Docs
Packagesazuread.ApplicationPreAuthorized
Explore with Pulumi AI
Import
Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g.
$ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111
-> This ID format is unique to Terraform and is composed of the authorizing application’s object ID, the string “preAuthorizedApplication” and the authorized application’s application ID (client ID) in the format {ObjectId}/preAuthorizedApplication/{ApplicationId}.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;
return await Deployment.RunAsync(() =>
{
var authorized = new AzureAD.Application("authorized", new()
{
DisplayName = "example-authorized-app",
});
var authorizer = new AzureAD.Application("authorizer", new()
{
DisplayName = "example-authorizing-app",
Api = new AzureAD.Inputs.ApplicationApiArgs
{
Oauth2PermissionScopes = new[]
{
new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs
{
AdminConsentDescription = "Administer the application",
AdminConsentDisplayName = "Administer",
Enabled = true,
Id = "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
Type = "Admin",
Value = "administer",
},
new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs
{
AdminConsentDescription = "Access the application",
AdminConsentDisplayName = "Access",
Enabled = true,
Id = "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
Type = "User",
UserConsentDescription = "Access the application",
UserConsentDisplayName = "Access",
Value = "user_impersonation",
},
},
},
});
var example = new AzureAD.ApplicationPreAuthorized("example", new()
{
ApplicationObjectId = authorizer.ObjectId,
AuthorizedAppId = authorized.ApplicationId,
PermissionIds = new[]
{
"ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
"2d5e07ca-664d-4d9b-ad61-ec07fd215213",
},
});
});
package main
import (
"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
authorized, err := azuread.NewApplication(ctx, "authorized", &azuread.ApplicationArgs{
DisplayName: pulumi.String("example-authorized-app"),
})
if err != nil {
return err
}
authorizer, err := azuread.NewApplication(ctx, "authorizer", &azuread.ApplicationArgs{
DisplayName: pulumi.String("example-authorizing-app"),
Api: &azuread.ApplicationApiArgs{
Oauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{
&azuread.ApplicationApiOauth2PermissionScopeArgs{
AdminConsentDescription: pulumi.String("Administer the application"),
AdminConsentDisplayName: pulumi.String("Administer"),
Enabled: pulumi.Bool(true),
Id: pulumi.String("ced9c4c3-c273-4f0f-ac71-a20377b90f9c"),
Type: pulumi.String("Admin"),
Value: pulumi.String("administer"),
},
&azuread.ApplicationApiOauth2PermissionScopeArgs{
AdminConsentDescription: pulumi.String("Access the application"),
AdminConsentDisplayName: pulumi.String("Access"),
Enabled: pulumi.Bool(true),
Id: pulumi.String("2d5e07ca-664d-4d9b-ad61-ec07fd215213"),
Type: pulumi.String("User"),
UserConsentDescription: pulumi.String("Access the application"),
UserConsentDisplayName: pulumi.String("Access"),
Value: pulumi.String("user_impersonation"),
},
},
},
})
if err != nil {
return err
}
_, err = azuread.NewApplicationPreAuthorized(ctx, "example", &azuread.ApplicationPreAuthorizedArgs{
ApplicationObjectId: authorizer.ObjectId,
AuthorizedAppId: authorized.ApplicationId,
PermissionIds: pulumi.StringArray{
pulumi.String("ced9c4c3-c273-4f0f-ac71-a20377b90f9c"),
pulumi.String("2d5e07ca-664d-4d9b-ad61-ec07fd215213"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.Application;
import com.pulumi.azuread.ApplicationArgs;
import com.pulumi.azuread.inputs.ApplicationApiArgs;
import com.pulumi.azuread.ApplicationPreAuthorized;
import com.pulumi.azuread.ApplicationPreAuthorizedArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var authorized = new Application("authorized", ApplicationArgs.builder()
.displayName("example-authorized-app")
.build());
var authorizer = new Application("authorizer", ApplicationArgs.builder()
.displayName("example-authorizing-app")
.api(ApplicationApiArgs.builder()
.oauth2PermissionScopes(
ApplicationApiOauth2PermissionScopeArgs.builder()
.adminConsentDescription("Administer the application")
.adminConsentDisplayName("Administer")
.enabled(true)
.id("ced9c4c3-c273-4f0f-ac71-a20377b90f9c")
.type("Admin")
.value("administer")
.build(),
ApplicationApiOauth2PermissionScopeArgs.builder()
.adminConsentDescription("Access the application")
.adminConsentDisplayName("Access")
.enabled(true)
.id("2d5e07ca-664d-4d9b-ad61-ec07fd215213")
.type("User")
.userConsentDescription("Access the application")
.userConsentDisplayName("Access")
.value("user_impersonation")
.build())
