azure logo
Azure Classic v5.39.0, Apr 1 23

azure.blueprint.Assignment

Manages a Blueprint Assignment resource

NOTE: Azure Blueprints are in Preview and potentially subject to breaking change without notice.

NOTE: Azure Blueprint Assignments can only be applied to Subscriptions. Assignments to Management Groups is not currently supported by the service or by this provider.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var current = Azure.Core.GetClientConfig.Invoke();

    var exampleSubscription = Azure.Core.GetSubscription.Invoke();

    var exampleDefinition = Azure.Blueprint.GetDefinition.Invoke(new()
    {
        Name = "exampleBlueprint",
        ScopeId = exampleSubscription.Apply(getSubscriptionResult => getSubscriptionResult.Id),
    });

    var examplePublishedVersion = Azure.Blueprint.GetPublishedVersion.Invoke(new()
    {
        ScopeId = exampleDefinition.Apply(getDefinitionResult => getDefinitionResult.ScopeId),
        BlueprintName = exampleDefinition.Apply(getDefinitionResult => getDefinitionResult.Name),
        Version = "v1.0.0",
    });

    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
        Tags = 
        {
            { "Environment", "example" },
        },
    });

    var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("exampleUserAssignedIdentity", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
    });

    var @operator = new Azure.Authorization.Assignment("operator", new()
    {
        Scope = exampleSubscription.Apply(getSubscriptionResult => getSubscriptionResult.Id),
        RoleDefinitionName = "Blueprint Operator",
        PrincipalId = exampleUserAssignedIdentity.PrincipalId,
    });

    var owner = new Azure.Authorization.Assignment("owner", new()
    {
        Scope = exampleSubscription.Apply(getSubscriptionResult => getSubscriptionResult.Id),
        RoleDefinitionName = "Owner",
        PrincipalId = exampleUserAssignedIdentity.PrincipalId,
    });

