Azure Active Directory (Azure AD) v6.2.0, Jan 21 25

Azure Active Directory (Azure AD) v6.2.0 published on Tuesday, Jan 21, 2025 by Pulumi

azuread.AccessPackageAssignmentPolicy

Explore with Pulumi AI

Azure Active Directory (Azure AD) v6.2.0 published on Tuesday, Jan 21, 2025 by Pulumi

API Permissions

The following API permissions are required in order to use this resource.

When authenticated with a service principal, this resource requires the following application role: EntitlementManagement.ReadWrite.All.

When authenticated with a user principal, this resource requires Global Administrator directory role, or one of the Catalog Owner and Access Package Manager role in Identity Governance.

import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";

const example = new azuread.Group("example", {
    displayName: "group-name",
    securityEnabled: true,
});
const exampleAccessPackageCatalog = new azuread.AccessPackageCatalog("example", {
    displayName: "example-catalog",
    description: "Example catalog",
});
const exampleAccessPackage = new azuread.AccessPackage("example", {
    catalogId: exampleAccessPackageCatalog.id,
    displayName: "access-package",
    description: "Access Package",
});
const exampleAccessPackageAssignmentPolicy = new azuread.AccessPackageAssignmentPolicy("example", {
    accessPackageId: exampleAccessPackage.id,
    displayName: "assignment-policy",
    description: "My assignment policy",
    durationInDays: 90,
    requestorSettings: {
        scopeType: "AllExistingDirectoryMemberUsers",
    },
    approvalSettings: {
        approvalRequired: true,
        approvalStages: [{
            approvalTimeoutInDays: 14,
            primaryApprovers: [{
                objectId: example.objectId,
                subjectType: "groupMembers",
            }],
        }],
    },
    assignmentReviewSettings: {
        enabled: true,
        reviewFrequency: "weekly",
        durationInDays: 3,
        reviewType: "Self",
        accessReviewTimeoutBehavior: "keepAccess",
    },
    questions: [{
        text: {
            defaultText: "hello, how are you?",
        },
    }],
});

import pulumi
import pulumi_azuread as azuread

example = azuread.Group("example",
    display_name="group-name",
    security_enabled=True)
example_access_package_catalog = azuread.AccessPackageCatalog("example",
    display_name="example-catalog",
    description="Example catalog")
example_access_package = azuread.AccessPackage("example",
    catalog_id=example_access_package_catalog.id,
    display_name="access-package",
    description="Access Package")
example_access_package_assignment_policy = azuread.AccessPackageAssignmentPolicy("example",
    access_package_id=example_access_package.id,
    display_name="assignment-policy",
    description="My assignment policy",
    duration_in_days=90,
    requestor_settings={
        "scope_type": "AllExistingDirectoryMemberUsers",
    },
    approval_settings={
        "approval_required": True,
        "approval_stages": [{
            "approval_timeout_in_days": 14,
            "primary_approvers": [{
                "object_id": example.object_id,
                "subject_type": "groupMembers",
            }],
        }],
    },
    assignment_review_settings={
        "enabled": True,
        "review_frequency": "weekly",
        "duration_in_days": 3,
        "review_type": "Self",
        "access_review_timeout_behavior": "keepAccess",
    },
    questions=[{
        "text": {
            "default_text": "hello, how are you?",
        },
    }])

package main

import (
	"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := azuread.NewGroup(ctx, "example", &azuread.GroupArgs{
			DisplayName:     pulumi.String("group-name"),
			SecurityEnabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		exampleAccessPackageCatalog, err := azuread.NewAccessPackageCatalog(ctx, "example", &azuread.AccessPackageCatalogArgs{
			DisplayName: pulumi.String("example-catalog"),
			Description: pulumi.String("Example catalog"),
		})
		if err != nil {
			return err
		}
		exampleAccessPackage, err := azuread.NewAccessPackage(ctx, "example", &azuread.AccessPackageArgs{
			CatalogId:   exampleAccessPackageCatalog.ID(),
			DisplayName: pulumi.String("access-package"),
			Description: pulumi.String("Access Package"),
		})
		if err != nil {
			return err
		}
		_, err = azuread.NewAccessPackageAssignmentPolicy(ctx, "example", &azuread.AccessPackageAssignmentPolicyArgs{
			AccessPackageId: exampleAccessPackage.ID(),
			DisplayName:     pulumi.String("assignment-policy"),
			Description:     pulumi.String("My assignment policy"),
			DurationInDays:  pulumi.Int(90),
			RequestorSettings: &azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{
				ScopeType: pulumi.String("AllExistingDirectoryMemberUsers"),
			},
			ApprovalSettings: &azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{
				ApprovalRequired: pulumi.Bool(true),
				ApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{
					&azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{
						ApprovalTimeoutInDays: pulumi.Int(14),
						PrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{
							&azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{
								ObjectId:    example.ObjectId,
								SubjectType: pulumi.String("groupMembers"),
							},
						},
					},
				},
			},
			AssignmentReviewSettings: &azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{
				Enabled:                     pulumi.Bool(true),
				ReviewFrequency:             pulumi.String("weekly"),
				DurationInDays:              pulumi.Int(3),
				ReviewType:                  pulumi.String("Self"),
				AccessReviewTimeoutBehavior: pulumi.String("keepAccess"),
			},
			Questions: azuread.AccessPackageAssignmentPolicyQuestionArray{
				&azuread.AccessPackageAssignmentPolicyQuestionArgs{
					Text: &azuread.AccessPackageAssignmentPolicyQuestionTextArgs{
						DefaultText: pulumi.String("hello, how are you?"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;

return await Deployment.RunAsync(() => 
{
    var example = new AzureAD.Group("example", new()
    {
        DisplayName = "group-name",
        SecurityEnabled = true,
    });

    var exampleAccessPackageCatalog = new AzureAD.AccessPackageCatalog("example", new()
    {
        DisplayName = "example-catalog",
        Description = "Example catalog",
    });

    var exampleAccessPackage = new AzureAD.AccessPackage("example", new()
    {
        CatalogId = exampleAccessPackageCatalog.Id,
        DisplayName = "access-package",
        Description = "Access Package",
    });

    var exampleAccessPackageAssignmentPolicy = new AzureAD.AccessPackageAssignmentPolicy("example", new()
    {
        AccessPackageId = exampleAccessPackage.Id,
        DisplayName = "assignment-policy",
        Description = "My assignment policy",
        DurationInDays = 90,
        RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs
        {
            ScopeType = "AllExistingDirectoryMemberUsers",
        },
        ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs
        {
            ApprovalRequired = true,
            ApprovalStages = new[]
            {
                new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs
                {
                    ApprovalTimeoutInDays = 14,
                    PrimaryApprovers = new[]
                    {
                        new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs
                        {
                            ObjectId = example.ObjectId,
                            SubjectType = "groupMembers",
                        },
                    },
                },
            },
        },
        AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs
        {
            Enabled = true,
            ReviewFrequency = "weekly",
            DurationInDays = 3,
            ReviewType = "Self",
            AccessReviewTimeoutBehavior = "keepAccess",
        },
        Questions = new[]
        {
            new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs
            {
                Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs
                {
                    DefaultText = "hello, how are you?",
                },
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.Group;
import com.pulumi.azuread.GroupArgs;
import com.pulumi.azuread.AccessPackageCatalog;
import com.pulumi.azuread.AccessPackageCatalogArgs;
import com.pulumi.azuread.AccessPackage;
import com.pulumi.azuread.AccessPackageArgs;
import com.pulumi.azuread.AccessPackageAssignmentPolicy;
import com.pulumi.azuread.AccessPackageAssignmentPolicyArgs;
import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs;
import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs;
import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs;
import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionArgs;
import com.pulumi.azuread.inputs.AccessPackageAssignmentPolicyQuestionTextArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new Group("example", GroupArgs.builder()
            .displayName("group-name")
            .securityEnabled(true)
            .build());

