Docs
PackagesWe recommend using Azure Native.
azure.lighthouse.Definition
Explore with Pulumi AI
Manages a Lighthouse Definition.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var contributor = Azure.Authorization.GetRoleDefinition.Invoke(new()
{
RoleDefinitionId = "b24988ac-6180-42a0-ab88-20f7382dd24c",
});
var example = new Azure.Lighthouse.Definition("example", new()
{
Description = "This is a lighthouse definition created IaC",
ManagingTenantId = "00000000-0000-0000-0000-000000000000",
Scope = "/subscriptions/00000000-0000-0000-0000-000000000000",
Authorizations = new[]
{
new Azure.Lighthouse.Inputs.DefinitionAuthorizationArgs
{
PrincipalId = "00000000-0000-0000-0000-000000000000",
RoleDefinitionId = contributor.Apply(getRoleDefinitionResult => getRoleDefinitionResult.RoleDefinitionId),
PrincipalDisplayName = "Tier 1 Support",
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/lighthouse"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
contributor, err := authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
RoleDefinitionId: pulumi.StringRef("b24988ac-6180-42a0-ab88-20f7382dd24c"),
}, nil)
if err != nil {
return err
}
_, err = lighthouse.NewDefinition(ctx, "example", &lighthouse.DefinitionArgs{
Description: pulumi.String("This is a lighthouse definition created IaC"),
ManagingTenantId: pulumi.String("00000000-0000-0000-0000-000000000000"),
Scope: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000"),
Authorizations: lighthouse.DefinitionAuthorizationArray{
&lighthouse.DefinitionAuthorizationArgs{
PrincipalId: pulumi.String("00000000-0000-0000-0000-000000000000"),
RoleDefinitionId: *pulumi.String(contributor.RoleDefinitionId),
PrincipalDisplayName: pulumi.String("Tier 1 Support"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.authorization.AuthorizationFunctions;
import com.pulumi.azure.authorization.inputs.GetRoleDefinitionArgs;
import com.pulumi.azure.lighthouse.Definition;
import com.pulumi.azure.lighthouse.DefinitionArgs;
import com.pulumi.azure.lighthouse.inputs.DefinitionAuthorizationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var contributor = AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
.roleDefinitionId("b24988ac-6180-42a0-ab88-20f7382dd24c")
.build());
var example = new Definition("example", DefinitionArgs.builder()
.description("This is a lighthouse definition created IaC")
.managingTenantId("00000000-0000-0000-0000-000000000000")
.scope("/subscriptions/00000000-0000-0000-0000-000000000000")
.authorizations(DefinitionAuthorizationArgs.builder()
.principalId("00000000-0000-0000-0000-000000000000")
.roleDefinitionId(contributor.applyValue(getRoleDefinitionResult -> getRoleDefinitionResult.roleDefinitionId()))
.principalDisplayName("Tier 1 Support")
.build())
.build());
}
}
import pulumi
import pulumi_azure as azure
contributor = azure.authorization.get_role_definition(role_definition_id="b24988ac-6180-42a0-ab88-20f7382dd24c")
example = azure.lighthouse.Definition("example",
description="This is a lighthouse definition created IaC",
managing_tenant_id="00000000-0000-0000-0000-000000000000",
scope="/subscriptions/00000000-0000-0000-0000-000000000000",
authorizations=[azure.lighthouse.DefinitionAuthorizationArgs(
principal_id="00000000-0000-0000-0000-000000000000",
role_definition_id=contributor.role_definition_id,
principal_display_name="Tier 1 Support",
)])
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const contributor = azure.authorization.getRoleDefinition({
roleDefinitionId: "b24988ac-6180-42a0-ab88-20f7382dd24c",
});
const example = new azure.lighthouse.Definition("example", {
description: "This is a lighthouse definition created IaC",
managingTenantId: "00000000-0000-0000-0000-000000000000",
scope: "/subscriptions/00000000-0000-0000-0000-000000000000",
authorizations: [{
principalId: "00000000-0000-0000-0000-000000000000",
roleDefinitionId: contributor.then(contributor => contributor.roleDefinitionId),
principalDisplayName: "Tier 1 Support",
}],
});
resources:
example:
type: azure:lighthouse:Definition
properties:
description: This is a lighthouse definition created IaC
managingTenantId: 00000000-0000-0000-0000-000000000000
