1. Packages
  2. Azure Classic
  3. API Docs
  4. lighthouse
  5. Definition

We recommend using Azure Native.

Azure Classic v5.83.0 published on Monday, Jul 8, 2024 by Pulumi

azure.lighthouse.Definition

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure Classic v5.83.0 published on Monday, Jul 8, 2024 by Pulumi

    Manages a Lighthouse Definition.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const contributor = azure.authorization.getRoleDefinition({
        roleDefinitionId: "b24988ac-6180-42a0-ab88-20f7382dd24c",
    });
    const example = new azure.lighthouse.Definition("example", {
        name: "Sample definition",
        description: "This is a lighthouse definition created IaC",
        managingTenantId: "00000000-0000-0000-0000-000000000000",
        scope: "/subscriptions/00000000-0000-0000-0000-000000000000",
        authorizations: [{
            principalId: "00000000-0000-0000-0000-000000000000",
            roleDefinitionId: contributor.then(contributor => contributor.roleDefinitionId),
            principalDisplayName: "Tier 1 Support",
        }],
    });
    
    import pulumi
    import pulumi_azure as azure
    
    contributor = azure.authorization.get_role_definition(role_definition_id="b24988ac-6180-42a0-ab88-20f7382dd24c")
    example = azure.lighthouse.Definition("example",
        name="Sample definition",
        description="This is a lighthouse definition created IaC",
        managing_tenant_id="00000000-0000-0000-0000-000000000000",
        scope="/subscriptions/00000000-0000-0000-0000-000000000000",
        authorizations=[{
            "principalId": "00000000-0000-0000-0000-000000000000",
            "roleDefinitionId": contributor.role_definition_id,
            "principalDisplayName": "Tier 1 Support",
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/lighthouse"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		contributor, err := authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
    			RoleDefinitionId: pulumi.StringRef("b24988ac-6180-42a0-ab88-20f7382dd24c"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = lighthouse.NewDefinition(ctx, "example", &lighthouse.DefinitionArgs{
    			Name:             pulumi.String("Sample definition"),
    			Description:      pulumi.String("This is a lighthouse definition created IaC"),
    			ManagingTenantId: pulumi.String("00000000-0000-0000-0000-000000000000"),
    			Scope:            pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000"),
    			Authorizations: lighthouse.DefinitionAuthorizationArray{
    				&lighthouse.DefinitionAuthorizationArgs{
    					PrincipalId:          pulumi.String("00000000-0000-0000-0000-000000000000"),
    					RoleDefinitionId:     pulumi.String(contributor.RoleDefinitionId),
    					PrincipalDisplayName: pulumi.String("Tier 1 Support"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var contributor = Azure.Authorization.GetRoleDefinition.Invoke(new()
        {
            RoleDefinitionId = "b24988ac-6180-42a0-ab88-20f7382dd24c",
        });
    
        var example = new Azure.Lighthouse.Definition("example", new()
        {
            Name = "Sample definition",
            Description = "This is a lighthouse definition created IaC",
            ManagingTenantId = "00000000-0000-0000-0000-000000000000",
            Scope = "/subscriptions/00000000-0000-0000-0000-000000000000",
            Authorizations = new[]
            {
                new Azure.Lighthouse.Inputs.DefinitionAuthorizationArgs
                {
                    PrincipalId = "00000000-0000-0000-0000-000000000000",
                    RoleDefinitionId = contributor.Apply(getRoleDefinitionResult => getRoleDefinitionResult.RoleDefinitionId),
                    PrincipalDisplayName = "Tier 1 Support",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.authorization.AuthorizationFunctions;
    import com.pulumi.azure.authorization.inputs.GetRoleDefinitionArgs;
    import com.pulumi.azure.lighthouse.Definition;
    import com.pulumi.azure.lighthouse.DefinitionArgs;
    import com.pulumi.azure.lighthouse.inputs.DefinitionAuthorizationArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var contributor = AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
                .roleDefinitionId("b24988ac-6180-42a0-ab88-20f7382dd24c")
                .build());
    
