Docs Home
athenz 1.0.45 published on Tuesday, Apr 15, 2025 by athenz
athenz.getGroup
Explore with Pulumi AI
athenz.Group provides details about a specific Athenz group.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as athenz from "@pulumi/athenz";
const config = new pulumi.Config();
const groupName = config.require("groupName");
const selected = athenz.getGroup({
name: groupName,
domain: "some_domain",
});
import pulumi
import pulumi_athenz as athenz
config = pulumi.Config()
group_name = config.require("groupName")
selected = athenz.get_group(name=group_name,
domain="some_domain")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/athenz/athenz"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
groupName := cfg.Require("groupName")
_, err := athenz.LookupGroup(ctx, &athenz.LookupGroupArgs{
Name: groupName,
Domain: "some_domain",
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Athenz = Pulumi.Athenz;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var groupName = config.Require("groupName");
var selected = Athenz.GetGroup.Invoke(new()
{
Name = groupName,
Domain = "some_domain",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.athenz.AthenzFunctions;
import com.pulumi.athenz.inputs.GetGroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var groupName = config.get("groupName");
final var selected = AthenzFunctions.getGroup(GetGroupArgs.builder()
.name(groupName)
.domain("some_domain")
.build());
}
}
configuration:
groupName:
type: string
variables:
selected:
fn::invoke:
function: athenz:getGroup
arguments:
name: ${groupName}
domain: some_domain
Using getGroup
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getGroup(args: GetGroupArgs, opts?: InvokeOptions): Promise<GetGroupResult>
function getGroupOutput(args: GetGroupOutputArgs, opts?: InvokeOptions): Output<GetGroupResult>def get_group(audit_enabled: Optional[bool] = None,
delete_protection: Optional[bool] = None,
domain: Optional[str] = None,
id: Optional[str] = None,
last_reviewed_date: Optional[str] = None,
members: Optional[Sequence[GetGroupMember]] = None,
name: Optional[str] = None,
notify_details: Optional[str] = None,
notify_roles: Optional[str] = None,
principal_domain_filter: Optional[str] = None,
review_enabled: Optional[bool] = None,
self_renew: Optional[bool] = None,
self_renew_mins: Optional[float] = None,
self_serve: Optional[bool] = None,
settings: Optional[GetGroupSettings] = None,
tags: Optional[Mapping[str, str]] = None,
user_authority_expiration: Optional[str] = None,
user_authority_filter: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetGroupResult
def get_group_output(audit_enabled: Optional[pulumi.Input[bool]] = None,
delete_protection: Optional[pulumi.Input[bool]] = None,
domain: Optional[pulumi.Input[str]] = None,
id: Optional[pulumi.Input[str]] = None,
last_reviewed_date: Optional[pulumi.Input[str]] = None,
members: Optional[pulumi.Input[Sequence[pulumi.Input[GetGroupMemberArgs]]]] = None,
name: Optional[pulumi.Input[str]] = None,
notify_details: Optional[pulumi.Input[str]] = None,
notify_roles: Optional[pulumi.Input[str]] = None,
principal_domain_filter: Optional[pulumi.Input[str]] = None,
review_enabled: Optional[pulumi.Input[bool]] = None,
self_renew: Optional[pulumi.Input[bool]] = None,
self_renew_mins: Optional[pulumi.Input[float]] = None,
self_serve: Optional[pulumi.Input[bool]] = None,
settings: Optional[pulumi.Input[GetGroupSettingsArgs]] = None,
tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
user_authority_expiration: Optional[pulumi.Input[str]] = None,
user_authority_filter: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetGroupResult]func LookupGroup(ctx *Context, args *LookupGroupArgs, opts ...InvokeOption) (*LookupGroupResult, error)
func LookupGroupOutput(ctx *Context, args *LookupGroupOutputArgs, opts ...InvokeOption) LookupGroupResultOutput> Note: This function is named LookupGroup in the Go SDK.
public static class GetGroup
{
public static Task<GetGroupResult> InvokeAsync(GetGroupArgs args, InvokeOptions? opts = null)
public static Output<GetGroupResult> Invoke(GetGroupInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetGroupResult> getGroup(GetGroupArgs args, InvokeOptions options)
public static Output<GetGroupResult> getGroup(GetGroupArgs args, InvokeOptions options)
fn::invoke:
function: athenz:index/getGroup:getGroup
arguments:
# arguments dictionaryThe following arguments are supported:
- Domain string
- The Athenz domain name.
- Name string
- The name of the specific Athenz group.
- Audit
Enabled bool - audit enabled flag for the group
- Delete
Protection bool - If true, ask for delete confirmation in audit and review enabled groups
- Id string
- The ID of this resource.