scope: /subscriptions/00000000-0000-0000-0000-000000000000
authorizations:
- principalId: 00000000-0000-0000-0000-000000000000
roleDefinitionId: ${contributor.roleDefinitionId}
principalDisplayName: Tier 1 Support
variables:
contributor:
fn::invoke:
Function: azure:authorization:getRoleDefinition
Arguments:
roleDefinitionId: b24988ac-6180-42a0-ab88-20f7382dd24c
Create Definition Resource
new Definition(name: string, args: DefinitionArgs, opts?: CustomResourceOptions);@overload
def Definition(resource_name: str,
opts: Optional[ResourceOptions] = None,
authorizations: Optional[Sequence[DefinitionAuthorizationArgs]] = None,
description: Optional[str] = None,
eligible_authorizations: Optional[Sequence[DefinitionEligibleAuthorizationArgs]] = None,
lighthouse_definition_id: Optional[str] = None,
managing_tenant_id: Optional[str] = None,
name: Optional[str] = None,
plan: Optional[DefinitionPlanArgs] = None,
scope: Optional[str] = None)
@overload
def Definition(resource_name: str,
args: DefinitionArgs,
opts: Optional[ResourceOptions] = None)func NewDefinition(ctx *Context, name string, args DefinitionArgs, opts ...ResourceOption) (*Definition, error)public Definition(string name, DefinitionArgs args, CustomResourceOptions? opts = null)
public Definition(String name, DefinitionArgs args)
public Definition(String name, DefinitionArgs args, CustomResourceOptions options)
type: azure:lighthouse:Definition
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DefinitionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DefinitionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DefinitionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DefinitionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DefinitionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Definition Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Definition resource accepts the following input properties:
-
List<Definition
Authorization> An authorization block as defined below.
- Managing
Tenant stringId The ID of the managing tenant. Changing this forces a new resource to be created.
- Scope string
The ID of the managed subscription. Changing this forces a new resource to be created.
- Description string
A description of the Lighthouse Definition.
-
List<Definition
Eligible Authorization> An
eligible_authorizationblock as defined below.- Lighthouse
Definition stringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- Name string
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- Plan
Definition
Plan A
planblock as defined below.
-
[]Definition
Authorization Args An authorization block as defined below.
- Managing
Tenant stringId The ID of the managing tenant. Changing this forces a new resource to be created.
- Scope string
The ID of the managed subscription. Changing this forces a new resource to be created.
- Description string
A description of the Lighthouse Definition.
-
[]Definition
Eligible Authorization Args An
eligible_authorizationblock as defined below.- Lighthouse
Definition stringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- Name string
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- Plan
Definition
Plan Args A
planblock as defined below.
-
List<Definition
Authorization> An authorization block as defined below.
- managing
Tenant StringId The ID of the managing tenant. Changing this forces a new resource to be created.
- scope String
The ID of the managed subscription. Changing this forces a new resource to be created.
- description String
A description of the Lighthouse Definition.
-
List<Definition
Eligible Authorization> An
eligible_authorizationblock as defined below.- lighthouse
Definition StringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- name String
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan
Definition
Plan A
planblock as defined below.
-
Definition
Authorization[] An authorization block as defined below.
- managing
Tenant stringId The ID of the managing tenant. Changing this forces a new resource to be created.
- scope string
The ID of the managed subscription. Changing this forces a new resource to be created.
- description string
A description of the Lighthouse Definition.