        var exampleAccessPackageCatalog = new AccessPackageCatalog("exampleAccessPackageCatalog", AccessPackageCatalogArgs.builder()
            .displayName("example-catalog")
            .description("Example catalog")
            .build());

        var exampleAccessPackage = new AccessPackage("exampleAccessPackage", AccessPackageArgs.builder()
            .catalogId(exampleAccessPackageCatalog.id())
            .displayName("access-package")
            .description("Access Package")
            .build());

        var exampleAccessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy("exampleAccessPackageAssignmentPolicy", AccessPackageAssignmentPolicyArgs.builder()
            .accessPackageId(exampleAccessPackage.id())
            .displayName("assignment-policy")
            .description("My assignment policy")
            .durationInDays(90)
            .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder()
                .scopeType("AllExistingDirectoryMemberUsers")
                .build())
            .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder()
                .approvalRequired(true)
                .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder()
                    .approvalTimeoutInDays(14)
                    .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder()
                        .objectId(example.objectId())
                        .subjectType("groupMembers")
                        .build())
                    .build())
                .build())
            .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder()
                .enabled(true)
                .reviewFrequency("weekly")
                .durationInDays(3)
                .reviewType("Self")
                .accessReviewTimeoutBehavior("keepAccess")
                .build())
            .questions(AccessPackageAssignmentPolicyQuestionArgs.builder()
                .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder()
                    .defaultText("hello, how are you?")
                    .build())
                .build())
            .build());

    }
}

resources:
  example:
    type: azuread:Group
    properties:
      displayName: group-name
      securityEnabled: true
  exampleAccessPackageCatalog:
    type: azuread:AccessPackageCatalog
    name: example
    properties:
      displayName: example-catalog
      description: Example catalog
  exampleAccessPackage:
    type: azuread:AccessPackage
    name: example
    properties:
      catalogId: ${exampleAccessPackageCatalog.id}
      displayName: access-package
      description: Access Package
  exampleAccessPackageAssignmentPolicy:
    type: azuread:AccessPackageAssignmentPolicy
    name: example
    properties:
      accessPackageId: ${exampleAccessPackage.id}
      displayName: assignment-policy
      description: My assignment policy
      durationInDays: 90
      requestorSettings:
        scopeType: AllExistingDirectoryMemberUsers
      approvalSettings:
        approvalRequired: true
        approvalStages:
          - approvalTimeoutInDays: 14
            primaryApprovers:
              - objectId: ${example.objectId}
                subjectType: groupMembers
      assignmentReviewSettings:
        enabled: true
        reviewFrequency: weekly
        durationInDays: 3
        reviewType: Self
        accessReviewTimeoutBehavior: keepAccess
      questions:
        - text:
            defaultText: hello, how are you?

Create AccessPackageAssignmentPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new AccessPackageAssignmentPolicy(name: string, args: AccessPackageAssignmentPolicyArgs, opts?: CustomResourceOptions);

@overload
def AccessPackageAssignmentPolicy(resource_name: str,
                                  args: AccessPackageAssignmentPolicyArgs,
                                  opts: Optional[ResourceOptions] = None)

@overload
def AccessPackageAssignmentPolicy(resource_name: str,
                                  opts: Optional[ResourceOptions] = None,
                                  access_package_id: Optional[str] = None,
                                  description: Optional[str] = None,
                                  display_name: Optional[str] = None,
                                  approval_settings: Optional[AccessPackageAssignmentPolicyApprovalSettingsArgs] = None,
                                  assignment_review_settings: Optional[AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs] = None,
                                  duration_in_days: Optional[int] = None,
                                  expiration_date: Optional[str] = None,
                                  extension_enabled: Optional[bool] = None,
                                  questions: Optional[Sequence[AccessPackageAssignmentPolicyQuestionArgs]] = None,
                                  requestor_settings: Optional[AccessPackageAssignmentPolicyRequestorSettingsArgs] = None)

func NewAccessPackageAssignmentPolicy(ctx *Context, name string, args AccessPackageAssignmentPolicyArgs, opts ...ResourceOption) (*AccessPackageAssignmentPolicy, error)

public AccessPackageAssignmentPolicy(string name, AccessPackageAssignmentPolicyArgs args, CustomResourceOptions? opts = null)

public AccessPackageAssignmentPolicy(String name, AccessPackageAssignmentPolicyArgs args)
public AccessPackageAssignmentPolicy(String name, AccessPackageAssignmentPolicyArgs args, CustomResourceOptions options)

type: azuread:AccessPackageAssignmentPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AccessPackageAssignmentPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AccessPackageAssignmentPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AccessPackageAssignmentPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AccessPackageAssignmentPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AccessPackageAssignmentPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var accessPackageAssignmentPolicyResource = new AzureAD.AccessPackageAssignmentPolicy("accessPackageAssignmentPolicyResource", new()
{
    AccessPackageId = "string",
    Description = "string",
    DisplayName = "string",
    ApprovalSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsArgs
    {
        ApprovalRequired = false,
        ApprovalRequiredForExtension = false,
        ApprovalStages = new[]
        {
            new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs
            {
                ApprovalTimeoutInDays = 0,
                AlternativeApprovalEnabled = false,
                AlternativeApprovers = new[]
                {
                    new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs
                    {
                        SubjectType = "string",
                        Backup = false,
                        ObjectId = "string",
                    },
                },
                ApproverJustificationRequired = false,
                EnableAlternativeApprovalInDays = 0,
                PrimaryApprovers = new[]
                {
                    new AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs
                    {
                        SubjectType = "string",
                        Backup = false,
                        ObjectId = "string",
                    },
                },
            },
        },
        RequestorJustificationRequired = false,
    },
    AssignmentReviewSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs
    {
        AccessRecommendationEnabled = false,
        AccessReviewTimeoutBehavior = "string",
        ApproverJustificationRequired = false,
        DurationInDays = 0,
        Enabled = false,
        ReviewFrequency = "string",
        ReviewType = "string",
        Reviewers = new[]
        {
            new AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs
            {
                SubjectType = "string",
                Backup = false,
                ObjectId = "string",
            },
        },
        StartingOn = "string",
    },
    DurationInDays = 0,
    ExpirationDate = "string",
    ExtensionEnabled = false,
    Questions = new[]
    {
        new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionArgs
        {
            Text = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextArgs
            {
                DefaultText = "string",
                LocalizedTexts = new[]
                {
                    new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs
                    {
                        Content = "string",
                        LanguageCode = "string",
                    },
                },
            },
            Choices = new[]
            {
                new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionChoiceArgs
                {
                    ActualValue = "string",
                    DisplayValue = new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs
                    {
                        DefaultText = "string",
                        LocalizedTexts = new[]
                        {
                            new AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs
                            {
                                Content = "string",
                                LanguageCode = "string",
                            },
                        },
                    },
                },
            },
            Required = false,
            Sequence = 0,
        },
    },
    RequestorSettings = new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsArgs
    {
        Requestors = new[]
        {
            new AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs
            {
                SubjectType = "string",
                Backup = false,
                ObjectId = "string",
            },
        },
        RequestsAccepted = false,
        ScopeType = "string",
    },
});