    var exampleAssignment = new Azure.Blueprint.Assignment("exampleAssignment", new()
    {
        TargetSubscriptionId = exampleSubscription.Apply(getSubscriptionResult => getSubscriptionResult.Id),
        VersionId = examplePublishedVersion.Apply(getPublishedVersionResult => getPublishedVersionResult.Id),
        Location = exampleResourceGroup.Location,
        LockMode = "AllResourcesDoNotDelete",
        LockExcludePrincipals = new[]
        {
            current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
        },
        Identity = new Azure.Blueprint.Inputs.AssignmentIdentityArgs
        {
            Type = "UserAssigned",
            IdentityIds = new[]
            {
                exampleUserAssignedIdentity.Id,
            },
        },
        ResourceGroups = @"    {
      ""ResourceGroup"": {
        ""name"": ""exampleRG-bp""
      }
    }
",
        ParameterValues = @"    {
      ""allowedlocationsforresourcegroups_listOfAllowedLocations"": {
        ""value"": [""westus"", ""westus2"", ""eastus"", ""centralus"", ""centraluseuap"", ""southcentralus"", ""northcentralus"", ""westcentralus"", ""eastus2"", ""eastus2euap"", ""brazilsouth"", ""brazilus"", ""northeurope"", ""westeurope"", ""eastasia"", ""southeastasia"", ""japanwest"", ""japaneast"", ""koreacentral"", ""koreasouth"", ""indiasouth"", ""indiawest"", ""indiacentral"", ""australiaeast"", ""australiasoutheast"", ""canadacentral"", ""canadaeast"", ""uknorth"", ""uksouth2"", ""uksouth"", ""ukwest"", ""francecentral"", ""francesouth"", ""australiacentral"", ""australiacentral2"", ""uaecentral"", ""uaenorth"", ""southafricanorth"", ""southafricawest"", ""switzerlandnorth"", ""switzerlandwest"", ""germanynorth"", ""germanywestcentral"", ""norwayeast"", ""norwaywest""]
      }
    }
",
    }, new CustomResourceOptions
    {
        DependsOn = new[]
        {
            @operator,
            owner,
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/blueprint"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := core.GetClientConfig(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleSubscription, err := core.LookupSubscription(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleDefinition, err := blueprint.GetDefinition(ctx, &blueprint.GetDefinitionArgs{
			Name:    "exampleBlueprint",
			ScopeId: exampleSubscription.Id,
		}, nil)
		if err != nil {
			return err
		}
		examplePublishedVersion, err := blueprint.GetPublishedVersion(ctx, &blueprint.GetPublishedVersionArgs{
			ScopeId:       exampleDefinition.ScopeId,
			BlueprintName: exampleDefinition.Name,
			Version:       "v1.0.0",
		}, nil)
		if err != nil {
			return err
		}
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
			Tags: pulumi.StringMap{
				"Environment": pulumi.String("example"),
			},
		})
		if err != nil {
			return err
		}
		exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "exampleUserAssignedIdentity", &authorization.UserAssignedIdentityArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			Location:          exampleResourceGroup.Location,
		})
		if err != nil {
			return err
		}
		operator, err := authorization.NewAssignment(ctx, "operator", &authorization.AssignmentArgs{
			Scope:              *pulumi.String(exampleSubscription.Id),
			RoleDefinitionName: pulumi.String("Blueprint Operator"),
			PrincipalId:        exampleUserAssignedIdentity.PrincipalId,
		})
		if err != nil {
			return err
		}
		owner, err := authorization.NewAssignment(ctx, "owner", &authorization.AssignmentArgs{
			Scope:              *pulumi.String(exampleSubscription.Id),
			RoleDefinitionName: pulumi.String("Owner"),
			PrincipalId:        exampleUserAssignedIdentity.PrincipalId,
		})
		if err != nil {
			return err
		}
		_, err = blueprint.NewAssignment(ctx, "exampleAssignment", &blueprint.AssignmentArgs{
			TargetSubscriptionId: *pulumi.String(exampleSubscription.Id),
			VersionId:            *pulumi.String(examplePublishedVersion.Id),
			Location:             exampleResourceGroup.Location,
			LockMode:             pulumi.String("AllResourcesDoNotDelete"),
			LockExcludePrincipals: pulumi.StringArray{
				*pulumi.String(current.ObjectId),
			},
			Identity: &blueprint.AssignmentIdentityArgs{
				Type: pulumi.String("UserAssigned"),
				IdentityIds: pulumi.StringArray{
					exampleUserAssignedIdentity.ID(),
				},
			},
			ResourceGroups:  pulumi.String("    {\n      \"ResourceGroup\": {\n        \"name\": \"exampleRG-bp\"\n      }\n    }\n"),
			ParameterValues: pulumi.String("    {\n      \"allowedlocationsforresourcegroups_listOfAllowedLocations\": {\n        \"value\": [\"westus\", \"westus2\", \"eastus\", \"centralus\", \"centraluseuap\", \"southcentralus\", \"northcentralus\", \"westcentralus\", \"eastus2\", \"eastus2euap\", \"brazilsouth\", \"brazilus\", \"northeurope\", \"westeurope\", \"eastasia\", \"southeastasia\", \"japanwest\", \"japaneast\", \"koreacentral\", \"koreasouth\", \"indiasouth\", \"indiawest\", \"indiacentral\", \"australiaeast\", \"australiasoutheast\", \"canadacentral\", \"canadaeast\", \"uknorth\", \"uksouth2\", \"uksouth\", \"ukwest\", \"francecentral\", \"francesouth\", \"australiacentral\", \"australiacentral2\", \"uaecentral\", \"uaenorth\", \"southafricanorth\", \"southafricawest\", \"switzerlandnorth\", \"switzerlandwest\", \"germanynorth\", \"germanywestcentral\", \"norwayeast\", \"norwaywest\"]\n      }\n    }\n"),
		}, pulumi.DependsOn([]pulumi.Resource{
			operator,
			owner,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.inputs.GetSubscriptionArgs;
import com.pulumi.azure.blueprint.BlueprintFunctions;
import com.pulumi.azure.blueprint.inputs.GetDefinitionArgs;
import com.pulumi.azure.blueprint.inputs.GetPublishedVersionArgs;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.blueprint.Assignment;
import com.pulumi.azure.blueprint.AssignmentArgs;
import com.pulumi.azure.blueprint.inputs.AssignmentIdentityArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var current = CoreFunctions.getClientConfig();