-
Definition
Eligible Authorization[] An
eligible_authorizationblock as defined below.- lighthouse
Definition stringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- name string
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan
Definition
Plan A
planblock as defined below.
-
Sequence[Definition
Authorization Args] An authorization block as defined below.
- managing_
tenant_ strid The ID of the managing tenant. Changing this forces a new resource to be created.
- scope str
The ID of the managed subscription. Changing this forces a new resource to be created.
- description str
A description of the Lighthouse Definition.
-
Sequence[Definition
Eligible Authorization Args] An
eligible_authorizationblock as defined below.- lighthouse_
definition_ strid A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- name str
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan
Definition
Plan Args A
planblock as defined below.
- List<Property Map>
An authorization block as defined below.
- managing
Tenant StringId The ID of the managing tenant. Changing this forces a new resource to be created.
- scope String
The ID of the managed subscription. Changing this forces a new resource to be created.
- description String
A description of the Lighthouse Definition.
- List<Property Map>
An
eligible_authorizationblock as defined below.- lighthouse
Definition StringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- name String
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan Property Map
A
planblock as defined below.
Outputs
All input properties are implicitly available as output properties. Additionally, the Definition resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing Definition Resource
Get an existing Definition resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DefinitionState, opts?: CustomResourceOptions): Definition@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authorizations: Optional[Sequence[DefinitionAuthorizationArgs]] = None,
description: Optional[str] = None,
eligible_authorizations: Optional[Sequence[DefinitionEligibleAuthorizationArgs]] = None,
lighthouse_definition_id: Optional[str] = None,
managing_tenant_id: Optional[str] = None,
name: Optional[str] = None,
plan: Optional[DefinitionPlanArgs] = None,
scope: Optional[str] = None) -> Definitionfunc GetDefinition(ctx *Context, name string, id IDInput, state *DefinitionState, opts ...ResourceOption) (*Definition, error)public static Definition Get(string name, Input<string> id, DefinitionState? state, CustomResourceOptions? opts = null)public static Definition get(String name, Output<String> id, DefinitionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
-
List<Definition
Authorization> An authorization block as defined below.
- Description string
A description of the Lighthouse Definition.
-
List<Definition
Eligible Authorization> An
eligible_authorizationblock as defined below.- Lighthouse
Definition stringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- Managing
Tenant stringId The ID of the managing tenant. Changing this forces a new resource to be created.
- Name string
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- Plan
Definition
Plan A
planblock as defined below.- Scope string
The ID of the managed subscription. Changing this forces a new resource to be created.
-
[]Definition
Authorization Args An authorization block as defined below.
- Description string
A description of the Lighthouse Definition.
-
[]Definition
Eligible Authorization Args An
eligible_authorizationblock as defined below.- Lighthouse
Definition stringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- Managing
Tenant stringId The ID of the managing tenant. Changing this forces a new resource to be created.
- Name string
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- Plan
Definition
Plan Args A
planblock as defined below.- Scope string
The ID of the managed subscription. Changing this forces a new resource to be created.
-
List<Definition
Authorization> An authorization block as defined below.
- description String
A description of the Lighthouse Definition.
-
List<Definition
Eligible Authorization> An
eligible_authorizationblock as defined below.- lighthouse
Definition StringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- managing
Tenant StringId The ID of the managing tenant. Changing this forces a new resource to be created.
- name String
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan
Definition
Plan A
planblock as defined below.- scope String
The ID of the managed subscription. Changing this forces a new resource to be created.
-
Definition
Authorization[] An authorization block as defined below.
- description string
A description of the Lighthouse Definition.
-
Definition
Eligible Authorization[] An
eligible_authorizationblock as defined below.- lighthouse
Definition stringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- managing
Tenant stringId The ID of the managing tenant. Changing this forces a new resource to be created.
- name string
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan
Definition
Plan A
planblock as defined below.- scope string
The ID of the managed subscription. Changing this forces a new resource to be created.
-
Sequence[Definition
Authorization Args] An authorization block as defined below.