example, err := azuread.NewAccessPackageAssignmentPolicy(ctx, "accessPackageAssignmentPolicyResource", &azuread.AccessPackageAssignmentPolicyArgs{
	AccessPackageId: pulumi.String("string"),
	Description:     pulumi.String("string"),
	DisplayName:     pulumi.String("string"),
	ApprovalSettings: &azuread.AccessPackageAssignmentPolicyApprovalSettingsArgs{
		ApprovalRequired:             pulumi.Bool(false),
		ApprovalRequiredForExtension: pulumi.Bool(false),
		ApprovalStages: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArray{
			&azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs{
				ApprovalTimeoutInDays:      pulumi.Int(0),
				AlternativeApprovalEnabled: pulumi.Bool(false),
				AlternativeApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArray{
					&azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs{
						SubjectType: pulumi.String("string"),
						Backup:      pulumi.Bool(false),
						ObjectId:    pulumi.String("string"),
					},
				},
				ApproverJustificationRequired:   pulumi.Bool(false),
				EnableAlternativeApprovalInDays: pulumi.Int(0),
				PrimaryApprovers: azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArray{
					&azuread.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs{
						SubjectType: pulumi.String("string"),
						Backup:      pulumi.Bool(false),
						ObjectId:    pulumi.String("string"),
					},
				},
			},
		},
		RequestorJustificationRequired: pulumi.Bool(false),
	},
	AssignmentReviewSettings: &azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs{
		AccessRecommendationEnabled:   pulumi.Bool(false),
		AccessReviewTimeoutBehavior:   pulumi.String("string"),
		ApproverJustificationRequired: pulumi.Bool(false),
		DurationInDays:                pulumi.Int(0),
		Enabled:                       pulumi.Bool(false),
		ReviewFrequency:               pulumi.String("string"),
		ReviewType:                    pulumi.String("string"),
		Reviewers: azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArray{
			&azuread.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs{
				SubjectType: pulumi.String("string"),
				Backup:      pulumi.Bool(false),
				ObjectId:    pulumi.String("string"),
			},
		},
		StartingOn: pulumi.String("string"),
	},
	DurationInDays:   pulumi.Int(0),
	ExpirationDate:   pulumi.String("string"),
	ExtensionEnabled: pulumi.Bool(false),
	Questions: azuread.AccessPackageAssignmentPolicyQuestionArray{
		&azuread.AccessPackageAssignmentPolicyQuestionArgs{
			Text: &azuread.AccessPackageAssignmentPolicyQuestionTextArgs{
				DefaultText: pulumi.String("string"),
				LocalizedTexts: azuread.AccessPackageAssignmentPolicyQuestionTextLocalizedTextArray{
					&azuread.AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs{
						Content:      pulumi.String("string"),
						LanguageCode: pulumi.String("string"),
					},
				},
			},
			Choices: azuread.AccessPackageAssignmentPolicyQuestionChoiceArray{
				&azuread.AccessPackageAssignmentPolicyQuestionChoiceArgs{
					ActualValue: pulumi.String("string"),
					DisplayValue: &azuread.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs{
						DefaultText: pulumi.String("string"),
						LocalizedTexts: azuread.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArray{
							&azuread.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs{
								Content:      pulumi.String("string"),
								LanguageCode: pulumi.String("string"),
							},
						},
					},
				},
			},
			Required: pulumi.Bool(false),
			Sequence: pulumi.Int(0),
		},
	},
	RequestorSettings: &azuread.AccessPackageAssignmentPolicyRequestorSettingsArgs{
		Requestors: azuread.AccessPackageAssignmentPolicyRequestorSettingsRequestorArray{
			&azuread.AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs{
				SubjectType: pulumi.String("string"),
				Backup:      pulumi.Bool(false),
				ObjectId:    pulumi.String("string"),
			},
		},
		RequestsAccepted: pulumi.Bool(false),
		ScopeType:        pulumi.String("string"),
	},
})

var accessPackageAssignmentPolicyResource = new AccessPackageAssignmentPolicy("accessPackageAssignmentPolicyResource", AccessPackageAssignmentPolicyArgs.builder()
    .accessPackageId("string")
    .description("string")
    .displayName("string")
    .approvalSettings(AccessPackageAssignmentPolicyApprovalSettingsArgs.builder()
        .approvalRequired(false)
        .approvalRequiredForExtension(false)
        .approvalStages(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs.builder()
            .approvalTimeoutInDays(0)
            .alternativeApprovalEnabled(false)
            .alternativeApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs.builder()
                .subjectType("string")
                .backup(false)
                .objectId("string")
                .build())
            .approverJustificationRequired(false)
            .enableAlternativeApprovalInDays(0)
            .primaryApprovers(AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs.builder()
                .subjectType("string")
                .backup(false)
                .objectId("string")
                .build())
            .build())
        .requestorJustificationRequired(false)
        .build())
    .assignmentReviewSettings(AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs.builder()
        .accessRecommendationEnabled(false)
        .accessReviewTimeoutBehavior("string")
        .approverJustificationRequired(false)
        .durationInDays(0)
        .enabled(false)
        .reviewFrequency("string")
        .reviewType("string")
        .reviewers(AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs.builder()
            .subjectType("string")
            .backup(false)
            .objectId("string")
            .build())
        .startingOn("string")
        .build())
    .durationInDays(0)
    .expirationDate("string")
    .extensionEnabled(false)
    .questions(AccessPackageAssignmentPolicyQuestionArgs.builder()
        .text(AccessPackageAssignmentPolicyQuestionTextArgs.builder()
            .defaultText("string")
            .localizedTexts(AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs.builder()
                .content("string")
                .languageCode("string")
                .build())
            .build())
        .choices(AccessPackageAssignmentPolicyQuestionChoiceArgs.builder()
            .actualValue("string")
            .displayValue(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs.builder()
                .defaultText("string")
                .localizedTexts(AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs.builder()
                    .content("string")
                    .languageCode("string")
                    .build())
                .build())
            .build())
        .required(false)
        .sequence(0)
        .build())
    .requestorSettings(AccessPackageAssignmentPolicyRequestorSettingsArgs.builder()
        .requestors(AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs.builder()
            .subjectType("string")
            .backup(false)
            .objectId("string")
            .build())
        .requestsAccepted(false)
        .scopeType("string")
        .build())
    .build());

access_package_assignment_policy_resource = azuread.AccessPackageAssignmentPolicy("accessPackageAssignmentPolicyResource",
    access_package_id="string",
    description="string",
    display_name="string",
    approval_settings={
        "approval_required": False,
        "approval_required_for_extension": False,
        "approval_stages": [{
            "approval_timeout_in_days": 0,
            "alternative_approval_enabled": False,
            "alternative_approvers": [{
                "subject_type": "string",
                "backup": False,
                "object_id": "string",
            }],
            "approver_justification_required": False,
            "enable_alternative_approval_in_days": 0,
            "primary_approvers": [{
                "subject_type": "string",
                "backup": False,
                "object_id": "string",
            }],
        }],
        "requestor_justification_required": False,
    },
    assignment_review_settings={
        "access_recommendation_enabled": False,
        "access_review_timeout_behavior": "string",
        "approver_justification_required": False,
        "duration_in_days": 0,
        "enabled": False,
        "review_frequency": "string",
        "review_type": "string",
        "reviewers": [{
            "subject_type": "string",
            "backup": False,
            "object_id": "string",
        }],
        "starting_on": "string",
    },
    duration_in_days=0,
    expiration_date="string",
    extension_enabled=False,
    questions=[{
        "text": {
            "default_text": "string",
            "localized_texts": [{
                "content": "string",
                "language_code": "string",
            }],
        },
        "choices": [{
            "actual_value": "string",
            "display_value": {
                "default_text": "string",
                "localized_texts": [{
                    "content": "string",
                    "language_code": "string",
                }],
            },
        }],
        "required": False,
        "sequence": 0,
    }],
    requestor_settings={
        "requestors": [{
            "subject_type": "string",
            "backup": False,
            "object_id": "string",
        }],
        "requests_accepted": False,
        "scope_type": "string",
    })