        final var exampleSubscription = CoreFunctions.getSubscription();

        final var exampleDefinition = BlueprintFunctions.getDefinition(GetDefinitionArgs.builder()
            .name("exampleBlueprint")
            .scopeId(exampleSubscription.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
            .build());

        final var examplePublishedVersion = BlueprintFunctions.getPublishedVersion(GetPublishedVersionArgs.builder()
            .scopeId(exampleDefinition.applyValue(getDefinitionResult -> getDefinitionResult.scopeId()))
            .blueprintName(exampleDefinition.applyValue(getDefinitionResult -> getDefinitionResult.name()))
            .version("v1.0.0")
            .build());

        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .tags(Map.of("Environment", "example"))
            .build());

        var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .build());

        var operator = new Assignment("operator", AssignmentArgs.builder()        
            .scope(exampleSubscription.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
            .roleDefinitionName("Blueprint Operator")
            .principalId(exampleUserAssignedIdentity.principalId())
            .build());

        var owner = new Assignment("owner", AssignmentArgs.builder()        
            .scope(exampleSubscription.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
            .roleDefinitionName("Owner")
            .principalId(exampleUserAssignedIdentity.principalId())
            .build());

        var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()        
            .targetSubscriptionId(exampleSubscription.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
            .versionId(examplePublishedVersion.applyValue(getPublishedVersionResult -> getPublishedVersionResult.id()))
            .location(exampleResourceGroup.location())
            .lockMode("AllResourcesDoNotDelete")
            .lockExcludePrincipals(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
            .identity(AssignmentIdentityArgs.builder()
                .type("UserAssigned")
                .identityIds(exampleUserAssignedIdentity.id())
                .build())
            .resourceGroups("""
    {
      "ResourceGroup": {
        "name": "exampleRG-bp"
      }
    }
            """)
            .parameterValues("""
    {
      "allowedlocationsforresourcegroups_listOfAllowedLocations": {
        "value": ["westus", "westus2", "eastus", "centralus", "centraluseuap", "southcentralus", "northcentralus", "westcentralus", "eastus2", "eastus2euap", "brazilsouth", "brazilus", "northeurope", "westeurope", "eastasia", "southeastasia", "japanwest", "japaneast", "koreacentral", "koreasouth", "indiasouth", "indiawest", "indiacentral", "australiaeast", "australiasoutheast", "canadacentral", "canadaeast", "uknorth", "uksouth2", "uksouth", "ukwest", "francecentral", "francesouth", "australiacentral", "australiacentral2", "uaecentral", "uaenorth", "southafricanorth", "southafricawest", "switzerlandnorth", "switzerlandwest", "germanynorth", "germanywestcentral", "norwayeast", "norwaywest"]
      }
    }
            """)
            .build(), CustomResourceOptions.builder()
                .dependsOn(                
                    operator,
                    owner)
                .build());