- description str
A description of the Lighthouse Definition.
-
Sequence[Definition
Eligible Authorization Args] An
eligible_authorizationblock as defined below.- lighthouse_
definition_ strid A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- managing_
tenant_ strid The ID of the managing tenant. Changing this forces a new resource to be created.
- name str
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan
Definition
Plan Args A
planblock as defined below.- scope str
The ID of the managed subscription. Changing this forces a new resource to be created.
- List<Property Map>
An authorization block as defined below.
- description String
A description of the Lighthouse Definition.
- List<Property Map>
An
eligible_authorizationblock as defined below.- lighthouse
Definition StringId A unique UUID/GUID which identifies this lighthouse definition - one will be generated if not specified. Changing this forces a new resource to be created.
- managing
Tenant StringId The ID of the managing tenant. Changing this forces a new resource to be created.
- name String
The name of the Lighthouse Definition. Changing this forces a new resource to be created.
- plan Property Map
A
planblock as defined below.- scope String
The ID of the managed subscription. Changing this forces a new resource to be created.
Supporting Types
DefinitionAuthorization, DefinitionAuthorizationArgs
- Principal
Id string Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- Role
Definition stringId The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an
Ownerrole.- Delegated
Role List<string>Definition Ids The set of role definition ids which define all the permissions that the principal id can assign.
- Principal
Display stringName The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
- Principal
Id string Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- Role
Definition stringId The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an
Ownerrole.- Delegated
Role []stringDefinition Ids The set of role definition ids which define all the permissions that the principal id can assign.
- Principal
Display stringName The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
- principal
Id String Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role
Definition StringId The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an
Ownerrole.- delegated
Role List<String>Definition Ids The set of role definition ids which define all the permissions that the principal id can assign.
- principal
Display StringName The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
- principal
Id string Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role
Definition stringId The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an
Ownerrole.- delegated
Role string[]Definition Ids The set of role definition ids which define all the permissions that the principal id can assign.
- principal
Display stringName The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
- principal_
id str Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role_
definition_ strid The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an
Ownerrole.- delegated_
role_ Sequence[str]definition_ ids The set of role definition ids which define all the permissions that the principal id can assign.
- principal_
display_ strname The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
- principal
Id String Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role
Definition StringId The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an
Ownerrole.- delegated
Role List<String>Definition Ids The set of role definition ids which define all the permissions that the principal id can assign.
- principal
Display StringName The display name of the security group/service principal/user that would be assigned permissions to the projected subscription.
DefinitionEligibleAuthorization, DefinitionEligibleAuthorizationArgs
- Principal
Id string Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- Role
Definition stringId The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
- Just
In DefinitionTime Access Policy Eligible Authorization Just In Time Access Policy A
just_in_time_access_policyblock as defined below.- Principal
Display stringName The display name of the Azure Active Directory Principal.
- Principal
Id string Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- Role
Definition stringId The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
- Just
In DefinitionTime Access Policy Eligible Authorization Just In Time Access Policy A
just_in_time_access_policyblock as defined below.- Principal
Display stringName The display name of the Azure Active Directory Principal.
- principal
Id String Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role
Definition StringId The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
- just
In DefinitionTime Access Policy Eligible Authorization Just In Time Access Policy A
just_in_time_access_policyblock as defined below.- principal
Display StringName The display name of the Azure Active Directory Principal.
- principal
Id string Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role
Definition stringId The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
- just
In DefinitionTime Access Policy Eligible Authorization Just In Time Access Policy A
just_in_time_access_policyblock as defined below.- principal
Display stringName The display name of the Azure Active Directory Principal.
- principal_
id str Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role_
definition_ strid The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
- just_
in_ Definitiontime_ access_ policy Eligible Authorization Just In Time Access Policy A
just_in_time_access_policyblock as defined below.- principal_
display_ strname The display name of the Azure Active Directory Principal.
- principal
Id String Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription.