const accessPackageAssignmentPolicyResource = new azuread.AccessPackageAssignmentPolicy("accessPackageAssignmentPolicyResource", {
    accessPackageId: "string",
    description: "string",
    displayName: "string",
    approvalSettings: {
        approvalRequired: false,
        approvalRequiredForExtension: false,
        approvalStages: [{
            approvalTimeoutInDays: 0,
            alternativeApprovalEnabled: false,
            alternativeApprovers: [{
                subjectType: "string",
                backup: false,
                objectId: "string",
            }],
            approverJustificationRequired: false,
            enableAlternativeApprovalInDays: 0,
            primaryApprovers: [{
                subjectType: "string",
                backup: false,
                objectId: "string",
            }],
        }],
        requestorJustificationRequired: false,
    },
    assignmentReviewSettings: {
        accessRecommendationEnabled: false,
        accessReviewTimeoutBehavior: "string",
        approverJustificationRequired: false,
        durationInDays: 0,
        enabled: false,
        reviewFrequency: "string",
        reviewType: "string",
        reviewers: [{
            subjectType: "string",
            backup: false,
            objectId: "string",
        }],
        startingOn: "string",
    },
    durationInDays: 0,
    expirationDate: "string",
    extensionEnabled: false,
    questions: [{
        text: {
            defaultText: "string",
            localizedTexts: [{
                content: "string",
                languageCode: "string",
            }],
        },
        choices: [{
            actualValue: "string",
            displayValue: {
                defaultText: "string",
                localizedTexts: [{
                    content: "string",
                    languageCode: "string",
                }],
            },
        }],
        required: false,
        sequence: 0,
    }],
    requestorSettings: {
        requestors: [{
            subjectType: "string",
            backup: false,
            objectId: "string",
        }],
        requestsAccepted: false,
        scopeType: "string",
    },
});

type: azuread:AccessPackageAssignmentPolicy
properties:
    accessPackageId: string
    approvalSettings:
        approvalRequired: false
        approvalRequiredForExtension: false
        approvalStages:
            - alternativeApprovalEnabled: false
              alternativeApprovers:
                - backup: false
                  objectId: string
                  subjectType: string
              approvalTimeoutInDays: 0
              approverJustificationRequired: false
              enableAlternativeApprovalInDays: 0
              primaryApprovers:
                - backup: false
                  objectId: string
                  subjectType: string
        requestorJustificationRequired: false
    assignmentReviewSettings:
        accessRecommendationEnabled: false
        accessReviewTimeoutBehavior: string
        approverJustificationRequired: false
        durationInDays: 0
        enabled: false
        reviewFrequency: string
        reviewType: string
        reviewers:
            - backup: false
              objectId: string
              subjectType: string
        startingOn: string
    description: string
    displayName: string
    durationInDays: 0
    expirationDate: string
    extensionEnabled: false
    questions:
        - choices:
            - actualValue: string
              displayValue:
                defaultText: string
                localizedTexts:
                    - content: string
                      languageCode: string
          required: false
          sequence: 0
          text:
            defaultText: string
            localizedTexts:
                - content: string
                  languageCode: string
    requestorSettings:
        requestors:
            - backup: false
              objectId: string
              subjectType: string
        requestsAccepted: false
        scopeType: string

AccessPackageAssignmentPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The AccessPackageAssignmentPolicy resource accepts the following input properties:

AccessPackageId string: The ID of the access package that will contain the policy.
Description string: The description of the policy.
DisplayName string: The display name of the policy.
ApprovalSettings Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettings: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
AssignmentReviewSettings Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettings: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
DurationInDays int: How many days this assignment is valid for.
ExpirationDate string: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
ExtensionEnabled bool: Whether users will be able to request extension of their access to this package before their access expires.
Questions List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyQuestion>: One or more question blocks for the requestor, as documented below.
RequestorSettings Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettings: A requestor_settings block to configure the users who can request access, as documented below.

AccessPackageId string: The ID of the access package that will contain the policy.
Description string: The description of the policy.
DisplayName string: The display name of the policy.
ApprovalSettings AccessPackageAssignmentPolicyApprovalSettingsArgs: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
AssignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
DurationInDays int: How many days this assignment is valid for.
ExpirationDate string: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
ExtensionEnabled bool: Whether users will be able to request extension of their access to this package before their access expires.
Questions []AccessPackageAssignmentPolicyQuestionArgs: One or more question blocks for the requestor, as documented below.
RequestorSettings AccessPackageAssignmentPolicyRequestorSettingsArgs: A requestor_settings block to configure the users who can request access, as documented below.

accessPackageId String: The ID of the access package that will contain the policy.
description String: The description of the policy.
displayName String: The display name of the policy.
approvalSettings AccessPackageAssignmentPolicyApprovalSettings: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettings: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
durationInDays Integer: How many days this assignment is valid for.
expirationDate String: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extensionEnabled Boolean: Whether users will be able to request extension of their access to this package before their access expires.
questions List<AccessPackageAssignmentPolicyQuestion>: One or more question blocks for the requestor, as documented below.
requestorSettings AccessPackageAssignmentPolicyRequestorSettings: A requestor_settings block to configure the users who can request access, as documented below.

accessPackageId string: The ID of the access package that will contain the policy.
description string: The description of the policy.
displayName string: The display name of the policy.
approvalSettings AccessPackageAssignmentPolicyApprovalSettings: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettings: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
durationInDays number: How many days this assignment is valid for.
expirationDate string: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extensionEnabled boolean: Whether users will be able to request extension of their access to this package before their access expires.
questions AccessPackageAssignmentPolicyQuestion[]: One or more question blocks for the requestor, as documented below.
requestorSettings AccessPackageAssignmentPolicyRequestorSettings: A requestor_settings block to configure the users who can request access, as documented below.

access_package_id str: The ID of the access package that will contain the policy.
description str: The description of the policy.
display_name str: The display name of the policy.
approval_settings AccessPackageAssignmentPolicyApprovalSettingsArgs: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignment_review_settings AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
duration_in_days int: How many days this assignment is valid for.
expiration_date str: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extension_enabled bool: Whether users will be able to request extension of their access to this package before their access expires.
questions Sequence[AccessPackageAssignmentPolicyQuestionArgs]: One or more question blocks for the requestor, as documented below.
requestor_settings AccessPackageAssignmentPolicyRequestorSettingsArgs: A requestor_settings block to configure the users who can request access, as documented below.

accessPackageId String: The ID of the access package that will contain the policy.
description String: The description of the policy.
displayName String: The display name of the policy.
approvalSettings Property Map: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignmentReviewSettings Property Map: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
durationInDays Number: How many days this assignment is valid for.
expirationDate String: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extensionEnabled Boolean: Whether users will be able to request extension of their access to this package before their access expires.
questions List<Property Map>: One or more question blocks for the requestor, as documented below.
requestorSettings Property Map: A requestor_settings block to configure the users who can request access, as documented below.