            var example = new Definition("example", DefinitionArgs.builder()
                .name("Sample definition")
                .description("This is a lighthouse definition created IaC")
                .managingTenantId("00000000-0000-0000-0000-000000000000")
                .scope("/subscriptions/00000000-0000-0000-0000-000000000000")
                .authorizations(DefinitionAuthorizationArgs.builder()
                    .principalId("00000000-0000-0000-0000-000000000000")
                    .roleDefinitionId(contributor.applyValue(getRoleDefinitionResult -> getRoleDefinitionResult.roleDefinitionId()))
                    .principalDisplayName("Tier 1 Support")
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: azure:lighthouse:Definition
        properties:
          name: Sample definition
          description: This is a lighthouse definition created IaC
          managingTenantId: 00000000-0000-0000-0000-000000000000
          scope: /subscriptions/00000000-0000-0000-0000-000000000000
          authorizations:
            - principalId: 00000000-0000-0000-0000-000000000000
              roleDefinitionId: ${contributor.roleDefinitionId}
              principalDisplayName: Tier 1 Support
    variables:
      contributor:
        fn::invoke:
          Function: azure:authorization:getRoleDefinition
          Arguments:
            roleDefinitionId: b24988ac-6180-42a0-ab88-20f7382dd24c
    

    Create Definition Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Definition(name: string, args: DefinitionArgs, opts?: CustomResourceOptions);
    @overload
    def Definition(resource_name: str,
                   args: DefinitionArgs,
                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def Definition(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   authorizations: Optional[Sequence[DefinitionAuthorizationArgs]] = None,
                   managing_tenant_id: Optional[str] = None,
                   scope: Optional[str] = None,
                   description: Optional[str] = None,
                   eligible_authorizations: Optional[Sequence[DefinitionEligibleAuthorizationArgs]] = None,
                   lighthouse_definition_id: Optional[str] = None,
                   name: Optional[str] = None,
                   plan: Optional[DefinitionPlanArgs] = None)
    func NewDefinition(ctx *Context, name string, args DefinitionArgs, opts ...ResourceOption) (*Definition, error)
    public Definition(string name, DefinitionArgs args, CustomResourceOptions? opts = null)
    public Definition(String name, DefinitionArgs args)
    public Definition(String name, DefinitionArgs args, CustomResourceOptions options)
    
    type: azure:lighthouse:Definition
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DefinitionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DefinitionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DefinitionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DefinitionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DefinitionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var definitionResource = new Azure.Lighthouse.Definition("definitionResource", new()
    {
        Authorizations = new[]
        {
            new Azure.Lighthouse.Inputs.DefinitionAuthorizationArgs
            {
                PrincipalId = "string",
                RoleDefinitionId = "string",
                DelegatedRoleDefinitionIds = new[]
                {
                    "string",
                },
                PrincipalDisplayName = "string",
            },
        },
        ManagingTenantId = "string",
        Scope = "string",
        Description = "string",
        EligibleAuthorizations = new[]
        {
            new Azure.Lighthouse.Inputs.DefinitionEligibleAuthorizationArgs
            {
                PrincipalId = "string",
                RoleDefinitionId = "string",
                JustInTimeAccessPolicy = new Azure.Lighthouse.Inputs.DefinitionEligibleAuthorizationJustInTimeAccessPolicyArgs
                {
                    Approvers = new[]
                    {
                        new Azure.Lighthouse.Inputs.DefinitionEligibleAuthorizationJustInTimeAccessPolicyApproverArgs
                        {
                            PrincipalId = "string",
                            PrincipalDisplayName = "string",
                        },
                    },
                    MaximumActivationDuration = "string",
                    MultiFactorAuthProvider = "string",
                },
                PrincipalDisplayName = "string",
            },
        },
        LighthouseDefinitionId = "string",
        Name = "string",
        Plan = new Azure.Lighthouse.Inputs.DefinitionPlanArgs
        {
            Name = "string",
            Product = "string",
            Publisher = "string",
            Version = "string",
        },
    });
    