- Last
Reviewed stringDate - Last reviewed date for the group
- Members
List<Get
Group Member> - Users or services to be added as members
- Notify
Details string - Set of instructions included in notifications for review and audit enabled groups
- Notify
Roles string - comma seperated list of roles whose members should be notified for member review/approval
- Principal
Domain stringFilter - comma seperated list of domains to enforce principal membership
- Review
Enabled bool - Flag indicates whether group updates require another review and approval
- Self
Renew bool - Flag indicates whether to allow expired members to renew their membership
- Self
Renew doubleMins - Number of minutes members can renew their membership if self review option is enabled
- Self
Serve bool - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- Settings
Get
Group Settings - Advanced settings
- Dictionary<string, string>
- map of group tags
- string
- expiration enforced by a user authority configured attribute
- string
- membership filtered based on user authority configured attributes
- Domain string
- The Athenz domain name.
- Name string
- The name of the specific Athenz group.
- Audit
Enabled bool - audit enabled flag for the group
- Delete
Protection bool - If true, ask for delete confirmation in audit and review enabled groups
- Id string
- The ID of this resource.
- Last
Reviewed stringDate - Last reviewed date for the group
- Members
[]Get
Group Member - Users or services to be added as members
- Notify
Details string - Set of instructions included in notifications for review and audit enabled groups
- Notify
Roles string - comma seperated list of roles whose members should be notified for member review/approval
- Principal
Domain stringFilter - comma seperated list of domains to enforce principal membership
- Review
Enabled bool - Flag indicates whether group updates require another review and approval
- Self
Renew bool - Flag indicates whether to allow expired members to renew their membership
- Self
Renew float64Mins - Number of minutes members can renew their membership if self review option is enabled
- Self
Serve bool - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- Settings
Get
Group Settings - Advanced settings
- map[string]string
- map of group tags
- string
- expiration enforced by a user authority configured attribute
- string
- membership filtered based on user authority configured attributes
- domain String
- The Athenz domain name.
- name String
- The name of the specific Athenz group.
- audit
Enabled Boolean - audit enabled flag for the group
- delete
Protection Boolean - If true, ask for delete confirmation in audit and review enabled groups
- id String
- The ID of this resource.
- last
Reviewed StringDate - Last reviewed date for the group
- members
List<Get
Group Member> - Users or services to be added as members
- notify
Details String - Set of instructions included in notifications for review and audit enabled groups
- notify
Roles String - comma seperated list of roles whose members should be notified for member review/approval
- principal
Domain StringFilter - comma seperated list of domains to enforce principal membership
- review
Enabled Boolean - Flag indicates whether group updates require another review and approval
- self
Renew Boolean - Flag indicates whether to allow expired members to renew their membership
- self
Renew DoubleMins - Number of minutes members can renew their membership if self review option is enabled
- self
Serve Boolean - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings
Get
Group Settings - Advanced settings
- Map<String,String>
- map of group tags
- String
- expiration enforced by a user authority configured attribute
- String
- membership filtered based on user authority configured attributes
- domain string
- The Athenz domain name.
- name string
- The name of the specific Athenz group.
- audit
Enabled boolean - audit enabled flag for the group
- delete
Protection boolean - If true, ask for delete confirmation in audit and review enabled groups
- id string
- The ID of this resource.
- last
Reviewed stringDate - Last reviewed date for the group
- members
Get
Group Member[] - Users or services to be added as members
- notify
Details string - Set of instructions included in notifications for review and audit enabled groups
- notify
Roles string - comma seperated list of roles whose members should be notified for member review/approval
- principal
Domain stringFilter - comma seperated list of domains to enforce principal membership
- review
Enabled boolean - Flag indicates whether group updates require another review and approval
- self
Renew boolean - Flag indicates whether to allow expired members to renew their membership
- self
Renew numberMins - Number of minutes members can renew their membership if self review option is enabled
- self
Serve boolean - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings
Get
Group Settings - Advanced settings
- {[key: string]: string}
- map of group tags
- string
- expiration enforced by a user authority configured attribute
- string
- membership filtered based on user authority configured attributes
- domain str
- The Athenz domain name.
- name str
- The name of the specific Athenz group.
- audit_
enabled bool - audit enabled flag for the group
- delete_
protection bool - If true, ask for delete confirmation in audit and review enabled groups
- id str
- The ID of this resource.
- last_
reviewed_ strdate - Last reviewed date for the group
- members
Sequence[Get
Group Member] - Users or services to be added as members
- notify_
details str - Set of instructions included in notifications for review and audit enabled groups
- notify_
roles str - comma seperated list of roles whose members should be notified for member review/approval
- principal_
domain_ strfilter - comma seperated list of domains to enforce principal membership
- review_
enabled bool - Flag indicates whether group updates require another review and approval
- self_
renew bool - Flag indicates whether to allow expired members to renew their membership
- self_
renew_ floatmins - Number of minutes members can renew their membership if self review option is enabled
- self_
serve bool - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings
Get
Group Settings - Advanced settings
- Mapping[str, str]
- map of group tags
- str
- expiration enforced by a user authority configured attribute
- str
- membership filtered based on user authority configured attributes
- domain String
- The Athenz domain name.