- role
Definition StringId The Principal ID of the Azure built-in role that defines the permissions that the Azure Active Directory will have on the projected scope.
- just
In Property MapTime Access Policy A
just_in_time_access_policyblock as defined below.- principal
Display StringName The display name of the Azure Active Directory Principal.
DefinitionEligibleAuthorizationJustInTimeAccessPolicy, DefinitionEligibleAuthorizationJustInTimeAccessPolicyArgs
- Approvers
List<Definition
Eligible Authorization Just In Time Access Policy Approver> An
approverblock as defined below.- Maximum
Activation stringDuration The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to
PT8H.- Multi
Factor stringAuth Provider The multi-factor authorization provider to be used for just-in-time access requests. Possible value is
Azure.Note: When this property isn't set, it would be set to
None.
- Approvers
[]Definition
Eligible Authorization Just In Time Access Policy Approver An
approverblock as defined below.- Maximum
Activation stringDuration The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to
PT8H.- Multi
Factor stringAuth Provider The multi-factor authorization provider to be used for just-in-time access requests. Possible value is
Azure.Note: When this property isn't set, it would be set to
None.
- approvers
List<Definition
Eligible Authorization Just In Time Access Policy Approver> An
approverblock as defined below.- maximum
Activation StringDuration The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to
PT8H.- multi
Factor StringAuth Provider The multi-factor authorization provider to be used for just-in-time access requests. Possible value is
Azure.Note: When this property isn't set, it would be set to
None.
- approvers
Definition
Eligible Authorization Just In Time Access Policy Approver[] An
approverblock as defined below.- maximum
Activation stringDuration The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to
PT8H.- multi
Factor stringAuth Provider The multi-factor authorization provider to be used for just-in-time access requests. Possible value is
Azure.Note: When this property isn't set, it would be set to
None.
- approvers
Sequence[Definition
Eligible Authorization Just In Time Access Policy Approver] An
approverblock as defined below.- maximum_
activation_ strduration The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to
PT8H.- multi_
factor_ strauth_ provider The multi-factor authorization provider to be used for just-in-time access requests. Possible value is
Azure.Note: When this property isn't set, it would be set to
None.
- approvers List<Property Map>
An
approverblock as defined below.- maximum
Activation StringDuration The maximum access duration in ISO 8601 format for just-in-time access requests. Defaults to
PT8H.- multi
Factor StringAuth Provider The multi-factor authorization provider to be used for just-in-time access requests. Possible value is
Azure.Note: When this property isn't set, it would be set to
None.
DefinitionEligibleAuthorizationJustInTimeAccessPolicyApprover, DefinitionEligibleAuthorizationJustInTimeAccessPolicyApproverArgs
- Principal
Id string The Principal ID of the Azure Active Directory principal for the approver.
- Principal
Display stringName The display name of the Azure Active Directory Principal for the approver.
- Principal
Id string The Principal ID of the Azure Active Directory principal for the approver.
- Principal
Display stringName The display name of the Azure Active Directory Principal for the approver.
- principal
Id String The Principal ID of the Azure Active Directory principal for the approver.
- principal
Display StringName The display name of the Azure Active Directory Principal for the approver.
- principal
Id string The Principal ID of the Azure Active Directory principal for the approver.
- principal
Display stringName The display name of the Azure Active Directory Principal for the approver.
- principal_
id str The Principal ID of the Azure Active Directory principal for the approver.
- principal_
display_ strname The display name of the Azure Active Directory Principal for the approver.
- principal
Id String The Principal ID of the Azure Active Directory principal for the approver.
- principal
Display StringName The display name of the Azure Active Directory Principal for the approver.
DefinitionPlan, DefinitionPlanArgs
Import
Lighthouse Definitions can be imported using the resource id, e.g.
$ pulumi import azure:lighthouse/definition:Definition example /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ManagedServices/registrationDefinitions/00000000-0000-0000-0000-000000000000
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurermTerraform Provider.