1. Packages
  2. Azure Native
  3. API Docs
  4. authorization
  5. AccessReviewScheduleDefinitionById
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.63.0 published on Tuesday, Sep 24, 2024 by Pulumi

azure-native.authorization.AccessReviewScheduleDefinitionById

Explore with Pulumi AI

azure-native logo
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.63.0 published on Tuesday, Sep 24, 2024 by Pulumi

    Access Review Schedule Definition. Azure REST API version: 2021-12-01-preview. Prior API version in Azure Native 1.x: 2021-03-01-preview.

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:authorization:AccessReviewScheduleDefinitionById myresource1 /subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId} 
    

    Create AccessReviewScheduleDefinitionById Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AccessReviewScheduleDefinitionById(name: string, args?: AccessReviewScheduleDefinitionByIdArgs, opts?: CustomResourceOptions);
    @overload
    def AccessReviewScheduleDefinitionById(resource_name: str,
                                           args: Optional[AccessReviewScheduleDefinitionByIdArgs] = None,
                                           opts: Optional[ResourceOptions] = None)
    
    @overload
    def AccessReviewScheduleDefinitionById(resource_name: str,
                                           opts: Optional[ResourceOptions] = None,
                                           auto_apply_decisions_enabled: Optional[bool] = None,
                                           backup_reviewers: Optional[Sequence[AccessReviewReviewerArgs]] = None,
                                           default_decision: Optional[Union[str, DefaultDecisionType]] = None,
                                           default_decision_enabled: Optional[bool] = None,
                                           description_for_admins: Optional[str] = None,
                                           description_for_reviewers: Optional[str] = None,
                                           display_name: Optional[str] = None,
                                           end_date: Optional[str] = None,
                                           exclude_resource_id: Optional[str] = None,
                                           exclude_role_definition_id: Optional[str] = None,
                                           expand_nested_memberships: Optional[bool] = None,
                                           inactive_duration: Optional[str] = None,
                                           include_access_below_resource: Optional[bool] = None,
                                           include_inherited_access: Optional[bool] = None,
                                           instance_duration_in_days: Optional[int] = None,
                                           instances: Optional[Sequence[AccessReviewInstanceArgs]] = None,
                                           interval: Optional[int] = None,
                                           justification_required_on_approval: Optional[bool] = None,
                                           mail_notifications_enabled: Optional[bool] = None,
                                           number_of_occurrences: Optional[int] = None,
                                           recommendation_look_back_duration: Optional[str] = None,
                                           recommendations_enabled: Optional[bool] = None,
                                           reminder_notifications_enabled: Optional[bool] = None,
                                           reviewers: Optional[Sequence[AccessReviewReviewerArgs]] = None,
                                           schedule_definition_id: Optional[str] = None,
                                           start_date: Optional[str] = None,
                                           type: Optional[Union[str, AccessReviewRecurrenceRangeType]] = None)
    func NewAccessReviewScheduleDefinitionById(ctx *Context, name string, args *AccessReviewScheduleDefinitionByIdArgs, opts ...ResourceOption) (*AccessReviewScheduleDefinitionById, error)
    public AccessReviewScheduleDefinitionById(string name, AccessReviewScheduleDefinitionByIdArgs? args = null, CustomResourceOptions? opts = null)
    public AccessReviewScheduleDefinitionById(String name, AccessReviewScheduleDefinitionByIdArgs args)
    public AccessReviewScheduleDefinitionById(String name, AccessReviewScheduleDefinitionByIdArgs args, CustomResourceOptions options)
    
