AzureAD

Pulumi Official
Package maintained by Pulumi
v5.27.0 published on Wednesday, Aug 17, 2022 by Pulumi

ApplicationPreAuthorized

Import

Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g.

 $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111

-> This ID format is unique to Terraform and is composed of the authorizing application’s object ID, the string “preAuthorizedApplication” and the authorized application’s application ID (client ID) in the format {ObjectId}/preAuthorizedApplication/{ApplicationId}.

Example Usage

using System.Collections.Generic;
using Pulumi;
using AzureAD = Pulumi.AzureAD;

return await Deployment.RunAsync(() => 
{
    var authorized = new AzureAD.Application("authorized", new()
    {
        DisplayName = "example-authorized-app",
    });

    var authorizer = new AzureAD.Application("authorizer", new()
    {
        DisplayName = "example-authorizing-app",
        Api = new AzureAD.Inputs.ApplicationApiArgs
        {
            Oauth2PermissionScopes = new[]
            {
                new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs
                {
                    AdminConsentDescription = "Administer the application",
                    AdminConsentDisplayName = "Administer",
                    Enabled = true,
                    Id = "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                    Type = "Admin",
                    Value = "administer",
                },
                new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs
                {
                    AdminConsentDescription = "Access the application",
                    AdminConsentDisplayName = "Access",
                    Enabled = true,
                    Id = "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
                    Type = "User",
                    UserConsentDescription = "Access the application",
                    UserConsentDisplayName = "Access",
                    Value = "user_impersonation",
                },
            },
        },
    });

    var example = new AzureAD.ApplicationPreAuthorized("example", new()
    {
        ApplicationObjectId = authorizer.ObjectId,
        AuthorizedAppId = authorized.ApplicationId,
        PermissionIds = new[]
        {
            "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
            "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		authorized, err := azuread.NewApplication(ctx, "authorized", &azuread.ApplicationArgs{
			DisplayName: pulumi.String("example-authorized-app"),
		})
		if err != nil {
			return err
		}
		authorizer, err := azuread.NewApplication(ctx, "authorizer", &azuread.ApplicationArgs{
			DisplayName: pulumi.String("example-authorizing-app"),
			Api: &ApplicationApiArgs{
				Oauth2PermissionScopes: ApplicationApiOauth2PermissionScopeArray{
					&ApplicationApiOauth2PermissionScopeArgs{
						AdminConsentDescription: pulumi.String("Administer the application"),
						AdminConsentDisplayName: pulumi.String("Administer"),
						Enabled:                 pulumi.Bool(true),
						Id:                      pulumi.String("ced9c4c3-c273-4f0f-ac71-a20377b90f9c"),
						Type:                    pulumi.String("Admin"),
						Value:                   pulumi.String("administer"),
					},
					&ApplicationApiOauth2PermissionScopeArgs{
						AdminConsentDescription: pulumi.String("Access the application"),
						AdminConsentDisplayName: pulumi.String("Access"),
						Enabled:                 pulumi.Bool(true),
						Id:                      pulumi.String("2d5e07ca-664d-4d9b-ad61-ec07fd215213"),
						Type:                    pulumi.String("User"),
						UserConsentDescription:  pulumi.String("Access the application"),
						UserConsentDisplayName:  pulumi.String("Access"),
						Value:                   pulumi.String("user_impersonation"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = azuread.NewApplicationPreAuthorized(ctx, "example", &azuread.ApplicationPreAuthorizedArgs{
			ApplicationObjectId: authorizer.ObjectId,
			AuthorizedAppId:     authorized.ApplicationId,
			PermissionIds: pulumi.StringArray{
				pulumi.String("ced9c4c3-c273-4f0f-ac71-a20377b90f9c"),
				pulumi.String("2d5e07ca-664d-4d9b-ad61-ec07fd215213"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.Application;
import com.pulumi.azuread.ApplicationArgs;
import com.pulumi.azuread.inputs.ApplicationApiArgs;
import com.pulumi.azuread.ApplicationPreAuthorized;
import com.pulumi.azuread.ApplicationPreAuthorizedArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var authorized = new Application("authorized", ApplicationArgs.builder()        
            .displayName("example-authorized-app")
            .build());