- name String
- The name of the specific Athenz group.
- audit
Enabled Boolean - audit enabled flag for the group
- delete
Protection Boolean - If true, ask for delete confirmation in audit and review enabled groups
- id String
- The ID of this resource.
- last
Reviewed StringDate - Last reviewed date for the group
- members List<Property Map>
- Users or services to be added as members
- notify
Details String - Set of instructions included in notifications for review and audit enabled groups
- notify
Roles String - comma seperated list of roles whose members should be notified for member review/approval
- principal
Domain StringFilter - comma seperated list of domains to enforce principal membership
- review
Enabled Boolean - Flag indicates whether group updates require another review and approval
- self
Renew Boolean - Flag indicates whether to allow expired members to renew their membership
- self
Renew NumberMins - Number of minutes members can renew their membership if self review option is enabled
- self
Serve Boolean - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings Property Map
- Advanced settings
- Map<String>
- map of group tags
- String
- expiration enforced by a user authority configured attribute
- String
- membership filtered based on user authority configured attributes
getGroup Result
The following output properties are available:
- Domain string
- The Athenz domain name.
- Id string
- The ID of this resource.
- Name string
- The name of the specific Athenz group.
- Audit
Enabled bool - audit enabled flag for the group
- Delete
Protection bool - If true, ask for delete confirmation in audit and review enabled groups
- Last
Reviewed stringDate - Last reviewed date for the group
- Members
List<Get
Group Member> - Users or services to be added as members
- Notify
Details string - Set of instructions included in notifications for review and audit enabled groups
- Notify
Roles string - comma seperated list of roles whose members should be notified for member review/approval
- Principal
Domain stringFilter - comma seperated list of domains to enforce principal membership
- Review
Enabled bool - Flag indicates whether group updates require another review and approval
- Self
Renew bool - Flag indicates whether to allow expired members to renew their membership
- Self
Renew doubleMins - Number of minutes members can renew their membership if self review option is enabled
- Self
Serve bool - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- Settings
Get
Group Settings - Advanced settings
- Dictionary<string, string>
- map of group tags
- string
- expiration enforced by a user authority configured attribute
- string
- membership filtered based on user authority configured attributes
- Domain string
- The Athenz domain name.
- Id string
- The ID of this resource.
- Name string
- The name of the specific Athenz group.
- Audit
Enabled bool - audit enabled flag for the group
- Delete
Protection bool - If true, ask for delete confirmation in audit and review enabled groups
- Last
Reviewed stringDate - Last reviewed date for the group
- Members
[]Get
Group Member - Users or services to be added as members
- Notify
Details string - Set of instructions included in notifications for review and audit enabled groups
- Notify
Roles string - comma seperated list of roles whose members should be notified for member review/approval
- Principal
Domain stringFilter - comma seperated list of domains to enforce principal membership
- Review
Enabled bool - Flag indicates whether group updates require another review and approval
- Self
Renew bool - Flag indicates whether to allow expired members to renew their membership
- Self
Renew float64Mins - Number of minutes members can renew their membership if self review option is enabled
- Self
Serve bool - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- Settings
Get
Group Settings - Advanced settings
- map[string]string
- map of group tags
- string
- expiration enforced by a user authority configured attribute
- string
- membership filtered based on user authority configured attributes
- domain String
- The Athenz domain name.
- id String
- The ID of this resource.
- name String
- The name of the specific Athenz group.
- audit
Enabled Boolean - audit enabled flag for the group
- delete
Protection Boolean - If true, ask for delete confirmation in audit and review enabled groups
- last
Reviewed StringDate - Last reviewed date for the group
- members
List<Get
Group Member> - Users or services to be added as members
- notify
Details String - Set of instructions included in notifications for review and audit enabled groups
- notify
Roles String - comma seperated list of roles whose members should be notified for member review/approval
- principal
Domain StringFilter - comma seperated list of domains to enforce principal membership
- review
Enabled Boolean - Flag indicates whether group updates require another review and approval
- self
Renew Boolean - Flag indicates whether to allow expired members to renew their membership
- self
Renew DoubleMins - Number of minutes members can renew their membership if self review option is enabled
- self
Serve Boolean - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings
Get
Group Settings - Advanced settings
- Map<String,String>
- map of group tags
- String
- expiration enforced by a user authority configured attribute
- String
- membership filtered based on user authority configured attributes
- domain string
- The Athenz domain name.
- id string
- The ID of this resource.