    example, err := lighthouse.NewDefinition(ctx, "definitionResource", &lighthouse.DefinitionArgs{
    	Authorizations: lighthouse.DefinitionAuthorizationArray{
    		&lighthouse.DefinitionAuthorizationArgs{
    			PrincipalId:      pulumi.String("string"),
    			RoleDefinitionId: pulumi.String("string"),
    			DelegatedRoleDefinitionIds: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			PrincipalDisplayName: pulumi.String("string"),
    		},
    	},
    	ManagingTenantId: pulumi.String("string"),
    	Scope:            pulumi.String("string"),
    	Description:      pulumi.String("string"),
    	EligibleAuthorizations: lighthouse.DefinitionEligibleAuthorizationArray{
    		&lighthouse.DefinitionEligibleAuthorizationArgs{
    			PrincipalId:      pulumi.String("string"),
    			RoleDefinitionId: pulumi.String("string"),
    			JustInTimeAccessPolicy: &lighthouse.DefinitionEligibleAuthorizationJustInTimeAccessPolicyArgs{
    				Approvers: lighthouse.DefinitionEligibleAuthorizationJustInTimeAccessPolicyApproverArray{
    					&lighthouse.DefinitionEligibleAuthorizationJustInTimeAccessPolicyApproverArgs{
    						PrincipalId:          pulumi.String("string"),
    						PrincipalDisplayName: pulumi.String("string"),
    					},
    				},
    				MaximumActivationDuration: pulumi.String("string"),
    				MultiFactorAuthProvider:   pulumi.String("string"),
    			},
    			PrincipalDisplayName: pulumi.String("string"),
    		},
    	},
    	LighthouseDefinitionId: pulumi.String("string"),
    	Name:                   pulumi.String("string"),
    	Plan: &lighthouse.DefinitionPlanArgs{
    		Name:      pulumi.String("string"),
    		Product:   pulumi.String("string"),
    		Publisher: pulumi.String("string"),
    		Version:   pulumi.String("string"),
    	},
    })
    
    var definitionResource = new Definition("definitionResource", DefinitionArgs.builder()
        .authorizations(DefinitionAuthorizationArgs.builder()
            .principalId("string")
            .roleDefinitionId("string")
            .delegatedRoleDefinitionIds("string")
            .principalDisplayName("string")
            .build())
        .managingTenantId("string")
        .scope("string")
        .description("string")
        .eligibleAuthorizations(DefinitionEligibleAuthorizationArgs.builder()
            .principalId("string")
            .roleDefinitionId("string")
            .justInTimeAccessPolicy(DefinitionEligibleAuthorizationJustInTimeAccessPolicyArgs.builder()
                .approvers(DefinitionEligibleAuthorizationJustInTimeAccessPolicyApproverArgs.builder()
                    .principalId("string")
                    .principalDisplayName("string")
                    .build())
                .maximumActivationDuration("string")
                .multiFactorAuthProvider("string")
                .build())
            .principalDisplayName("string")
            .build())
        .lighthouseDefinitionId("string")
        .name("string")
        .plan(DefinitionPlanArgs.builder()
            .name("string")
            .product("string")
            .publisher("string")
            .version("string")
            .build())
        .build());
    
    definition_resource = azure.lighthouse.Definition("definitionResource",
        authorizations=[{
            "principalId": "string",
            "roleDefinitionId": "string",
            "delegatedRoleDefinitionIds": ["string"],
            "principalDisplayName": "string",
        }],
        managing_tenant_id="string",
        scope="string",
        description="string",
        eligible_authorizations=[{
            "principalId": "string",
            "roleDefinitionId": "string",
            "justInTimeAccessPolicy": {
                "approvers": [{
                    "principalId": "string",
                    "principalDisplayName": "string",
                }],
                "maximumActivationDuration": "string",
                "multiFactorAuthProvider": "string",
            },
            "principalDisplayName": "string",
        }],
        lighthouse_definition_id="string",
        name="string",
        plan={
            "name": "string",
            "product": "string",
            "publisher": "string",
            "version": "string",
        })
    