    }
}
import pulumi
import pulumi_azure as azure

current = azure.core.get_client_config()
example_subscription = azure.core.get_subscription()
example_definition = azure.blueprint.get_definition(name="exampleBlueprint",
    scope_id=example_subscription.id)
example_published_version = azure.blueprint.get_published_version(scope_id=example_definition.scope_id,
    blueprint_name=example_definition.name,
    version="v1.0.0")
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup",
    location="West Europe",
    tags={
        "Environment": "example",
    })
example_user_assigned_identity = azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location)
operator = azure.authorization.Assignment("operator",
    scope=example_subscription.id,
    role_definition_name="Blueprint Operator",
    principal_id=example_user_assigned_identity.principal_id)
owner = azure.authorization.Assignment("owner",
    scope=example_subscription.id,
    role_definition_name="Owner",
    principal_id=example_user_assigned_identity.principal_id)
example_assignment = azure.blueprint.Assignment("exampleAssignment",
    target_subscription_id=example_subscription.id,
    version_id=example_published_version.id,
    location=example_resource_group.location,
    lock_mode="AllResourcesDoNotDelete",
    lock_exclude_principals=[current.object_id],
    identity=azure.blueprint.AssignmentIdentityArgs(
        type="UserAssigned",
        identity_ids=[example_user_assigned_identity.id],
    ),
    resource_groups="""    {
      "ResourceGroup": {
        "name": "exampleRG-bp"
      }
    }
""",
    parameter_values="""    {
      "allowedlocationsforresourcegroups_listOfAllowedLocations": {
        "value": ["westus", "westus2", "eastus", "centralus", "centraluseuap", "southcentralus", "northcentralus", "westcentralus", "eastus2", "eastus2euap", "brazilsouth", "brazilus", "northeurope", "westeurope", "eastasia", "southeastasia", "japanwest", "japaneast", "koreacentral", "koreasouth", "indiasouth", "indiawest", "indiacentral", "australiaeast", "australiasoutheast", "canadacentral", "canadaeast", "uknorth", "uksouth2", "uksouth", "ukwest", "francecentral", "francesouth", "australiacentral", "australiacentral2", "uaecentral", "uaenorth", "southafricanorth", "southafricawest", "switzerlandnorth", "switzerlandwest", "germanynorth", "germanywestcentral", "norwayeast", "norwaywest"]
      }
    }
""",
    opts=pulumi.ResourceOptions(depends_on=[
            operator,
            owner,
        ]))
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const current = azure.core.getClientConfig({});
const exampleSubscription = azure.core.getSubscription({});
const exampleDefinition = exampleSubscription.then(exampleSubscription => azure.blueprint.getDefinition({
    name: "exampleBlueprint",
    scopeId: exampleSubscription.id,
}));
const examplePublishedVersion = Promise.all([exampleDefinition, exampleDefinition]).then(([exampleDefinition, exampleDefinition1]) => azure.blueprint.getPublishedVersion({
    scopeId: exampleDefinition.scopeId,
    blueprintName: exampleDefinition1.name,
    version: "v1.0.0",
}));
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {
    location: "West Europe",
    tags: {
        Environment: "example",
    },
});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
});
const operator = new azure.authorization.Assignment("operator", {
    scope: exampleSubscription.then(exampleSubscription => exampleSubscription.id),
    roleDefinitionName: "Blueprint Operator",
    principalId: exampleUserAssignedIdentity.principalId,
});
const owner = new azure.authorization.Assignment("owner", {
    scope: exampleSubscription.then(exampleSubscription => exampleSubscription.id),
    roleDefinitionName: "Owner",
    principalId: exampleUserAssignedIdentity.principalId,
});
const exampleAssignment = new azure.blueprint.Assignment("exampleAssignment", {
    targetSubscriptionId: exampleSubscription.then(exampleSubscription => exampleSubscription.id),
    versionId: examplePublishedVersion.then(examplePublishedVersion => examplePublishedVersion.id),