Outputs

All input properties are implicitly available as output properties. Additionally, the AccessPackageAssignmentPolicy resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing AccessPackageAssignmentPolicy Resource

Get an existing AccessPackageAssignmentPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: AccessPackageAssignmentPolicyState, opts?: CustomResourceOptions): AccessPackageAssignmentPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_package_id: Optional[str] = None,
        approval_settings: Optional[AccessPackageAssignmentPolicyApprovalSettingsArgs] = None,
        assignment_review_settings: Optional[AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        duration_in_days: Optional[int] = None,
        expiration_date: Optional[str] = None,
        extension_enabled: Optional[bool] = None,
        questions: Optional[Sequence[AccessPackageAssignmentPolicyQuestionArgs]] = None,
        requestor_settings: Optional[AccessPackageAssignmentPolicyRequestorSettingsArgs] = None) -> AccessPackageAssignmentPolicy

func GetAccessPackageAssignmentPolicy(ctx *Context, name string, id IDInput, state *AccessPackageAssignmentPolicyState, opts ...ResourceOption) (*AccessPackageAssignmentPolicy, error)

public static AccessPackageAssignmentPolicy Get(string name, Input<string> id, AccessPackageAssignmentPolicyState? state, CustomResourceOptions? opts = null)

public static AccessPackageAssignmentPolicy get(String name, Output<String> id, AccessPackageAssignmentPolicyState state, CustomResourceOptions options)

resources:  _:    type: azuread:AccessPackageAssignmentPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessPackageId string: The ID of the access package that will contain the policy.
ApprovalSettings Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettings: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
AssignmentReviewSettings Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettings: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
Description string: The description of the policy.
DisplayName string: The display name of the policy.
DurationInDays int: How many days this assignment is valid for.
ExpirationDate string: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
ExtensionEnabled bool: Whether users will be able to request extension of their access to this package before their access expires.
Questions List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyQuestion>: One or more question blocks for the requestor, as documented below.
RequestorSettings Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettings: A requestor_settings block to configure the users who can request access, as documented below.

AccessPackageId string: The ID of the access package that will contain the policy.
ApprovalSettings AccessPackageAssignmentPolicyApprovalSettingsArgs: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
AssignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
Description string: The description of the policy.
DisplayName string: The display name of the policy.
DurationInDays int: How many days this assignment is valid for.
ExpirationDate string: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
ExtensionEnabled bool: Whether users will be able to request extension of their access to this package before their access expires.
Questions []AccessPackageAssignmentPolicyQuestionArgs: One or more question blocks for the requestor, as documented below.
RequestorSettings AccessPackageAssignmentPolicyRequestorSettingsArgs: A requestor_settings block to configure the users who can request access, as documented below.

accessPackageId String: The ID of the access package that will contain the policy.
approvalSettings AccessPackageAssignmentPolicyApprovalSettings: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettings: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
description String: The description of the policy.
displayName String: The display name of the policy.
durationInDays Integer: How many days this assignment is valid for.
expirationDate String: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extensionEnabled Boolean: Whether users will be able to request extension of their access to this package before their access expires.
questions List<AccessPackageAssignmentPolicyQuestion>: One or more question blocks for the requestor, as documented below.
requestorSettings AccessPackageAssignmentPolicyRequestorSettings: A requestor_settings block to configure the users who can request access, as documented below.

accessPackageId string: The ID of the access package that will contain the policy.
approvalSettings AccessPackageAssignmentPolicyApprovalSettings: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignmentReviewSettings AccessPackageAssignmentPolicyAssignmentReviewSettings: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
description string: The description of the policy.
displayName string: The display name of the policy.
durationInDays number: How many days this assignment is valid for.
expirationDate string: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extensionEnabled boolean: Whether users will be able to request extension of their access to this package before their access expires.
questions AccessPackageAssignmentPolicyQuestion[]: One or more question blocks for the requestor, as documented below.
requestorSettings AccessPackageAssignmentPolicyRequestorSettings: A requestor_settings block to configure the users who can request access, as documented below.

access_package_id str: The ID of the access package that will contain the policy.
approval_settings AccessPackageAssignmentPolicyApprovalSettingsArgs: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignment_review_settings AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
description str: The description of the policy.
display_name str: The display name of the policy.
duration_in_days int: How many days this assignment is valid for.
expiration_date str: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extension_enabled bool: Whether users will be able to request extension of their access to this package before their access expires.
questions Sequence[AccessPackageAssignmentPolicyQuestionArgs]: One or more question blocks for the requestor, as documented below.
requestor_settings AccessPackageAssignmentPolicyRequestorSettingsArgs: A requestor_settings block to configure the users who can request access, as documented below.

accessPackageId String: The ID of the access package that will contain the policy.
approvalSettings Property Map: An approval_settings block to specify whether approvals are required and how they are obtained, as documented below.
assignmentReviewSettings Property Map: An assignment_review_settings block, to specify whether assignment review is needed and how it is conducted, as documented below.
description String: The description of the policy.
displayName String: The display name of the policy.
durationInDays Number: How many days this assignment is valid for.
expirationDate String: The date that this assignment expires, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z).
extensionEnabled Boolean: Whether users will be able to request extension of their access to this package before their access expires.
questions List<Property Map>: One or more question blocks for the requestor, as documented below.
requestorSettings Property Map: A requestor_settings block to configure the users who can request access, as documented below.

Supporting Types

AccessPackageAssignmentPolicyApprovalSettings
, AccessPackageAssignmentPolicyApprovalSettingsArgs

ApprovalRequired bool: Whether an approval is required.
ApprovalRequiredForExtension bool: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply.
ApprovalStages List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStage>: An approval_stage block specifying the process to obtain an approval, as documented below.
RequestorJustificationRequired bool: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor.

ApprovalRequired bool: Whether an approval is required.
ApprovalRequiredForExtension bool: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply.
ApprovalStages []AccessPackageAssignmentPolicyApprovalSettingsApprovalStage: An approval_stage block specifying the process to obtain an approval, as documented below.
RequestorJustificationRequired bool: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor.

approvalRequired Boolean: Whether an approval is required.
approvalRequiredForExtension Boolean: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply.
approvalStages List<AccessPackageAssignmentPolicyApprovalSettingsApprovalStage>: An approval_stage block specifying the process to obtain an approval, as documented below.
requestorJustificationRequired Boolean: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor.

approvalRequired boolean: Whether an approval is required.
approvalRequiredForExtension boolean: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply.
approvalStages AccessPackageAssignmentPolicyApprovalSettingsApprovalStage[]: An approval_stage block specifying the process to obtain an approval, as documented below.
requestorJustificationRequired boolean: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor.

approval_required bool: Whether an approval is required.
approval_required_for_extension bool: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply.
approval_stages Sequence[AccessPackageAssignmentPolicyApprovalSettingsApprovalStage]: An approval_stage block specifying the process to obtain an approval, as documented below.
requestor_justification_required bool: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor.

approvalRequired Boolean: Whether an approval is required.
approvalRequiredForExtension Boolean: Whether an approval is required to grant extension. Same approval settings used to approve initial access will apply.
approvalStages List<Property Map>: An approval_stage block specifying the process to obtain an approval, as documented below.
requestorJustificationRequired Boolean: Whether a requestor is required to provide a justification to request an access package. Justification is visible to approvers and the requestor.