    const definitionResource = new azure.lighthouse.Definition("definitionResource", {
        authorizations: [{
            principalId: "string",
            roleDefinitionId: "string",
            delegatedRoleDefinitionIds: ["string"],
            principalDisplayName: "string",
        }],
        managingTenantId: "string",
        scope: "string",
        description: "string",
        eligibleAuthorizations: [{
            principalId: "string",
            roleDefinitionId: "string",
            justInTimeAccessPolicy: {
                approvers: [{
                    principalId: "string",
                    principalDisplayName: "string",
                }],
                maximumActivationDuration: "string",
                multiFactorAuthProvider: "string",
            },
            principalDisplayName: "string",
        }],
        lighthouseDefinitionId: "string",
        name: "string",
        plan: {
            name: "string",
            product: "string",
            publisher: "string",
            version: "string",
        },
    });
    
    type: azure:lighthouse:Definition
    properties:
        authorizations:
            - delegatedRoleDefinitionIds:
                - string
              principalDisplayName: string
              principalId: string
              roleDefinitionId: string
        description: string
        eligibleAuthorizations:
            - justInTimeAccessPolicy:
                approvers:
                    - principalDisplayName: string
                      principalId: string
                maximumActivationDuration: string
                multiFactorAuthProvider: string
              principalDisplayName: string
              principalId: string
              roleDefinitionId: string
        lighthouseDefinitionId: string
        managingTenantId: string
        name: string
        plan:
            name: string
            product: string
            publisher: string
            version: string
        scope: string
    

    Definition Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Definition resource accepts the following input properties:

    Authorizations List<DefinitionAuthorization>
    An authorization block as defined below.
    ManagingTenantId string
    The ID of the managing tenant. Changing this forces a new resource to be created.
    Scope string
    The ID of the managed subscription. Changing this forces a new resource to be created.
    Description string
    A description of the Lighthouse Definition.
    EligibleAuthorizations List<DefinitionEligibleAuthorization>
    An eligible_authorization block as defined below.
    LighthouseDefinitionId string
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    Name string
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    Plan DefinitionPlan
    A plan block as defined below.
    Authorizations []DefinitionAuthorizationArgs
    An authorization block as defined below.
    ManagingTenantId string
    The ID of the managing tenant. Changing this forces a new resource to be created.
    Scope string
    The ID of the managed subscription. Changing this forces a new resource to be created.
    Description string
    A description of the Lighthouse Definition.
    EligibleAuthorizations []DefinitionEligibleAuthorizationArgs
    An eligible_authorization block as defined below.
    LighthouseDefinitionId string
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    Name string
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    Plan DefinitionPlanArgs
    A plan block as defined below.
    authorizations List<DefinitionAuthorization>
    An authorization block as defined below.
    managingTenantId String
    The ID of the managing tenant. Changing this forces a new resource to be created.
    scope String
    The ID of the managed subscription. Changing this forces a new resource to be created.
    description String
    A description of the Lighthouse Definition.
    eligibleAuthorizations List<DefinitionEligibleAuthorization>
    An eligible_authorization block as defined below.
    lighthouseDefinitionId String
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    name String
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan DefinitionPlan
    A plan block as defined below.
    authorizations DefinitionAuthorization[]
    An authorization block as defined below.
    managingTenantId string
    The ID of the managing tenant. Changing this forces a new resource to be created.
    scope string
    The ID of the managed subscription. Changing this forces a new resource to be created.
    description string
    A description of the Lighthouse Definition.
    eligibleAuthorizations DefinitionEligibleAuthorization[]
    An eligible_authorization block as defined below.
    lighthouseDefinitionId string
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    name string
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan DefinitionPlan
    A plan block as defined below.
    authorizations Sequence[DefinitionAuthorizationArgs]
    An authorization block as defined below.
    managing_tenant_id str
    The ID of the managing tenant. Changing this forces a new resource to be created.
    scope str
    The ID of the managed subscription. Changing this forces a new resource to be created.
    description str
    A description of the Lighthouse Definition.
    eligible_authorizations Sequence[DefinitionEligibleAuthorizationArgs]
    An eligible_authorization block as defined below.
    lighthouse_definition_id str
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    name str
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan DefinitionPlanArgs
    A plan block as defined below.
    authorizations List<Property Map>
    An authorization block as defined below.
    managingTenantId String
    The ID of the managing tenant. Changing this forces a new resource to be created.
    scope String
    The ID of the managed subscription. Changing this forces a new resource to be created.
    description String
    A description of the Lighthouse Definition.
    eligibleAuthorizations List<Property Map>
    An eligible_authorization block as defined below.
    lighthouseDefinitionId String
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    name String
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan Property Map
    A plan block as defined below.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Definition resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Definition Resource