    location: exampleResourceGroup.location,
    lockMode: "AllResourcesDoNotDelete",
    lockExcludePrincipals: [current.then(current => current.objectId)],
    identity: {
        type: "UserAssigned",
        identityIds: [exampleUserAssignedIdentity.id],
    },
    resourceGroups: `    {
      "ResourceGroup": {
        "name": "exampleRG-bp"
      }
    }
`,
    parameterValues: `    {
      "allowedlocationsforresourcegroups_listOfAllowedLocations": {
        "value": ["westus", "westus2", "eastus", "centralus", "centraluseuap", "southcentralus", "northcentralus", "westcentralus", "eastus2", "eastus2euap", "brazilsouth", "brazilus", "northeurope", "westeurope", "eastasia", "southeastasia", "japanwest", "japaneast", "koreacentral", "koreasouth", "indiasouth", "indiawest", "indiacentral", "australiaeast", "australiasoutheast", "canadacentral", "canadaeast", "uknorth", "uksouth2", "uksouth", "ukwest", "francecentral", "francesouth", "australiacentral", "australiacentral2", "uaecentral", "uaenorth", "southafricanorth", "southafricawest", "switzerlandnorth", "switzerlandwest", "germanynorth", "germanywestcentral", "norwayeast", "norwaywest"]
      }
    }
`,
}, {
    dependsOn: [
        operator,
        owner,
    ],
});
resources:
  exampleResourceGroup:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
      tags:
        Environment: example
  exampleUserAssignedIdentity:
    type: azure:authorization:UserAssignedIdentity
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      location: ${exampleResourceGroup.location}
  operator:
    type: azure:authorization:Assignment
    properties:
      scope: ${exampleSubscription.id}
      roleDefinitionName: Blueprint Operator
      principalId: ${exampleUserAssignedIdentity.principalId}
  owner:
    type: azure:authorization:Assignment
    properties:
      scope: ${exampleSubscription.id}
      roleDefinitionName: Owner
      principalId: ${exampleUserAssignedIdentity.principalId}
  exampleAssignment:
    type: azure:blueprint:Assignment
    properties:
      targetSubscriptionId: ${exampleSubscription.id}
      versionId: ${examplePublishedVersion.id}
      location: ${exampleResourceGroup.location}
      lockMode: AllResourcesDoNotDelete
      lockExcludePrincipals:
        - ${current.objectId}
      identity:
        type: UserAssigned
        identityIds:
          - ${exampleUserAssignedIdentity.id}
      resourceGroups: |2
            {
              "ResourceGroup": {
                "name": "exampleRG-bp"
              }
            }
      parameterValues: |2
            {
              "allowedlocationsforresourcegroups_listOfAllowedLocations": {
                "value": ["westus", "westus2", "eastus", "centralus", "centraluseuap", "southcentralus", "northcentralus", "westcentralus", "eastus2", "eastus2euap", "brazilsouth", "brazilus", "northeurope", "westeurope", "eastasia", "southeastasia", "japanwest", "japaneast", "koreacentral", "koreasouth", "indiasouth", "indiawest", "indiacentral", "australiaeast", "australiasoutheast", "canadacentral", "canadaeast", "uknorth", "uksouth2", "uksouth", "ukwest", "francecentral", "francesouth", "australiacentral", "australiacentral2", "uaecentral", "uaenorth", "southafricanorth", "southafricawest", "switzerlandnorth", "switzerlandwest", "germanynorth", "germanywestcentral", "norwayeast", "norwaywest"]
              }
            }
    options:
      dependson:
        - ${operator}
        - ${owner}
variables:
  current:
    fn::invoke:
      Function: azure:core:getClientConfig
      Arguments: {}
  exampleSubscription:
    fn::invoke:
      Function: azure:core:getSubscription
      Arguments: {}
  exampleDefinition:
    fn::invoke:
      Function: azure:blueprint:getDefinition
      Arguments:
        name: exampleBlueprint
        scopeId: ${exampleSubscription.id}
  examplePublishedVersion:
    fn::invoke:
      Function: azure:blueprint:getPublishedVersion
      Arguments:
        scopeId: ${exampleDefinition.scopeId}
        blueprintName: ${exampleDefinition.name}
        version: v1.0.0

