Role
data class RoleAssignmentArtifactArgs(val artifactName: Output<String>? = null, val blueprintName: Output<String>? = null, val dependsOn: Output<List<String>>? = null, val description: Output<String>? = null, val displayName: Output<String>? = null, val kind: Output<String>? = null, val principalIds: Output<Any>? = null, val resourceGroup: Output<String>? = null, val resourceScope: Output<String>? = null, val roleDefinitionId: Output<String>? = null) : ConvertibleToJava<RoleAssignmentArtifactArgs>
Blueprint artifact that applies a Role assignment. Uses Azure REST API version 2018-11-01-preview. In version 2.x of the Azure Native provider, it used API version 2018-11-01-preview.
Example Usage
MG-ARMTemplateArtifact
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var roleAssignmentArtifact = new AzureNative.Blueprint.RoleAssignmentArtifact("roleAssignmentArtifact", new()
{
ArtifactName = "storageTemplate",
BlueprintName = "simpleBlueprint",
ResourceScope = "providers/Microsoft.Management/managementGroups/ContosoOnlineGroup",
});
});Content copied to clipboard
package main
import (
blueprint "github.com/pulumi/pulumi-azure-native-sdk/blueprint/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := blueprint.NewRoleAssignmentArtifact(ctx, "roleAssignmentArtifact", &blueprint.RoleAssignmentArtifactArgs{
ArtifactName: pulumi.String("storageTemplate"),
BlueprintName: pulumi.String("simpleBlueprint"),
ResourceScope: pulumi.String("providers/Microsoft.Management/managementGroups/ContosoOnlineGroup"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifact;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifactArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleAssignmentArtifact = new RoleAssignmentArtifact("roleAssignmentArtifact", RoleAssignmentArtifactArgs.builder()
.artifactName("storageTemplate")
.blueprintName("simpleBlueprint")
.resourceScope("providers/Microsoft.Management/managementGroups/ContosoOnlineGroup")
.build());
}
}Content copied to clipboard
MG-PolicyAssignmentArtifact
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var roleAssignmentArtifact = new AzureNative.Blueprint.RoleAssignmentArtifact("roleAssignmentArtifact", new()
{
ArtifactName = "costCenterPolicy",
BlueprintName = "simpleBlueprint",
ResourceScope = "providers/Microsoft.Management/managementGroups/ContosoOnlineGroup",
});
});Content copied to clipboard
package main
import (
blueprint "github.com/pulumi/pulumi-azure-native-sdk/blueprint/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := blueprint.NewRoleAssignmentArtifact(ctx, "roleAssignmentArtifact", &blueprint.RoleAssignmentArtifactArgs{
ArtifactName: pulumi.String("costCenterPolicy"),
BlueprintName: pulumi.String("simpleBlueprint"),
ResourceScope: pulumi.String("providers/Microsoft.Management/managementGroups/ContosoOnlineGroup"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifact;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifactArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleAssignmentArtifact = new RoleAssignmentArtifact("roleAssignmentArtifact", RoleAssignmentArtifactArgs.builder()
.artifactName("costCenterPolicy")
.blueprintName("simpleBlueprint")
.resourceScope("providers/Microsoft.Management/managementGroups/ContosoOnlineGroup")
.build());
}
}Content copied to clipboard
MG-RoleAssignmentArtifact
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var roleAssignmentArtifact = new AzureNative.Blueprint.RoleAssignmentArtifact("roleAssignmentArtifact", new()
{
ArtifactName = "ownerAssignment",
BlueprintName = "simpleBlueprint",
DisplayName = "enforce owners of given subscription",
Kind = "roleAssignment",
PrincipalIds = "[parameters('owners')]",
ResourceScope = "providers/Microsoft.Management/managementGroups/ContosoOnlineGroup",
RoleDefinitionId = "/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
});
});Content copied to clipboard
package main
import (
blueprint "github.com/pulumi/pulumi-azure-native-sdk/blueprint/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := blueprint.NewRoleAssignmentArtifact(ctx, "roleAssignmentArtifact", &blueprint.RoleAssignmentArtifactArgs{
ArtifactName: pulumi.String("ownerAssignment"),
BlueprintName: pulumi.String("simpleBlueprint"),
DisplayName: pulumi.String("enforce owners of given subscription"),
Kind: pulumi.String("roleAssignment"),
PrincipalIds: pulumi.Any("[parameters('owners')]"),
ResourceScope: pulumi.String("providers/Microsoft.Management/managementGroups/ContosoOnlineGroup"),
RoleDefinitionId: pulumi.String("/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifact;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifactArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleAssignmentArtifact = new RoleAssignmentArtifact("roleAssignmentArtifact", RoleAssignmentArtifactArgs.builder()
.artifactName("ownerAssignment")
.blueprintName("simpleBlueprint")
.displayName("enforce owners of given subscription")
.kind("roleAssignment")
.principalIds("[parameters('owners')]")
.resourceScope("providers/Microsoft.Management/managementGroups/ContosoOnlineGroup")
.roleDefinitionId("/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7")
.build());
}
}Content copied to clipboard
Sub-ARMTemplateArtifact
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var roleAssignmentArtifact = new AzureNative.Blueprint.RoleAssignmentArtifact("roleAssignmentArtifact", new()
{
ArtifactName = "storageTemplate",