    Get an existing Definition resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: DefinitionState, opts?: CustomResourceOptions): Definition
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            authorizations: Optional[Sequence[DefinitionAuthorizationArgs]] = None,
            description: Optional[str] = None,
            eligible_authorizations: Optional[Sequence[DefinitionEligibleAuthorizationArgs]] = None,
            lighthouse_definition_id: Optional[str] = None,
            managing_tenant_id: Optional[str] = None,
            name: Optional[str] = None,
            plan: Optional[DefinitionPlanArgs] = None,
            scope: Optional[str] = None) -> Definition
    func GetDefinition(ctx *Context, name string, id IDInput, state *DefinitionState, opts ...ResourceOption) (*Definition, error)
    public static Definition Get(string name, Input<string> id, DefinitionState? state, CustomResourceOptions? opts = null)
    public static Definition get(String name, Output<String> id, DefinitionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Authorizations List<DefinitionAuthorization>
    An authorization block as defined below.
    Description string
    A description of the Lighthouse Definition.
    EligibleAuthorizations List<DefinitionEligibleAuthorization>
    An eligible_authorization block as defined below.
    LighthouseDefinitionId string
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    ManagingTenantId string
    The ID of the managing tenant. Changing this forces a new resource to be created.
    Name string
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    Plan DefinitionPlan
    A plan block as defined below.
    Scope string
    The ID of the managed subscription. Changing this forces a new resource to be created.
    Authorizations []DefinitionAuthorizationArgs
    An authorization block as defined below.
    Description string
    A description of the Lighthouse Definition.
    EligibleAuthorizations []DefinitionEligibleAuthorizationArgs
    An eligible_authorization block as defined below.
    LighthouseDefinitionId string
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    ManagingTenantId string
    The ID of the managing tenant. Changing this forces a new resource to be created.
    Name string
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    Plan DefinitionPlanArgs
    A plan block as defined below.
    Scope string
    The ID of the managed subscription. Changing this forces a new resource to be created.
    authorizations List<DefinitionAuthorization>
    An authorization block as defined below.
    description String
    A description of the Lighthouse Definition.
    eligibleAuthorizations List<DefinitionEligibleAuthorization>
    An eligible_authorization block as defined below.
    lighthouseDefinitionId String
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    managingTenantId String
    The ID of the managing tenant. Changing this forces a new resource to be created.
    name String
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan DefinitionPlan
    A plan block as defined below.
    scope String
    The ID of the managed subscription. Changing this forces a new resource to be created.
    authorizations DefinitionAuthorization[]
    An authorization block as defined below.
    description string
    A description of the Lighthouse Definition.
    eligibleAuthorizations DefinitionEligibleAuthorization[]
    An eligible_authorization block as defined below.
    lighthouseDefinitionId string
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    managingTenantId string
    The ID of the managing tenant. Changing this forces a new resource to be created.
    name string
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan DefinitionPlan
    A plan block as defined below.
    scope string
    The ID of the managed subscription. Changing this forces a new resource to be created.
    authorizations Sequence[DefinitionAuthorizationArgs]
    An authorization block as defined below.
    description str
    A description of the Lighthouse Definition.
    eligible_authorizations Sequence[DefinitionEligibleAuthorizationArgs]
    An eligible_authorization block as defined below.
    lighthouse_definition_id str
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    managing_tenant_id str
    The ID of the managing tenant. Changing this forces a new resource to be created.
    name str
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan DefinitionPlanArgs
    A plan block as defined below.
    scope str
    The ID of the managed subscription. Changing this forces a new resource to be created.
    authorizations List<Property Map>
    An authorization block as defined below.
    description String
    A description of the Lighthouse Definition.
    eligibleAuthorizations List<Property Map>
    An eligible_authorization block as defined below.
    lighthouseDefinitionId String
    A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
    managingTenantId String
    The ID of the managing tenant. Changing this forces a new resource to be created.
    name String
    The name of the Lighthouse Definition. Changing this forces a new resource to be created.
    plan Property Map
    A plan block as defined below.
    scope String
    The ID of the managed subscription. Changing this forces a new resource to be created.