        var authorizer = new Application("authorizer", ApplicationArgs.builder()        
            .displayName("example-authorizing-app")
            .api(ApplicationApiArgs.builder()
                .oauth2PermissionScopes(                
                    ApplicationApiOauth2PermissionScopeArgs.builder()
                        .adminConsentDescription("Administer the application")
                        .adminConsentDisplayName("Administer")
                        .enabled(true)
                        .id("ced9c4c3-c273-4f0f-ac71-a20377b90f9c")
                        .type("Admin")
                        .value("administer")
                        .build(),
                    ApplicationApiOauth2PermissionScopeArgs.builder()
                        .adminConsentDescription("Access the application")
                        .adminConsentDisplayName("Access")
                        .enabled(true)
                        .id("2d5e07ca-664d-4d9b-ad61-ec07fd215213")
                        .type("User")
                        .userConsentDescription("Access the application")
                        .userConsentDisplayName("Access")
                        .value("user_impersonation")
                        .build())
                .build())
            .build());

        var example = new ApplicationPreAuthorized("example", ApplicationPreAuthorizedArgs.builder()        
            .applicationObjectId(authorizer.objectId())
            .authorizedAppId(authorized.applicationId())
            .permissionIds(            
                "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                "2d5e07ca-664d-4d9b-ad61-ec07fd215213")
            .build());

    }
}
import pulumi
import pulumi_azuread as azuread

authorized = azuread.Application("authorized", display_name="example-authorized-app")
authorizer = azuread.Application("authorizer",
    display_name="example-authorizing-app",
    api=azuread.ApplicationApiArgs(
        oauth2_permission_scopes=[
            azuread.ApplicationApiOauth2PermissionScopeArgs(
                admin_consent_description="Administer the application",
                admin_consent_display_name="Administer",
                enabled=True,
                id="ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                type="Admin",
                value="administer",
            ),
            azuread.ApplicationApiOauth2PermissionScopeArgs(
                admin_consent_description="Access the application",
                admin_consent_display_name="Access",
                enabled=True,
                id="2d5e07ca-664d-4d9b-ad61-ec07fd215213",
                type="User",
                user_consent_description="Access the application",
                user_consent_display_name="Access",
                value="user_impersonation",
            ),
        ],
    ))
example = azuread.ApplicationPreAuthorized("example",
    application_object_id=authorizer.object_id,
    authorized_app_id=authorized.application_id,
    permission_ids=[
        "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
        "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
    ])
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";

const authorized = new azuread.Application("authorized", {displayName: "example-authorized-app"});
const authorizer = new azuread.Application("authorizer", {
    displayName: "example-authorizing-app",
    api: {
        oauth2PermissionScopes: [
            {
                adminConsentDescription: "Administer the application",
                adminConsentDisplayName: "Administer",
                enabled: true,
                id: "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                type: "Admin",
                value: "administer",
            },
            {
                adminConsentDescription: "Access the application",
                adminConsentDisplayName: "Access",
                enabled: true,
                id: "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
                type: "User",
                userConsentDescription: "Access the application",
                userConsentDisplayName: "Access",
                value: "user_impersonation",
            },
        ],
    },
});
const example = new azuread.ApplicationPreAuthorized("example", {
    applicationObjectId: authorizer.objectId,
    authorizedAppId: authorized.applicationId,
    permissionIds: [
        "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
        "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
    ],
});
resources:
  authorized:
    type: azuread:Application
    properties:
      displayName: example-authorized-app
  authorizer:
    type: azuread:Application
    properties:
      displayName: example-authorizing-app
      api:
        oauth2PermissionScopes:
          - adminConsentDescription: Administer the application
            adminConsentDisplayName: Administer
            enabled: true
            id: ced9c4c3-c273-4f0f-ac71-a20377b90f9c
            type: Admin
            value: administer
          - adminConsentDescription: Access the application
            adminConsentDisplayName: Access
            enabled: true
            id: 2d5e07ca-664d-4d9b-ad61-ec07fd215213
            type: User
            userConsentDescription: Access the application
            userConsentDisplayName: Access
            value: user_impersonation
  example:
    type: azuread:ApplicationPreAuthorized
    properties:
      applicationObjectId: ${authorizer.objectId}
      authorizedAppId: ${authorized.applicationId}
      permissionIds:
        - ced9c4c3-c273-4f0f-ac71-a20377b90f9c
        - 2d5e07ca-664d-4d9b-ad61-ec07fd215213

