f089e4 100644 --- a/sdk/go/azuread/pulumiTypes.go +++ b/sdk/go/azuread/pulumiTypes.go @@ -3882,6 +3882,8 @@ type ConditionalAccessPolicyConditions struct { Applications ConditionalAccessPolicyConditionsApplications `pulumi:"applications"` // A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`. ClientAppTypes []string `pulumi:"clientAppTypes"` + // An `clientApplications` block as documented below, which specifies service principals included in and excluded from the policy. + ClientApplications *ConditionalAccessPolicyConditionsClientApplications `pulumi:"clientApplications"` // A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. Devices *ConditionalAccessPolicyConditionsDevices `pulumi:"devices"` // A `locations` block as documented below, which specifies locations included in and excluded from the policy. @@ -3912,6 +3914,8 @@ type ConditionalAccessPolicyConditionsArgs struct { Applications ConditionalAccessPolicyConditionsApplicationsInput `pulumi:"applications"` // A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`. ClientAppTypes pulumi.StringArrayInput `pulumi:"clientAppTypes"` + // An `clientApplications` block as documented below, which specifies service principals included in and excluded from the policy. + ClientApplications ConditionalAccessPolicyConditionsClientApplicationsPtrInput `pulumi:"clientApplications"` // A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. Devices ConditionalAccessPolicyConditionsDevicesPtrInput `pulumi:"devices"` // A `locations` block as documented below, which specifies locations included in and excluded from the policy. @@ -4015,6 +4019,13 @@ func (o ConditionalAccessPolicyConditionsOutput) ClientAppTypes() pulumi.StringA return o.ApplyT(func(v ConditionalAccessPolicyConditions) []string { return v.ClientAppTypes }).(pulumi.StringArrayOutput) } +// An `clientApplications` block as documented below, which specifies service principals included in and excluded from the policy. +func (o ConditionalAccessPolicyConditionsOutput) ClientApplications() ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return o.ApplyT(func(v ConditionalAccessPolicyConditions) *ConditionalAccessPolicyConditionsClientApplications { + return v.ClientApplications + }).(ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) +} + // A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. func (o ConditionalAccessPolicyConditionsOutput) Devices() ConditionalAccessPolicyConditionsDevicesPtrOutput { return o.ApplyT(func(v ConditionalAccessPolicyConditions) *ConditionalAccessPolicyConditionsDevices { return v.Devices }).(ConditionalAccessPolicyConditionsDevicesPtrOutput) @@ -4093,6 +4104,16 @@ func (o ConditionalAccessPolicyConditionsPtrOutput) ClientAppTypes() pulumi.Stri }).(pulumi.StringArrayOutput) } +// An `clientApplications` block as documented below, which specifies service principals included in and excluded from the policy. +func (o ConditionalAccessPolicyConditionsPtrOutput) ClientApplications() ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return o.ApplyT(func(v *ConditionalAccessPolicyConditions) *ConditionalAccessPolicyConditionsClientApplications { + if v == nil { + return nil + } + return v.ClientApplications + }).(ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) +} + // A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. func (o ConditionalAccessPolicyConditionsPtrOutput) Devices() ConditionalAccessPolicyConditionsDevicesPtrOutput { return o.ApplyT(func(v *ConditionalAccessPolicyConditions) *ConditionalAccessPolicyConditionsDevices { @@ -4328,6 +4349,166 @@ func (o ConditionalAccessPolicyConditionsApplicationsPtrOutput) IncludedUserActi }).(pulumi.StringArrayOutput) } +type ConditionalAccessPolicyConditionsClientApplications struct { + // A list of service principal IDs explicitly excluded in the policy. + ExcludedServicePrincipals []string `pulumi:"excludedServicePrincipals"` + // A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excludedServicePrincipals` is set. + IncludedServicePrincipals []string `pulumi:"includedServicePrincipals"` +} + +// ConditionalAccessPolicyConditionsClientApplicationsInput is an input type that accepts ConditionalAccessPolicyConditionsClientApplicationsArgs and ConditionalAccessPolicyConditionsClientApplicationsOutput values. +// You can construct a concrete instance of `ConditionalAccessPolicyConditionsClientApplicationsInput` via: +// +// ConditionalAccessPolicyConditionsClientApplicationsArgs{...} +type ConditionalAccessPolicyConditionsClientApplicationsInput interface { + pulumi.Input + + ToConditionalAccessPolicyConditionsClientApplicationsOutput() ConditionalAccessPolicyConditionsClientApplicationsOutput + ToConditionalAccessPolicyConditionsClientApplicationsOutputWithContext(context.Context) ConditionalAccessPolicyConditionsClientApplicationsOutput +} + +type ConditionalAccessPolicyConditionsClientApplicationsArgs struct { + // A list of service principal IDs explicitly excluded in the policy. + ExcludedServicePrincipals pulumi.StringArrayInput `pulumi:"excludedServicePrincipals"` + // A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excludedServicePrincipals` is set. + IncludedServicePrincipals pulumi.StringArrayInput `pulumi:"includedServicePrincipals"` +} + +func (ConditionalAccessPolicyConditionsClientApplicationsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ConditionalAccessPolicyConditionsClientApplications)(nil)).Elem() +} + +func (i ConditionalAccessPolicyConditionsClientApplicationsArgs) ToConditionalAccessPolicyConditionsClientApplicationsOutput() ConditionalAccessPolicyConditionsClientApplicationsOutput { + return i.ToConditionalAccessPolicyConditionsClientApplicationsOutputWithContext(context.Background()) +} + +func (i ConditionalAccessPolicyConditionsClientApplicationsArgs) ToConditionalAccessPolicyConditionsClientApplicationsOutputWithContext(ctx context.Context) ConditionalAccessPolicyConditionsClientApplicationsOutput { + return pulumi.ToOutputWithContext(ctx, i).(ConditionalAccessPolicyConditionsClientApplicationsOutput) +} + +func (i ConditionalAccessPolicyConditionsClientApplicationsArgs) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutput() ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return i.ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(context.Background()) +} + +func (i ConditionalAccessPolicyConditionsClientApplicationsArgs) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(ctx context.Context) ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ConditionalAccessPolicyConditionsClientApplicationsOutput).ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(ctx) +} + +// ConditionalAccessPolicyConditionsClientApplicationsPtrInput is an input type that accepts ConditionalAccessPolicyConditionsClientApplicationsArgs, ConditionalAccessPolicyConditionsClientApplicationsPtr and ConditionalAccessPolicyConditionsClientApplicationsPtrOutput values. +// You can construct a concrete instance of `ConditionalAccessPolicyConditionsClientApplicationsPtrInput` via: +// +// ConditionalAccessPolicyConditionsClientApplicationsArgs{...} +// +// or: +// +// nil +type ConditionalAccessPolicyConditionsClientApplicationsPtrInput interface { + pulumi.Input + + ToConditionalAccessPolicyConditionsClientApplicationsPtrOutput() ConditionalAccessPolicyConditionsClientApplicationsPtrOutput + ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(context.Context) ConditionalAccessPolicyConditionsClientApplicationsPtrOutput +} + +type conditionalAccessPolicyConditionsClientApplicationsPtrType ConditionalAccessPolicyConditionsClientApplicationsArgs + +func ConditionalAccessPolicyConditionsClientApplicationsPtr(v *ConditionalAccessPolicyConditionsClientApplicationsArgs) ConditionalAccessPolicyConditionsClientApplicationsPtrInput { + return (*conditionalAccessPolicyConditionsClientApplicationsPtrType)(v) +} + +func (*conditionalAccessPolicyConditionsClientApplicationsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ConditionalAccessPolicyConditionsClientApplications)(nil)).Elem() +} + +func (i *conditionalAccessPolicyConditionsClientApplicationsPtrType) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutput() ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return i.ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(context.Background()) +} + +func (i *conditionalAccessPolicyConditionsClientApplicationsPtrType) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(ctx context.Context) ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) +} + +type ConditionalAccessPolicyConditionsClientApplicationsOutput struct{ *pulumi.OutputState } + +func (ConditionalAccessPolicyConditionsClientApplicationsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ConditionalAccessPolicyConditionsClientApplications)(nil)).Elem() +} + +func (o ConditionalAccessPolicyConditionsClientApplicationsOutput) ToConditionalAccessPolicyConditionsClientApplicationsOutput() ConditionalAccessPolicyConditionsClientApplicationsOutput { + return o +} + +func (o ConditionalAccessPolicyConditionsClientApplicationsOutput) ToConditionalAccessPolicyConditionsClientApplicationsOutputWithContext(ctx context.Context) ConditionalAccessPolicyConditionsClientApplicationsOutput { + return o +} + +func (o ConditionalAccessPolicyConditionsClientApplicationsOutput) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutput() ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return o.ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(context.Background()) +} + +func (o ConditionalAccessPolicyConditionsClientApplicationsOutput) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(ctx context.Context) ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ConditionalAccessPolicyConditionsClientApplications) *ConditionalAccessPolicyConditionsClientApplications { + return &v + }).(ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) +} + +// A list of service principal IDs explicitly excluded in the policy. +func (o ConditionalAccessPolicyConditionsClientApplicationsOutput) ExcludedServicePrincipals() pulumi.StringArrayOutput { + return o.ApplyT(func(v ConditionalAccessPolicyConditionsClientApplications) []string { + return v.ExcludedServicePrincipals + }).(pulumi.StringArrayOutput) +} + +// A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excludedServicePrincipals` is set. +func (o ConditionalAccessPolicyConditionsClientApplicationsOutput) IncludedServicePrincipals() pulumi.StringArrayOutput { + return o.ApplyT(func(v ConditionalAccessPolicyConditionsClientApplications) []string { + return v.IncludedServicePrincipals + }).(pulumi.StringArrayOutput) +} + +type ConditionalAccessPolicyConditionsClientApplicationsPtrOutput struct{ *pulumi.OutputState } + +func (ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ConditionalAccessPolicyConditionsClientApplications)(nil)).Elem() +} + +func (o ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutput() ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return o +} + +func (o ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) ToConditionalAccessPolicyConditionsClientApplicationsPtrOutputWithContext(ctx context.Context) ConditionalAccessPolicyConditionsClientApplicationsPtrOutput { + return o +} + +func (o ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) Elem() ConditionalAccessPolicyConditionsClientApplicationsOutput { + return o.ApplyT(func(v *ConditionalAccessPolicyConditionsClientApplications) ConditionalAccessPolicyConditionsClientApplications { + if v != nil { + return *v + } + var ret ConditionalAccessPolicyConditionsClientApplications + return ret + }).(ConditionalAccessPolicyConditionsClientApplicationsOutput) +} + +// A list of service principal IDs explicitly excluded in the policy. +func (o ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) ExcludedServicePrincipals() pulumi.StringArrayOutput { + return o.ApplyT(func(v *ConditionalAccessPolicyConditionsClientApplications) []string { + if v == nil { + return nil + } + return v.ExcludedServicePrincipals + }).(pulumi.StringArrayOutput) +} + +// A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excludedServicePrincipals` is set. +func (o ConditionalAccessPolicyConditionsClientApplicationsPtrOutput) IncludedServicePrincipals() pulumi.StringArrayOutput { + return o.ApplyT(func(v *ConditionalAccessPolicyConditionsClientApplications) []string { + if v == nil { + return nil + } + return v.IncludedServicePrincipals + }).(pulumi.StringArrayOutput) +} + type ConditionalAccessPolicyConditionsDevices struct { // A `filter` block as described below. A `filter` block can be added to an existing policy, but removing the `filter` block forces a new resource to be created. Filter *ConditionalAccessPolicyConditionsDevicesFilter `pulumi:"filter"` @@ -5376,6 +5557,8 @@ type ConditionalAccessPolicySessionControls struct { ApplicationEnforcedRestrictionsEnabled *bool `pulumi:"applicationEnforcedRestrictionsEnabled"` // Enables cloud app security and specifies the cloud app security policy to use. Possible values are: `blockDownloads`, `mcasConfigured`, `monitorOnly` or `unknownFutureValue`. CloudAppSecurityPolicy *string `pulumi:"cloudAppSecurityPolicy"` + // Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + DisableResilienceDefaults *bool `pulumi:"disableResilienceDefaults"` // Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. PersistentBrowserMode *string `pulumi:"persistentBrowserMode"` // Number of days or hours to enforce sign-in frequency. Required when `signInFrequencyPeriod` is specified. Due to an API issue, removing this property forces a new resource to be created. @@ -5402,6 +5585,8 @@ type ConditionalAccessPolicySessionControlsArgs struct { ApplicationEnforcedRestrictionsEnabled pulumi.BoolPtrInput `pulumi:"applicationEnforcedRestrictionsEnabled"` // Enables cloud app security and specifies the cloud app security policy to use. Possible values are: `blockDownloads`, `mcasConfigured`, `monitorOnly` or `unknownFutureValue`. CloudAppSecurityPolicy pulumi.StringPtrInput `pulumi:"cloudAppSecurityPolicy"` + // Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + DisableResilienceDefaults pulumi.BoolPtrInput `pulumi:"disableResilienceDefaults"` // Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. PersistentBrowserMode pulumi.StringPtrInput `pulumi:"persistentBrowserMode"` // Number of days or hours to enforce sign-in frequency. Required when `signInFrequencyPeriod` is specified. Due to an API issue, removing this property forces a new resource to be created. @@ -5499,6 +5684,11 @@ func (o ConditionalAccessPolicySessionControlsOutput) CloudAppSecurityPolicy() p return o.ApplyT(func(v ConditionalAccessPolicySessionControls) *string { return v.CloudAppSecurityPolicy }).(pulumi.StringPtrOutput) } +// Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. +func (o ConditionalAccessPolicySessionControlsOutput) DisableResilienceDefaults() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ConditionalAccessPolicySessionControls) *bool { return v.DisableResilienceDefaults }).(pulumi.BoolPtrOutput) +} + // Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. func (o ConditionalAccessPolicySessionControlsOutput) PersistentBrowserMode() pulumi.StringPtrOutput { return o.ApplyT(func(v ConditionalAccessPolicySessionControls) *string { return v.PersistentBrowserMode }).(pulumi.StringPtrOutput) @@ -5560,6 +5750,16 @@ func (o ConditionalAccessPolicySessionControlsPtrOutput) CloudAppSecurityPolicy( }).(pulumi.StringPtrOutput) } +// Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. +func (o ConditionalAccessPolicySessionControlsPtrOutput) DisableResilienceDefaults() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ConditionalAccessPolicySessionControls) *bool { + if v == nil { + return nil + } + return v.DisableResilienceDefaults + }).(pulumi.BoolPtrOutput) +} + // Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. func (o ConditionalAccessPolicySessionControlsPtrOutput) PersistentBrowserMode() pulumi.StringPtrOutput { return o.ApplyT(func(v *ConditionalAccessPolicySessionControls) *string { @@ -10135,6 +10335,8 @@ type GetUsersUser struct { AccountEnabled bool `pulumi:"accountEnabled"` // The display name of the user. DisplayName string `pulumi:"displayName"` + // The employee identifier assigned to the user by the organisation. + EmployeeId string `pulumi:"employeeId"` // The primary email address of the user. Mail string `pulumi:"mail"` // The email alias of the user. @@ -10169,6 +10371,8 @@ type GetUsersUserArgs struct { AccountEnabled pulumi.BoolInput `pulumi:"accountEnabled"` // The display name of the user. DisplayName pulumi.StringInput `pulumi:"displayName"` + // The employee identifier assigned to the user by the organisation. + EmployeeId pulumi.StringInput `pulumi:"employeeId"` // The primary email address of the user. Mail pulumi.StringInput `pulumi:"mail"` // The email alias of the user. @@ -10248,6 +10452,11 @@ func (o GetUsersUserOutput) DisplayName() pulumi.StringOutput { return o.ApplyT(func(v GetUsersUser) string { return v.DisplayName }).(pulumi.StringOutput) } +// The employee identifier assigned to the user by the organisation. +func (o GetUsersUserOutput) EmployeeId() pulumi.StringOutput { + return o.ApplyT(func(v GetUsersUser) string { return v.EmployeeId }).(pulumi.StringOutput) +} + // The primary email address of the user. func (o GetUsersUserOutput) Mail() pulumi.StringOutput { return o.ApplyT(func(v GetUsersUser) string { return v.Mail }).(pulumi.StringOutput) @@ -10367,6 +10576,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsPtrInput)(nil)).Elem(), ConditionalAccessPolicyConditionsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsApplicationsInput)(nil)).Elem(), ConditionalAccessPolicyConditionsApplicationsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsApplicationsPtrInput)(nil)).Elem(), ConditionalAccessPolicyConditionsApplicationsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsClientApplicationsInput)(nil)).Elem(), ConditionalAccessPolicyConditionsClientApplicationsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsClientApplicationsPtrInput)(nil)).Elem(), ConditionalAccessPolicyConditionsClientApplicationsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsDevicesInput)(nil)).Elem(), ConditionalAccessPolicyConditionsDevicesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsDevicesPtrInput)(nil)).Elem(), ConditionalAccessPolicyConditionsDevicesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ConditionalAccessPolicyConditionsDevicesFilterInput)(nil)).Elem(), ConditionalAccessPolicyConditionsDevicesFilterArgs{}) @@ -10511,6 +10722,8 @@ func init() { pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsPtrOutput{}) pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsApplicationsOutput{}) pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsApplicationsPtrOutput{}) + pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsClientApplicationsOutput{}) + pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsClientApplicationsPtrOutput{}) pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsDevicesOutput{}) pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsDevicesPtrOutput{}) pulumi.RegisterOutputType(ConditionalAccessPolicyConditionsDevicesFilterOutput{}) diff --git a/sdk/go/azuread/servicePrincipalPassword.go b/sdk/go/azuread/servicePrincipalPassword.go index 8a9b1e213..3cce51308 100644 --- a/sdk/go/azuread/servicePrincipalPassword.go +++ b/sdk/go/azuread/servicePrincipalPassword.go @@ -21,6 +21,94 @@ import ( // // When authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator` // +// ## Example Usage +// +// *Basic example* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleApplication, err := azuread.NewApplication(ctx, "exampleApplication", &azuread.ApplicationArgs{ +// DisplayName: pulumi.String("example"), +// }) +// if err != nil { +// return err +// } +// exampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, "exampleServicePrincipal", &azuread.ServicePrincipalArgs{ +// ApplicationId: exampleApplication.ApplicationId, +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewServicePrincipalPassword(ctx, "exampleServicePrincipalPassword", &azuread.ServicePrincipalPasswordArgs{ +// ServicePrincipalId: exampleServicePrincipal.ObjectId, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// *Time-based rotation* +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread" +// "github.com/pulumi/pulumi-time/sdk/go/time" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleApplication, err := azuread.NewApplication(ctx, "exampleApplication", &azuread.ApplicationArgs{ +// DisplayName: pulumi.String("example"), +// }) +// if err != nil { +// return err +// } +// exampleServicePrincipal, err := azuread.NewServicePrincipal(ctx, "exampleServicePrincipal", &azuread.ServicePrincipalArgs{ +// ApplicationId: exampleApplication.ApplicationId, +// }) +// if err != nil { +// return err +// } +// exampleRotating, err := time.NewRotating(ctx, "exampleRotating", &time.RotatingArgs{ +// RotationDays: pulumi.Int(7), +// }) +// if err != nil { +// return err +// } +// _, err = azuread.NewServicePrincipalPassword(ctx, "exampleServicePrincipalPassword", &azuread.ServicePrincipalPasswordArgs{ +// ServicePrincipalId: exampleServicePrincipal.ObjectId, +// RotateWhenChanged: pulumi.StringMap{ +// "rotation": exampleRotating.