    type: azure-native:authorization:AccessReviewScheduleDefinitionById
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AccessReviewScheduleDefinitionByIdArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AccessReviewScheduleDefinitionByIdArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AccessReviewScheduleDefinitionByIdArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AccessReviewScheduleDefinitionByIdArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AccessReviewScheduleDefinitionByIdArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var accessReviewScheduleDefinitionByIdResource = new AzureNative.Authorization.AccessReviewScheduleDefinitionById("accessReviewScheduleDefinitionByIdResource", new()
    {
        AutoApplyDecisionsEnabled = false,
        BackupReviewers = new[]
        {
            new AzureNative.Authorization.Inputs.AccessReviewReviewerArgs
            {
                PrincipalId = "string",
            },
        },
        DefaultDecision = "string",
        DefaultDecisionEnabled = false,
        DescriptionForAdmins = "string",
        DescriptionForReviewers = "string",
        DisplayName = "string",
        EndDate = "string",
        ExcludeResourceId = "string",
        ExcludeRoleDefinitionId = "string",
        ExpandNestedMemberships = false,
        InactiveDuration = "string",
        IncludeAccessBelowResource = false,
        IncludeInheritedAccess = false,
        InstanceDurationInDays = 0,
        Instances = new[]
        {
            new AzureNative.Authorization.Inputs.AccessReviewInstanceArgs
            {
                BackupReviewers = new[]
                {
                    new AzureNative.Authorization.Inputs.AccessReviewReviewerArgs
                    {
                        PrincipalId = "string",
                    },
                },
                EndDateTime = "string",
                Reviewers = new[]
                {
                    new AzureNative.Authorization.Inputs.AccessReviewReviewerArgs
                    {
                        PrincipalId = "string",
                    },
                },
                StartDateTime = "string",
            },
        },
        Interval = 0,
        JustificationRequiredOnApproval = false,
        MailNotificationsEnabled = false,
        NumberOfOccurrences = 0,
        RecommendationLookBackDuration = "string",
        RecommendationsEnabled = false,
        ReminderNotificationsEnabled = false,
        Reviewers = new[]
        {
            new AzureNative.Authorization.Inputs.AccessReviewReviewerArgs
            {
                PrincipalId = "string",
            },
        },
        ScheduleDefinitionId = "string",
        StartDate = "string",
        Type = "string",
    });
    
    example, err := authorization.NewAccessReviewScheduleDefinitionById(ctx, "accessReviewScheduleDefinitionByIdResource", &authorization.AccessReviewScheduleDefinitionByIdArgs{
    	AutoApplyDecisionsEnabled: pulumi.Bool(false),
    	BackupReviewers: authorization.AccessReviewReviewerArray{
    		&authorization.AccessReviewReviewerArgs{
    			PrincipalId: pulumi.String("string"),
    		},
    	},
    	DefaultDecision:            pulumi.String("string"),
    	DefaultDecisionEnabled:     pulumi.Bool(false),
    	DescriptionForAdmins:       pulumi.String("string"),
    	DescriptionForReviewers:    pulumi.String("string"),
    	DisplayName:                pulumi.String("string"),
    	EndDate:                    pulumi.String("string"),
    	ExcludeResourceId:          pulumi.String("string"),
    	ExcludeRoleDefinitionId:    pulumi.String("string"),
    	ExpandNestedMemberships:    pulumi.Bool(false),
    	InactiveDuration:           pulumi.String("string"),
    	IncludeAccessBelowResource: pulumi.Bool(false),
    	IncludeInheritedAccess:     pulumi.Bool(false),
    	InstanceDurationInDays:     pulumi.Int(0),
    	Instances: authorization.AccessReviewInstanceArray{
    		&authorization.AccessReviewInstanceArgs{
    			BackupReviewers: authorization.AccessReviewReviewerArray{
    				&authorization.AccessReviewReviewerArgs{
    					PrincipalId: pulumi.String("string"),
    				},
    			},
    			EndDateTime: pulumi.String("string"),
    			Reviewers: authorization.AccessReviewReviewerArray{
    				&authorization.AccessReviewReviewerArgs{
    					PrincipalId: pulumi.String("string"),
    				},
    			},
    			StartDateTime: pulumi.String("string"),
    		},
    	},
    	Interval:                        pulumi.Int(0),
    	JustificationRequiredOnApproval: pulumi.Bool(false),
    	MailNotificationsEnabled:        pulumi.Bool(false),
    	NumberOfOccurrences:             pulumi.Int(0),
    	RecommendationLookBackDuration:  pulumi.String("string"),
    	RecommendationsEnabled:          pulumi.Bool(false),
    	ReminderNotificationsEnabled:    pulumi.Bool(false),
    	Reviewers: authorization.AccessReviewReviewerArray{
    		&authorization.AccessReviewReviewerArgs{
    			PrincipalId: pulumi.String("string"),
    		},
    	},
    	ScheduleDefinitionId: pulumi.String("string"),
    	StartDate:            pulumi.String("string"),
    	Type:                 pulumi.String("string"),
    })
    