- name string
- The name of the specific Athenz group.
- audit
Enabled boolean - audit enabled flag for the group
- delete
Protection boolean - If true, ask for delete confirmation in audit and review enabled groups
- last
Reviewed stringDate - Last reviewed date for the group
- members
Get
Group Member[] - Users or services to be added as members
- notify
Details string - Set of instructions included in notifications for review and audit enabled groups
- notify
Roles string - comma seperated list of roles whose members should be notified for member review/approval
- principal
Domain stringFilter - comma seperated list of domains to enforce principal membership
- review
Enabled boolean - Flag indicates whether group updates require another review and approval
- self
Renew boolean - Flag indicates whether to allow expired members to renew their membership
- self
Renew numberMins - Number of minutes members can renew their membership if self review option is enabled
- self
Serve boolean - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings
Get
Group Settings - Advanced settings
- {[key: string]: string}
- map of group tags
- string
- expiration enforced by a user authority configured attribute
- string
- membership filtered based on user authority configured attributes
- domain str
- The Athenz domain name.
- id str
- The ID of this resource.
- name str
- The name of the specific Athenz group.
- audit_
enabled bool - audit enabled flag for the group
- delete_
protection bool - If true, ask for delete confirmation in audit and review enabled groups
- last_
reviewed_ strdate - Last reviewed date for the group
- members
Sequence[Get
Group Member] - Users or services to be added as members
- notify_
details str - Set of instructions included in notifications for review and audit enabled groups
- notify_
roles str - comma seperated list of roles whose members should be notified for member review/approval
- principal_
domain_ strfilter - comma seperated list of domains to enforce principal membership
- review_
enabled bool - Flag indicates whether group updates require another review and approval
- self_
renew bool - Flag indicates whether to allow expired members to renew their membership
- self_
renew_ floatmins - Number of minutes members can renew their membership if self review option is enabled
- self_
serve bool - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings
Get
Group Settings - Advanced settings
- Mapping[str, str]
- map of group tags
- str
- expiration enforced by a user authority configured attribute
- str
- membership filtered based on user authority configured attributes
- domain String
- The Athenz domain name.
- id String
- The ID of this resource.
- name String
- The name of the specific Athenz group.
- audit
Enabled Boolean - audit enabled flag for the group
- delete
Protection Boolean - If true, ask for delete confirmation in audit and review enabled groups
- last
Reviewed StringDate - Last reviewed date for the group
- members List<Property Map>
- Users or services to be added as members
- notify
Details String - Set of instructions included in notifications for review and audit enabled groups
- notify
Roles String - comma seperated list of roles whose members should be notified for member review/approval
- principal
Domain StringFilter - comma seperated list of domains to enforce principal membership
- review
Enabled Boolean - Flag indicates whether group updates require another review and approval
- self
Renew Boolean - Flag indicates whether to allow expired members to renew their membership
- self
Renew NumberMins - Number of minutes members can renew their membership if self review option is enabled
- self
Serve Boolean - Flag indicates whether group allows self-service. Users can add themselves in the group, but it has to be approved by domain admins to be effective.
- settings Property Map
- Advanced settings
- Map<String>
- map of group tags
- String
- expiration enforced by a user authority configured attribute
- String
- membership filtered based on user authority configured attributes
Supporting Types
GetGroupMember
- Name string
- Expiration string
- Name string
- Expiration string
- name String
- expiration String
- name string
- expiration string
- name str
- expiration str
- name String
- expiration String
GetGroupSettings
- Max
Members double - Max number of principals in the group
- Service
Expiry doubleDays - all services in the group will have specified max expiry days
- User
Expiry doubleDays - all user members in the group will have specified max expiry days
- Max
Members float64 - Max number of principals in the group
- Service
Expiry float64Days - all services in the group will have specified max expiry days
- User
Expiry float64Days - all user members in the group will have specified max expiry days
- max
Members Double - Max number of principals in the group
- service
Expiry DoubleDays - all services in the group will have specified max expiry days
- user
Expiry DoubleDays - all user members in the group will have specified max expiry days
- max
Members number - Max number of principals in the group
- service
Expiry numberDays - all services in the group will have specified max expiry days
- user
Expiry numberDays - all user members in the group will have specified max expiry days
- max_
members float - Max number of principals in the group
- service_
expiry_ floatdays - all services in the group will have specified max expiry days
- user_
expiry_ floatdays - all user members in the group will have specified max expiry days
- max
Members Number - Max number of principals in the group
- service
Expiry NumberDays - all services in the group will have specified max expiry days
- user
Expiry NumberDays - all user members in the group will have specified max expiry days
Package Details
- Repository
- athenz athenz/terraform-provider-athenz
- License
- Notes
- This Pulumi package is based on the
athenzTerraform Provider.