    Supporting Types

    DefinitionAuthorization, DefinitionAuthorizationArgs

    PrincipalId string
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    RoleDefinitionId string
    The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an Owner role.
    DelegatedRoleDefinitionIds List<string>
    The set of role definition ids which define all the permissions that the principal id can assign.
    PrincipalDisplayName string
    The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
    PrincipalId string
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    RoleDefinitionId string
    The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an Owner role.
    DelegatedRoleDefinitionIds []string
    The set of role definition ids which define all the permissions that the principal id can assign.
    PrincipalDisplayName string
    The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
    principalId String
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    roleDefinitionId String
    The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an Owner role.
    delegatedRoleDefinitionIds List<String>
    The set of role definition ids which define all the permissions that the principal id can assign.
    principalDisplayName String
    The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
    principalId string
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    roleDefinitionId string
    The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an Owner role.
    delegatedRoleDefinitionIds string[]
    The set of role definition ids which define all the permissions that the principal id can assign.
    principalDisplayName string
    The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
    principal_id str
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    role_definition_id str
    The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an Owner role.
    delegated_role_definition_ids Sequence[str]
    The set of role definition ids which define all the permissions that the principal id can assign.
    principal_display_name str
    The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
    principalId String
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    roleDefinitionId String
    The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an Owner role.
    delegatedRoleDefinitionIds List<String>
    The set of role definition ids which define all the permissions that the principal id can assign.
    principalDisplayName String
    The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.

    DefinitionEligibleAuthorization, DefinitionEligibleAuthorizationArgs

    PrincipalId string
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    RoleDefinitionId string
    The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
    JustInTimeAccessPolicy DefinitionEligibleAuthorizationJustInTimeAccessPolicy
    A just_in_time_access_policy block as defined below.
    PrincipalDisplayName string
    The display name of the Azure Active Directory Principal.
    PrincipalId string
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    RoleDefinitionId string
    The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
    JustInTimeAccessPolicy DefinitionEligibleAuthorizationJustInTimeAccessPolicy
    A just_in_time_access_policy block as defined below.
    PrincipalDisplayName string
    The display name of the Azure Active Directory Principal.
    principalId String
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    roleDefinitionId String
    The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
    justInTimeAccessPolicy DefinitionEligibleAuthorizationJustInTimeAccessPolicy
    A just_in_time_access_policy block as defined below.
    principalDisplayName String
    The display name of the Azure Active Directory Principal.
    principalId string
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    roleDefinitionId string
    The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
    justInTimeAccessPolicy DefinitionEligibleAuthorizationJustInTimeAccessPolicy
    A just_in_time_access_policy block as defined below.
    principalDisplayName string
    The display name of the Azure Active Directory Principal.
    principal_id str
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    role_definition_id str
    The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
    just_in_time_access_policy DefinitionEligibleAuthorizationJustInTimeAccessPolicy
    A just_in_time_access_policy block as defined below.
    principal_display_name str
    The display name of the Azure Active Directory Principal.
    principalId String
    Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
    roleDefinitionId String
    The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
    justInTimeAccessPolicy Property Map
    A just_in_time_access_policy block as defined below.
    principalDisplayName String
    The display name of the Azure Active Directory Principal.

    DefinitionEligibleAuthorizationJustInTimeAccessPolicy, DefinitionEligibleAuthorizationJustInTimeAccessPolicyArgs

    Approvers List<DefinitionEligibleAuthorizationJustInTimeAccessPolicyApprover>
    An approver block as defined below.
    MaximumActivationDuration string
    The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to PT8H.
    MultiFactorAuthProvider string

    The multi-factor authorization provider to be used for just-in-time access requests. Possible value is Azure.

    Note: When this property isn't set, it would be set to None.