    var accessReviewScheduleDefinitionByIdResource = new AccessReviewScheduleDefinitionById("accessReviewScheduleDefinitionByIdResource", AccessReviewScheduleDefinitionByIdArgs.builder()
        .autoApplyDecisionsEnabled(false)
        .backupReviewers(AccessReviewReviewerArgs.builder()
            .principalId("string")
            .build())
        .defaultDecision("string")
        .defaultDecisionEnabled(false)
        .descriptionForAdmins("string")
        .descriptionForReviewers("string")
        .displayName("string")
        .endDate("string")
        .excludeResourceId("string")
        .excludeRoleDefinitionId("string")
        .expandNestedMemberships(false)
        .inactiveDuration("string")
        .includeAccessBelowResource(false)
        .includeInheritedAccess(false)
        .instanceDurationInDays(0)
        .instances(AccessReviewInstanceArgs.builder()
            .backupReviewers(AccessReviewReviewerArgs.builder()
                .principalId("string")
                .build())
            .endDateTime("string")
            .reviewers(AccessReviewReviewerArgs.builder()
                .principalId("string")
                .build())
            .startDateTime("string")
            .build())
        .interval(0)
        .justificationRequiredOnApproval(false)
        .mailNotificationsEnabled(false)
        .numberOfOccurrences(0)
        .recommendationLookBackDuration("string")
        .recommendationsEnabled(false)
        .reminderNotificationsEnabled(false)
        .reviewers(AccessReviewReviewerArgs.builder()
            .principalId("string")
            .build())
        .scheduleDefinitionId("string")
        .startDate("string")
        .type("string")
        .build());
    
    access_review_schedule_definition_by_id_resource = azure_native.authorization.AccessReviewScheduleDefinitionById("accessReviewScheduleDefinitionByIdResource",
        auto_apply_decisions_enabled=False,
        backup_reviewers=[{
            "principalId": "string",
        }],
        default_decision="string",
        default_decision_enabled=False,
        description_for_admins="string",
        description_for_reviewers="string",
        display_name="string",
        end_date="string",
        exclude_resource_id="string",
        exclude_role_definition_id="string",
        expand_nested_memberships=False,
        inactive_duration="string",
        include_access_below_resource=False,
        include_inherited_access=False,
        instance_duration_in_days=0,
        instances=[{
            "backupReviewers": [{
                "principalId": "string",
            }],
            "endDateTime": "string",
            "reviewers": [{
                "principalId": "string",
            }],
            "startDateTime": "string",
        }],
        interval=0,
        justification_required_on_approval=False,
        mail_notifications_enabled=False,
        number_of_occurrences=0,
        recommendation_look_back_duration="string",
        recommendations_enabled=False,
        reminder_notifications_enabled=False,
        reviewers=[{
            "principalId": "string",
        }],
        schedule_definition_id="string",
        start_date="string",
        type="string")
    
    const accessReviewScheduleDefinitionByIdResource = new azure_native.authorization.AccessReviewScheduleDefinitionById("accessReviewScheduleDefinitionByIdResource", {
        autoApplyDecisionsEnabled: false,
        backupReviewers: [{
            principalId: "string",
        }],
        defaultDecision: "string",
        defaultDecisionEnabled: false,
        descriptionForAdmins: "string",
        descriptionForReviewers: "string",
        displayName: "string",
        endDate: "string",
        excludeResourceId: "string",
        excludeRoleDefinitionId: "string",
        expandNestedMemberships: false,
        inactiveDuration: "string",
        includeAccessBelowResource: false,
        includeInheritedAccess: false,
        instanceDurationInDays: 0,
        instances: [{
            backupReviewers: [{
                principalId: "string",
            }],
            endDateTime: "string",
            reviewers: [{
                principalId: "string",
            }],
            startDateTime: "string",
        }],
        interval: 0,
        justificationRequiredOnApproval: false,
        mailNotificationsEnabled: false,
        numberOfOccurrences: 0,
        recommendationLookBackDuration: "string",
        recommendationsEnabled: false,
        reminderNotificationsEnabled: false,
        reviewers: [{
            principalId: "string",
        }],
        scheduleDefinitionId: "string",
        startDate: "string",
        type: "string",
    });
    