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // This resource does not support importing. diff --git a/sdk/go/azuread/user.go b/sdk/go/azuread/user.go index 1a20e30b8..bfc069742 100644 --- a/sdk/go/azuread/user.go +++ b/sdk/go/azuread/user.go @@ -78,7 +78,7 @@ type User struct { ConsentProvidedForMinor pulumi.StringPtrOutput `pulumi:"consentProvidedForMinor"` // The cost center associated with the user. CostCenter pulumi.StringPtrOutput `pulumi:"costCenter"` - // The country/region in which the user is located, e.g. `US` or `UK`. + // The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. Country pulumi.StringPtrOutput `pulumi:"country"` // Indicates whether the user account was created as a regular school or work account (`null`), an external account (`Invitation`), a local account for an Azure Active Directory B2C tenant (`LocalAccount`) or self-service sign-up using email verification (`EmailVerified`). CreationType pulumi.StringOutput `pulumi:"creationType"` @@ -219,7 +219,7 @@ type userState struct { ConsentProvidedForMinor *string `pulumi:"consentProvidedForMinor"` // The cost center associated with the user. CostCenter *string `pulumi:"costCenter"` - // The country/region in which the user is located, e.g. `US` or `UK`. + // The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. Country *string `pulumi:"country"` // Indicates whether the user account was created as a regular school or work account (`null`), an external account (`Invitation`), a local account for an Azure Active Directory B2C tenant (`LocalAccount`) or self-service sign-up using email verification (`EmailVerified`). CreationType *string `pulumi:"creationType"` @@ -319,7 +319,7 @@ type UserState struct { ConsentProvidedForMinor pulumi.StringPtrInput // The cost center associated with the user. CostCenter pulumi.StringPtrInput - // The country/region in which the user is located, e.g. `US` or `UK`. + // The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. Country pulumi.StringPtrInput // Indicates whether the user account was created as a regular school or work account (`null`), an external account (`Invitation`), a local account for an Azure Active Directory B2C tenant (`LocalAccount`) or self-service sign-up using email verification (`EmailVerified`). CreationType pulumi.StringPtrInput @@ -421,7 +421,7 @@ type userArgs struct { ConsentProvidedForMinor *string `pulumi:"consentProvidedForMinor"` // The cost center associated with the user. CostCenter *string `pulumi:"costCenter"` - // The country/region in which the user is located, e.g. `US` or `UK`. + // The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. Country *string `pulumi:"country"` // The name for the department in which the user works. Department *string `pulumi:"department"` @@ -496,7 +496,7 @@ type UserArgs struct { ConsentProvidedForMinor pulumi.StringPtrInput // The cost center associated with the user. CostCenter pulumi.StringPtrInput - // The country/region in which the user is located, e.g. `US` or `UK`. + // The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. Country pulumi.StringPtrInput // The name for the department in which the user works. Department pulumi.StringPtrInput @@ -682,7 +682,7 @@ func (o UserOutput) CostCenter() pulumi.StringPtrOutput { return o.ApplyT(func(v *User) pulumi.StringPtrOutput { return v.CostCenter }).(pulumi.StringPtrOutput) } -// The country/region in which the user is located, e.g. `US` or `UK`. +// The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. func (o UserOutput) Country() pulumi.StringPtrOutput { return o.ApplyT(func(v *User) pulumi.StringPtrOutput { return v.Country }).(pulumi.StringPtrOutput) } diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java index bfee604ce..96cde061e 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnit.java @@ -28,7 +28,6 @@ * When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` * * ## Example Usage - * * ```java * package generated_program; * @@ -53,7 +52,7 @@ * var example = new AdministrativeUnit("example", AdministrativeUnitArgs.builder() * .description("Just an example") * .displayName("Example-AU") - * .visibility("Public") + * .hiddenMembershipEnabled(false) * .build()); * * } @@ -100,14 +99,14 @@ public Output displayName() { return this.displayName; } /** - * Whether the administrative unit and its members are hidden or publicly viewable in the directory + * Whether the administrative unit and its members are hidden or publicly viewable in the directory. * */ @Export(name="hiddenMembershipEnabled", type=Boolean.class, parameters={}) private Output hiddenMembershipEnabled; /** - * @return Whether the administrative unit and its members are hidden or publicly viewable in the directory + * @return Whether the administrative unit and its members are hidden or publicly viewable in the directory. * */ public Output> hiddenMembershipEnabled() { diff --git a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitArgs.java index b9e55eecb..5884393a7 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/AdministrativeUnitArgs.java @@ -48,14 +48,14 @@ public Output displayName() { } /** - * Whether the administrative unit and its members are hidden or publicly viewable in the directory + * Whether the administrative unit and its members are hidden or publicly viewable in the directory. * */ @Import(name="hiddenMembershipEnabled") private @Nullable Output hiddenMembershipEnabled; /** - * @return Whether the administrative unit and its members are hidden or publicly viewable in the directory + * @return Whether the administrative unit and its members are hidden or publicly viewable in the directory. * */ public Optional> hiddenMembershipEnabled() { @@ -167,7 +167,7 @@ public Builder displayName(String displayName) { } /** - * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory + * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory. * * @return builder * @@ -178,7 +178,7 @@ public Builder hiddenMembershipEnabled(@Nullable Output hiddenMembershi } /** - * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory + * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPassword.java b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPassword.java index a33113c80..b207c3d19 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPassword.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ApplicationPassword.java @@ -17,6 +17,87 @@ import javax.annotation.Nullable; /** + * ## Example Usage + * + * *Basic example* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.Application; + * import com.pulumi.azuread.ApplicationArgs; + * import com.pulumi.azuread.ApplicationPassword; + * import com.pulumi.azuread.ApplicationPasswordArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleApplication = new Application("exampleApplication", ApplicationArgs.builder() + * .displayName("example") + * .build()); + * + * var exampleApplicationPassword = new ApplicationPassword("exampleApplicationPassword", ApplicationPasswordArgs.builder() + * .applicationObjectId(exampleApplication.objectId()) + * .build()); + * + * } + * } + * ``` + * + * *Time-based rotation* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.Application; + * import com.pulumi.azuread.ApplicationArgs; + * import com.pulumi.time.Rotating; + * import com.pulumi.time.RotatingArgs; + * import com.pulumi.azuread.ApplicationPassword; + * import com.pulumi.azuread.ApplicationPasswordArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleApplication = new Application("exampleApplication", ApplicationArgs.builder() + * .displayName("example") + * .build()); + * + * var exampleRotating = new Rotating("exampleRotating", RotatingArgs.builder() + * .rotationDays(7) + * .build()); + * + * var exampleApplicationPassword = new ApplicationPassword("exampleApplicationPassword", ApplicationPasswordArgs.builder() + * .applicationObjectId(exampleApplication.objectId()) + * .rotateWhenChanged(Map.of("rotation", exampleRotating.id())) + * .build()); + * + * } + * } + * ``` + * * ## Import * * This resource does not support importing. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java b/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java index 8189ee102..c9af8e0ce 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ConditionalAccessPolicy.java @@ -20,6 +20,8 @@ /** * Manages a Conditional Access Policy within Azure Active Directory. * + * > **Licensing Requirements** Specifying `client_applications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access). + * * ## API Permissions * * The following API permissions are required in order to use this resource. @@ -29,6 +31,7 @@ * When authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator` * * ## Example Usage + * ### All users except guests or external users * ```java * package generated_program; * @@ -95,6 +98,7 @@ * .sessionControls(ConditionalAccessPolicySessionControlsArgs.builder() * .applicationEnforcedRestrictionsEnabled(true) * .cloudAppSecurityPolicy("monitorOnly") + * .disableResilienceDefaults(false) * .signInFrequency(10) * .signInFrequencyPeriod("hours") * .build()) @@ -104,6 +108,116 @@ * } * } * ``` + * ### Included client applications / service principals + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.ConditionalAccessPolicy; + * import com.pulumi.azuread.ConditionalAccessPolicyArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var current = AzureadFunctions.getClientConfig(); + * + * var example = new ConditionalAccessPolicy("example", ConditionalAccessPolicyArgs.builder() + * .displayName("example policy") + * .state("disabled") + * .conditions(ConditionalAccessPolicyConditionsArgs.builder() + * .clientAppTypes("all") + * .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder() + * .includedApplications("All") + * .build()) + * .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder() + * .includedServicePrincipals(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId())) + * .excludedServicePrincipals() + * .build()) + * .users(ConditionalAccessPolicyConditionsUsersArgs.builder() + * .includedUsers("None") + * .build()) + * .build()) + * .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder() + * .operator("OR") + * .builtInControls("block") + * .build()) + * .build()); + * + * } + * } + * ``` + * ### Excluded client applications / service principals + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.AzureadFunctions; + * import com.pulumi.azuread.ConditionalAccessPolicy; + * import com.pulumi.azuread.ConditionalAccessPolicyArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsUsersArgs; + * import com.pulumi.azuread.inputs.ConditionalAccessPolicyGrantControlsArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var current = AzureadFunctions.getClientConfig(); + * + * var example = new ConditionalAccessPolicy("example", ConditionalAccessPolicyArgs.builder() + * .displayName("example policy") + * .state("disabled") + * .conditions(ConditionalAccessPolicyConditionsArgs.builder() + * .clientAppTypes("all") + * .applications(ConditionalAccessPolicyConditionsApplicationsArgs.builder() + * .includedApplications("All") + * .build()) + * .clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs.builder() + * .includedServicePrincipals("ServicePrincipalsInMyTenant") + * .excludedServicePrincipals(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId())) + * .build()) + * .users(ConditionalAccessPolicyConditionsUsersArgs.builder() + * .includedUsers("None") + * .build()) + * .build()) + * .grantControls(ConditionalAccessPolicyGrantControlsArgs.builder() + * .operator("OR") + * .builtInControls("block") + * .build()) + * .build()); + * + * } + * } + * ``` * * ## Import * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalPassword.java b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalPassword.java index 8bb6de43d..7c84bcabd 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalPassword.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/ServicePrincipalPassword.java @@ -27,6 +27,99 @@ * * When authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator` * + * ## Example Usage + * + * *Basic example* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.Application; + * import com.pulumi.azuread.ApplicationArgs; + * import com.pulumi.azuread.ServicePrincipal; + * import com.pulumi.azuread.ServicePrincipalArgs; + * import com.pulumi.azuread.ServicePrincipalPassword; + * import com.pulumi.azuread.ServicePrincipalPasswordArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleApplication = new Application("exampleApplication", ApplicationArgs.builder() + * .displayName("example") + * .build()); + * + * var exampleServicePrincipal = new ServicePrincipal("exampleServicePrincipal", ServicePrincipalArgs.builder() + * .applicationId(exampleApplication.applicationId()) + * .build()); + * + * var exampleServicePrincipalPassword = new ServicePrincipalPassword("exampleServicePrincipalPassword", ServicePrincipalPasswordArgs.builder() + * .servicePrincipalId(exampleServicePrincipal.objectId()) + * .build()); + * + * } + * } + * ``` + * + * *Time-based rotation* + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azuread.Application; + * import com.pulumi.azuread.ApplicationArgs; + * import com.pulumi.azuread.ServicePrincipal; + * import com.pulumi.azuread.ServicePrincipalArgs; + * import com.pulumi.time.Rotating; + * import com.pulumi.time.RotatingArgs; + * import com.pulumi.azuread.ServicePrincipalPassword; + * import com.pulumi.azuread.ServicePrincipalPasswordArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleApplication = new Application("exampleApplication", ApplicationArgs.builder() + * .displayName("example") + * .build()); + * + * var exampleServicePrincipal = new ServicePrincipal("exampleServicePrincipal", ServicePrincipalArgs.builder() + * .applicationId(exampleApplication.applicationId()) + * .build()); + * + * var exampleRotating = new Rotating("exampleRotating", RotatingArgs.builder() + * .rotationDays(7) + * .build()); + * + * var exampleServicePrincipalPassword = new ServicePrincipalPassword("exampleServicePrincipalPassword", ServicePrincipalPasswordArgs.builder() + * .servicePrincipalId(exampleServicePrincipal.objectId()) + * .rotateWhenChanged(Map.of("rotation", exampleRotating.id())) + * .build()); + * + * } + * } + * ``` + * * ## Import * * This resource does not support importing. diff --git a/sdk/java/src/main/java/com/pulumi/azuread/User.java b/sdk/java/src/main/java/com/pulumi/azuread/User.java index eeb069fbd..bac870a28 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/User.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/User.java @@ -184,14 +184,14 @@ public Output> costCenter() { return Codegen.optional(this.costCenter); } /** - * The country/region in which the user is located, e.g. `US` or `UK`. + * The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * */ @Export(name="country", type=String.class, parameters={}) private Output country; /** - * @return The country/region in which the user is located, e.g. `US` or `UK`. + * @return The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * */ public Output> country() { diff --git a/sdk/java/src/main/java/com/pulumi/azuread/UserArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/UserArgs.java index 656e93b80..cbc94276d 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/UserArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/UserArgs.java @@ -123,14 +123,14 @@ public Optional> costCenter() { } /** - * The country/region in which the user is located, e.g. `US` or `UK`. + * The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * */ @Import(name="country") private @Nullable Output country; /** - * @return The country/region in which the user is located, e.g. `US` or `UK`. + * @return The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * */ public Optional> country() { @@ -760,7 +760,7 @@ public Builder costCenter(String costCenter) { } /** - * @param country The country/region in which the user is located, e.g. `US` or `UK`. + * @param country The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * * @return builder * @@ -771,7 +771,7 @@ public Builder country(@Nullable Output country) { } /** - * @param country The country/region in which the user is located, e.g. `US` or `UK`. + * @param country The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitState.java index f1c99efe3..54f373dd5 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitState.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/AdministrativeUnitState.java @@ -48,14 +48,14 @@ public Optional> displayName() { } /** - * Whether the administrative unit and its members are hidden or publicly viewable in the directory + * Whether the administrative unit and its members are hidden or publicly viewable in the directory. * */ @Import(name="hiddenMembershipEnabled") private @Nullable Output hiddenMembershipEnabled; /** - * @return Whether the administrative unit and its members are hidden or publicly viewable in the directory + * @return Whether the administrative unit and its members are hidden or publicly viewable in the directory. * */ public Optional> hiddenMembershipEnabled() { @@ -183,7 +183,7 @@ public Builder displayName(String displayName) { } /** - * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory + * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory. * * @return builder * @@ -194,7 +194,7 @@ public Builder hiddenMembershipEnabled(@Nullable Output hiddenMembershi } /** - * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory + * @param hiddenMembershipEnabled Whether the administrative unit and its members are hidden or publicly viewable in the directory. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicyConditionsArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicyConditionsArgs.java index 6fd67c364..cba21b928 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicyConditionsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicyConditionsArgs.java @@ -4,6 +4,7 @@ package com.pulumi.azuread.inputs; import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsApplicationsArgs; +import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsClientApplicationsArgs; import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsDevicesArgs; import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsLocationsArgs; import com.pulumi.azuread.inputs.ConditionalAccessPolicyConditionsPlatformsArgs; @@ -51,6 +52,21 @@ public Output> clientAppTypes() { return this.clientAppTypes; } + /** + * An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + * + */ + @Import(name="clientApplications") + private @Nullable Output clientApplications; + + /** + * @return An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + * + */ + public Optional> clientApplications() { + return Optional.ofNullable(this.clientApplications); + } + /** * A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. * @@ -146,6 +162,7 @@ private ConditionalAccessPolicyConditionsArgs() {} private ConditionalAccessPolicyConditionsArgs(ConditionalAccessPolicyConditionsArgs $) { this.applications = $.applications; this.clientAppTypes = $.clientAppTypes; + this.clientApplications = $.clientApplications; this.devices = $.devices; this.locations = $.locations; this.platforms = $.platforms; @@ -224,6 +241,27 @@ public Builder clientAppTypes(String... clientAppTypes) { return clientAppTypes(List.of(clientAppTypes)); } + /** + * @param clientApplications An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + * + * @return builder + * + */ + public Builder clientApplications(@Nullable Output clientApplications) { + $.clientApplications = clientApplications; + return this; + } + + /** + * @param clientApplications An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + * + * @return builder + * + */ + public Builder clientApplications(ConditionalAccessPolicyConditionsClientApplicationsArgs clientApplications) { + return clientApplications(Output.of(clientApplications)); + } + /** * @param devices A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicyConditionsClientApplicationsArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicyConditionsClientApplicationsArgs.java new file mode 100644 index 000000000..25f7a5f30 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicyConditionsClientApplicationsArgs.java @@ -0,0 +1,141 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ConditionalAccessPolicyConditionsClientApplicationsArgs extends com.pulumi.resources.ResourceArgs { + + public static final ConditionalAccessPolicyConditionsClientApplicationsArgs Empty = new ConditionalAccessPolicyConditionsClientApplicationsArgs(); + + /** + * A list of service principal IDs explicitly excluded in the policy. + * + */ + @Import(name="excludedServicePrincipals") + private @Nullable Output> excludedServicePrincipals; + + /** + * @return A list of service principal IDs explicitly excluded in the policy. + * + */ + public Optional>> excludedServicePrincipals() { + return Optional.ofNullable(this.excludedServicePrincipals); + } + + /** + * A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + * + */ + @Import(name="includedServicePrincipals") + private @Nullable Output> includedServicePrincipals; + + /** + * @return A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + * + */ + public Optional>> includedServicePrincipals() { + return Optional.ofNullable(this.includedServicePrincipals); + } + + private ConditionalAccessPolicyConditionsClientApplicationsArgs() {} + + private ConditionalAccessPolicyConditionsClientApplicationsArgs(ConditionalAccessPolicyConditionsClientApplicationsArgs $) { + this.excludedServicePrincipals = $.excludedServicePrincipals; + this.includedServicePrincipals = $.includedServicePrincipals; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ConditionalAccessPolicyConditionsClientApplicationsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ConditionalAccessPolicyConditionsClientApplicationsArgs $; + + public Builder() { + $ = new ConditionalAccessPolicyConditionsClientApplicationsArgs(); + } + + public Builder(ConditionalAccessPolicyConditionsClientApplicationsArgs defaults) { + $ = new ConditionalAccessPolicyConditionsClientApplicationsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param excludedServicePrincipals A list of service principal IDs explicitly excluded in the policy. + * + * @return builder + * + */ + public Builder excludedServicePrincipals(@Nullable Output> excludedServicePrincipals) { + $.excludedServicePrincipals = excludedServicePrincipals; + return this; + } + + /** + * @param excludedServicePrincipals A list of service principal IDs explicitly excluded in the policy. + * + * @return builder + * + */ + public Builder excludedServicePrincipals(List excludedServicePrincipals) { + return excludedServicePrincipals(Output.of(excludedServicePrincipals)); + } + + /** + * @param excludedServicePrincipals A list of service principal IDs explicitly excluded in the policy. + * + * @return builder + * + */ + public Builder excludedServicePrincipals(String... excludedServicePrincipals) { + return excludedServicePrincipals(List.of(excludedServicePrincipals)); + } + + /** + * @param includedServicePrincipals A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + * + * @return builder + * + */ + public Builder includedServicePrincipals(@Nullable Output> includedServicePrincipals) { + $.includedServicePrincipals = includedServicePrincipals; + return this; + } + + /** + * @param includedServicePrincipals A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + * + * @return builder + * + */ + public Builder includedServicePrincipals(List includedServicePrincipals) { + return includedServicePrincipals(Output.of(includedServicePrincipals)); + } + + /** + * @param includedServicePrincipals A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + * + * @return builder + * + */ + public Builder includedServicePrincipals(String... includedServicePrincipals) { + return includedServicePrincipals(List.of(includedServicePrincipals)); + } + + public ConditionalAccessPolicyConditionsClientApplicationsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicySessionControlsArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicySessionControlsArgs.java index 23f23e535..c5e99b7ae 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicySessionControlsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/ConditionalAccessPolicySessionControlsArgs.java @@ -51,6 +51,21 @@ public Optional> cloudAppSecurityPolicy() { return Optional.ofNullable(this.cloudAppSecurityPolicy); } + /** + * Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + * + */ + @Import(name="disableResilienceDefaults") + private @Nullable Output disableResilienceDefaults; + + /** + * @return Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + * + */ + public Optional> disableResilienceDefaults() { + return Optional.ofNullable(this.disableResilienceDefaults); + } + /** * Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. * @@ -101,6 +116,7 @@ private ConditionalAccessPolicySessionControlsArgs() {} private ConditionalAccessPolicySessionControlsArgs(ConditionalAccessPolicySessionControlsArgs $) { this.applicationEnforcedRestrictionsEnabled = $.applicationEnforcedRestrictionsEnabled; this.cloudAppSecurityPolicy = $.cloudAppSecurityPolicy; + this.disableResilienceDefaults = $.disableResilienceDefaults; this.persistentBrowserMode = $.persistentBrowserMode; this.signInFrequency = $.signInFrequency; this.signInFrequencyPeriod = $.signInFrequencyPeriod; @@ -170,6 +186,27 @@ public Builder cloudAppSecurityPolicy(String cloudAppSecurityPolicy) { return cloudAppSecurityPolicy(Output.of(cloudAppSecurityPolicy)); } + /** + * @param disableResilienceDefaults Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + * + * @return builder + * + */ + public Builder disableResilienceDefaults(@Nullable Output disableResilienceDefaults) { + $.disableResilienceDefaults = disableResilienceDefaults; + return this; + } + + /** + * @param disableResilienceDefaults Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + * + * @return builder + * + */ + public Builder disableResilienceDefaults(Boolean disableResilienceDefaults) { + return disableResilienceDefaults(Output.of(disableResilienceDefaults)); + } + /** * @param persistentBrowserMode Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java index 18ce37161..86cdbb331 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserArgs.java @@ -15,6 +15,21 @@ public final class GetUserArgs extends com.pulumi.resources.InvokeArgs { public static final GetUserArgs Empty = new GetUserArgs(); + /** + * The employee identifier assigned to the user by the organisation. + * + */ + @Import(name="employeeId") + private @Nullable Output employeeId; + + /** + * @return The employee identifier assigned to the user by the organisation. + * + */ + public Optional> employeeId() { + return Optional.ofNullable(this.employeeId); + } + /** * The SMTP address for the user. * @@ -63,7 +78,7 @@ public Optional> objectId() { /** * The user principal name (UPN) of the user. * - * > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + * > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. * */ @Import(name="userPrincipalName") @@ -72,7 +87,7 @@ public Optional> objectId() { /** * @return The user principal name (UPN) of the user. * - * > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + * > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. * */ public Optional> userPrincipalName() { @@ -82,6 +97,7 @@ public Optional> userPrincipalName() { private GetUserArgs() {} private GetUserArgs(GetUserArgs $) { + this.employeeId = $.employeeId; this.mail = $.mail; this.mailNickname = $.mailNickname; this.objectId = $.objectId; @@ -106,6 +122,27 @@ public Builder(GetUserArgs defaults) { $ = new GetUserArgs(Objects.requireNonNull(defaults)); } + /** + * @param employeeId The employee identifier assigned to the user by the organisation. + * + * @return builder + * + */ + public Builder employeeId(@Nullable Output employeeId) { + $.employeeId = employeeId; + return this; + } + + /** + * @param employeeId The employee identifier assigned to the user by the organisation. + * + * @return builder + * + */ + public Builder employeeId(String employeeId) { + return employeeId(Output.of(employeeId)); + } + /** * @param mail The SMTP address for the user. * @@ -172,7 +209,7 @@ public Builder objectId(String objectId) { /** * @param userPrincipalName The user principal name (UPN) of the user. * - * > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + * > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. * * @return builder * @@ -185,7 +222,7 @@ public Builder userPrincipalName(@Nullable Output userPrincipalName) { /** * @param userPrincipalName The user principal name (UPN) of the user. * - * > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + * > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java index 3e5b079ec..eee5d033b 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUserPlainArgs.java @@ -14,6 +14,21 @@ public final class GetUserPlainArgs extends com.pulumi.resources.InvokeArgs { public static final GetUserPlainArgs Empty = new GetUserPlainArgs(); + /** + * The employee identifier assigned to the user by the organisation. + * + */ + @Import(name="employeeId") + private @Nullable String employeeId; + + /** + * @return The employee identifier assigned to the user by the organisation. + * + */ + public Optional employeeId() { + return Optional.ofNullable(this.employeeId); + } + /** * The SMTP address for the user. * @@ -62,7 +77,7 @@ public Optional objectId() { /** * The user principal name (UPN) of the user. * - * > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + * > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. * */ @Import(name="userPrincipalName") @@ -71,7 +86,7 @@ public Optional objectId() { /** * @return The user principal name (UPN) of the user. * - * > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + * > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. * */ public Optional userPrincipalName() { @@ -81,6 +96,7 @@ public Optional userPrincipalName() { private GetUserPlainArgs() {} private GetUserPlainArgs(GetUserPlainArgs $) { + this.employeeId = $.employeeId; this.mail = $.mail; this.mailNickname = $.mailNickname; this.objectId = $.objectId; @@ -105,6 +121,17 @@ public Builder(GetUserPlainArgs defaults) { $ = new GetUserPlainArgs(Objects.requireNonNull(defaults)); } + /** + * @param employeeId The employee identifier assigned to the user by the organisation. + * + * @return builder + * + */ + public Builder employeeId(@Nullable String employeeId) { + $.employeeId = employeeId; + return this; + } + /** * @param mail The SMTP address for the user. * @@ -141,7 +168,7 @@ public Builder objectId(@Nullable String objectId) { /** * @param userPrincipalName The user principal name (UPN) of the user. * - * > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + * > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersArgs.java index 49016620e..252a3b6d8 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersArgs.java @@ -17,6 +17,21 @@ public final class GetUsersArgs extends com.pulumi.resources.InvokeArgs { public static final GetUsersArgs Empty = new GetUsersArgs(); + /** + * The employee identifiers assigned to the users by the organisation. + * + */ + @Import(name="employeeIds") + private @Nullable Output> employeeIds; + + /** + * @return The employee identifiers assigned to the users by the organisation. + * + */ + public Optional>> employeeIds() { + return Optional.ofNullable(this.employeeIds); + } + /** * Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. * @@ -80,7 +95,7 @@ public Optional> returnAll() { /** * The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * */ @Import(name="userPrincipalNames") @@ -89,7 +104,7 @@ public Optional> returnAll() { /** * @return The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * */ public Optional>> userPrincipalNames() { @@ -99,6 +114,7 @@ public Optional>> userPrincipalNames() { private GetUsersArgs() {} private GetUsersArgs(GetUsersArgs $) { + this.employeeIds = $.employeeIds; this.ignoreMissing = $.ignoreMissing; this.mailNicknames = $.mailNicknames; this.objectIds = $.objectIds; @@ -124,6 +140,37 @@ public Builder(GetUsersArgs defaults) { $ = new GetUsersArgs(Objects.requireNonNull(defaults)); } + /** + * @param employeeIds The employee identifiers assigned to the users by the organisation. + * + * @return builder + * + */ + public Builder employeeIds(@Nullable Output> employeeIds) { + $.employeeIds = employeeIds; + return this; + } + + /** + * @param employeeIds The employee identifiers assigned to the users by the organisation. + * + * @return builder + * + */ + public Builder employeeIds(List employeeIds) { + return employeeIds(Output.of(employeeIds)); + } + + /** + * @param employeeIds The employee identifiers assigned to the users by the organisation. + * + * @return builder + * + */ + public Builder employeeIds(String... employeeIds) { + return employeeIds(List.of(employeeIds)); + } + /** * @param ignoreMissing Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. * @@ -231,7 +278,7 @@ public Builder returnAll(Boolean returnAll) { /** * @param userPrincipalNames The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * * @return builder * @@ -244,7 +291,7 @@ public Builder userPrincipalNames(@Nullable Output> userPrincipalNa /** * @param userPrincipalNames The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * * @return builder * @@ -256,7 +303,7 @@ public Builder userPrincipalNames(List userPrincipalNames) { /** * @param userPrincipalNames The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersPlainArgs.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersPlainArgs.java index 72697fb4e..a9de88e08 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/GetUsersPlainArgs.java @@ -16,6 +16,21 @@ public final class GetUsersPlainArgs extends com.pulumi.resources.InvokeArgs { public static final GetUsersPlainArgs Empty = new GetUsersPlainArgs(); + /** + * The employee identifiers assigned to the users by the organisation. + * + */ + @Import(name="employeeIds") + private @Nullable List employeeIds; + + /** + * @return The employee identifiers assigned to the users by the organisation. + * + */ + public Optional> employeeIds() { + return Optional.ofNullable(this.employeeIds); + } + /** * Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. * @@ -79,7 +94,7 @@ public Optional returnAll() { /** * The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * */ @Import(name="userPrincipalNames") @@ -88,7 +103,7 @@ public Optional returnAll() { /** * @return The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * */ public Optional> userPrincipalNames() { @@ -98,6 +113,7 @@ public Optional> userPrincipalNames() { private GetUsersPlainArgs() {} private GetUsersPlainArgs(GetUsersPlainArgs $) { + this.employeeIds = $.employeeIds; this.ignoreMissing = $.ignoreMissing; this.mailNicknames = $.mailNicknames; this.objectIds = $.objectIds; @@ -123,6 +139,27 @@ public Builder(GetUsersPlainArgs defaults) { $ = new GetUsersPlainArgs(Objects.requireNonNull(defaults)); } + /** + * @param employeeIds The employee identifiers assigned to the users by the organisation. + * + * @return builder + * + */ + public Builder employeeIds(@Nullable List employeeIds) { + $.employeeIds = employeeIds; + return this; + } + + /** + * @param employeeIds The employee identifiers assigned to the users by the organisation. + * + * @return builder + * + */ + public Builder employeeIds(String... employeeIds) { + return employeeIds(List.of(employeeIds)); + } + /** * @param ignoreMissing Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. * @@ -190,7 +227,7 @@ public Builder returnAll(@Nullable Boolean returnAll) { /** * @param userPrincipalNames The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * * @return builder * @@ -203,7 +240,7 @@ public Builder userPrincipalNames(@Nullable List userPrincipalNames) { /** * @param userPrincipalNames The user principal names (UPNs) of the users. * - * > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/inputs/UserState.java b/sdk/java/src/main/java/com/pulumi/azuread/inputs/UserState.java index 4dd9bc598..bbdd1be85 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/inputs/UserState.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/inputs/UserState.java @@ -138,14 +138,14 @@ public Optional> costCenter() { } /** - * The country/region in which the user is located, e.g. `US` or `UK`. + * The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * */ @Import(name="country") private @Nullable Output country; /** - * @return The country/region in which the user is located, e.g. `US` or `UK`. + * @return The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * */ public Optional> country() { @@ -989,7 +989,7 @@ public Builder costCenter(String costCenter) { } /** - * @param country The country/region in which the user is located, e.g. `US` or `UK`. + * @param country The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * * @return builder * @@ -1000,7 +1000,7 @@ public Builder country(@Nullable Output country) { } /** - * @param country The country/region in which the user is located, e.g. `US` or `UK`. + * @param country The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicyConditions.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicyConditions.java index 390715792..82d629a17 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicyConditions.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicyConditions.java @@ -4,6 +4,7 @@ package com.pulumi.azuread.outputs; import com.pulumi.azuread.outputs.ConditionalAccessPolicyConditionsApplications; +import com.pulumi.azuread.outputs.ConditionalAccessPolicyConditionsClientApplications; import com.pulumi.azuread.outputs.ConditionalAccessPolicyConditionsDevices; import com.pulumi.azuread.outputs.ConditionalAccessPolicyConditionsLocations; import com.pulumi.azuread.outputs.ConditionalAccessPolicyConditionsPlatforms; @@ -27,6 +28,11 @@ public final class ConditionalAccessPolicyConditions { * */ private List clientAppTypes; + /** + * @return An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + * + */ + private @Nullable ConditionalAccessPolicyConditionsClientApplications clientApplications; /** * @return A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. * @@ -73,6 +79,13 @@ public ConditionalAccessPolicyConditionsApplications applications() { public List clientAppTypes() { return this.clientAppTypes; } + /** + * @return An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + * + */ + public Optional clientApplications() { + return Optional.ofNullable(this.clientApplications); + } /** * @return A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. * @@ -127,6 +140,7 @@ public static Builder builder(ConditionalAccessPolicyConditions defaults) { public static final class Builder { private ConditionalAccessPolicyConditionsApplications applications; private List clientAppTypes; + private @Nullable ConditionalAccessPolicyConditionsClientApplications clientApplications; private @Nullable ConditionalAccessPolicyConditionsDevices devices; private @Nullable ConditionalAccessPolicyConditionsLocations locations; private @Nullable ConditionalAccessPolicyConditionsPlatforms platforms; @@ -138,6 +152,7 @@ public Builder(ConditionalAccessPolicyConditions defaults) { Objects.requireNonNull(defaults); this.applications = defaults.applications; this.clientAppTypes = defaults.clientAppTypes; + this.clientApplications = defaults.clientApplications; this.devices = defaults.devices; this.locations = defaults.locations; this.platforms = defaults.platforms; @@ -160,6 +175,11 @@ public Builder clientAppTypes(String... clientAppTypes) { return clientAppTypes(List.of(clientAppTypes)); } @CustomType.Setter + public Builder clientApplications(@Nullable ConditionalAccessPolicyConditionsClientApplications clientApplications) { + this.clientApplications = clientApplications; + return this; + } + @CustomType.Setter public Builder devices(@Nullable ConditionalAccessPolicyConditionsDevices devices) { this.devices = devices; return this; @@ -199,6 +219,7 @@ public ConditionalAccessPolicyConditions build() { final var o = new ConditionalAccessPolicyConditions(); o.applications = applications; o.clientAppTypes = clientAppTypes; + o.clientApplications = clientApplications; o.devices = devices; o.locations = locations; o.platforms = platforms; diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicyConditionsClientApplications.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicyConditionsClientApplications.java new file mode 100644 index 000000000..88062dbdc --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicyConditionsClientApplications.java @@ -0,0 +1,82 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.azuread.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class ConditionalAccessPolicyConditionsClientApplications { + /** + * @return A list of service principal IDs explicitly excluded in the policy. + * + */ + private @Nullable List excludedServicePrincipals; + /** + * @return A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + * + */ + private @Nullable List includedServicePrincipals; + + private ConditionalAccessPolicyConditionsClientApplications() {} + /** + * @return A list of service principal IDs explicitly excluded in the policy. + * + */ + public List excludedServicePrincipals() { + return this.excludedServicePrincipals == null ? List.of() : this.excludedServicePrincipals; + } + /** + * @return A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + * + */ + public List includedServicePrincipals() { + return this.includedServicePrincipals == null ? List.of() : this.includedServicePrincipals; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ConditionalAccessPolicyConditionsClientApplications defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List excludedServicePrincipals; + private @Nullable List includedServicePrincipals; + public Builder() {} + public Builder(ConditionalAccessPolicyConditionsClientApplications defaults) { + Objects.requireNonNull(defaults); + this.excludedServicePrincipals = defaults.excludedServicePrincipals; + this.includedServicePrincipals = defaults.includedServicePrincipals; + } + + @CustomType.Setter + public Builder excludedServicePrincipals(@Nullable List excludedServicePrincipals) { + this.excludedServicePrincipals = excludedServicePrincipals; + return this; + } + public Builder excludedServicePrincipals(String... excludedServicePrincipals) { + return excludedServicePrincipals(List.of(excludedServicePrincipals)); + } + @CustomType.Setter + public Builder includedServicePrincipals(@Nullable List includedServicePrincipals) { + this.includedServicePrincipals = includedServicePrincipals; + return this; + } + public Builder includedServicePrincipals(String... includedServicePrincipals) { + return includedServicePrincipals(List.of(includedServicePrincipals)); + } + public ConditionalAccessPolicyConditionsClientApplications build() { + final var o = new ConditionalAccessPolicyConditionsClientApplications(); + o.excludedServicePrincipals = excludedServicePrincipals; + o.includedServicePrincipals = includedServicePrincipals; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicySessionControls.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicySessionControls.java index 351b0fa02..8ea3eb576 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicySessionControls.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/ConditionalAccessPolicySessionControls.java @@ -25,6 +25,11 @@ public final class ConditionalAccessPolicySessionControls { * */ private @Nullable String cloudAppSecurityPolicy; + /** + * @return Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + * + */ + private @Nullable Boolean disableResilienceDefaults; /** * @return Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. * @@ -58,6 +63,13 @@ public Optional applicationEnforcedRestrictionsEnabled() { public Optional cloudAppSecurityPolicy() { return Optional.ofNullable(this.cloudAppSecurityPolicy); } + /** + * @return Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + * + */ + public Optional disableResilienceDefaults() { + return Optional.ofNullable(this.disableResilienceDefaults); + } /** * @return Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. * @@ -91,6 +103,7 @@ public static Builder builder(ConditionalAccessPolicySessionControls defaults) { public static final class Builder { private @Nullable Boolean applicationEnforcedRestrictionsEnabled; private @Nullable String cloudAppSecurityPolicy; + private @Nullable Boolean disableResilienceDefaults; private @Nullable String persistentBrowserMode; private @Nullable Integer signInFrequency; private @Nullable String signInFrequencyPeriod; @@ -99,6 +112,7 @@ public Builder(ConditionalAccessPolicySessionControls defaults) { Objects.requireNonNull(defaults); this.applicationEnforcedRestrictionsEnabled = defaults.applicationEnforcedRestrictionsEnabled; this.cloudAppSecurityPolicy = defaults.cloudAppSecurityPolicy; + this.disableResilienceDefaults = defaults.disableResilienceDefaults; this.persistentBrowserMode = defaults.persistentBrowserMode; this.signInFrequency = defaults.signInFrequency; this.signInFrequencyPeriod = defaults.signInFrequencyPeriod; @@ -115,6 +129,11 @@ public Builder cloudAppSecurityPolicy(@Nullable String cloudAppSecurityPolicy) { return this; } @CustomType.Setter + public Builder disableResilienceDefaults(@Nullable Boolean disableResilienceDefaults) { + this.disableResilienceDefaults = disableResilienceDefaults; + return this; + } + @CustomType.Setter public Builder persistentBrowserMode(@Nullable String persistentBrowserMode) { this.persistentBrowserMode = persistentBrowserMode; return this; @@ -133,6 +152,7 @@ public ConditionalAccessPolicySessionControls build() { final var o = new ConditionalAccessPolicySessionControls(); o.applicationEnforcedRestrictionsEnabled = applicationEnforcedRestrictionsEnabled; o.cloudAppSecurityPolicy = cloudAppSecurityPolicy; + o.disableResilienceDefaults = disableResilienceDefaults; o.persistentBrowserMode = persistentBrowserMode; o.signInFrequency = signInFrequency; o.signInFrequencyPeriod = signInFrequencyPeriod; diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersResult.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersResult.java index 3b89bf82a..ea9720013 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersResult.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersResult.java @@ -14,6 +14,11 @@ @CustomType public final class GetUsersResult { + /** + * @return The employee identifiers assigned to the users by the organisation. + * + */ + private List employeeIds; /** * @return The provider-assigned unique ID for this managed resource. * @@ -43,6 +48,13 @@ public final class GetUsersResult { private List users; private GetUsersResult() {} + /** + * @return The employee identifiers assigned to the users by the organisation. + * + */ + public List employeeIds() { + return this.employeeIds; + } /** * @return The provider-assigned unique ID for this managed resource. * @@ -94,6 +106,7 @@ public static Builder builder(GetUsersResult defaults) { } @CustomType.Builder public static final class Builder { + private List employeeIds; private String id; private @Nullable Boolean ignoreMissing; private List mailNicknames; @@ -104,6 +117,7 @@ public static final class Builder { public Builder() {} public Builder(GetUsersResult defaults) { Objects.requireNonNull(defaults); + this.employeeIds = defaults.employeeIds; this.id = defaults.id; this.ignoreMissing = defaults.ignoreMissing; this.mailNicknames = defaults.mailNicknames; @@ -113,6 +127,14 @@ public Builder(GetUsersResult defaults) { this.users = defaults.users; } + @CustomType.Setter + public Builder employeeIds(List employeeIds) { + this.employeeIds = Objects.requireNonNull(employeeIds); + return this; + } + public Builder employeeIds(String... employeeIds) { + return employeeIds(List.of(employeeIds)); + } @CustomType.Setter public Builder id(String id) { this.id = Objects.requireNonNull(id); @@ -162,6 +184,7 @@ public Builder users(GetUsersUser... users) { } public GetUsersResult build() { final var o = new GetUsersResult(); + o.employeeIds = employeeIds; o.id = id; o.ignoreMissing = ignoreMissing; o.mailNicknames = mailNicknames; diff --git a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersUser.java b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersUser.java index 8ed63141e..41c0640ec 100644 --- a/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersUser.java +++ b/sdk/java/src/main/java/com/pulumi/azuread/outputs/GetUsersUser.java @@ -20,6 +20,11 @@ public final class GetUsersUser { * */ private String displayName; + /** + * @return The employee identifier assigned to the user by the organisation. + * + */ + private String employeeId; /** * @return The primary email address of the user. * @@ -76,6 +81,13 @@ public Boolean accountEnabled() { public String displayName() { return this.displayName; } + /** + * @return The employee identifier assigned to the user by the organisation. + * + */ + public String employeeId() { + return this.employeeId; + } /** * @return The primary email address of the user. * @@ -144,6 +156,7 @@ public static Builder builder(GetUsersUser defaults) { public static final class Builder { private Boolean accountEnabled; private String displayName; + private String employeeId; private String mail; private String mailNickname; private String objectId; @@ -157,6 +170,7 @@ public Builder(GetUsersUser defaults) { Objects.requireNonNull(defaults); this.accountEnabled = defaults.accountEnabled; this.displayName = defaults.displayName; + this.employeeId = defaults.employeeId; this.mail = defaults.mail; this.mailNickname = defaults.mailNickname; this.objectId = defaults.objectId; @@ -178,6 +192,11 @@ public Builder displayName(String displayName) { return this; } @CustomType.Setter + public Builder employeeId(String employeeId) { + this.employeeId = Objects.requireNonNull(employeeId); + return this; + } + @CustomType.Setter public Builder mail(String mail) { this.mail = Objects.requireNonNull(mail); return this; @@ -221,6 +240,7 @@ public GetUsersUser build() { final var o = new GetUsersUser(); o.accountEnabled = accountEnabled; o.displayName = displayName; + o.employeeId = employeeId; o.mail = mail; o.mailNickname = mailNickname; o.objectId = objectId; diff --git a/sdk/nodejs/administrativeUnit.ts b/sdk/nodejs/administrativeUnit.ts index 206541e23..93e5f1a51 100644 --- a/sdk/nodejs/administrativeUnit.ts +++ b/sdk/nodejs/administrativeUnit.ts @@ -15,6 +15,19 @@ import * as utilities from "./utilities"; * * When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const example = new azuread.AdministrativeUnit("example", { + * description: "Just an example", + * displayName: "Example-AU", + * hiddenMembershipEnabled: false, + * }); + * ``` + * * ## Import * * Administrative units can be imported using their object ID, e.g. @@ -60,7 +73,7 @@ export class AdministrativeUnit extends pulumi.CustomResource { */ public readonly displayName!: pulumi.Output; /** - * Whether the administrative unit and its members are hidden or publicly viewable in the directory + * Whether the administrative unit and its members are hidden or publicly viewable in the directory. */ public readonly hiddenMembershipEnabled!: pulumi.Output; /** @@ -127,7 +140,7 @@ export interface AdministrativeUnitState { */ displayName?: pulumi.Input; /** - * Whether the administrative unit and its members are hidden or publicly viewable in the directory + * Whether the administrative unit and its members are hidden or publicly viewable in the directory. */ hiddenMembershipEnabled?: pulumi.Input; /** @@ -159,7 +172,7 @@ export interface AdministrativeUnitArgs { */ displayName: pulumi.Input; /** - * Whether the administrative unit and its members are hidden or publicly viewable in the directory + * Whether the administrative unit and its members are hidden or publicly viewable in the directory. */ hiddenMembershipEnabled?: pulumi.Input; /** diff --git a/sdk/nodejs/applicationPassword.ts b/sdk/nodejs/applicationPassword.ts index 29ab36ab3..b326d30a8 100644 --- a/sdk/nodejs/applicationPassword.ts +++ b/sdk/nodejs/applicationPassword.ts @@ -5,6 +5,35 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "./utilities"; /** + * ## Example Usage + * + * *Basic example* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const exampleApplication = new azuread.Application("exampleApplication", {displayName: "example"}); + * const exampleApplicationPassword = new azuread.ApplicationPassword("exampleApplicationPassword", {applicationObjectId: exampleApplication.objectId}); + * ``` + * + * *Time-based rotation* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * import * as time from "@pulumiverse/time"; + * + * const exampleApplication = new azuread.Application("exampleApplication", {displayName: "example"}); + * const exampleRotating = new time.Rotating("exampleRotating", {rotationDays: 7}); + * const exampleApplicationPassword = new azuread.ApplicationPassword("exampleApplicationPassword", { + * applicationObjectId: exampleApplication.objectId, + * rotateWhenChanged: { + * rotation: exampleRotating.id, + * }, + * }); + * ``` + * * ## Import * * This resource does not support importing. diff --git a/sdk/nodejs/conditionalAccessPolicy.ts b/sdk/nodejs/conditionalAccessPolicy.ts index 06bb887e5..62e6ef80e 100644 --- a/sdk/nodejs/conditionalAccessPolicy.ts +++ b/sdk/nodejs/conditionalAccessPolicy.ts @@ -9,6 +9,8 @@ import * as utilities from "./utilities"; /** * Manages a Conditional Access Policy within Azure Active Directory. * + * > **Licensing Requirements** Specifying `clientApplications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access). + * * ## API Permissions * * The following API permissions are required in order to use this resource. @@ -18,6 +20,7 @@ import * as utilities from "./utilities"; * When authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator` * * ## Example Usage + * ### All users except guests or external users * * ```typescript * import * as pulumi from "@pulumi/pulumi"; @@ -59,12 +62,71 @@ import * as utilities from "./utilities"; * sessionControls: { * applicationEnforcedRestrictionsEnabled: true, * cloudAppSecurityPolicy: "monitorOnly", + * disableResilienceDefaults: false, * signInFrequency: 10, * signInFrequencyPeriod: "hours", * }, * state: "disabled", * }); * ``` + * ### Included client applications / service principals + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const current = azuread.getClientConfig({}); + * const example = new azuread.ConditionalAccessPolicy("example", { + * displayName: "example policy", + * state: "disabled", + * conditions: { + * clientAppTypes: ["all"], + * applications: { + * includedApplications: ["All"], + * }, + * clientApplications: { + * includedServicePrincipals: [current.then(current => current.objectId)], + * excludedServicePrincipals: [], + * }, + * users: { + * includedUsers: ["None"], + * }, + * }, + * grantControls: { + * operator: "OR", + * builtInControls: ["block"], + * }, + * }); + * ``` + * ### Excluded client applications / service principals + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const current = azuread.getClientConfig({}); + * const example = new azuread.ConditionalAccessPolicy("example", { + * displayName: "example policy", + * state: "disabled", + * conditions: { + * clientAppTypes: ["all"], + * applications: { + * includedApplications: ["All"], + * }, + * clientApplications: { + * includedServicePrincipals: ["ServicePrincipalsInMyTenant"], + * excludedServicePrincipals: [current.then(current => current.objectId)], + * }, + * users: { + * includedUsers: ["None"], + * }, + * }, + * grantControls: { + * operator: "OR", + * builtInControls: ["block"], + * }, + * }); + * ``` * * ## Import * diff --git a/sdk/nodejs/getUser.ts b/sdk/nodejs/getUser.ts index d30e76af6..731be269d 100644 --- a/sdk/nodejs/getUser.ts +++ b/sdk/nodejs/getUser.ts @@ -31,6 +31,7 @@ export function getUser(args?: GetUserArgs, opts?: pulumi.InvokeOptions): Promis opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("azuread:index/getUser:getUser", { + "employeeId": args.employeeId, "mail": args.mail, "mailNickname": args.mailNickname, "objectId": args.objectId, @@ -42,6 +43,10 @@ export function getUser(args?: GetUserArgs, opts?: pulumi.InvokeOptions): Promis * A collection of arguments for invoking getUser. */ export interface GetUserArgs { + /** + * The employee identifier assigned to the user by the organisation. + */ + employeeId?: string; /** * The SMTP address for the user. */ @@ -57,7 +62,7 @@ export interface GetUserArgs { /** * The user principal name (UPN) of the user. * - * > One of `userPrincipalName`, `objectId`, `mail` or `mailNickname` must be specified. + * > One of `userPrincipalName`, `objectId`, `mail`, `mailNickname` or `employeeId` must be specified. */ userPrincipalName?: string; } @@ -273,6 +278,10 @@ export function getUserOutput(args?: GetUserOutputArgs, opts?: pulumi.InvokeOpti * A collection of arguments for invoking getUser. */ export interface GetUserOutputArgs { + /** + * The employee identifier assigned to the user by the organisation. + */ + employeeId?: pulumi.Input; /** * The SMTP address for the user. */ @@ -288,7 +297,7 @@ export interface GetUserOutputArgs { /** * The user principal name (UPN) of the user. * - * > One of `userPrincipalName`, `objectId`, `mail` or `mailNickname` must be specified. + * > One of `userPrincipalName`, `objectId`, `mail`, `mailNickname` or `employeeId` must be specified. */ userPrincipalName?: pulumi.Input; } diff --git a/sdk/nodejs/getUsers.ts b/sdk/nodejs/getUsers.ts index 26d72eff0..3f30b1fac 100644 --- a/sdk/nodejs/getUsers.ts +++ b/sdk/nodejs/getUsers.ts @@ -36,6 +36,7 @@ export function getUsers(args?: GetUsersArgs, opts?: pulumi.InvokeOptions): Prom opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("azuread:index/getUsers:getUsers", { + "employeeIds": args.employeeIds, "ignoreMissing": args.ignoreMissing, "mailNicknames": args.mailNicknames, "objectIds": args.objectIds, @@ -48,6 +49,10 @@ export function getUsers(args?: GetUsersArgs, opts?: pulumi.InvokeOptions): Prom * A collection of arguments for invoking getUsers. */ export interface GetUsersArgs { + /** + * The employee identifiers assigned to the users by the organisation. + */ + employeeIds?: string[]; /** * Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `returnAll`. Defaults to `false`. */ @@ -67,7 +72,7 @@ export interface GetUsersArgs { /** * The user principal names (UPNs) of the users. * - * > Either `returnAll`, or one of `userPrincipalNames`, `objectIds` or `mailNicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `returnAll`, or one of `userPrincipalNames`, `objectIds`, `mailNicknames` or `employeeIds` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. */ userPrincipalNames?: string[]; } @@ -76,6 +81,10 @@ export interface GetUsersArgs { * A collection of values returned by getUsers. */ export interface GetUsersResult { + /** + * The employee identifiers assigned to the users by the organisation. + */ + readonly employeeIds: string[]; /** * The provider-assigned unique ID for this managed resource. */ @@ -132,6 +141,10 @@ export function getUsersOutput(args?: GetUsersOutputArgs, opts?: pulumi.InvokeOp * A collection of arguments for invoking getUsers. */ export interface GetUsersOutputArgs { + /** + * The employee identifiers assigned to the users by the organisation. + */ + employeeIds?: pulumi.Input[]>; /** * Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `returnAll`. Defaults to `false`. */ @@ -151,7 +164,7 @@ export interface GetUsersOutputArgs { /** * The user principal names (UPNs) of the users. * - * > Either `returnAll`, or one of `userPrincipalNames`, `objectIds` or `mailNicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + * > Either `returnAll`, or one of `userPrincipalNames`, `objectIds`, `mailNicknames` or `employeeIds` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. */ userPrincipalNames?: pulumi.Input[]>; } diff --git a/sdk/nodejs/servicePrincipalPassword.ts b/sdk/nodejs/servicePrincipalPassword.ts index 86a643117..f7ab01627 100644 --- a/sdk/nodejs/servicePrincipalPassword.ts +++ b/sdk/nodejs/servicePrincipalPassword.ts @@ -15,6 +15,37 @@ import * as utilities from "./utilities"; * * When authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator` * + * ## Example Usage + * + * *Basic example* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * + * const exampleApplication = new azuread.Application("exampleApplication", {displayName: "example"}); + * const exampleServicePrincipal = new azuread.ServicePrincipal("exampleServicePrincipal", {applicationId: exampleApplication.applicationId}); + * const exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword("exampleServicePrincipalPassword", {servicePrincipalId: exampleServicePrincipal.objectId}); + * ``` + * + * *Time-based rotation* + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azuread from "@pulumi/azuread"; + * import * as time from "@pulumiverse/time"; + * + * const exampleApplication = new azuread.Application("exampleApplication", {displayName: "example"}); + * const exampleServicePrincipal = new azuread.ServicePrincipal("exampleServicePrincipal", {applicationId: exampleApplication.applicationId}); + * const exampleRotating = new time.Rotating("exampleRotating", {rotationDays: 7}); + * const exampleServicePrincipalPassword = new azuread.ServicePrincipalPassword("exampleServicePrincipalPassword", { + * servicePrincipalId: exampleServicePrincipal.objectId, + * rotateWhenChanged: { + * rotation: exampleRotating.id, + * }, + * }); + * ``` + * * ## Import * * This resource does not support importing. diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index a6a135573..699cf6cf6 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -476,6 +476,10 @@ export interface ConditionalAccessPolicyConditions { * A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`. */ clientAppTypes: pulumi.Input[]>; + /** + * An `clientApplications` block as documented below, which specifies service principals included in and excluded from the policy. + */ + clientApplications?: pulumi.Input; /** * A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. */ @@ -517,6 +521,17 @@ export interface ConditionalAccessPolicyConditionsApplications { includedUserActions?: pulumi.Input[]>; } +export interface ConditionalAccessPolicyConditionsClientApplications { + /** + * A list of service principal IDs explicitly excluded in the policy. + */ + excludedServicePrincipals?: pulumi.Input[]>; + /** + * A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excludedServicePrincipals` is set. + */ + includedServicePrincipals?: pulumi.Input[]>; +} + export interface ConditionalAccessPolicyConditionsDevices { /** * A `filter` block as described below. A `filter` block can be added to an existing policy, but removing the `filter` block forces a new resource to be created. @@ -616,6 +631,10 @@ export interface ConditionalAccessPolicySessionControls { * Enables cloud app security and specifies the cloud app security policy to use. Possible values are: `blockDownloads`, `mcasConfigured`, `monitorOnly` or `unknownFutureValue`. */ cloudAppSecurityPolicy?: pulumi.Input; + /** + * Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + */ + disableResilienceDefaults?: pulumi.Input; /** * Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. */ diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 9955bbd5c..7aba607d4 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -476,6 +476,10 @@ export interface ConditionalAccessPolicyConditions { * A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`. */ clientAppTypes: string[]; + /** + * An `clientApplications` block as documented below, which specifies service principals included in and excluded from the policy. + */ + clientApplications?: outputs.ConditionalAccessPolicyConditionsClientApplications; /** * A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. */ @@ -517,6 +521,17 @@ export interface ConditionalAccessPolicyConditionsApplications { includedUserActions?: string[]; } +export interface ConditionalAccessPolicyConditionsClientApplications { + /** + * A list of service principal IDs explicitly excluded in the policy. + */ + excludedServicePrincipals?: string[]; + /** + * A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excludedServicePrincipals` is set. + */ + includedServicePrincipals?: string[]; +} + export interface ConditionalAccessPolicyConditionsDevices { /** * A `filter` block as described below. A `filter` block can be added to an existing policy, but removing the `filter` block forces a new resource to be created. @@ -616,6 +631,10 @@ export interface ConditionalAccessPolicySessionControls { * Enables cloud app security and specifies the cloud app security policy to use. Possible values are: `blockDownloads`, `mcasConfigured`, `monitorOnly` or `unknownFutureValue`. */ cloudAppSecurityPolicy?: string; + /** + * Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + */ + disableResilienceDefaults?: boolean; /** * Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. */ @@ -1095,6 +1114,10 @@ export interface GetUsersUser { * The display name of the user. */ displayName: string; + /** + * The employee identifier assigned to the user by the organisation. + */ + employeeId: string; /** * The primary email address of the user. */ diff --git a/sdk/nodejs/user.ts b/sdk/nodejs/user.ts index 4640b81e1..aa707b2dc 100644 --- a/sdk/nodejs/user.ts +++ b/sdk/nodejs/user.ts @@ -98,7 +98,7 @@ export class User extends pulumi.CustomResource { */ public readonly costCenter!: pulumi.Output; /** - * The country/region in which the user is located, e.g. `US` or `UK`. + * The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. */ public readonly country!: pulumi.Output; /** @@ -421,7 +421,7 @@ export interface UserState { */ costCenter?: pulumi.Input; /** - * The country/region in which the user is located, e.g. `US` or `UK`. + * The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. */ country?: pulumi.Input; /** @@ -616,7 +616,7 @@ export interface UserArgs { */ costCenter?: pulumi.Input; /** - * The country/region in which the user is located, e.g. `US` or `UK`. + * The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. */ country?: pulumi.Input; /** diff --git a/sdk/python/pulumi_azuread/_inputs.py b/sdk/python/pulumi_azuread/_inputs.py index 34cf0bc76..967038d64 100644 --- a/sdk/python/pulumi_azuread/_inputs.py +++ b/sdk/python/pulumi_azuread/_inputs.py @@ -40,6 +40,7 @@ 'ApplicationWebImplicitGrantArgs', 'ConditionalAccessPolicyConditionsArgs', 'ConditionalAccessPolicyConditionsApplicationsArgs', + 'ConditionalAccessPolicyConditionsClientApplicationsArgs', 'ConditionalAccessPolicyConditionsDevicesArgs', 'ConditionalAccessPolicyConditionsDevicesFilterArgs', 'ConditionalAccessPolicyConditionsLocationsArgs', @@ -1777,6 +1778,7 @@ def __init__(__self__, *, applications: pulumi.Input['ConditionalAccessPolicyConditionsApplicationsArgs'], client_app_types: pulumi.Input[Sequence[pulumi.Input[str]]], users: pulumi.Input['ConditionalAccessPolicyConditionsUsersArgs'], + client_applications: Optional[pulumi.Input['ConditionalAccessPolicyConditionsClientApplicationsArgs']] = None, devices: Optional[pulumi.Input['ConditionalAccessPolicyConditionsDevicesArgs']] = None, locations: Optional[pulumi.Input['ConditionalAccessPolicyConditionsLocationsArgs']] = None, platforms: Optional[pulumi.Input['ConditionalAccessPolicyConditionsPlatformsArgs']] = None, @@ -1786,6 +1788,7 @@ def __init__(__self__, *, :param pulumi.Input['ConditionalAccessPolicyConditionsApplicationsArgs'] applications: An `applications` block as documented below, which specifies applications and user actions included in and excluded from the policy. :param pulumi.Input[Sequence[pulumi.Input[str]]] client_app_types: A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`. :param pulumi.Input['ConditionalAccessPolicyConditionsUsersArgs'] users: A `users` block as documented below, which specifies users, groups, and roles included in and excluded from the policy. + :param pulumi.Input['ConditionalAccessPolicyConditionsClientApplicationsArgs'] client_applications: An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. :param pulumi.Input['ConditionalAccessPolicyConditionsDevicesArgs'] devices: A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. :param pulumi.Input['ConditionalAccessPolicyConditionsLocationsArgs'] locations: A `locations` block as documented below, which specifies locations included in and excluded from the policy. :param pulumi.Input['ConditionalAccessPolicyConditionsPlatformsArgs'] platforms: A `platforms` block as documented below, which specifies platforms included in and excluded from the policy. @@ -1795,6 +1798,8 @@ def __init__(__self__, *, pulumi.set(__self__, "applications", applications) pulumi.set(__self__, "client_app_types", client_app_types) pulumi.set(__self__, "users", users) + if client_applications is not None: + pulumi.set(__self__, "client_applications", client_applications) if devices is not None: pulumi.set(__self__, "devices", devices) if locations is not None: @@ -1842,6 +1847,18 @@ def users(self) -> pulumi.Input['ConditionalAccessPolicyConditionsUsersArgs']: def users(self, value: pulumi.Input['ConditionalAccessPolicyConditionsUsersArgs']): pulumi.set(self, "users", value) + @property + @pulumi.getter(name="clientApplications") + def client_applications(self) -> Optional[pulumi.Input['ConditionalAccessPolicyConditionsClientApplicationsArgs']]: + """ + An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + """ + return pulumi.get(self, "client_applications") + + @client_applications.setter + def client_applications(self, value: Optional[pulumi.Input['ConditionalAccessPolicyConditionsClientApplicationsArgs']]): + pulumi.set(self, "client_applications", value) + @property @pulumi.getter def devices(self) -> Optional[pulumi.Input['ConditionalAccessPolicyConditionsDevicesArgs']]: @@ -1958,6 +1975,45 @@ def included_user_actions(self, value: Optional[pulumi.Input[Sequence[pulumi.Inp pulumi.set(self, "included_user_actions", value) +@pulumi.input_type +class ConditionalAccessPolicyConditionsClientApplicationsArgs: + def __init__(__self__, *, + excluded_service_principals: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + included_service_principals: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_service_principals: A list of service principal IDs explicitly excluded in the policy. + :param pulumi.Input[Sequence[pulumi.Input[str]]] included_service_principals: A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + """ + if excluded_service_principals is not None: + pulumi.set(__self__, "excluded_service_principals", excluded_service_principals) + if included_service_principals is not None: + pulumi.set(__self__, "included_service_principals", included_service_principals) + + @property + @pulumi.getter(name="excludedServicePrincipals") + def excluded_service_principals(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + A list of service principal IDs explicitly excluded in the policy. + """ + return pulumi.get(self, "excluded_service_principals") + + @excluded_service_principals.setter + def excluded_service_principals(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "excluded_service_principals", value) + + @property + @pulumi.getter(name="includedServicePrincipals") + def included_service_principals(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + """ + return pulumi.get(self, "included_service_principals") + + @included_service_principals.setter + def included_service_principals(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "included_service_principals", value) + + @pulumi.input_type class ConditionalAccessPolicyConditionsDevicesArgs: def __init__(__self__, *, @@ -2275,6 +2331,7 @@ class ConditionalAccessPolicySessionControlsArgs: def __init__(__self__, *, application_enforced_restrictions_enabled: Optional[pulumi.Input[bool]] = None, cloud_app_security_policy: Optional[pulumi.Input[str]] = None, + disable_resilience_defaults: Optional[pulumi.Input[bool]] = None, persistent_browser_mode: Optional[pulumi.Input[str]] = None, sign_in_frequency: Optional[pulumi.Input[int]] = None, sign_in_frequency_period: Optional[pulumi.Input[str]] = None): @@ -2283,6 +2340,7 @@ def __init__(__self__, *, > Only Office 365, Exchange Online and Sharepoint Online support application enforced restrictions. :param pulumi.Input[str] cloud_app_security_policy: Enables cloud app security and specifies the cloud app security policy to use. Possible values are: `blockDownloads`, `mcasConfigured`, `monitorOnly` or `unknownFutureValue`. + :param pulumi.Input[bool] disable_resilience_defaults: Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. :param pulumi.Input[str] persistent_browser_mode: Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. :param pulumi.Input[int] sign_in_frequency: Number of days or hours to enforce sign-in frequency. Required when `sign_in_frequency_period` is specified. Due to an API issue, removing this property forces a new resource to be created. :param pulumi.Input[str] sign_in_frequency_period: The time period to enforce sign-in frequency. Possible values are: `hours` or `days`. Required when `sign_in_frequency_period` is specified. Due to an API issue, removing this property forces a new resource to be created. @@ -2291,6 +2349,8 @@ def __init__(__self__, *, pulumi.set(__self__, "application_enforced_restrictions_enabled", application_enforced_restrictions_enabled) if cloud_app_security_policy is not None: pulumi.set(__self__, "cloud_app_security_policy", cloud_app_security_policy) + if disable_resilience_defaults is not None: + pulumi.set(__self__, "disable_resilience_defaults", disable_resilience_defaults) if persistent_browser_mode is not None: pulumi.set(__self__, "persistent_browser_mode", persistent_browser_mode) if sign_in_frequency is not None: @@ -2324,6 +2384,18 @@ def cloud_app_security_policy(self) -> Optional[pulumi.Input[str]]: def cloud_app_security_policy(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "cloud_app_security_policy", value) + @property + @pulumi.getter(name="disableResilienceDefaults") + def disable_resilience_defaults(self) -> Optional[pulumi.Input[bool]]: + """ + Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + """ + return pulumi.get(self, "disable_resilience_defaults") + + @disable_resilience_defaults.setter + def disable_resilience_defaults(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "disable_resilience_defaults", value) + @property @pulumi.getter(name="persistentBrowserMode") def persistent_browser_mode(self) -> Optional[pulumi.Input[str]]: diff --git a/sdk/python/pulumi_azuread/access_package_assignment_policy.py b/sdk/python/pulumi_azuread/access_package_assignment_policy.py index 5bb89c6e4..af0c9d8d0 100644 --- a/sdk/python/pulumi_azuread/access_package_assignment_policy.py +++ b/sdk/python/pulumi_azuread/access_package_assignment_policy.py @@ -402,7 +402,7 @@ def __init__(__self__, approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs( approval_timeout_in_days=14, primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs( - object_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + object_id=azuread_group["test"]["object_id"], subject_type="groupMembers", )], )], @@ -488,7 +488,7 @@ def __init__(__self__, approval_stages=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs( approval_timeout_in_days=14, primary_approvers=[azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs( - object_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + object_id=azuread_group["test"]["object_id"], subject_type="groupMembers", )], )], diff --git a/sdk/python/pulumi_azuread/administrative_unit.py b/sdk/python/pulumi_azuread/administrative_unit.py index 517a34f4d..7fbb8d629 100644 --- a/sdk/python/pulumi_azuread/administrative_unit.py +++ b/sdk/python/pulumi_azuread/administrative_unit.py @@ -23,7 +23,7 @@ def __init__(__self__, *, The set of arguments for constructing a AdministrativeUnit resource. :param pulumi.Input[str] display_name: The display name of the administrative unit. :param pulumi.Input[str] description: The description of the administrative unit. - :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory + :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory. :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. !> **Warning** Do not use the `members` property at the same time as the AdministrativeUnitMember resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed. @@ -67,7 +67,7 @@ def description(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="hiddenMembershipEnabled") def hidden_membership_enabled(self) -> Optional[pulumi.Input[bool]]: """ - Whether the administrative unit and its members are hidden or publicly viewable in the directory + Whether the administrative unit and its members are hidden or publicly viewable in the directory. """ return pulumi.get(self, "hidden_membership_enabled") @@ -115,7 +115,7 @@ def __init__(__self__, *, Input properties used for looking up and filtering AdministrativeUnit resources. :param pulumi.Input[str] description: The description of the administrative unit. :param pulumi.Input[str] display_name: The display name of the administrative unit. - :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory + :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory. :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. !> **Warning** Do not use the `members` property at the same time as the AdministrativeUnitMember resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed. @@ -163,7 +163,7 @@ def display_name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="hiddenMembershipEnabled") def hidden_membership_enabled(self) -> Optional[pulumi.Input[bool]]: """ - Whether the administrative unit and its members are hidden or publicly viewable in the directory + Whether the administrative unit and its members are hidden or publicly viewable in the directory. """ return pulumi.get(self, "hidden_membership_enabled") @@ -232,6 +232,18 @@ def __init__(__self__, When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.AdministrativeUnit("example", + description="Just an example", + display_name="Example-AU", + hidden_membership_enabled=False) + ``` + ## Import Administrative units can be imported using their object ID, e.g. @@ -244,7 +256,7 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] description: The description of the administrative unit. :param pulumi.Input[str] display_name: The display name of the administrative unit. - :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory + :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory. :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. !> **Warning** Do not use the `members` property at the same time as the AdministrativeUnitMember resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed. @@ -267,6 +279,18 @@ def __init__(__self__, When authenticated with a user principal, this resource requires one of the following directory roles: `Privileged Role Administrator` or `Global Administrator` + ## Example Usage + + ```python + import pulumi + import pulumi_azuread as azuread + + example = azuread.AdministrativeUnit("example", + description="Just an example", + display_name="Example-AU", + hidden_membership_enabled=False) + ``` + ## Import Administrative units can be imported using their object ID, e.g. @@ -337,7 +361,7 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] description: The description of the administrative unit. :param pulumi.Input[str] display_name: The display name of the administrative unit. - :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory + :param pulumi.Input[bool] hidden_membership_enabled: Whether the administrative unit and its members are hidden or publicly viewable in the directory. :param pulumi.Input[Sequence[pulumi.Input[str]]] members: A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. !> **Warning** Do not use the `members` property at the same time as the AdministrativeUnitMember resource for the same administrative unit. Doing so will cause a conflict and administrative unit members will be removed. @@ -376,7 +400,7 @@ def display_name(self) -> pulumi.Output[str]: @pulumi.getter(name="hiddenMembershipEnabled") def hidden_membership_enabled(self) -> pulumi.Output[Optional[bool]]: """ - Whether the administrative unit and its members are hidden or publicly viewable in the directory + Whether the administrative unit and its members are hidden or publicly viewable in the directory. """ return pulumi.get(self, "hidden_membership_enabled") diff --git a/sdk/python/pulumi_azuread/app_role_assignment.py b/sdk/python/pulumi_azuread/app_role_assignment.py index 51a56a211..76669f2bb 100644 --- a/sdk/python/pulumi_azuread/app_role_assignment.py +++ b/sdk/python/pulumi_azuread/app_role_assignment.py @@ -203,14 +203,14 @@ def __init__(__self__, example_application = azuread.Application("exampleApplication", display_name="example", required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( - resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + resource_app_id=well_known.result["MicrosoftGraph"], resource_accesses=[ azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.app_role_ids["User.Read.All"], type="Role", ), azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["User.ReadWrite"], type="Scope", ), ], @@ -244,7 +244,7 @@ def __init__(__self__, required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( resource_app_id=internal_application.application_id, resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=internal_service_principal.app_role_ids["Query.All"], type="Role", )], )]) @@ -358,14 +358,14 @@ def __init__(__self__, example_application = azuread.Application("exampleApplication", display_name="example", required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( - resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + resource_app_id=well_known.result["MicrosoftGraph"], resource_accesses=[ azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.app_role_ids["User.Read.All"], type="Role", ), azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["User.ReadWrite"], type="Scope", ), ], @@ -399,7 +399,7 @@ def __init__(__self__, required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( resource_app_id=internal_application.application_id, resource_accesses=[azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=internal_service_principal.app_role_ids["Query.All"], type="Role", )], )]) diff --git a/sdk/python/pulumi_azuread/application_password.py b/sdk/python/pulumi_azuread/application_password.py index 968f10517..c81121a02 100644 --- a/sdk/python/pulumi_azuread/application_password.py +++ b/sdk/python/pulumi_azuread/application_password.py @@ -263,6 +263,34 @@ def __init__(__self__, start_date: Optional[pulumi.Input[str]] = None, __props__=None): """ + ## Example Usage + + *Basic example* + + ```python + import pulumi + import pulumi_azuread as azuread + + example_application = azuread.Application("exampleApplication", display_name="example") + example_application_password = azuread.ApplicationPassword("exampleApplicationPassword", application_object_id=example_application.object_id) + ``` + + *Time-based rotation* + + ```python + import pulumi + import pulumi_azuread as azuread + import pulumiverse_time as time + + example_application = azuread.Application("exampleApplication", display_name="example") + example_rotating = time.Rotating("exampleRotating", rotation_days=7) + example_application_password = azuread.ApplicationPassword("exampleApplicationPassword", + application_object_id=example_application.object_id, + rotate_when_changed={ + "rotation": example_rotating.id, + }) + ``` + ## Import This resource does not support importing. @@ -283,6 +311,34 @@ def __init__(__self__, args: ApplicationPasswordArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + ## Example Usage + + *Basic example* + + ```python + import pulumi + import pulumi_azuread as azuread + + example_application = azuread.Application("exampleApplication", display_name="example") + example_application_password = azuread.ApplicationPassword("exampleApplicationPassword", application_object_id=example_application.object_id) + ``` + + *Time-based rotation* + + ```python + import pulumi + import pulumi_azuread as azuread + import pulumiverse_time as time + + example_application = azuread.Application("exampleApplication", display_name="example") + example_rotating = time.Rotating("exampleRotating", rotation_days=7) + example_application_password = azuread.ApplicationPassword("exampleApplicationPassword", + application_object_id=example_application.object_id, + rotate_when_changed={ + "rotation": example_rotating.id, + }) + ``` + ## Import This resource does not support importing. diff --git a/sdk/python/pulumi_azuread/conditional_access_policy.py b/sdk/python/pulumi_azuread/conditional_access_policy.py index 74765019a..8df858f2b 100644 --- a/sdk/python/pulumi_azuread/conditional_access_policy.py +++ b/sdk/python/pulumi_azuread/conditional_access_policy.py @@ -199,6 +199,8 @@ def __init__(__self__, """ Manages a Conditional Access Policy within Azure Active Directory. + > **Licensing Requirements** Specifying `client_applications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access). + ## API Permissions The following API permissions are required in order to use this resource. @@ -208,6 +210,7 @@ def __init__(__self__, When authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator` ## Example Usage + ### All users except guests or external users ```python import pulumi @@ -249,11 +252,68 @@ def __init__(__self__, session_controls=azuread.ConditionalAccessPolicySessionControlsArgs( application_enforced_restrictions_enabled=True, cloud_app_security_policy="monitorOnly", + disable_resilience_defaults=False, sign_in_frequency=10, sign_in_frequency_period="hours", ), state="disabled") ``` + ### Included client applications / service principals + + ```python + import pulumi + import pulumi_azuread as azuread + + current = azuread.get_client_config() + example = azuread.ConditionalAccessPolicy("example", + display_name="example