BlueprintName = "simpleBlueprint",
ResourceScope = "subscriptions/00000000-0000-0000-0000-000000000000",
});
});Content copied to clipboard
package main
import (
blueprint "github.com/pulumi/pulumi-azure-native-sdk/blueprint/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := blueprint.NewRoleAssignmentArtifact(ctx, "roleAssignmentArtifact", &blueprint.RoleAssignmentArtifactArgs{
ArtifactName: pulumi.String("storageTemplate"),
BlueprintName: pulumi.String("simpleBlueprint"),
ResourceScope: pulumi.String("subscriptions/00000000-0000-0000-0000-000000000000"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifact;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifactArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleAssignmentArtifact = new RoleAssignmentArtifact("roleAssignmentArtifact", RoleAssignmentArtifactArgs.builder()
.artifactName("storageTemplate")
.blueprintName("simpleBlueprint")
.resourceScope("subscriptions/00000000-0000-0000-0000-000000000000")
.build());
}
}Content copied to clipboard
Sub-PolicyAssignmentArtifact
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var roleAssignmentArtifact = new AzureNative.Blueprint.RoleAssignmentArtifact("roleAssignmentArtifact", new()
{
ArtifactName = "costCenterPolicy",
BlueprintName = "simpleBlueprint",
ResourceScope = "subscriptions/00000000-0000-0000-0000-000000000000",
});
});Content copied to clipboard
package main
import (
blueprint "github.com/pulumi/pulumi-azure-native-sdk/blueprint/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := blueprint.NewRoleAssignmentArtifact(ctx, "roleAssignmentArtifact", &blueprint.RoleAssignmentArtifactArgs{
ArtifactName: pulumi.String("costCenterPolicy"),
BlueprintName: pulumi.String("simpleBlueprint"),
ResourceScope: pulumi.String("subscriptions/00000000-0000-0000-0000-000000000000"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifact;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifactArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleAssignmentArtifact = new RoleAssignmentArtifact("roleAssignmentArtifact", RoleAssignmentArtifactArgs.builder()
.artifactName("costCenterPolicy")
.blueprintName("simpleBlueprint")
.resourceScope("subscriptions/00000000-0000-0000-0000-000000000000")
.build());
}
}Content copied to clipboard
Sub-RoleAssignmentArtifact
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var roleAssignmentArtifact = new AzureNative.Blueprint.RoleAssignmentArtifact("roleAssignmentArtifact", new()
{
ArtifactName = "ownerAssignment",
BlueprintName = "simpleBlueprint",
DisplayName = "enforce owners of given subscription",
Kind = "roleAssignment",
PrincipalIds = "[parameters('owners')]",
ResourceScope = "subscriptions/00000000-0000-0000-0000-000000000000",
RoleDefinitionId = "/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
});
});Content copied to clipboard
package main
import (
blueprint "github.com/pulumi/pulumi-azure-native-sdk/blueprint/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := blueprint.NewRoleAssignmentArtifact(ctx, "roleAssignmentArtifact", &blueprint.RoleAssignmentArtifactArgs{
ArtifactName: pulumi.String("ownerAssignment"),
BlueprintName: pulumi.String("simpleBlueprint"),
DisplayName: pulumi.String("enforce owners of given subscription"),
Kind: pulumi.String("roleAssignment"),
PrincipalIds: pulumi.Any("[parameters('owners')]"),
ResourceScope: pulumi.String("subscriptions/00000000-0000-0000-0000-000000000000"),
RoleDefinitionId: pulumi.String("/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifact;
import com.pulumi.azurenative.blueprint.RoleAssignmentArtifactArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleAssignmentArtifact = new RoleAssignmentArtifact("roleAssignmentArtifact", RoleAssignmentArtifactArgs.builder()
.artifactName("ownerAssignment")
.blueprintName("simpleBlueprint")
.displayName("enforce owners of given subscription")
.kind("roleAssignment")
.principalIds("[parameters('owners')]")
.resourceScope("subscriptions/00000000-0000-0000-0000-000000000000")
.roleDefinitionId("/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7")
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:blueprint:RoleAssignmentArtifact ownerAssignment /{resourceScope}/providers/Microsoft.Blueprint/blueprints/{blueprintName}/artifacts/{artifactName}Content copied to clipboard
Constructors
Link copied to clipboard
constructor(artifactName: Output<String>? = null, blueprintName: Output<String>? = null, dependsOn: Output<List<String>>? = null, description: Output<String>? = null, displayName: Output<String>? = null, kind: Output<String>? = null, principalIds: Output<Any>? = null, resourceGroup: Output<String>? = null, resourceScope: Output<String>? = null, roleDefinitionId: Output<String>? = null)
Properties
Link copied to clipboard
Name of the blueprint artifact.
Link copied to clipboard
Name of the blueprint definition.
Link copied to clipboard
Multi-line explain this resource.
Link copied to clipboard
One-liner string explain this resource.
Link copied to clipboard
Array of user or group identities in Azure Active Directory. The roleDefinition will apply to each identity.
Link copied to clipboard
RoleAssignment will be scope to this resourceGroup. If empty, it scopes to the subscription.
Link copied to clipboard
The scope of the resource. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}').
Link copied to clipboard
Azure resource ID of the RoleDefinition.