.build())
.build());
var example = new ApplicationPreAuthorized("example", ApplicationPreAuthorizedArgs.builder()
.applicationObjectId(authorizer.objectId())
.authorizedAppId(authorized.applicationId())
.permissionIds(
"ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
"2d5e07ca-664d-4d9b-ad61-ec07fd215213")
.build());
}
}
import pulumi
import pulumi_azuread as azuread
authorized = azuread.Application("authorized", display_name="example-authorized-app")
authorizer = azuread.Application("authorizer",
display_name="example-authorizing-app",
api=azuread.ApplicationApiArgs(
oauth2_permission_scopes=[
azuread.ApplicationApiOauth2PermissionScopeArgs(
admin_consent_description="Administer the application",
admin_consent_display_name="Administer",
enabled=True,
id="ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
type="Admin",
value="administer",
),
azuread.ApplicationApiOauth2PermissionScopeArgs(
admin_consent_description="Access the application",
admin_consent_display_name="Access",
enabled=True,
id="2d5e07ca-664d-4d9b-ad61-ec07fd215213",
type="User",
user_consent_description="Access the application",
user_consent_display_name="Access",
value="user_impersonation",
),
],
))
example = azuread.ApplicationPreAuthorized("example",
application_object_id=authorizer.object_id,
authorized_app_id=authorized.application_id,
permission_ids=[
"ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
"2d5e07ca-664d-4d9b-ad61-ec07fd215213",
])
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const authorized = new azuread.Application("authorized", {displayName: "example-authorized-app"});
const authorizer = new azuread.Application("authorizer", {
displayName: "example-authorizing-app",
api: {
oauth2PermissionScopes: [
{
adminConsentDescription: "Administer the application",
adminConsentDisplayName: "Administer",
enabled: true,
id: "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
type: "Admin",
value: "administer",
},
{
adminConsentDescription: "Access the application",
adminConsentDisplayName: "Access",
enabled: true,
id: "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
type: "User",
userConsentDescription: "Access the application",
userConsentDisplayName: "Access",
value: "user_impersonation",
},
],
},
});
const example = new azuread.ApplicationPreAuthorized("example", {
applicationObjectId: authorizer.objectId,
authorizedAppId: authorized.applicationId,
permissionIds: [
"ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
"2d5e07ca-664d-4d9b-ad61-ec07fd215213",
],
});
resources:
authorized:
type: azuread:Application
properties:
displayName: example-authorized-app
authorizer:
type: azuread:Application
properties:
displayName: example-authorizing-app
api:
oauth2PermissionScopes:
- adminConsentDescription: Administer the application
adminConsentDisplayName: Administer
enabled: true
id: ced9c4c3-c273-4f0f-ac71-a20377b90f9c
type: Admin
value: administer
- adminConsentDescription: Access the application
adminConsentDisplayName: Access
enabled: true
id: 2d5e07ca-664d-4d9b-ad61-ec07fd215213
type: User
userConsentDescription: Access the application
userConsentDisplayName: Access
value: user_impersonation
example:
type: azuread:ApplicationPreAuthorized
properties:
applicationObjectId: ${authorizer.objectId}
authorizedAppId: ${authorized.applicationId}
permissionIds:
- ced9c4c3-c273-4f0f-ac71-a20377b90f9c
- 2d5e07ca-664d-4d9b-ad61-ec07fd215213
Create ApplicationPreAuthorized Resource
new ApplicationPreAuthorized(name: string, args: ApplicationPreAuthorizedArgs, opts?: CustomResourceOptions);@overload
def ApplicationPreAuthorized(resource_name: str,
opts: Optional[ResourceOptions] = None,
application_object_id: Optional[str] = None,
authorized_app_id: Optional[str] = None,
permission_ids: Optional[Sequence[str]] = None)
@overload
def ApplicationPreAuthorized(resource_name: str,
args: ApplicationPreAuthorizedArgs,
opts: Optional[ResourceOptions] = None)func NewApplicationPreAuthorized(ctx *Context, name string, args ApplicationPreAuthorizedArgs, opts ...ResourceOption) (*ApplicationPreAuthorized, error)public ApplicationPreAuthorized(string name, ApplicationPreAuthorizedArgs args, CustomResourceOptions? opts = null)
public ApplicationPreAuthorized(String name, ApplicationPreAuthorizedArgs args)
public ApplicationPreAuthorized(String name, ApplicationPreAuthorizedArgs args, CustomResourceOptions options)
type: azuread:ApplicationPreAuthorized