AccessPackageAssignmentPolicyApprovalSettingsApprovalStage
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs

ApprovalTimeoutInDays int: Decision must be made in how many days? If a request is not approved within this time period after it is made, it will be automatically rejected
AlternativeApprovalEnabled bool: If no action taken, forward to alternate approvers?
AlternativeApprovers List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover>: If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, if there are no escalation approvers, or escalation approvers are not required for the stage, the value of this property should be an empty collection
ApproverJustificationRequired bool: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor
EnableAlternativeApprovalInDays int: Forward to alternate approver(s) after how many days?
PrimaryApprovers List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover>: The users who will be asked to approve requests. A collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, include at least one userSet in this collection

ApprovalTimeoutInDays int: Decision must be made in how many days? If a request is not approved within this time period after it is made, it will be automatically rejected
AlternativeApprovalEnabled bool: If no action taken, forward to alternate approvers?
AlternativeApprovers []AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover: If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, if there are no escalation approvers, or escalation approvers are not required for the stage, the value of this property should be an empty collection
ApproverJustificationRequired bool: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor
EnableAlternativeApprovalInDays int: Forward to alternate approver(s) after how many days?
PrimaryApprovers []AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover: The users who will be asked to approve requests. A collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, include at least one userSet in this collection

approvalTimeoutInDays Integer: Decision must be made in how many days? If a request is not approved within this time period after it is made, it will be automatically rejected
alternativeApprovalEnabled Boolean: If no action taken, forward to alternate approvers?
alternativeApprovers List<AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover>: If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, if there are no escalation approvers, or escalation approvers are not required for the stage, the value of this property should be an empty collection
approverJustificationRequired Boolean: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor
enableAlternativeApprovalInDays Integer: Forward to alternate approver(s) after how many days?
primaryApprovers List<AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover>: The users who will be asked to approve requests. A collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, include at least one userSet in this collection

approvalTimeoutInDays number: Decision must be made in how many days? If a request is not approved within this time period after it is made, it will be automatically rejected
alternativeApprovalEnabled boolean: If no action taken, forward to alternate approvers?
alternativeApprovers AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover[]: If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, if there are no escalation approvers, or escalation approvers are not required for the stage, the value of this property should be an empty collection
approverJustificationRequired boolean: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor
enableAlternativeApprovalInDays number: Forward to alternate approver(s) after how many days?
primaryApprovers AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover[]: The users who will be asked to approve requests. A collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, include at least one userSet in this collection

approval_timeout_in_days int: Decision must be made in how many days? If a request is not approved within this time period after it is made, it will be automatically rejected
alternative_approval_enabled bool: If no action taken, forward to alternate approvers?
alternative_approvers Sequence[AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover]: If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, if there are no escalation approvers, or escalation approvers are not required for the stage, the value of this property should be an empty collection
approver_justification_required bool: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor
enable_alternative_approval_in_days int: Forward to alternate approver(s) after how many days?
primary_approvers Sequence[AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover]: The users who will be asked to approve requests. A collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, include at least one userSet in this collection

approvalTimeoutInDays Number: Decision must be made in how many days? If a request is not approved within this time period after it is made, it will be automatically rejected
alternativeApprovalEnabled Boolean: If no action taken, forward to alternate approvers?
alternativeApprovers List<Property Map>: If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, if there are no escalation approvers, or escalation approvers are not required for the stage, the value of this property should be an empty collection
approverJustificationRequired Boolean: Whether an approver must provide a justification for their decision. Justification is visible to other approvers and the requestor
enableAlternativeApprovalInDays Number: Forward to alternate approver(s) after how many days?
primaryApprovers List<Property Map>: The users who will be asked to approve requests. A collection of singleUser, groupMembers, requestorManager, internalSponsors and externalSponsors. When creating or updating a policy, include at least one userSet in this collection

AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

subjectType string: Type of users
backup boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId string: The object ID of the subject

subject_type str: Type of users
backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
object_id str: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

subjectType string: Type of users
backup boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId string: The object ID of the subject

subject_type str: Type of users
backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
object_id str: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

AccessPackageAssignmentPolicyAssignmentReviewSettings
, AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs

AccessRecommendationEnabled bool: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days.
AccessReviewTimeoutBehavior string: Specifies the actions the system takes if reviewers don't respond in time. Valid values are keepAccess, removeAccess, or acceptAccessRecommendation.
ApproverJustificationRequired bool: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor.
DurationInDays int: How many days each occurrence of the access review series will run.
Enabled bool: Whether to enable assignment review.
ReviewFrequency string: This will determine how often the access review campaign runs, valid values are weekly, monthly, quarterly, halfyearly, or annual.
ReviewType string: Self-review or specific reviewers. Valid values are Manager, Reviewers, or Self.
Reviewers List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer>: One or more reviewer blocks to specify the users who will be reviewers (when review_type is Reviewers), as documented below.
StartingOn string: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date

AccessRecommendationEnabled bool: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days.
AccessReviewTimeoutBehavior string: Specifies the actions the system takes if reviewers don't respond in time. Valid values are keepAccess, removeAccess, or acceptAccessRecommendation.
ApproverJustificationRequired bool: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor.
DurationInDays int: How many days each occurrence of the access review series will run.
Enabled bool: Whether to enable assignment review.
ReviewFrequency string: This will determine how often the access review campaign runs, valid values are weekly, monthly, quarterly, halfyearly, or annual.
ReviewType string: Self-review or specific reviewers. Valid values are Manager, Reviewers, or Self.
Reviewers []AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer: One or more reviewer blocks to specify the users who will be reviewers (when review_type is Reviewers), as documented below.
StartingOn string: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date

accessRecommendationEnabled Boolean: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days.
accessReviewTimeoutBehavior String: Specifies the actions the system takes if reviewers don't respond in time. Valid values are keepAccess, removeAccess, or acceptAccessRecommendation.
approverJustificationRequired Boolean: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor.
durationInDays Integer: How many days each occurrence of the access review series will run.
enabled Boolean: Whether to enable assignment review.
reviewFrequency String: This will determine how often the access review campaign runs, valid values are weekly, monthly, quarterly, halfyearly, or annual.
reviewType String: Self-review or specific reviewers. Valid values are Manager, Reviewers, or Self.
reviewers List<AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer>: One or more reviewer blocks to specify the users who will be reviewers (when review_type is Reviewers), as documented below.
startingOn String: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date

accessRecommendationEnabled boolean: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days.
accessReviewTimeoutBehavior string: Specifies the actions the system takes if reviewers don't respond in time. Valid values are keepAccess, removeAccess, or acceptAccessRecommendation.
approverJustificationRequired boolean: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor.
durationInDays number: How many days each occurrence of the access review series will run.
enabled boolean: Whether to enable assignment review.
reviewFrequency string: This will determine how often the access review campaign runs, valid values are weekly, monthly, quarterly, halfyearly, or annual.
reviewType string: Self-review or specific reviewers. Valid values are Manager, Reviewers, or Self.
reviewers AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer[]: One or more reviewer blocks to specify the users who will be reviewers (when review_type is Reviewers), as documented below.
startingOn string: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date

access_recommendation_enabled bool: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days.
access_review_timeout_behavior str: Specifies the actions the system takes if reviewers don't respond in time. Valid values are keepAccess, removeAccess, or acceptAccessRecommendation.
approver_justification_required bool: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor.
duration_in_days int: How many days each occurrence of the access review series will run.
enabled bool: Whether to enable assignment review.
review_frequency str: This will determine how often the access review campaign runs, valid values are weekly, monthly, quarterly, halfyearly, or annual.
review_type str: Self-review or specific reviewers. Valid values are Manager, Reviewers, or Self.
reviewers Sequence[AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer]: One or more reviewer blocks to specify the users who will be reviewers (when review_type is Reviewers), as documented below.
starting_on str: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date

accessRecommendationEnabled Boolean: Whether to show the reviewer decision helpers. If enabled, system recommendations based on users' access information will be shown to the reviewers. The reviewer will be recommended to approve the review if the user has signed-in at least once during the last 30 days. The reviewer will be recommended to deny the review if the user has not signed-in during the last 30 days.
accessReviewTimeoutBehavior String: Specifies the actions the system takes if reviewers don't respond in time. Valid values are keepAccess, removeAccess, or acceptAccessRecommendation.
approverJustificationRequired Boolean: Whether a reviewer needs to provide a justification for their decision. Justification is visible to other reviewers and the requestor.
durationInDays Number: How many days each occurrence of the access review series will run.
enabled Boolean: Whether to enable assignment review.
reviewFrequency String: This will determine how often the access review campaign runs, valid values are weekly, monthly, quarterly, halfyearly, or annual.
reviewType String: Self-review or specific reviewers. Valid values are Manager, Reviewers, or Self.
reviewers List<Property Map>: One or more reviewer blocks to specify the users who will be reviewers (when review_type is Reviewers), as documented below.
startingOn String: This is the date the access review campaign will start on, formatted as an RFC3339 date string in UTC(e.g. 2018-01-01T01:02:03Z), default is now. Once an access review has been created, you cannot update its start date

AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer
, AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

subjectType string: Type of users
backup boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId string: The object ID of the subject

subject_type str: Type of users
backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
object_id str: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

AccessPackageAssignmentPolicyQuestion
, AccessPackageAssignmentPolicyQuestionArgs

Text Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionText: A block describing the content of this question, as documented below.
Choices List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionChoice>: One or more blocks configuring a choice to the question, as documented below.
Required bool: Whether this question is required.
Sequence int: The sequence number of this question.

Text AccessPackageAssignmentPolicyQuestionText: A block describing the content of this question, as documented below.
Choices []AccessPackageAssignmentPolicyQuestionChoice: One or more blocks configuring a choice to the question, as documented below.
Required bool: Whether this question is required.
Sequence int: The sequence number of this question.

text AccessPackageAssignmentPolicyQuestionText: A block describing the content of this question, as documented below.
choices List<AccessPackageAssignmentPolicyQuestionChoice>: One or more blocks configuring a choice to the question, as documented below.
required Boolean: Whether this question is required.
sequence Integer: The sequence number of this question.

text AccessPackageAssignmentPolicyQuestionText: A block describing the content of this question, as documented below.
choices AccessPackageAssignmentPolicyQuestionChoice[]: One or more blocks configuring a choice to the question, as documented below.
required boolean: Whether this question is required.
sequence number: The sequence number of this question.

text AccessPackageAssignmentPolicyQuestionText: A block describing the content of this question, as documented below.
choices Sequence[AccessPackageAssignmentPolicyQuestionChoice]: One or more blocks configuring a choice to the question, as documented below.
required bool: Whether this question is required.
sequence int: The sequence number of this question.

text Property Map: A block describing the content of this question, as documented below.
choices List<Property Map>: One or more blocks configuring a choice to the question, as documented below.
required Boolean: Whether this question is required.
sequence Number: The sequence number of this question.

AccessPackageAssignmentPolicyQuestionChoice
, AccessPackageAssignmentPolicyQuestionChoiceArgs

ActualValue string: The actual value of this choice
DisplayValue Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValue: The display text of this choice

ActualValue string: The actual value of this choice
DisplayValue AccessPackageAssignmentPolicyQuestionChoiceDisplayValue: The display text of this choice

actualValue String: The actual value of this choice
displayValue AccessPackageAssignmentPolicyQuestionChoiceDisplayValue: The display text of this choice

actualValue string: The actual value of this choice
displayValue AccessPackageAssignmentPolicyQuestionChoiceDisplayValue: The display text of this choice

actual_value str: The actual value of this choice
display_value AccessPackageAssignmentPolicyQuestionChoiceDisplayValue: The display text of this choice

actualValue String: The actual value of this choice
displayValue Property Map: The display text of this choice

AccessPackageAssignmentPolicyQuestionChoiceDisplayValue
, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs

DefaultText string: The default text of this question
LocalizedTexts List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText>: The localized text of this question

DefaultText string: The default text of this question
LocalizedTexts []AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText: The localized text of this question

defaultText String: The default text of this question
localizedTexts List<AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText>: The localized text of this question

defaultText string: The default text of this question
localizedTexts AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText[]: The localized text of this question

default_text str: The default text of this question
localized_texts Sequence[AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText]: The localized text of this question

defaultText String: The default text of this question
localizedTexts List<Property Map>: The localized text of this question

AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText
, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs

Content string: The localized content of this question
LanguageCode string: The language code of this question content

Content string: The localized content of this question
LanguageCode string: The language code of this question content

content String: The localized content of this question
languageCode String: The language code of this question content

content string: The localized content of this question
languageCode string: The language code of this question content

content str: The localized content of this question
language_code str: The language code of this question content

content String: The localized content of this question
languageCode String: The language code of this question content

AccessPackageAssignmentPolicyQuestionText
, AccessPackageAssignmentPolicyQuestionTextArgs

DefaultText string: The default text of this question
LocalizedTexts List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyQuestionTextLocalizedText>: The localized text of this question

DefaultText string: The default text of this question
LocalizedTexts []AccessPackageAssignmentPolicyQuestionTextLocalizedText: The localized text of this question

defaultText String: The default text of this question
localizedTexts List<AccessPackageAssignmentPolicyQuestionTextLocalizedText>: The localized text of this question

defaultText string: The default text of this question
localizedTexts AccessPackageAssignmentPolicyQuestionTextLocalizedText[]: The localized text of this question

default_text str: The default text of this question
localized_texts Sequence[AccessPackageAssignmentPolicyQuestionTextLocalizedText]: The localized text of this question

defaultText String: The default text of this question
localizedTexts List<Property Map>: The localized text of this question

AccessPackageAssignmentPolicyQuestionTextLocalizedText
, AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs

Content string: The localized content of this question
LanguageCode string: The language code of this question content

Content string: The localized content of this question
LanguageCode string: The language code of this question content

content String: The localized content of this question
languageCode String: The language code of this question content

content string: The localized content of this question
languageCode string: The language code of this question content

content str: The localized content of this question
language_code str: The language code of this question content

content String: The localized content of this question
languageCode String: The language code of this question content

AccessPackageAssignmentPolicyRequestorSettings
, AccessPackageAssignmentPolicyRequestorSettingsArgs

Requestors List<Pulumi.AzureAD.Inputs.AccessPackageAssignmentPolicyRequestorSettingsRequestor>: A block specifying the users who are allowed to request on this policy, as documented below.
RequestsAccepted bool: Whether to accept requests using this policy. When false, no new requests can be made using this policy.
ScopeType string: Specifies the scopes of the requestors. Valid values are AllConfiguredConnectedOrganizationSubjects, AllExistingConnectedOrganizationSubjects, AllExistingDirectoryMemberUsers, AllExistingDirectorySubjects, AllExternalSubjects, NoSubjects, SpecificConnectedOrganizationSubjects, or SpecificDirectorySubjects.