Create Assignment Resource

new Assignment(name: string, args: AssignmentArgs, opts?: CustomResourceOptions);
@overload
def Assignment(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               identity: Optional[AssignmentIdentityArgs] = None,
               location: Optional[str] = None,
               lock_exclude_actions: Optional[Sequence[str]] = None,
               lock_exclude_principals: Optional[Sequence[str]] = None,
               lock_mode: Optional[str] = None,
               name: Optional[str] = None,
               parameter_values: Optional[str] = None,
               resource_groups: Optional[str] = None,
               target_subscription_id: Optional[str] = None,
               version_id: Optional[str] = None)
@overload
def Assignment(resource_name: str,
               args: AssignmentArgs,
               opts: Optional[ResourceOptions] = None)
func NewAssignment(ctx *Context, name string, args AssignmentArgs, opts ...ResourceOption) (*Assignment, error)
public Assignment(string name, AssignmentArgs args, CustomResourceOptions? opts = null)
public Assignment(String name, AssignmentArgs args)
public Assignment(String name, AssignmentArgs args, CustomResourceOptions options)
type: azure:blueprint:Assignment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AssignmentArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AssignmentArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AssignmentArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AssignmentArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AssignmentArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Assignment Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Assignment resource accepts the following input properties:

Identity AssignmentIdentityArgs

An identity block as defined below.

TargetSubscriptionId string

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

VersionId string

The ID of the Published Version of the blueprint to be assigned.

Location string

The Azure location of the Assignment. Changing this forces a new resource to be created.

LockExcludeActions List<string>

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

LockExcludePrincipals List<string>

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

LockMode string

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

Name string

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

ParameterValues string

a JSON string to supply Blueprint Assignment parameter values.

ResourceGroups string

a JSON string to supply the Blueprint Resource Group information.

Identity AssignmentIdentityArgs

An identity block as defined below.

TargetSubscriptionId string

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

VersionId string

The ID of the Published Version of the blueprint to be assigned.

Location string

The Azure location of the Assignment. Changing this forces a new resource to be created.

LockExcludeActions []string

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

LockExcludePrincipals []string

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

LockMode string

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

Name string

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

ParameterValues string

a JSON string to supply Blueprint Assignment parameter values.

ResourceGroups string

a JSON string to supply the Blueprint Resource Group information.

identity AssignmentIdentityArgs

An identity block as defined below.

targetSubscriptionId String

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

versionId String

The ID of the Published Version of the blueprint to be assigned.

location String

The Azure location of the Assignment. Changing this forces a new resource to be created.

lockExcludeActions List<String>

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lockExcludePrincipals List<String>

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lockMode String

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name String

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameterValues String

a JSON string to supply Blueprint Assignment parameter values.

resourceGroups String

a JSON string to supply the Blueprint Resource Group information.

identity AssignmentIdentityArgs

An identity block as defined below.

targetSubscriptionId string

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

versionId string

The ID of the Published Version of the blueprint to be assigned.

location string

The Azure location of the Assignment. Changing this forces a new resource to be created.

lockExcludeActions string[]

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lockExcludePrincipals string[]

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lockMode string

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name string

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameterValues string

a JSON string to supply Blueprint Assignment parameter values.

resourceGroups string

a JSON string to supply the Blueprint Resource Group information.

identity AssignmentIdentityArgs

An identity block as defined below.

target_subscription_id str

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

version_id str

The ID of the Published Version of the blueprint to be assigned.

location str

The Azure location of the Assignment. Changing this forces a new resource to be created.

lock_exclude_actions Sequence[str]

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lock_exclude_principals Sequence[str]

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lock_mode str

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name str

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameter_values str

a JSON string to supply Blueprint Assignment parameter values.

resource_groups str

a JSON string to supply the Blueprint Resource Group information.

identity Property Map

An identity block as defined below.

targetSubscriptionId String

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

versionId String

The ID of the Published Version of the blueprint to be assigned.

location String

The Azure location of the Assignment. Changing this forces a new resource to be created.

lockExcludeActions List<String>

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lockExcludePrincipals List<String>

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lockMode String

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name String

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameterValues String

a JSON string to supply Blueprint Assignment parameter values.

resourceGroups String

a JSON string to supply the Blueprint Resource Group information.