    Approvers []DefinitionEligibleAuthorizationJustInTimeAccessPolicyApprover
    An approver block as defined below.
    MaximumActivationDuration string
    The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to PT8H.
    MultiFactorAuthProvider string

    The multi-factor authorization provider to be used for just-in-time access requests. Possible value is Azure.

    Note: When this property isn't set, it would be set to None.

    approvers List<DefinitionEligibleAuthorizationJustInTimeAccessPolicyApprover>
    An approver block as defined below.
    maximumActivationDuration String
    The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to PT8H.
    multiFactorAuthProvider String

    The multi-factor authorization provider to be used for just-in-time access requests. Possible value is Azure.

    Note: When this property isn't set, it would be set to None.

    approvers DefinitionEligibleAuthorizationJustInTimeAccessPolicyApprover[]
    An approver block as defined below.
    maximumActivationDuration string
    The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to PT8H.
    multiFactorAuthProvider string

    The multi-factor authorization provider to be used for just-in-time access requests. Possible value is Azure.

    Note: When this property isn't set, it would be set to None.

    approvers Sequence[DefinitionEligibleAuthorizationJustInTimeAccessPolicyApprover]
    An approver block as defined below.
    maximum_activation_duration str
    The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to PT8H.
    multi_factor_auth_provider str

    The multi-factor authorization provider to be used for just-in-time access requests. Possible value is Azure.

    Note: When this property isn't set, it would be set to None.

    approvers List<Property Map>
    An approver block as defined below.
    maximumActivationDuration String
    The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to PT8H.
    multiFactorAuthProvider String

    The multi-factor authorization provider to be used for just-in-time access requests. Possible value is Azure.

    Note: When this property isn't set, it would be set to None.

    DefinitionEligibleAuthorizationJustInTimeAccessPolicyApprover, DefinitionEligibleAuthorizationJustInTimeAccessPolicyApproverArgs

    PrincipalId string
    The Principal ID of the Azure Active Directory principal for the approver.
    PrincipalDisplayName string
    The display name of the Azure Active Directory Principal for the approver.
    PrincipalId string
    The Principal ID of the Azure Active Directory principal for the approver.
    PrincipalDisplayName string
    The display name of the Azure Active Directory Principal for the approver.
    principalId String
    The Principal ID of the Azure Active Directory principal for the approver.
    principalDisplayName String
    The display name of the Azure Active Directory Principal for the approver.
    principalId string
    The Principal ID of the Azure Active Directory principal for the approver.
    principalDisplayName string
    The display name of the Azure Active Directory Principal for the approver.
    principal_id str
    The Principal ID of the Azure Active Directory principal for the approver.
    principal_display_name str
    The display name of the Azure Active Directory Principal for the approver.
    principalId String
    The Principal ID of the Azure Active Directory principal for the approver.
    principalDisplayName String
    The display name of the Azure Active Directory Principal for the approver.

    DefinitionPlan, DefinitionPlanArgs

    Name string
    The plan name of the marketplace offer.
    Product string
    The product code of the plan.
    Publisher string
    The publisher ID of the plan.
    Version string
    The version of the plan.
    Name string
    The plan name of the marketplace offer.
    Product string
    The product code of the plan.
    Publisher string
    The publisher ID of the plan.
    Version string
    The version of the plan.
    name String
    The plan name of the marketplace offer.
    product String
    The product code of the plan.
    publisher String
    The publisher ID of the plan.
    version String
    The version of the plan.
    name string
    The plan name of the marketplace offer.
    product string
    The product code of the plan.
    publisher string
    The publisher ID of the plan.
    version string
    The version of the plan.
    name str
    The plan name of the marketplace offer.
    product str
    The product code of the plan.
    publisher str
    The publisher ID of the plan.
    version str
    The version of the plan.
    name String
    The plan name of the marketplace offer.
    product String
    The product code of the plan.
    publisher String
    The publisher ID of the plan.
    version String
    The version of the plan.

    Import

    Lighthouse Definitions can be imported using the resource id, e.g.

    $ pulumi import azure:lighthouse/definition:Definition example /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ManagedServices/registrationDefinitions/00000000-0000-0000-0000-000000000000
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure Classic v5.83.0 published on Monday, Jul 8, 2024 by Pulumi