policy", + state="disabled", + conditions=azuread.ConditionalAccessPolicyConditionsArgs( + client_app_types=["all"], + applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs( + included_applications=["All"], + ), + client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs( + included_service_principals=[current.object_id], + excluded_service_principals=[], + ), + users=azuread.ConditionalAccessPolicyConditionsUsersArgs( + included_users=["None"], + ), + ), + grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs( + operator="OR", + built_in_controls=["block"], + )) + ``` + ### Excluded client applications / service principals + + ```python + import pulumi + import pulumi_azuread as azuread + + current = azuread.get_client_config() + example = azuread.ConditionalAccessPolicy("example", + display_name="example policy", + state="disabled", + conditions=azuread.ConditionalAccessPolicyConditionsArgs( + client_app_types=["all"], + applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs( + included_applications=["All"], + ), + client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs( + included_service_principals=["ServicePrincipalsInMyTenant"], + excluded_service_principals=[current.object_id], + ), + users=azuread.ConditionalAccessPolicyConditionsUsersArgs( + included_users=["None"], + ), + ), + grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs( + operator="OR", + built_in_controls=["block"], + )) + ``` ## Import @@ -280,6 +340,8 @@ def __init__(__self__, """ Manages a Conditional Access Policy within Azure Active Directory. + > **Licensing Requirements** Specifying `client_applications` property requires the activation of Microsoft Entra on your tenant and the availability of sufficient Workload Identities Premium licences (one per service principal managed by a conditional access). + ## API Permissions The following API permissions are required in order to use this resource. @@ -289,6 +351,7 @@ def __init__(__self__, When authenticated with a user principal, this resource requires one of the following directory roles: `Conditional Access Administrator` or `Global Administrator` ## Example Usage + ### All users except guests or external users ```python import pulumi @@ -330,11 +393,68 @@ def __init__(__self__, session_controls=azuread.ConditionalAccessPolicySessionControlsArgs( application_enforced_restrictions_enabled=True, cloud_app_security_policy="monitorOnly", + disable_resilience_defaults=False, sign_in_frequency=10, sign_in_frequency_period="hours", ), state="disabled") ``` + ### Included client applications / service principals + + ```python + import pulumi + import pulumi_azuread as azuread + + current = azuread.get_client_config() + example = azuread.ConditionalAccessPolicy("example", + display_name="example policy", + state="disabled", + conditions=azuread.ConditionalAccessPolicyConditionsArgs( + client_app_types=["all"], + applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs( + included_applications=["All"], + ), + client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs( + included_service_principals=[current.object_id], + excluded_service_principals=[], + ), + users=azuread.ConditionalAccessPolicyConditionsUsersArgs( + included_users=["None"], + ), + ), + grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs( + operator="OR", + built_in_controls=["block"], + )) + ``` + ### Excluded client applications / service principals + + ```python + import pulumi + import pulumi_azuread as azuread + + current = azuread.get_client_config() + example = azuread.ConditionalAccessPolicy("example", + display_name="example policy", + state="disabled", + conditions=azuread.ConditionalAccessPolicyConditionsArgs( + client_app_types=["all"], + applications=azuread.ConditionalAccessPolicyConditionsApplicationsArgs( + included_applications=["All"], + ), + client_applications=azuread.ConditionalAccessPolicyConditionsClientApplicationsArgs( + included_service_principals=["ServicePrincipalsInMyTenant"], + excluded_service_principals=[current.object_id], + ), + users=azuread.ConditionalAccessPolicyConditionsUsersArgs( + included_users=["None"], + ), + ), + grant_controls=azuread.ConditionalAccessPolicyGrantControlsArgs( + operator="OR", + built_in_controls=["block"], + )) + ``` ## Import diff --git a/sdk/python/pulumi_azuread/directory_role_assignment.py b/sdk/python/pulumi_azuread/directory_role_assignment.py index 042afe14b..8e6eb6938 100644 --- a/sdk/python/pulumi_azuread/directory_role_assignment.py +++ b/sdk/python/pulumi_azuread/directory_role_assignment.py @@ -85,6 +85,9 @@ def app_scope_object_id(self) -> Optional[pulumi.Input[str]]: """ Identifier of the app-specific scope when the assignment scope is app-specific """ + warnings.warn("""`app_scope_object_id` has been renamed to `app_scope_id` and will be removed in version 3.0 or the AzureAD Provider""", DeprecationWarning) + pulumi.log.warn("""app_scope_object_id is deprecated: `app_scope_object_id` has been renamed to `app_scope_id` and will be removed in version 3.0 or the AzureAD Provider""") + return pulumi.get(self, "app_scope_object_id") @app_scope_object_id.setter @@ -168,6 +171,9 @@ def app_scope_object_id(self) -> Optional[pulumi.Input[str]]: """ Identifier of the app-specific scope when the assignment scope is app-specific """ + warnings.warn("""`app_scope_object_id` has been renamed to `app_scope_id` and will be removed in version 3.0 or the AzureAD Provider""", DeprecationWarning) + pulumi.log.warn("""app_scope_object_id is deprecated: `app_scope_object_id` has been renamed to `app_scope_id` and will be removed in version 3.0 or the AzureAD Provider""") + return pulumi.get(self, "app_scope_object_id") @app_scope_object_id.setter @@ -387,6 +393,9 @@ def app_scope_object_id(self) -> pulumi.Output[str]: """ Identifier of the app-specific scope when the assignment scope is app-specific """ + warnings.warn("""`app_scope_object_id` has been renamed to `app_scope_id` and will be removed in version 3.0 or the AzureAD Provider""", DeprecationWarning) + pulumi.log.warn("""app_scope_object_id is deprecated: `app_scope_object_id` has been renamed to `app_scope_id` and will be removed in version 3.0 or the AzureAD Provider""") + return pulumi.get(self, "app_scope_object_id") @property diff --git a/sdk/python/pulumi_azuread/get_access_package.py b/sdk/python/pulumi_azuread/get_access_package.py index a5e432c69..395b187cf 100644 --- a/sdk/python/pulumi_azuread/get_access_package.py +++ b/sdk/python/pulumi_azuread/get_access_package.py @@ -146,12 +146,12 @@ def get_access_package(catalog_id: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getAccessPackage:getAccessPackage', __args__, opts=opts, typ=GetAccessPackageResult).value return AwaitableGetAccessPackageResult( - catalog_id=__ret__.catalog_id, - description=__ret__.description, - display_name=__ret__.display_name, - hidden=__ret__.hidden, - id=__ret__.id, - object_id=__ret__.object_id) + catalog_id=pulumi.get(__ret__, 'catalog_id'), + description=pulumi.get(__ret__, 'description'), + display_name=pulumi.get(__ret__, 'display_name'), + hidden=pulumi.get(__ret__, 'hidden'), + id=pulumi.get(__ret__, 'id'), + object_id=pulumi.get(__ret__, 'object_id')) @_utilities.lift_output_func(get_access_package) diff --git a/sdk/python/pulumi_azuread/get_access_package_catalog.py b/sdk/python/pulumi_azuread/get_access_package_catalog.py index 1c3c32a3b..fe3b467db 100644 --- a/sdk/python/pulumi_azuread/get_access_package_catalog.py +++ b/sdk/python/pulumi_azuread/get_access_package_catalog.py @@ -146,12 +146,12 @@ def get_access_package_catalog(display_name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getAccessPackageCatalog:getAccessPackageCatalog', __args__, opts=opts, typ=GetAccessPackageCatalogResult).value return AwaitableGetAccessPackageCatalogResult( - description=__ret__.description, - display_name=__ret__.display_name, - externally_visible=__ret__.externally_visible, - id=__ret__.id, - object_id=__ret__.object_id, - published=__ret__.published) + description=pulumi.get(__ret__, 'description'), + display_name=pulumi.get(__ret__, 'display_name'), + externally_visible=pulumi.get(__ret__, 'externally_visible'), + id=pulumi.get(__ret__, 'id'), + object_id=pulumi.get(__ret__, 'object_id'), + published=pulumi.get(__ret__, 'published')) @_utilities.lift_output_func(get_access_package_catalog) diff --git a/sdk/python/pulumi_azuread/get_access_package_catalog_role.py b/sdk/python/pulumi_azuread/get_access_package_catalog_role.py index 3b0e2fde4..1c69ee83c 100644 --- a/sdk/python/pulumi_azuread/get_access_package_catalog_role.py +++ b/sdk/python/pulumi_azuread/get_access_package_catalog_role.py @@ -138,11 +138,11 @@ def get_access_package_catalog_role(display_name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getAccessPackageCatalogRole:getAccessPackageCatalogRole', __args__, opts=opts, typ=GetAccessPackageCatalogRoleResult).value return AwaitableGetAccessPackageCatalogRoleResult( - description=__ret__.description, - display_name=__ret__.display_name, - id=__ret__.id, - object_id=__ret__.object_id, - template_id=__ret__.template_id) + description=pulumi.get(__ret__, 'description'), + display_name=pulumi.get(__ret__, 'display_name'), + id=pulumi.get(__ret__, 'id'), + object_id=pulumi.get(__ret__, 'object_id'), + template_id=pulumi.get(__ret__, 'template_id')) @_utilities.lift_output_func(get_access_package_catalog_role) diff --git a/sdk/python/pulumi_azuread/get_administrative_unit.py b/sdk/python/pulumi_azuread/get_administrative_unit.py index 491e9d2f3..7821babf1 100644 --- a/sdk/python/pulumi_azuread/get_administrative_unit.py +++ b/sdk/python/pulumi_azuread/get_administrative_unit.py @@ -150,12 +150,12 @@ def get_administrative_unit(display_name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getAdministrativeUnit:getAdministrativeUnit', __args__, opts=opts, typ=GetAdministrativeUnitResult).value return AwaitableGetAdministrativeUnitResult( - description=__ret__.description, - display_name=__ret__.display_name, - id=__ret__.id, - members=__ret__.members, - object_id=__ret__.object_id, - visibility=__ret__.visibility) + description=pulumi.get(__ret__, 'description'), + display_name=pulumi.get(__ret__, 'display_name'), + id=pulumi.get(__ret__, 'id'), + members=pulumi.get(__ret__, 'members'), + object_id=pulumi.get(__ret__, 'object_id'), + visibility=pulumi.get(__ret__, 'visibility')) @_utilities.lift_output_func(get_administrative_unit) diff --git a/sdk/python/pulumi_azuread/get_application.py b/sdk/python/pulumi_azuread/get_application.py index 324eb7b32..042b71d36 100644 --- a/sdk/python/pulumi_azuread/get_application.py +++ b/sdk/python/pulumi_azuread/get_application.py @@ -457,38 +457,38 @@ def get_application(application_id: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getApplication:getApplication', __args__, opts=opts, typ=GetApplicationResult).value return AwaitableGetApplicationResult( - apis=__ret__.apis, - app_role_ids=__ret__.app_role_ids, - app_roles=__ret__.app_roles, - application_id=__ret__.application_id, - description=__ret__.description, - device_only_auth_enabled=__ret__.device_only_auth_enabled, - disabled_by_microsoft=__ret__.disabled_by_microsoft, - display_name=__ret__.display_name, - fallback_public_client_enabled=__ret__.fallback_public_client_enabled, - feature_tags=__ret__.feature_tags, - group_membership_claims=__ret__.group_membership_claims, - id=__ret__.id, - identifier_uris=__ret__.identifier_uris, - logo_url=__ret__.logo_url, - marketing_url=__ret__.marketing_url, - notes=__ret__.notes, - oauth2_permission_scope_ids=__ret__.oauth2_permission_scope_ids, - oauth2_post_response_required=__ret__.oauth2_post_response_required, - object_id=__ret__.object_id, - optional_claims=__ret__.optional_claims, - owners=__ret__.owners, - privacy_statement_url=__ret__.privacy_statement_url, - public_clients=__ret__.public_clients, - publisher_domain=__ret__.publisher_domain, - required_resource_accesses=__ret__.required_resource_accesses, - service_management_reference=__ret__.service_management_reference, - sign_in_audience=__ret__.sign_in_audience, - single_page_applications=__ret__.single_page_applications, - support_url=__ret__.support_url, - tags=__ret__.tags, - terms_of_service_url=__ret__.terms_of_service_url, - webs=__ret__.webs) + apis=pulumi.get(__ret__, 'apis'), + app_role_ids=pulumi.get(__ret__, 'app_role_ids'), + app_roles=pulumi.get(__ret__, 'app_roles'), + application_id=pulumi.get(__ret__, 'application_id'), + description=pulumi.get(__ret__, 'description'), + device_only_auth_enabled=pulumi.get(__ret__, 'device_only_auth_enabled'), + disabled_by_microsoft=pulumi.get(__ret__, 'disabled_by_microsoft'), + display_name=pulumi.get(__ret__, 'display_name'), + fallback_public_client_enabled=pulumi.get(__ret__, 'fallback_public_client_enabled'), + feature_tags=pulumi.get(__ret__, 'feature_tags'), + group_membership_claims=pulumi.get(__ret__, 'group_membership_claims'), + id=pulumi.get(__ret__, 'id'), + identifier_uris=pulumi.get(__ret__, 'identifier_uris'), + logo_url=pulumi.get(__ret__, 'logo_url'), + marketing_url=pulumi.get(__ret__, 'marketing_url'), + notes=pulumi.get(__ret__, 'notes'), + oauth2_permission_scope_ids=pulumi.get(__ret__, 'oauth2_permission_scope_ids'), + oauth2_post_response_required=pulumi.get(__ret__, 'oauth2_post_response_required'), + object_id=pulumi.get(__ret__, 'object_id'), + optional_claims=pulumi.get(__ret__, 'optional_claims'), + owners=pulumi.get(__ret__, 'owners'), + privacy_statement_url=pulumi.get(__ret__, 'privacy_statement_url'), + public_clients=pulumi.get(__ret__, 'public_clients'), + publisher_domain=pulumi.get(__ret__, 'publisher_domain'), + required_resource_accesses=pulumi.get(__ret__, 'required_resource_accesses'), + service_management_reference=pulumi.get(__ret__, 'service_management_reference'), + sign_in_audience=pulumi.get(__ret__, 'sign_in_audience'), + single_page_applications=pulumi.get(__ret__, 'single_page_applications'), + support_url=pulumi.get(__ret__, 'support_url'), + tags=pulumi.get(__ret__, 'tags'), + terms_of_service_url=pulumi.get(__ret__, 'terms_of_service_url'), + webs=pulumi.get(__ret__, 'webs')) @_utilities.lift_output_func(get_application) diff --git a/sdk/python/pulumi_azuread/get_application_published_app_ids.py b/sdk/python/pulumi_azuread/get_application_published_app_ids.py index 5bc7024e9..8e4a6c560 100644 --- a/sdk/python/pulumi_azuread/get_application_published_app_ids.py +++ b/sdk/python/pulumi_azuread/get_application_published_app_ids.py @@ -88,14 +88,14 @@ def get_application_published_app_ids(opts: Optional[pulumi.InvokeOptions] = Non example = azuread.Application("example", display_name="example", required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( - resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + resource_app_id=well_known.result["MicrosoftGraph"], resource_accesses=[ azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.app_role_ids["User.Read.All"], type="Role", ), azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["User.ReadWrite"], type="Scope", ), ], @@ -107,5 +107,5 @@ def get_application_published_app_ids(opts: Optional[pulumi.InvokeOptions] = Non __ret__ = pulumi.runtime.invoke('azuread:index/getApplicationPublishedAppIds:getApplicationPublishedAppIds', __args__, opts=opts, typ=GetApplicationPublishedAppIdsResult).value return AwaitableGetApplicationPublishedAppIdsResult( - id=__ret__.id, - result=__ret__.result) + id=pulumi.get(__ret__, 'id'), + result=pulumi.get(__ret__, 'result')) diff --git a/sdk/python/pulumi_azuread/get_application_template.py b/sdk/python/pulumi_azuread/get_application_template.py index 64f3a75e2..cbb8dc0da 100644 --- a/sdk/python/pulumi_azuread/get_application_template.py +++ b/sdk/python/pulumi_azuread/get_application_template.py @@ -173,15 +173,15 @@ def get_application_template(display_name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getApplicationTemplate:getApplicationTemplate', __args__, opts=opts, typ=GetApplicationTemplateResult).value return AwaitableGetApplicationTemplateResult( - categories=__ret__.categories, - display_name=__ret__.display_name, - homepage_url=__ret__.homepage_url, - id=__ret__.id, - logo_url=__ret__.logo_url, - publisher=__ret__.publisher, - supported_provisioning_types=__ret__.supported_provisioning_types, - supported_single_sign_on_modes=__ret__.supported_single_sign_on_modes, - template_id=__ret__.template_id) + categories=pulumi.get(__ret__, 'categories'), + display_name=pulumi.get(__ret__, 'display_name'), + homepage_url=pulumi.get(__ret__, 'homepage_url'), + id=pulumi.get(__ret__, 'id'), + logo_url=pulumi.get(__ret__, 'logo_url'), + publisher=pulumi.get(__ret__, 'publisher'), + supported_provisioning_types=pulumi.get(__ret__, 'supported_provisioning_types'), + supported_single_sign_on_modes=pulumi.get(__ret__, 'supported_single_sign_on_modes'), + template_id=pulumi.get(__ret__, 'template_id')) @_utilities.lift_output_func(get_application_template) diff --git a/sdk/python/pulumi_azuread/get_client_config.py b/sdk/python/pulumi_azuread/get_client_config.py index c67f43249..ff56d280f 100644 --- a/sdk/python/pulumi_azuread/get_client_config.py +++ b/sdk/python/pulumi_azuread/get_client_config.py @@ -102,7 +102,7 @@ def get_client_config(opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableG __ret__ = pulumi.runtime.invoke('azuread:index/getClientConfig:getClientConfig', __args__, opts=opts, typ=GetClientConfigResult).value return AwaitableGetClientConfigResult( - client_id=__ret__.client_id, - id=__ret__.id, - object_id=__ret__.object_id, - tenant_id=__ret__.tenant_id) + client_id=pulumi.get(__ret__, 'client_id'), + id=pulumi.get(__ret__, 'id'), + object_id=pulumi.get(__ret__, 'object_id'), + tenant_id=pulumi.get(__ret__, 'tenant_id')) diff --git a/sdk/python/pulumi_azuread/get_directory_object.py b/sdk/python/pulumi_azuread/get_directory_object.py index 4f4f0d377..c04d76915 100644 --- a/sdk/python/pulumi_azuread/get_directory_object.py +++ b/sdk/python/pulumi_azuread/get_directory_object.py @@ -101,9 +101,9 @@ def get_directory_object(object_id: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getDirectoryObject:getDirectoryObject', __args__, opts=opts, typ=GetDirectoryObjectResult).value return AwaitableGetDirectoryObjectResult( - id=__ret__.id, - object_id=__ret__.object_id, - type=__ret__.type) + id=pulumi.get(__ret__, 'id'), + object_id=pulumi.get(__ret__, 'object_id'), + type=pulumi.get(__ret__, 'type')) @_utilities.lift_output_func(get_directory_object) diff --git a/sdk/python/pulumi_azuread/get_directory_roles.py b/sdk/python/pulumi_azuread/get_directory_roles.py index 518ca5724..59781b49b 100644 --- a/sdk/python/pulumi_azuread/get_directory_roles.py +++ b/sdk/python/pulumi_azuread/get_directory_roles.py @@ -107,7 +107,7 @@ def get_directory_roles(opts: Optional[pulumi.InvokeOptions] = None) -> Awaitabl __ret__ = pulumi.runtime.invoke('azuread:index/getDirectoryRoles:getDirectoryRoles', __args__, opts=opts, typ=GetDirectoryRolesResult).value return AwaitableGetDirectoryRolesResult( - id=__ret__.id, - object_ids=__ret__.object_ids, - roles=__ret__.roles, - template_ids=__ret__.template_ids) + id=pulumi.get(__ret__, 'id'), + object_ids=pulumi.get(__ret__, 'object_ids'), + roles=pulumi.get(__ret__, 'roles'), + template_ids=pulumi.get(__ret__, 'template_ids')) diff --git a/sdk/python/pulumi_azuread/get_domains.py b/sdk/python/pulumi_azuread/get_domains.py index a81e7d13f..523732eb9 100644 --- a/sdk/python/pulumi_azuread/get_domains.py +++ b/sdk/python/pulumi_azuread/get_domains.py @@ -163,14 +163,14 @@ def get_domains(admin_managed: Optional[bool] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getDomains:getDomains', __args__, opts=opts, typ=GetDomainsResult).value return AwaitableGetDomainsResult( - admin_managed=__ret__.admin_managed, - domains=__ret__.domains, - id=__ret__.id, - include_unverified=__ret__.include_unverified, - only_default=__ret__.only_default, - only_initial=__ret__.only_initial, - only_root=__ret__.only_root, - supports_services=__ret__.supports_services) + admin_managed=pulumi.get(__ret__, 'admin_managed'), + domains=pulumi.get(__ret__, 'domains'), + id=pulumi.get(__ret__, 'id'), + include_unverified=pulumi.get(__ret__, 'include_unverified'), + only_default=pulumi.get(__ret__, 'only_default'), + only_initial=pulumi.get(__ret__, 'only_initial'), + only_root=pulumi.get(__ret__, 'only_root'), + supports_services=pulumi.get(__ret__, 'supports_services')) @_utilities.lift_output_func(get_domains) diff --git a/sdk/python/pulumi_azuread/get_group.py b/sdk/python/pulumi_azuread/get_group.py index eb10fc9e4..247a0ae03 100644 --- a/sdk/python/pulumi_azuread/get_group.py +++ b/sdk/python/pulumi_azuread/get_group.py @@ -437,36 +437,36 @@ def get_group(display_name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getGroup:getGroup', __args__, opts=opts, typ=GetGroupResult).value return AwaitableGetGroupResult( - assignable_to_role=__ret__.assignable_to_role, - auto_subscribe_new_members=__ret__.auto_subscribe_new_members, - behaviors=__ret__.behaviors, - description=__ret__.description, - display_name=__ret__.display_name, - dynamic_memberships=__ret__.dynamic_memberships, - external_senders_allowed=__ret__.external_senders_allowed, - hide_from_address_lists=__ret__.hide_from_address_lists, - hide_from_outlook_clients=__ret__.hide_from_outlook_clients, - id=__ret__.id, - mail=__ret__.mail, - mail_enabled=__ret__.mail_enabled, - mail_nickname=__ret__.mail_nickname, - members=__ret__.members, - object_id=__ret__.object_id, - onpremises_domain_name=__ret__.onpremises_domain_name, - onpremises_group_type=__ret__.onpremises_group_type, - onpremises_netbios_name=__ret__.onpremises_netbios_name, - onpremises_sam_account_name=__ret__.onpremises_sam_account_name, - onpremises_security_identifier=__ret__.onpremises_security_identifier, - onpremises_sync_enabled=__ret__.onpremises_sync_enabled, - owners=__ret__.owners, - preferred_language=__ret__.preferred_language, - provisioning_options=__ret__.provisioning_options, - proxy_addresses=__ret__.proxy_addresses, - security_enabled=__ret__.security_enabled, - theme=__ret__.theme, - types=__ret__.types, - visibility=__ret__.visibility, - writeback_enabled=__ret__.writeback_enabled) + assignable_to_role=pulumi.get(__ret__, 