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ApplicationPreAuthorizedArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ApplicationPreAuthorizedArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ApplicationPreAuthorizedArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ApplicationPreAuthorizedArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ApplicationPreAuthorizedArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ApplicationPreAuthorized Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ApplicationPreAuthorized resource accepts the following input properties:
- Application
Object stringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- string
The application ID of the pre-authorized application
- Permission
Ids List<string> A set of permission scope IDs required by the authorized application.
- Application
Object stringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- string
The application ID of the pre-authorized application
- Permission
Ids []string A set of permission scope IDs required by the authorized application.
- application
Object StringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- String
The application ID of the pre-authorized application
- permission
Ids List<String> A set of permission scope IDs required by the authorized application.
- application
Object stringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- string
The application ID of the pre-authorized application
- permission
Ids string[] A set of permission scope IDs required by the authorized application.
- application_
object_ strid The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- str
The application ID of the pre-authorized application
- permission_
ids Sequence[str] A set of permission scope IDs required by the authorized application.
- application
Object StringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- String
The application ID of the pre-authorized application
- permission
Ids List<String> A set of permission scope IDs required by the authorized application.
Outputs
All input properties are implicitly available as output properties. Additionally, the ApplicationPreAuthorized resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing ApplicationPreAuthorized Resource
Get an existing ApplicationPreAuthorized resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ApplicationPreAuthorizedState, opts?: CustomResourceOptions): ApplicationPreAuthorized@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
application_object_id: Optional[str] = None,
authorized_app_id: Optional[str] = None,
permission_ids: Optional[Sequence[str]] = None) -> ApplicationPreAuthorizedfunc GetApplicationPreAuthorized(ctx *Context, name string, id IDInput, state *ApplicationPreAuthorizedState, opts ...ResourceOption) (*ApplicationPreAuthorized, error)public static ApplicationPreAuthorized Get(string name, Input<string> id, ApplicationPreAuthorizedState? state, CustomResourceOptions? opts = null)public static ApplicationPreAuthorized get(String name, Output<String> id, ApplicationPreAuthorizedState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Application
Object stringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- string
The application ID of the pre-authorized application
- Permission
Ids List<string> A set of permission scope IDs required by the authorized application.
- Application
Object stringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- string
The application ID of the pre-authorized application
- Permission
Ids []string A set of permission scope IDs required by the authorized application.
- application
Object StringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- String
The application ID of the pre-authorized application
- permission
Ids List<String> A set of permission scope IDs required by the authorized application.
- application
Object stringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- string
The application ID of the pre-authorized application
- permission
Ids string[] A set of permission scope IDs required by the authorized application.
- application_
object_ strid The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- str
The application ID of the pre-authorized application
- permission_
ids Sequence[str] A set of permission scope IDs required by the authorized application.
- application
Object StringId The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.
- String
The application ID of the pre-authorized application
- permission
Ids List<String> A set of permission scope IDs required by the authorized application.
Package Details
- Repository
- Azure Active Directory (Azure AD) pulumi/pulumi-azuread
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azureadTerraform Provider.