Create a ApplicationPreAuthorized Resource

new ApplicationPreAuthorized(name: string, args: ApplicationPreAuthorizedArgs, opts?: CustomResourceOptions);
@overload
def ApplicationPreAuthorized(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             application_object_id: Optional[str] = None,
                             authorized_app_id: Optional[str] = None,
                             permission_ids: Optional[Sequence[str]] = None)
@overload
def ApplicationPreAuthorized(resource_name: str,
                             args: ApplicationPreAuthorizedArgs,
                             opts: Optional[ResourceOptions] = None)
func NewApplicationPreAuthorized(ctx *Context, name string, args ApplicationPreAuthorizedArgs, opts ...ResourceOption) (*ApplicationPreAuthorized, error)
public ApplicationPreAuthorized(string name, ApplicationPreAuthorizedArgs args, CustomResourceOptions? opts = null)
public ApplicationPreAuthorized(String name, ApplicationPreAuthorizedArgs args)
public ApplicationPreAuthorized(String name, ApplicationPreAuthorizedArgs args, CustomResourceOptions options)
type: azuread:ApplicationPreAuthorized
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ApplicationPreAuthorizedArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ApplicationPreAuthorizedArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ApplicationPreAuthorizedArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ApplicationPreAuthorizedArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ApplicationPreAuthorizedArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ApplicationPreAuthorized Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ApplicationPreAuthorized resource accepts the following input properties:

ApplicationObjectId string

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

AuthorizedAppId string

The application ID of the pre-authorized application

PermissionIds List<string>

A set of permission scope IDs required by the authorized application.

ApplicationObjectId string

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

AuthorizedAppId string

The application ID of the pre-authorized application

PermissionIds []string

A set of permission scope IDs required by the authorized application.

applicationObjectId String

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorizedAppId String

The application ID of the pre-authorized application

permissionIds List<String>

A set of permission scope IDs required by the authorized application.

applicationObjectId string

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorizedAppId string

The application ID of the pre-authorized application

permissionIds string[]

A set of permission scope IDs required by the authorized application.

application_object_id str

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorized_app_id str

The application ID of the pre-authorized application

permission_ids Sequence[str]

A set of permission scope IDs required by the authorized application.

applicationObjectId String

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorizedAppId String

The application ID of the pre-authorized application

permissionIds List<String>

A set of permission scope IDs required by the authorized application.

Outputs

All input properties are implicitly available as output properties. Additionally, the ApplicationPreAuthorized resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up an Existing ApplicationPreAuthorized Resource

Get an existing ApplicationPreAuthorized resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ApplicationPreAuthorizedState, opts?: CustomResourceOptions): ApplicationPreAuthorized
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        application_object_id: Optional[str] = None,
        authorized_app_id: Optional[str] = None,
        permission_ids: Optional[Sequence[str]] = None) -> ApplicationPreAuthorized
func GetApplicationPreAuthorized(ctx *Context, name string, id IDInput, state *ApplicationPreAuthorizedState, opts ...ResourceOption) (*ApplicationPreAuthorized, error)
public static ApplicationPreAuthorized Get(string name, Input<string> id, ApplicationPreAuthorizedState? state, CustomResourceOptions? opts = null)
public static ApplicationPreAuthorized get(String name, Output<String> id, ApplicationPreAuthorizedState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
ApplicationObjectId string

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

AuthorizedAppId string

The application ID of the pre-authorized application

PermissionIds List<string>

A set of permission scope IDs required by the authorized application.

ApplicationObjectId string

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

AuthorizedAppId string

The application ID of the pre-authorized application

PermissionIds []string

A set of permission scope IDs required by the authorized application.

applicationObjectId String

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorizedAppId String

The application ID of the pre-authorized application

permissionIds List<String>

A set of permission scope IDs required by the authorized application.

applicationObjectId string

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorizedAppId string

The application ID of the pre-authorized application

permissionIds string[]

A set of permission scope IDs required by the authorized application.

application_object_id str

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorized_app_id str

The application ID of the pre-authorized application

permission_ids Sequence[str]

A set of permission scope IDs required by the authorized application.

applicationObjectId String

The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

authorizedAppId String

The application ID of the pre-authorized application

permissionIds List<String>

A set of permission scope IDs required by the authorized application.

Package Details

Repository
https://github.com/pulumi/pulumi-azuread
License
Apache-2.0
Notes

This Pulumi package is based on the azuread Terraform Provider.