Requestors []AccessPackageAssignmentPolicyRequestorSettingsRequestor: A block specifying the users who are allowed to request on this policy, as documented below.
RequestsAccepted bool: Whether to accept requests using this policy. When false, no new requests can be made using this policy.
ScopeType string: Specifies the scopes of the requestors. Valid values are AllConfiguredConnectedOrganizationSubjects, AllExistingConnectedOrganizationSubjects, AllExistingDirectoryMemberUsers, AllExistingDirectorySubjects, AllExternalSubjects, NoSubjects, SpecificConnectedOrganizationSubjects, or SpecificDirectorySubjects.

requestors List<AccessPackageAssignmentPolicyRequestorSettingsRequestor>: A block specifying the users who are allowed to request on this policy, as documented below.
requestsAccepted Boolean: Whether to accept requests using this policy. When false, no new requests can be made using this policy.
scopeType String: Specifies the scopes of the requestors. Valid values are AllConfiguredConnectedOrganizationSubjects, AllExistingConnectedOrganizationSubjects, AllExistingDirectoryMemberUsers, AllExistingDirectorySubjects, AllExternalSubjects, NoSubjects, SpecificConnectedOrganizationSubjects, or SpecificDirectorySubjects.

requestors AccessPackageAssignmentPolicyRequestorSettingsRequestor[]: A block specifying the users who are allowed to request on this policy, as documented below.
requestsAccepted boolean: Whether to accept requests using this policy. When false, no new requests can be made using this policy.
scopeType string: Specifies the scopes of the requestors. Valid values are AllConfiguredConnectedOrganizationSubjects, AllExistingConnectedOrganizationSubjects, AllExistingDirectoryMemberUsers, AllExistingDirectorySubjects, AllExternalSubjects, NoSubjects, SpecificConnectedOrganizationSubjects, or SpecificDirectorySubjects.

requestors Sequence[AccessPackageAssignmentPolicyRequestorSettingsRequestor]: A block specifying the users who are allowed to request on this policy, as documented below.
requests_accepted bool: Whether to accept requests using this policy. When false, no new requests can be made using this policy.
scope_type str: Specifies the scopes of the requestors. Valid values are AllConfiguredConnectedOrganizationSubjects, AllExistingConnectedOrganizationSubjects, AllExistingDirectoryMemberUsers, AllExistingDirectorySubjects, AllExternalSubjects, NoSubjects, SpecificConnectedOrganizationSubjects, or SpecificDirectorySubjects.

requestors List<Property Map>: A block specifying the users who are allowed to request on this policy, as documented below.
requestsAccepted Boolean: Whether to accept requests using this policy. When false, no new requests can be made using this policy.
scopeType String: Specifies the scopes of the requestors. Valid values are AllConfiguredConnectedOrganizationSubjects, AllExistingConnectedOrganizationSubjects, AllExistingDirectoryMemberUsers, AllExistingDirectorySubjects, AllExternalSubjects, NoSubjects, SpecificConnectedOrganizationSubjects, or SpecificDirectorySubjects.

AccessPackageAssignmentPolicyRequestorSettingsRequestor
, AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

SubjectType string: Type of users
Backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
ObjectId string: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

subjectType string: Type of users
backup boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId string: The object ID of the subject

subject_type str: Type of users
backup bool: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
object_id str: The object ID of the subject

subjectType String: Type of users
backup Boolean: For a user in an approval stage, this property indicates whether the user is a backup fallback approver
objectId String: The object ID of the subject

Import

An access package assignment policy can be imported using the ID, e.g.

$ pulumi import azuread:index/accessPackageAssignmentPolicy:AccessPackageAssignmentPolicy example 00000000-0000-0000-0000-000000000000

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Azure Active Directory (Azure AD) pulumi/pulumi-azuread
License: Apache-2.0
Notes: This Pulumi package is based on the azuread Terraform Provider.

Azure Active Directory (Azure AD) v6.2.0 published on Tuesday, Jan 21, 2025 by Pulumi

pulumi/pulumi-azuread

azuread.AccessPackageAssignmentPolicy

On this page

On this page

API Permissions

Example Usage

Create AccessPackageAssignmentPolicy Resource

Constructor syntax

Parameters

Constructor example

AccessPackageAssignmentPolicy Resource Properties

Inputs

Outputs

Look up Existing AccessPackageAssignmentPolicy Resource

Supporting Types

AccessPackageAssignmentPolicyApprovalSettings
, AccessPackageAssignmentPolicyApprovalSettingsArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStage
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs

AccessPackageAssignmentPolicyAssignmentReviewSettings
, AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs

AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer
, AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs

AccessPackageAssignmentPolicyQuestion
, AccessPackageAssignmentPolicyQuestionArgs

AccessPackageAssignmentPolicyQuestionChoice
, AccessPackageAssignmentPolicyQuestionChoiceArgs

AccessPackageAssignmentPolicyQuestionChoiceDisplayValue
, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs

AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText
, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs

AccessPackageAssignmentPolicyQuestionText
, AccessPackageAssignmentPolicyQuestionTextArgs

AccessPackageAssignmentPolicyQuestionTextLocalizedText
, AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs

AccessPackageAssignmentPolicyRequestorSettings
, AccessPackageAssignmentPolicyRequestorSettingsArgs

AccessPackageAssignmentPolicyRequestorSettingsRequestor
, AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs

Import

Package Details

On this page

On this page

azuread.AccessPackageAssignmentPolicy

On this page

On this page

API Permissions

Example Usage

Create AccessPackageAssignmentPolicy Resource

Constructor syntax

Parameters

Constructor example

AccessPackageAssignmentPolicy Resource Properties

Inputs

Outputs

Look up Existing AccessPackageAssignmentPolicy Resource

Supporting Types

AccessPackageAssignmentPolicyApprovalSettings, AccessPackageAssignmentPolicyApprovalSettingsArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStage, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover, AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs

AccessPackageAssignmentPolicyAssignmentReviewSettings, AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs

AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer, AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs

AccessPackageAssignmentPolicyQuestion, AccessPackageAssignmentPolicyQuestionArgs

AccessPackageAssignmentPolicyQuestionChoice, AccessPackageAssignmentPolicyQuestionChoiceArgs

AccessPackageAssignmentPolicyQuestionChoiceDisplayValue, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs

AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs

AccessPackageAssignmentPolicyQuestionText, AccessPackageAssignmentPolicyQuestionTextArgs

AccessPackageAssignmentPolicyQuestionTextLocalizedText, AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs

AccessPackageAssignmentPolicyRequestorSettings, AccessPackageAssignmentPolicyRequestorSettingsArgs

AccessPackageAssignmentPolicyRequestorSettingsRequestor, AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs

Import

Package Details

On this page

On this page

AccessPackageAssignmentPolicyApprovalSettings
, AccessPackageAssignmentPolicyApprovalSettingsArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStage
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApprover
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStageAlternativeApproverArgs

AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApprover
, AccessPackageAssignmentPolicyApprovalSettingsApprovalStagePrimaryApproverArgs

AccessPackageAssignmentPolicyAssignmentReviewSettings
, AccessPackageAssignmentPolicyAssignmentReviewSettingsArgs

AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewer
, AccessPackageAssignmentPolicyAssignmentReviewSettingsReviewerArgs

AccessPackageAssignmentPolicyQuestion
, AccessPackageAssignmentPolicyQuestionArgs

AccessPackageAssignmentPolicyQuestionChoice
, AccessPackageAssignmentPolicyQuestionChoiceArgs

AccessPackageAssignmentPolicyQuestionChoiceDisplayValue
, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueArgs

AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedText
, AccessPackageAssignmentPolicyQuestionChoiceDisplayValueLocalizedTextArgs

AccessPackageAssignmentPolicyQuestionText
, AccessPackageAssignmentPolicyQuestionTextArgs

AccessPackageAssignmentPolicyQuestionTextLocalizedText
, AccessPackageAssignmentPolicyQuestionTextLocalizedTextArgs

AccessPackageAssignmentPolicyRequestorSettings
, AccessPackageAssignmentPolicyRequestorSettingsArgs

AccessPackageAssignmentPolicyRequestorSettingsRequestor
, AccessPackageAssignmentPolicyRequestorSettingsRequestorArgs