Outputs

All input properties are implicitly available as output properties. Additionally, the Assignment resource produces the following output properties:

BlueprintName string

The name of the blueprint assigned

Description string

The Description on the Blueprint

DisplayName string

The display name of the blueprint

Id string

The provider-assigned unique ID for this managed resource.

Type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

BlueprintName string

The name of the blueprint assigned

Description string

The Description on the Blueprint

DisplayName string

The display name of the blueprint

Id string

The provider-assigned unique ID for this managed resource.

Type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

blueprintName String

The name of the blueprint assigned

description String

The Description on the Blueprint

displayName String

The display name of the blueprint

id String

The provider-assigned unique ID for this managed resource.

type String

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

blueprintName string

The name of the blueprint assigned

description string

The Description on the Blueprint

displayName string

The display name of the blueprint

id string

The provider-assigned unique ID for this managed resource.

type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

blueprint_name str

The name of the blueprint assigned

description str

The Description on the Blueprint

display_name str

The display name of the blueprint

id str

The provider-assigned unique ID for this managed resource.

type str

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

blueprintName String

The name of the blueprint assigned

description String

The Description on the Blueprint

displayName String

The display name of the blueprint

id String

The provider-assigned unique ID for this managed resource.

type String

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

Look up Existing Assignment Resource

Get an existing Assignment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AssignmentState, opts?: CustomResourceOptions): Assignment
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        blueprint_name: Optional[str] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        identity: Optional[AssignmentIdentityArgs] = None,
        location: Optional[str] = None,
        lock_exclude_actions: Optional[Sequence[str]] = None,
        lock_exclude_principals: Optional[Sequence[str]] = None,
        lock_mode: Optional[str] = None,
        name: Optional[str] = None,
        parameter_values: Optional[str] = None,
        resource_groups: Optional[str] = None,
        target_subscription_id: Optional[str] = None,
        type: Optional[str] = None,
        version_id: Optional[str] = None) -> Assignment
func GetAssignment(ctx *Context, name string, id IDInput, state *AssignmentState, opts ...ResourceOption) (*Assignment, error)
public static Assignment Get(string name, Input<string> id, AssignmentState? state, CustomResourceOptions? opts = null)
public static Assignment get(String name, Output<String> id, AssignmentState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
BlueprintName string

The name of the blueprint assigned

Description string

The Description on the Blueprint

DisplayName string

The display name of the blueprint

Identity AssignmentIdentityArgs

An identity block as defined below.

Location string

The Azure location of the Assignment. Changing this forces a new resource to be created.

LockExcludeActions List<string>

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

LockExcludePrincipals List<string>

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

LockMode string

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

Name string

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

ParameterValues string

a JSON string to supply Blueprint Assignment parameter values.

ResourceGroups string

a JSON string to supply the Blueprint Resource Group information.

TargetSubscriptionId string

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

Type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

VersionId string

The ID of the Published Version of the blueprint to be assigned.

BlueprintName string

The name of the blueprint assigned

Description string

The Description on the Blueprint

DisplayName string

The display name of the blueprint

Identity AssignmentIdentityArgs

An identity block as defined below.

Location string

The Azure location of the Assignment. Changing this forces a new resource to be created.

LockExcludeActions []string

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

LockExcludePrincipals []string

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

LockMode string

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

Name string

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

ParameterValues string

a JSON string to supply Blueprint Assignment parameter values.

ResourceGroups string

a JSON string to supply the Blueprint Resource Group information.