'assignable_to_role'), + auto_subscribe_new_members=pulumi.get(__ret__, 'auto_subscribe_new_members'), + behaviors=pulumi.get(__ret__, 'behaviors'), + description=pulumi.get(__ret__, 'description'), + display_name=pulumi.get(__ret__, 'display_name'), + dynamic_memberships=pulumi.get(__ret__, 'dynamic_memberships'), + external_senders_allowed=pulumi.get(__ret__, 'external_senders_allowed'), + hide_from_address_lists=pulumi.get(__ret__, 'hide_from_address_lists'), + hide_from_outlook_clients=pulumi.get(__ret__, 'hide_from_outlook_clients'), + id=pulumi.get(__ret__, 'id'), + mail=pulumi.get(__ret__, 'mail'), + mail_enabled=pulumi.get(__ret__, 'mail_enabled'), + mail_nickname=pulumi.get(__ret__, 'mail_nickname'), + members=pulumi.get(__ret__, 'members'), + object_id=pulumi.get(__ret__, 'object_id'), + onpremises_domain_name=pulumi.get(__ret__, 'onpremises_domain_name'), + onpremises_group_type=pulumi.get(__ret__, 'onpremises_group_type'), + onpremises_netbios_name=pulumi.get(__ret__, 'onpremises_netbios_name'), + onpremises_sam_account_name=pulumi.get(__ret__, 'onpremises_sam_account_name'), + onpremises_security_identifier=pulumi.get(__ret__, 'onpremises_security_identifier'), + onpremises_sync_enabled=pulumi.get(__ret__, 'onpremises_sync_enabled'), + owners=pulumi.get(__ret__, 'owners'), + preferred_language=pulumi.get(__ret__, 'preferred_language'), + provisioning_options=pulumi.get(__ret__, 'provisioning_options'), + proxy_addresses=pulumi.get(__ret__, 'proxy_addresses'), + security_enabled=pulumi.get(__ret__, 'security_enabled'), + theme=pulumi.get(__ret__, 'theme'), + types=pulumi.get(__ret__, 'types'), + visibility=pulumi.get(__ret__, 'visibility'), + writeback_enabled=pulumi.get(__ret__, 'writeback_enabled')) @_utilities.lift_output_func(get_group) diff --git a/sdk/python/pulumi_azuread/get_groups.py b/sdk/python/pulumi_azuread/get_groups.py index 02b18f74f..e352c7226 100644 --- a/sdk/python/pulumi_azuread/get_groups.py +++ b/sdk/python/pulumi_azuread/get_groups.py @@ -203,14 +203,14 @@ def get_groups(display_name_prefix: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getGroups:getGroups', __args__, opts=opts, typ=GetGroupsResult).value return AwaitableGetGroupsResult( - display_name_prefix=__ret__.display_name_prefix, - display_names=__ret__.display_names, - id=__ret__.id, - ignore_missing=__ret__.ignore_missing, - mail_enabled=__ret__.mail_enabled, - object_ids=__ret__.object_ids, - return_all=__ret__.return_all, - security_enabled=__ret__.security_enabled) + display_name_prefix=pulumi.get(__ret__, 'display_name_prefix'), + display_names=pulumi.get(__ret__, 'display_names'), + id=pulumi.get(__ret__, 'id'), + ignore_missing=pulumi.get(__ret__, 'ignore_missing'), + mail_enabled=pulumi.get(__ret__, 'mail_enabled'), + object_ids=pulumi.get(__ret__, 'object_ids'), + return_all=pulumi.get(__ret__, 'return_all'), + security_enabled=pulumi.get(__ret__, 'security_enabled')) @_utilities.lift_output_func(get_groups) diff --git a/sdk/python/pulumi_azuread/get_service_principal.py b/sdk/python/pulumi_azuread/get_service_principal.py index 12f5423c5..97fbc3fe7 100644 --- a/sdk/python/pulumi_azuread/get_service_principal.py +++ b/sdk/python/pulumi_azuread/get_service_principal.py @@ -55,10 +55,6 @@ def __init__(__self__, account_enabled=None, alternative_names=None, app_role_as pulumi.set(__self__, "feature_tags", feature_tags) if features and not isinstance(features, list): raise TypeError("Expected argument 'features' to be a list") - if features is not None: - warnings.warn("""This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""", DeprecationWarning) - pulumi.log.warn("""features is deprecated: This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""") - pulumi.set(__self__, "features", features) if homepage_url and not isinstance(homepage_url, str): raise TypeError("Expected argument 'homepage_url' to be a str") @@ -195,6 +191,9 @@ def features(self) -> Sequence['outputs.GetServicePrincipalFeatureResult']: """ A `features` block as described below. """ + warnings.warn("""This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""", DeprecationWarning) + pulumi.log.warn("""features is deprecated: This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""") + return pulumi.get(self, "features") @property @@ -429,34 +428,34 @@ def get_service_principal(application_id: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getServicePrincipal:getServicePrincipal', __args__, opts=opts, typ=GetServicePrincipalResult).value return AwaitableGetServicePrincipalResult( - account_enabled=__ret__.account_enabled, - alternative_names=__ret__.alternative_names, - app_role_assignment_required=__ret__.app_role_assignment_required, - app_role_ids=__ret__.app_role_ids, - app_roles=__ret__.app_roles, - application_id=__ret__.application_id, - application_tenant_id=__ret__.application_tenant_id, - description=__ret__.description, - display_name=__ret__.display_name, - feature_tags=__ret__.feature_tags, - features=__ret__.features, - homepage_url=__ret__.homepage_url, - id=__ret__.id, - login_url=__ret__.login_url, - logout_url=__ret__.logout_url, - notes=__ret__.notes, - notification_email_addresses=__ret__.notification_email_addresses, - oauth2_permission_scope_ids=__ret__.oauth2_permission_scope_ids, - oauth2_permission_scopes=__ret__.oauth2_permission_scopes, - object_id=__ret__.object_id, - preferred_single_sign_on_mode=__ret__.preferred_single_sign_on_mode, - redirect_uris=__ret__.redirect_uris, - saml_metadata_url=__ret__.saml_metadata_url, - saml_single_sign_ons=__ret__.saml_single_sign_ons, - service_principal_names=__ret__.service_principal_names, - sign_in_audience=__ret__.sign_in_audience, - tags=__ret__.tags, - type=__ret__.type) + account_enabled=pulumi.get(__ret__, 'account_enabled'), + alternative_names=pulumi.get(__ret__, 'alternative_names'), + app_role_assignment_required=pulumi.get(__ret__, 'app_role_assignment_required'), + app_role_ids=pulumi.get(__ret__, 'app_role_ids'), + app_roles=pulumi.get(__ret__, 'app_roles'), + application_id=pulumi.get(__ret__, 'application_id'), + application_tenant_id=pulumi.get(__ret__, 'application_tenant_id'), + description=pulumi.get(__ret__, 'description'), + display_name=pulumi.get(__ret__, 'display_name'), + feature_tags=pulumi.get(__ret__, 'feature_tags'), + features=pulumi.get(__ret__, 'features'), + homepage_url=pulumi.get(__ret__, 'homepage_url'), + id=pulumi.get(__ret__, 'id'), + login_url=pulumi.get(__ret__, 'login_url'), + logout_url=pulumi.get(__ret__, 'logout_url'), + notes=pulumi.get(__ret__, 'notes'), + notification_email_addresses=pulumi.get(__ret__, 'notification_email_addresses'), + oauth2_permission_scope_ids=pulumi.get(__ret__, 'oauth2_permission_scope_ids'), + oauth2_permission_scopes=pulumi.get(__ret__, 'oauth2_permission_scopes'), + object_id=pulumi.get(__ret__, 'object_id'), + preferred_single_sign_on_mode=pulumi.get(__ret__, 'preferred_single_sign_on_mode'), + redirect_uris=pulumi.get(__ret__, 'redirect_uris'), + saml_metadata_url=pulumi.get(__ret__, 'saml_metadata_url'), + saml_single_sign_ons=pulumi.get(__ret__, 'saml_single_sign_ons'), + service_principal_names=pulumi.get(__ret__, 'service_principal_names'), + sign_in_audience=pulumi.get(__ret__, 'sign_in_audience'), + tags=pulumi.get(__ret__, 'tags'), + type=pulumi.get(__ret__, 'type')) @_utilities.lift_output_func(get_service_principal) diff --git a/sdk/python/pulumi_azuread/get_service_principals.py b/sdk/python/pulumi_azuread/get_service_principals.py index 451928b06..7dd4084b4 100644 --- a/sdk/python/pulumi_azuread/get_service_principals.py +++ b/sdk/python/pulumi_azuread/get_service_principals.py @@ -187,13 +187,13 @@ def get_service_principals(application_ids: Optional[Sequence[str]] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getServicePrincipals:getServicePrincipals', __args__, opts=opts, typ=GetServicePrincipalsResult).value return AwaitableGetServicePrincipalsResult( - application_ids=__ret__.application_ids, - display_names=__ret__.display_names, - id=__ret__.id, - ignore_missing=__ret__.ignore_missing, - object_ids=__ret__.object_ids, - return_all=__ret__.return_all, - service_principals=__ret__.service_principals) + application_ids=pulumi.get(__ret__, 'application_ids'), + display_names=pulumi.get(__ret__, 'display_names'), + id=pulumi.get(__ret__, 'id'), + ignore_missing=pulumi.get(__ret__, 'ignore_missing'), + object_ids=pulumi.get(__ret__, 'object_ids'), + return_all=pulumi.get(__ret__, 'return_all'), + service_principals=pulumi.get(__ret__, 'service_principals')) @_utilities.lift_output_func(get_service_principals) diff --git a/sdk/python/pulumi_azuread/get_user.py b/sdk/python/pulumi_azuread/get_user.py index 1b7ac3216..c3c196489 100644 --- a/sdk/python/pulumi_azuread/get_user.py +++ b/sdk/python/pulumi_azuread/get_user.py @@ -560,7 +560,8 @@ def __await__(self): user_type=self.user_type) -def get_user(mail: Optional[str] = None, +def get_user(employee_id: Optional[str] = None, + mail: Optional[str] = None, mail_nickname: Optional[str] = None, object_id: Optional[str] = None, user_principal_name: Optional[str] = None, @@ -586,14 +587,16 @@ def get_user(mail: Optional[str] = None, ``` + :param str employee_id: The employee identifier assigned to the user by the organisation. :param str mail: The SMTP address for the user. :param str mail_nickname: The email alias of the user. :param str object_id: The object ID of the user. :param str user_principal_name: The user principal name (UPN) of the user. - > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. """ __args__ = dict() + __args__['employeeId'] = employee_id __args__['mail'] = mail __args__['mailNickname'] = mail_nickname __args__['objectId'] = object_id @@ -602,54 +605,55 @@ def get_user(mail: Optional[str] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getUser:getUser', __args__, opts=opts, typ=GetUserResult).value return AwaitableGetUserResult( - account_enabled=__ret__.account_enabled, - age_group=__ret__.age_group, - business_phones=__ret__.business_phones, - city=__ret__.city, - company_name=__ret__.company_name, - consent_provided_for_minor=__ret__.consent_provided_for_minor, - cost_center=__ret__.cost_center, - country=__ret__.country, - creation_type=__ret__.creation_type, - department=__ret__.department, - display_name=__ret__.display_name, - division=__ret__.division, - employee_id=__ret__.employee_id, - employee_type=__ret__.employee_type, - external_user_state=__ret__.external_user_state, - fax_number=__ret__.fax_number, - given_name=__ret__.given_name, - id=__ret__.id, - im_addresses=__ret__.im_addresses, - job_title=__ret__.job_title, - mail=__ret__.mail, - mail_nickname=__ret__.mail_nickname, - manager_id=__ret__.manager_id, - mobile_phone=__ret__.mobile_phone, - object_id=__ret__.object_id, - office_location=__ret__.office_location, - onpremises_distinguished_name=__ret__.onpremises_distinguished_name, - onpremises_domain_name=__ret__.onpremises_domain_name, - onpremises_immutable_id=__ret__.onpremises_immutable_id, - onpremises_sam_account_name=__ret__.onpremises_sam_account_name, - onpremises_security_identifier=__ret__.onpremises_security_identifier, - onpremises_sync_enabled=__ret__.onpremises_sync_enabled, - onpremises_user_principal_name=__ret__.onpremises_user_principal_name, - other_mails=__ret__.other_mails, - postal_code=__ret__.postal_code, - preferred_language=__ret__.preferred_language, - proxy_addresses=__ret__.proxy_addresses, - show_in_address_list=__ret__.show_in_address_list, - state=__ret__.state, - street_address=__ret__.street_address, - surname=__ret__.surname, - usage_location=__ret__.usage_location, - user_principal_name=__ret__.user_principal_name, - user_type=__ret__.user_type) + account_enabled=pulumi.get(__ret__, 'account_enabled'), + age_group=pulumi.get(__ret__, 'age_group'), + business_phones=pulumi.get(__ret__, 'business_phones'), + city=pulumi.get(__ret__, 'city'), + company_name=pulumi.get(__ret__, 'company_name'), + consent_provided_for_minor=pulumi.get(__ret__, 'consent_provided_for_minor'), + cost_center=pulumi.get(__ret__, 'cost_center'), + country=pulumi.get(__ret__, 'country'), + creation_type=pulumi.get(__ret__, 'creation_type'), + department=pulumi.get(__ret__, 'department'), + display_name=pulumi.get(__ret__, 'display_name'), + division=pulumi.get(__ret__, 'division'), + employee_id=pulumi.get(__ret__, 'employee_id'), + employee_type=pulumi.get(__ret__, 'employee_type'), + external_user_state=pulumi.get(__ret__, 'external_user_state'), + fax_number=pulumi.get(__ret__, 'fax_number'), + given_name=pulumi.get(__ret__, 'given_name'), + id=pulumi.get(__ret__, 'id'), + im_addresses=pulumi.get(__ret__, 'im_addresses'), + job_title=pulumi.get(__ret__, 'job_title'), + mail=pulumi.get(__ret__, 'mail'), + mail_nickname=pulumi.get(__ret__, 'mail_nickname'), + manager_id=pulumi.get(__ret__, 'manager_id'), + mobile_phone=pulumi.get(__ret__, 'mobile_phone'), + object_id=pulumi.get(__ret__, 'object_id'), + office_location=pulumi.get(__ret__, 'office_location'), + onpremises_distinguished_name=pulumi.get(__ret__, 'onpremises_distinguished_name'), + onpremises_domain_name=pulumi.get(__ret__, 'onpremises_domain_name'), + onpremises_immutable_id=pulumi.get(__ret__, 'onpremises_immutable_id'), + onpremises_sam_account_name=pulumi.get(__ret__, 'onpremises_sam_account_name'), + onpremises_security_identifier=pulumi.get(__ret__, 'onpremises_security_identifier'), + onpremises_sync_enabled=pulumi.get(__ret__, 'onpremises_sync_enabled'), + onpremises_user_principal_name=pulumi.get(__ret__, 'onpremises_user_principal_name'), + other_mails=pulumi.get(__ret__, 'other_mails'), + postal_code=pulumi.get(__ret__, 'postal_code'), + preferred_language=pulumi.get(__ret__, 'preferred_language'), + proxy_addresses=pulumi.get(__ret__, 'proxy_addresses'), + show_in_address_list=pulumi.get(__ret__, 'show_in_address_list'), + state=pulumi.get(__ret__, 'state'), + street_address=pulumi.get(__ret__, 'street_address'), + surname=pulumi.get(__ret__, 'surname'), + usage_location=pulumi.get(__ret__, 'usage_location'), + user_principal_name=pulumi.get(__ret__, 'user_principal_name'), + user_type=pulumi.get(__ret__, 'user_type')) @_utilities.lift_output_func(get_user) -def get_user_output(mail: Optional[pulumi.Input[Optional[str]]] = None, +def get_user_output(employee_id: Optional[pulumi.Input[Optional[str]]] = None, + mail: Optional[pulumi.Input[Optional[str]]] = None, mail_nickname: Optional[pulumi.Input[Optional[str]]] = None, object_id: Optional[pulumi.Input[Optional[str]]] = None, user_principal_name: Optional[pulumi.Input[Optional[str]]] = None, @@ -675,11 +679,12 @@ def get_user_output(mail: Optional[pulumi.Input[Optional[str]]] = None, ``` + :param str employee_id: The employee identifier assigned to the user by the organisation. :param str mail: The SMTP address for the user. :param str mail_nickname: The email alias of the user. :param str object_id: The object ID of the user. :param str user_principal_name: The user principal name (UPN) of the user. - > One of `user_principal_name`, `object_id`, `mail` or `mail_nickname` must be specified. + > One of `user_principal_name`, `object_id`, `mail`, `mail_nickname` or `employee_id` must be specified. """ ... diff --git a/sdk/python/pulumi_azuread/get_users.py b/sdk/python/pulumi_azuread/get_users.py index f055156a6..b90b675ed 100644 --- a/sdk/python/pulumi_azuread/get_users.py +++ b/sdk/python/pulumi_azuread/get_users.py @@ -22,7 +22,10 @@ class GetUsersResult: """ A collection of values returned by getUsers. """ - def __init__(__self__, id=None, ignore_missing=None, mail_nicknames=None, object_ids=None, return_all=None, user_principal_names=None, users=None): + def __init__(__self__, employee_ids=None, id=None, ignore_missing=None, mail_nicknames=None, object_ids=None, return_all=None, user_principal_names=None, users=None): + if employee_ids and not isinstance(employee_ids, list): + raise TypeError("Expected argument 'employee_ids' to be a list") + pulumi.set(__self__, "employee_ids", employee_ids) if id and not isinstance(id, str): raise TypeError("Expected argument 'id' to be a str") pulumi.set(__self__, "id", id) @@ -45,6 +48,14 @@ def __init__(__self__, id=None, ignore_missing=None, mail_nicknames=None, object raise TypeError("Expected argument 'users' to be a list") pulumi.set(__self__, "users", users) + @property + @pulumi.getter(name="employeeIds") + def employee_ids(self) -> Sequence[str]: + """ + The employee identifiers assigned to the users by the organisation. + """ + return pulumi.get(self, "employee_ids") + @property @pulumi.getter def id(self) -> str: @@ -102,6 +113,7 @@ def __await__(self): if False: yield self return GetUsersResult( + employee_ids=self.employee_ids, id=self.id, ignore_missing=self.ignore_missing, mail_nicknames=self.mail_nicknames, @@ -111,7 +123,8 @@ def __await__(self): users=self.users) -def get_users(ignore_missing: Optional[bool] = None, +def get_users(employee_ids: Optional[Sequence[str]] = None, + ignore_missing: Optional[bool] = None, mail_nicknames: Optional[Sequence[str]] = None, object_ids: Optional[Sequence[str]] = None, return_all: Optional[bool] = None, @@ -141,15 +154,17 @@ def get_users(ignore_missing: Optional[bool] = None, ``` + :param Sequence[str] employee_ids: The employee identifiers assigned to the users by the organisation. :param bool ignore_missing: Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. :param Sequence[str] mail_nicknames: The email aliases of the users. :param Sequence[str] object_ids: The object IDs of the users. :param bool return_all: When `true`, the data source will return all users. Cannot be used with `ignore_missing`. Defaults to `false`. :param Sequence[str] user_principal_names: The user principal names (UPNs) of the users. - > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. """ __args__ = dict() + __args__['employeeIds'] = employee_ids __args__['ignoreMissing'] = ignore_missing __args__['mailNicknames'] = mail_nicknames __args__['objectIds'] = object_ids @@ -159,17 +174,19 @@ def get_users(ignore_missing: Optional[bool] = None, __ret__ = pulumi.runtime.invoke('azuread:index/getUsers:getUsers', __args__, opts=opts, typ=GetUsersResult).value return AwaitableGetUsersResult( - id=__ret__.id, - ignore_missing=__ret__.ignore_missing, - mail_nicknames=__ret__.mail_nicknames, - object_ids=__ret__.object_ids, - return_all=__ret__.return_all, - user_principal_names=__ret__.user_principal_names, - users=__ret__.users) + employee_ids=pulumi.get(__ret__, 'employee_ids'), + id=pulumi.get(__ret__, 'id'), + ignore_missing=pulumi.get(__ret__, 'ignore_missing'), + mail_nicknames=pulumi.get(__ret__, 'mail_nicknames'), + object_ids=pulumi.get(__ret__, 'object_ids'), + return_all=pulumi.get(__ret__, 'return_all'), + user_principal_names=pulumi.get(__ret__, 'user_principal_names'), + users=pulumi.get(__ret__, 'users')) @_utilities.lift_output_func(get_users) -def get_users_output(ignore_missing: Optional[pulumi.Input[Optional[bool]]] = None, +def get_users_output(employee_ids: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, + ignore_missing: Optional[pulumi.Input[Optional[bool]]] = None, mail_nicknames: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, object_ids: Optional[pulumi.Input[Optional[Sequence[str]]]] = None, return_all: Optional[pulumi.Input[Optional[bool]]] = None, @@ -199,12 +216,13 @@ def get_users_output(ignore_missing: Optional[pulumi.Input[Optional[bool]]] = No ``` + :param Sequence[str] employee_ids: The employee identifiers assigned to the users by the organisation. :param bool ignore_missing: Ignore missing users and return users that were found. The data source will still fail if no users are found. Cannot be specified with `return_all`. Defaults to `false`. :param Sequence[str] mail_nicknames: The email aliases of the users. :param Sequence[str] object_ids: The object IDs of the users. :param bool return_all: When `true`, the data source will return all users. Cannot be used with `ignore_missing`. Defaults to `false`. :param Sequence[str] user_principal_names: The user principal names (UPNs) of the users. - > Either `return_all`, or one of `user_principal_names`, `object_ids` or `mail_nicknames` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. + > Either `return_all`, or one of `user_principal_names`, `object_ids`, `mail_nicknames` or `employee_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. """ ... diff --git a/sdk/python/pulumi_azuread/outputs.py b/sdk/python/pulumi_azuread/outputs.py index 8b6c1ed0f..3e64f8b6d 100644 --- a/sdk/python/pulumi_azuread/outputs.py +++ b/sdk/python/pulumi_azuread/outputs.py @@ -41,6 +41,7 @@ 'ApplicationWebImplicitGrant', 'ConditionalAccessPolicyConditions', 'ConditionalAccessPolicyConditionsApplications', + 'ConditionalAccessPolicyConditionsClientApplications', 'ConditionalAccessPolicyConditionsDevices', 'ConditionalAccessPolicyConditionsDevicesFilter', 'ConditionalAccessPolicyConditionsLocations', @@ -1929,6 +1930,8 @@ def __key_warning(key: str): suggest = None if key == "clientAppTypes": suggest = "client_app_types" + elif key == "clientApplications": + suggest = "client_applications" elif key == "signInRiskLevels": suggest = "sign_in_risk_levels" elif key == "userRiskLevels": @@ -1949,6 +1952,7 @@ def __init__(__self__, *, applications: 'outputs.ConditionalAccessPolicyConditionsApplications', client_app_types: Sequence[str], users: 'outputs.ConditionalAccessPolicyConditionsUsers', + client_applications: Optional['outputs.ConditionalAccessPolicyConditionsClientApplications'] = None, devices: Optional['outputs.ConditionalAccessPolicyConditionsDevices'] = None, locations: Optional['outputs.ConditionalAccessPolicyConditionsLocations'] = None, platforms: Optional['outputs.ConditionalAccessPolicyConditionsPlatforms'] = None, @@ -1958,6 +1962,7 @@ def __init__(__self__, *, :param 'ConditionalAccessPolicyConditionsApplicationsArgs' applications: An `applications` block as documented below, which specifies applications and user actions included in and excluded from the policy. :param Sequence[str] client_app_types: A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`. :param 'ConditionalAccessPolicyConditionsUsersArgs' users: A `users` block as documented below, which specifies users, groups, and roles included in and excluded from the policy. + :param 'ConditionalAccessPolicyConditionsClientApplicationsArgs' client_applications: An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. :param 'ConditionalAccessPolicyConditionsDevicesArgs' devices: A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. :param 'ConditionalAccessPolicyConditionsLocationsArgs' locations: A `locations` block as documented below, which specifies locations included in and excluded from the policy. :param 'ConditionalAccessPolicyConditionsPlatformsArgs' platforms: A `platforms` block as documented below, which specifies platforms included in and excluded from the policy. @@ -1967,6 +1972,8 @@ def __init__(__self__, *, pulumi.set(__self__, "applications", applications) pulumi.set(__self__, "client_app_types", client_app_types) pulumi.set(__self__, "users", users) + if client_applications is not None: + pulumi.set(__self__, "client_applications", client_applications) if devices is not None: pulumi.set(__self__, "devices", devices) if locations is not None: @@ -2002,6 +2009,14 @@ def users(self) -> 'outputs.ConditionalAccessPolicyConditionsUsers': """ return pulumi.get(self, "users") + @property + @pulumi.getter(name="clientApplications") + def client_applications(self) -> Optional['outputs.ConditionalAccessPolicyConditionsClientApplications']: + """ + An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. + """ + return pulumi.get(self, "client_applications") + @property @pulumi.getter def devices(self) -> Optional['outputs.ConditionalAccessPolicyConditionsDevices']: @@ -2107,6 +2122,56 @@ def included_user_actions(self) -> Optional[Sequence[str]]: return pulumi.get(self, "included_user_actions") +@pulumi.output_type +class ConditionalAccessPolicyConditionsClientApplications(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "excludedServicePrincipals": + suggest = "excluded_service_principals" + elif key == "includedServicePrincipals": + suggest = "included_service_principals" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ConditionalAccessPolicyConditionsClientApplications. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ConditionalAccessPolicyConditionsClientApplications.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ConditionalAccessPolicyConditionsClientApplications.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + excluded_service_principals: Optional[Sequence[str]] = None, + included_service_principals: Optional[Sequence[str]] = None): + """ + :param Sequence[str] excluded_service_principals: A list of service principal IDs explicitly excluded in the policy. + :param Sequence[str] included_service_principals: A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + """ + if excluded_service_principals is not None: + pulumi.set(__self__, "excluded_service_principals", excluded_service_principals) + if included_service_principals is not None: + pulumi.set(__self__, "included_service_principals", included_service_principals) + + @property + @pulumi.getter(name="excludedServicePrincipals") + def excluded_service_principals(self) -> Optional[Sequence[str]]: + """ + A list of service principal IDs explicitly excluded in the policy. + """ + return pulumi.get(self, "excluded_service_principals") + + @property + @pulumi.getter(name="includedServicePrincipals") + def included_service_principals(self) -> Optional[Sequence[str]]: + """ + A list of service principal IDs explicitly included in the policy. Can be set to `ServicePrincipalsInMyTenant` to include all service principals. This is mandatory value when at least one `excluded_service_principals` is set. + """ + return pulumi.get(self, "included_service_principals") + + @pulumi.output_type class ConditionalAccessPolicyConditionsDevices(dict): def __init__(__self__, *, @@ -2446,6 +2511,8 @@ def __key_warning(key: str): suggest = "application_enforced_restrictions_enabled" elif key == "cloudAppSecurityPolicy": suggest = "cloud_app_security_policy" + elif key == "disableResilienceDefaults": + suggest = "disable_resilience_defaults" elif key == "persistentBrowserMode": suggest = "persistent_browser_mode" elif key == "signInFrequency": @@ -2467,6 +2534,7 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, application_enforced_restrictions_enabled: Optional[bool] = None, cloud_app_security_policy: Optional[str] = None, + disable_resilience_defaults: Optional[bool] = None, persistent_browser_mode: Optional[str] = None, sign_in_frequency: Optional[int] = None, sign_in_frequency_period: Optional[str] = None): @@ -2475,6 +2543,7 @@ def __init__(__self__, *, > Only Office 365, Exchange Online and Sharepoint Online support application enforced restrictions. :param str cloud_app_security_policy: Enables cloud app security and specifies the cloud app security policy to use. Possible values are: `blockDownloads`, `mcasConfigured`, `monitorOnly` or `unknownFutureValue`. + :param bool disable_resilience_defaults: Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. :param str persistent_browser_mode: Session control to define whether to persist cookies or not. Possible values are: `always` or `never`. :param int sign_in_frequency: Number of days or hours to enforce sign-in frequency. Required when `sign_in_frequency_period` is specified. Due to an API issue, removing this property forces a new resource to be created. :param str sign_in_frequency_period: The time period to enforce sign-in frequency. Possible values are: `hours` or `days`. Required when `sign_in_frequency_period` is specified. Due to an API issue, removing this property forces a new resource to be created. @@ -2483,6 +2552,8 @@ def __init__(__self__, *, pulumi.set(__self__, "application_enforced_restrictions_enabled", application_enforced_restrictions_enabled) if cloud_app_security_policy is not None: pulumi.set(__self__, "cloud_app_security_policy", cloud_app_security_policy) + if disable_resilience_defaults is not None: + pulumi.set(__self__, "disable_resilience_defaults", disable_resilience_defaults) if persistent_browser_mode is not None: pulumi.set(__self__, "persistent_browser_mode", persistent_browser_mode) if sign_in_frequency is not None: @@ -2508,6 +2579,14 @@ def cloud_app_security_policy(self) -> Optional[str]: """ return pulumi.get(self, "cloud_app_security_policy") + @property + @pulumi.getter(name="disableResilienceDefaults") + def disable_resilience_defaults(self) -> Optional[bool]: + """ + Disables [resilience defaults](https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/resilience-defaults). Defaults to `false`. + """ + return pulumi.get(self, "disable_resilience_defaults") + @property @pulumi.getter(name="persistentBrowserMode") def persistent_browser_mode(self) -> Optional[str]: @@ -4463,6 +4542,7 @@ class GetUsersUserResult(dict): def __init__(__self__, *, account_enabled: bool, display_name: str, + employee_id: str, mail: str, mail_nickname: str, object_id: str, @@ -4474,6 +4554,7 @@ def __init__(__self__, *, """ :param bool account_enabled: Whether or not the account is enabled. :param str display_name: The display name of the user. + :param str employee_id: The employee identifier assigned to the user by the organisation. :param str mail: The primary email address of the user. :param str mail_nickname: The email alias of the user. :param str object_id: The object ID of the user. @@ -4485,6 +4566,7 @@ def __init__(__self__, *, """ pulumi.set(__self__, "account_enabled", account_enabled) pulumi.set(__self__, "display_name", display_name) + pulumi.set(__self__, "employee_id", employee_id) pulumi.set(__self__, "mail", mail) pulumi.set(__self__, "mail_nickname", mail_nickname) pulumi.set(__self__, "object_id", object_id) @@ -4510,6 +4592,14 @@ def display_name(self) -> str: """ return pulumi.get(self, "display_name") + @property + @pulumi.getter(name="employeeId") + def employee_id(self) -> str: + """ + The employee identifier assigned to the user by the organisation. + """ + return pulumi.get(self, "employee_id") + @property @pulumi.getter def mail(self) -> str: diff --git a/sdk/python/pulumi_azuread/service_principal.py b/sdk/python/pulumi_azuread/service_principal.py index e86f78e76..d4d3318d4 100644 --- a/sdk/python/pulumi_azuread/service_principal.py +++ b/sdk/python/pulumi_azuread/service_principal.py @@ -166,6 +166,9 @@ def features(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ServicePrinci """ Block of features to configure for this service principal using tags """ + warnings.warn("""This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""", DeprecationWarning) + pulumi.log.warn("""features is deprecated: This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""") + return pulumi.get(self, "features") @features.setter @@ -529,6 +532,9 @@ def features(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ServicePrinci """ Block of features to configure for this service principal using tags """ + warnings.warn("""This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""", DeprecationWarning) + pulumi.log.warn("""features is deprecated: This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""") + return pulumi.get(self, "features") @features.setter @@ -1227,6 +1233,9 @@ def features(self) -> pulumi.Output[Sequence['outputs.ServicePrincipalFeature']] """ Block of features to configure for this service principal using tags """ + warnings.warn("""This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""", DeprecationWarning) + pulumi.log.warn("""features is deprecated: This block has been renamed to `feature_tags` and will be removed in version 3.0 of the provider""") + return pulumi.get(self, "features") @property diff --git a/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py b/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py index e74b050df..17579d8bc 100644 --- a/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py +++ b/sdk/python/pulumi_azuread/service_principal_delegated_permission_grant.py @@ -196,14 +196,14 @@ def __init__(__self__, example_application = azuread.Application("exampleApplication", display_name="example", required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( - resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + resource_app_id=well_known.result["MicrosoftGraph"], resource_accesses=[ azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["openid"], type="Scope", ), azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["User.Read"], type="Scope", ), ], @@ -231,14 +231,14 @@ def __init__(__self__, example_application = azuread.Application("exampleApplication", display_name="example", required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( - resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + resource_app_id=well_known.result["MicrosoftGraph"], resource_accesses=[ azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["openid"], type="Scope", ), azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["User.Read"], type="Scope", ), ], @@ -308,14 +308,14 @@ def __init__(__self__, example_application = azuread.Application("exampleApplication", display_name="example", required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( - resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + resource_app_id=well_known.result["MicrosoftGraph"], resource_accesses=[ azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["openid"], type="Scope", ), azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["User.Read"], type="Scope", ), ], @@ -343,14 +343,14 @@ def __init__(__self__, example_application = azuread.Application("exampleApplication", display_name="example", required_resource_accesses=[azuread.ApplicationRequiredResourceAccessArgs( - resource_app_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + resource_app_id=well_known.result["MicrosoftGraph"], resource_accesses=[ azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["openid"], type="Scope", ), azuread.ApplicationRequiredResourceAccessResourceAccessArgs( - id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference), + id=msgraph.oauth2_permission_scope_ids["User.Read"], type="Scope", ), ], diff --git a/sdk/python/pulumi_azuread/service_principal_password.py b/sdk/python/pulumi_azuread/service_principal_password.py index 1fa6522ae..57c8b1312 100644 --- a/sdk/python/pulumi_azuread/service_principal_password.py +++ b/sdk/python/pulumi_azuread/service_principal_password.py @@ -273,6 +273,36 @@ def __init__(__self__, When authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator` + ## Example Usage + + *Basic example* + + ```python + import pulumi + import pulumi_azuread as azuread + + example_application = azuread.Application("exampleApplication", display_name="example") + example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id) + example_service_principal_password = azuread.ServicePrincipalPassword("exampleServicePrincipalPassword", service_principal_id=example_service_principal.object_id) + ``` + + *Time-based rotation* + + ```python + import pulumi + import pulumi_azuread as azuread + import pulumiverse_time as time + + example_application = azuread.Application("exampleApplication", display_name="example") + example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id) + example_rotating = time.Rotating("exampleRotating", rotation_days=7) + example_service_principal_password = azuread.ServicePrincipalPassword("exampleServicePrincipalPassword", + service_principal_id=example_service_principal.object_id, + rotate_when_changed={ + "rotation": example_rotating.id, + }) + ``` + ## Import This resource does not support importing. @@ -303,6 +333,36 @@ def __init__(__self__, When authenticated with a user principal, this resource requires one of the following directory roles: `Application Administrator` or `Global Administrator` + ## Example Usage + + *Basic example* + + ```python + import pulumi + import pulumi_azuread as azuread + + example_application = azuread.Application("exampleApplication", display_name="example") + example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id) + example_service_principal_password = azuread.ServicePrincipalPassword("exampleServicePrincipalPassword", service_principal_id=example_service_principal.object_id) + ``` + + *Time-based rotation* + + ```python + import pulumi + import pulumi_azuread as azuread + import pulumiverse_time as time + + example_application = azuread.Application("exampleApplication", display_name="example") + example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal", application_id=example_application.application_id) + example_rotating = time.Rotating("exampleRotating", rotation_days=7) + example_service_principal_password = azuread.ServicePrincipalPassword("exampleServicePrincipalPassword", + service_principal_id=example_service_principal.object_id, + rotate_when_changed={ + "rotation": example_rotating.id, + }) + ``` + ## Import This resource does not support importing. diff --git a/sdk/python/pulumi_azuread/user.py b/sdk/python/pulumi_azuread/user.py index ca3627d13..bd4b04af2 100644 --- a/sdk/python/pulumi_azuread/user.py +++ b/sdk/python/pulumi_azuread/user.py @@ -60,7 +60,7 @@ def __init__(__self__, *, :param pulumi.Input[str] company_name: The company name which the user is associated. This property can be useful for describing the company that an external user comes from. :param pulumi.Input[str] consent_provided_for_minor: Whether consent has been obtained for minors. Supported values are `Granted`, `Denied` and `NotRequired`. Omit this property or specify a blank string to unset. :param pulumi.Input[str] cost_center: The cost center associated with the user. - :param pulumi.Input[str] country: The country/region in which the user is located, e.g. `US` or `UK`. + :param pulumi.Input[str] country: The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. :param pulumi.Input[str] department: The name for the department in which the user works. :param pulumi.Input[bool] disable_password_expiration: Whether the user's password is exempt from expiring. Defaults to `false`. :param pulumi.Input[bool] disable_strong_password: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to `false`. @@ -269,7 +269,7 @@ def cost_center(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def country(self) -> Optional[pulumi.Input[str]]: """ - The country/region in which the user is located, e.g. `US` or `UK`. + The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. """ return pulumi.get(self, "country") @@ -640,7 +640,7 @@ def __init__(__self__, *, :param pulumi.Input[str] company_name: The company name which the user is associated. This property can be useful for describing the company that an external user comes from. :param pulumi.Input[str] consent_provided_for_minor: Whether consent has been obtained for minors. Supported values are `Granted`, `Denied` and `NotRequired`. Omit this property or specify a blank string to unset. :param pulumi.Input[str] cost_center: The cost center associated with the user. - :param pulumi.Input[str] country: The country/region in which the user is located, e.g. `US` or `UK`. + :param pulumi.Input[str] country: The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. :param pulumi.Input[str] creation_type: Indicates whether the user account was created as a regular school or work account (`null`), an external account (`Invitation`), a local account for an Azure Active Directory B2C tenant (`LocalAccount`) or self-service sign-up using email verification (`EmailVerified`). :param pulumi.Input[str] department: The name for the department in which the user works. :param pulumi.Input[bool] disable_password_expiration: Whether the user's password is exempt from expiring. Defaults to `false`. @@ -879,7 +879,7 @@ def cost_center(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def country(self) -> Optional[pulumi.Input[str]]: """ - The country/region in which the user is located, e.g. `US` or `UK`. + The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. """ return pulumi.get(self, "country") @@ -1439,7 +1439,7 @@ def __init__(__self__, :param pulumi.Input[str] company_name: The company name which the user is associated. This property can be useful for describing the company that an external user comes from. :param pulumi.Input[str] consent_provided_for_minor: Whether consent has been obtained for minors. Supported values are `Granted`, `Denied` and `NotRequired`. Omit this property or specify a blank string to unset. :param pulumi.Input[str] cost_center: The cost center associated with the user. - :param pulumi.Input[str] country: The country/region in which the user is located, e.g. `US` or `UK`. + :param pulumi.Input[str] country: The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. :param pulumi.Input[str] department: The name for the department in which the user works. :param pulumi.Input[bool] disable_password_expiration: Whether the user's password is exempt from expiring. Defaults to `false`. :param pulumi.Input[bool] disable_strong_password: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to `false`. @@ -1693,7 +1693,7 @@ def get(resource_name: str, :param pulumi.Input[str] company_name: The company name which the user is associated. This property can be useful for describing the company that an external user comes from. :param pulumi.Input[str] consent_provided_for_minor: Whether consent has been obtained for minors. Supported values are `Granted`, `Denied` and `NotRequired`. Omit this property or specify a blank string to unset. :param pulumi.Input[str] cost_center: The cost center associated with the user. - :param pulumi.Input[str] country: The country/region in which the user is located, e.g. `US` or `UK`. + :param pulumi.Input[str] country: The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. :param pulumi.Input[str] creation_type: Indicates whether the user account was created as a regular school or work account (`null`), an external account (`Invitation`), a local account for an Azure Active Directory B2C tenant (`LocalAccount`) or self-service sign-up using email verification (`EmailVerified`). :param pulumi.Input[str] department: The name for the department in which the user works. :param pulumi.Input[bool] disable_password_expiration: Whether the user's password is exempt from expiring. Defaults to `false`. @@ -1857,7 +1857,7 @@ def cost_center(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def country(self) -> pulumi.Output[Optional[str]]: """ - The country/region in which the user is located, e.g. `US` or `UK`. + The country/region in which the user is located. Examples include: `NO`, `JP`, and `GB`. """ return pulumi.get(self, "country")