pulumi-azure-kotlin/com.pulumi.azure.cosmosdb.kotlin/SqlRoleDefinition

SqlRoleDefinition

class SqlRoleDefinition : KotlinCustomResource

Manages a Cosmos DB SQL Role Definition.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.cosmosdb.Account;
import com.pulumi.azure.cosmosdb.AccountArgs;
import com.pulumi.azure.cosmosdb.inputs.AccountConsistencyPolicyArgs;
import com.pulumi.azure.cosmosdb.inputs.AccountGeoLocationArgs;
import com.pulumi.azure.cosmosdb.SqlRoleDefinition;
import com.pulumi.azure.cosmosdb.SqlRoleDefinitionArgs;
import com.pulumi.azure.cosmosdb.inputs.SqlRoleDefinitionPermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var current = CoreFunctions.getClientConfig();
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
            .location("West Europe")
            .build());
        var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .offerType("Standard")
            .kind("GlobalDocumentDB")
            .consistencyPolicy(AccountConsistencyPolicyArgs.builder()
                .consistencyLevel("Strong")
                .build())
            .geoLocations(AccountGeoLocationArgs.builder()
                .location(exampleResourceGroup.location())
                .failoverPriority(0)
                .build())
            .build());
        var exampleSqlRoleDefinition = new SqlRoleDefinition("exampleSqlRoleDefinition", SqlRoleDefinitionArgs.builder()
            .roleDefinitionId("84cf3a8b-4122-4448-bce2-fa423cfe0a15")
            .resourceGroupName(exampleResourceGroup.name())
            .accountName(exampleAccount.name())
            .assignableScopes(exampleAccount.id().applyValue(id -> String.format("%s/dbs/sales", id)))
            .permissions(SqlRoleDefinitionPermissionArgs.builder()
                .dataActions("Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read")
                .build())
            .build());
    }
}
Content copied to clipboard

Import

Cosmos DB SQL Role Definitions can be imported using the resource id, e.g.

$ pulumi import azure:cosmosdb/sqlRoleDefinition:SqlRoleDefinition example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.DocumentDB/databaseAccounts/account1/sqlRoleDefinitions/28b3c337-f436-482b-a167-c2618dc52033
Content copied to clipboard

Properties

Link copied to clipboard
val accountName: Output<String>

The name of the Cosmos DB Account. Changing this forces a new resource to be created.

Link copied to clipboard
val assignableScopes: Output<List<String>>

A list of fully qualified scopes at or below which Role Assignments may be created using this Cosmos DB SQL Role Definition. It will allow application of this Cosmos DB SQL Role Definition on the entire Database Account or any underlying Database/Collection. Scopes higher than Database Account are not enforceable as assignable scopes.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val name: Output<String>

An user-friendly name for the Cosmos DB SQL Role Definition which must be unique for the Database Account.

Link copied to clipboard
val permissions: Output<List<SqlRoleDefinitionPermission>>

A permissions block as defined below.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val resourceGroupName: Output<String>

The name of the Resource Group in which the Cosmos DB SQL Role Definition is created. Changing this forces a new resource to be created.

Link copied to clipboard
val roleDefinitionId: Output<String>

The GUID as the name of the Cosmos DB SQL Role Definition - one will be generated if not specified. Changing this forces a new resource to be created.

Link copied to clipboard
val type: Output<String>?

The type of the Cosmos DB SQL Role Definition. Possible values are BuiltInRole and CustomRole. Defaults to CustomRole. Changing this forces a new resource to be created.

Link copied to clipboard
val urn: Output<String>