TargetSubscriptionId string

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

Type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

VersionId string

The ID of the Published Version of the blueprint to be assigned.

blueprintName String

The name of the blueprint assigned

description String

The Description on the Blueprint

displayName String

The display name of the blueprint

identity AssignmentIdentityArgs

An identity block as defined below.

location String

The Azure location of the Assignment. Changing this forces a new resource to be created.

lockExcludeActions List<String>

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lockExcludePrincipals List<String>

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lockMode String

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name String

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameterValues String

a JSON string to supply Blueprint Assignment parameter values.

resourceGroups String

a JSON string to supply the Blueprint Resource Group information.

targetSubscriptionId String

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

type String

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

versionId String

The ID of the Published Version of the blueprint to be assigned.

blueprintName string

The name of the blueprint assigned

description string

The Description on the Blueprint

displayName string

The display name of the blueprint

identity AssignmentIdentityArgs

An identity block as defined below.

location string

The Azure location of the Assignment. Changing this forces a new resource to be created.

lockExcludeActions string[]

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lockExcludePrincipals string[]

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lockMode string

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name string

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameterValues string

a JSON string to supply Blueprint Assignment parameter values.

resourceGroups string

a JSON string to supply the Blueprint Resource Group information.

targetSubscriptionId string

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

versionId string

The ID of the Published Version of the blueprint to be assigned.

blueprint_name str

The name of the blueprint assigned

description str

The Description on the Blueprint

display_name str

The display name of the blueprint

identity AssignmentIdentityArgs

An identity block as defined below.

location str

The Azure location of the Assignment. Changing this forces a new resource to be created.

lock_exclude_actions Sequence[str]

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lock_exclude_principals Sequence[str]

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lock_mode str

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name str

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameter_values str

a JSON string to supply Blueprint Assignment parameter values.

resource_groups str

a JSON string to supply the Blueprint Resource Group information.

target_subscription_id str

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

type str

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

version_id str

The ID of the Published Version of the blueprint to be assigned.

blueprintName String

The name of the blueprint assigned

description String

The Description on the Blueprint

displayName String

The display name of the blueprint

identity Property Map

An identity block as defined below.

location String

The Azure location of the Assignment. Changing this forces a new resource to be created.

lockExcludeActions List<String>

a list of up to 200 actions that are permitted to bypass the locks applied by the Blueprint.

lockExcludePrincipals List<String>

a list of up to 5 Principal IDs that are permitted to bypass the locks applied by the Blueprint.

lockMode String

The locking mode of the Blueprint Assignment. One of None (Default), AllResourcesReadOnly, or AllResourcesDoNotDelete. Defaults to none.

name String

The name of the Blueprint Assignment. Changing this forces a new resource to be created.

parameterValues String

a JSON string to supply Blueprint Assignment parameter values.

resourceGroups String

a JSON string to supply the Blueprint Resource Group information.

targetSubscriptionId String

The Subscription ID the Blueprint Published Version is to be applied to. Changing this forces a new resource to be created.

type String

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

versionId String

The ID of the Published Version of the blueprint to be assigned.

Supporting Types

AssignmentIdentity

IdentityIds List<string>

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Blueprint.

Type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

IdentityIds []string

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Blueprint.

Type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

identityIds List<String>

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Blueprint.

type String

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

identityIds string[]

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Blueprint.

type string

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

identity_ids Sequence[str]

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Blueprint.

type str

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

identityIds List<String>

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Blueprint.

type String

Specifies the type of Managed Service Identity that should be configured on this Blueprint. Only possible value is UserAssigned.

Import

Azure Blueprint Assignments can be imported using the resource id, e.g.

 $ pulumi import azure:blueprint/assignment:Assignment example "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint"

Package Details

Repository
Azure Classic pulumi/pulumi-azure
License
Apache-2.0
Notes

This Pulumi package is based on the azurerm Terraform Provider.