    type: azure-native:authorization:AccessReviewScheduleDefinitionById
    properties:
        autoApplyDecisionsEnabled: false
        backupReviewers:
            - principalId: string
        defaultDecision: string
        defaultDecisionEnabled: false
        descriptionForAdmins: string
        descriptionForReviewers: string
        displayName: string
        endDate: string
        excludeResourceId: string
        excludeRoleDefinitionId: string
        expandNestedMemberships: false
        inactiveDuration: string
        includeAccessBelowResource: false
        includeInheritedAccess: false
        instanceDurationInDays: 0
        instances:
            - backupReviewers:
                - principalId: string
              endDateTime: string
              reviewers:
                - principalId: string
              startDateTime: string
        interval: 0
        justificationRequiredOnApproval: false
        mailNotificationsEnabled: false
        numberOfOccurrences: 0
        recommendationLookBackDuration: string
        recommendationsEnabled: false
        reminderNotificationsEnabled: false
        reviewers:
            - principalId: string
        scheduleDefinitionId: string
        startDate: string
        type: string
    

    AccessReviewScheduleDefinitionById Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AccessReviewScheduleDefinitionById resource accepts the following input properties:

    AutoApplyDecisionsEnabled bool
    Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
    BackupReviewers List<Pulumi.AzureNative.Authorization.Inputs.AccessReviewReviewer>
    This is the collection of backup reviewers.
    DefaultDecision string | Pulumi.AzureNative.Authorization.DefaultDecisionType
    This specifies the behavior for the autoReview feature when an access review completes.
    DefaultDecisionEnabled bool
    Flag to indicate whether reviewers are required to provide a justification when reviewing access.
    DescriptionForAdmins string
    The description provided by the access review creator and visible to admins.
    DescriptionForReviewers string
    The description provided by the access review creator to be shown to reviewers.
    DisplayName string
    The display name for the schedule definition.
    EndDate string
    The DateTime when the review is scheduled to end. Required if type is endDate
    ExcludeResourceId string
    This is used to indicate the resource id(s) to exclude
    ExcludeRoleDefinitionId string
    This is used to indicate the role definition id(s) to exclude
    ExpandNestedMemberships bool
    Flag to indicate whether to expand nested memberships or not.
    InactiveDuration string
    Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    IncludeAccessBelowResource bool
    Flag to indicate whether to expand nested memberships or not.
    IncludeInheritedAccess bool
    Flag to indicate whether to expand nested memberships or not.
    InstanceDurationInDays int
    The duration in days for an instance.
    Instances List<Pulumi.AzureNative.Authorization.Inputs.AccessReviewInstance>
    This is the collection of instances returned when one does an expand on it.
    Interval int
    The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
    JustificationRequiredOnApproval bool
    Flag to indicate whether the reviewer is required to pass justification when recording a decision.
    MailNotificationsEnabled bool
    Flag to indicate whether sending mails to reviewers and the review creator is enabled.
    NumberOfOccurrences int
    The number of times to repeat the access review. Required and must be positive if type is numbered.
    RecommendationLookBackDuration string
    Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    RecommendationsEnabled bool
    Flag to indicate whether showing recommendations to reviewers is enabled.
    ReminderNotificationsEnabled bool
    Flag to indicate whether sending reminder emails to reviewers are enabled.
    Reviewers List<Pulumi.AzureNative.Authorization.Inputs.AccessReviewReviewer>
    This is the collection of reviewers.
    ScheduleDefinitionId string
    The id of the access review schedule definition.
    StartDate string
    The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
    Type string | Pulumi.AzureNative.Authorization.AccessReviewRecurrenceRangeType
    The recurrence range type. The possible values are: endDate, noEnd, numbered.
    AutoApplyDecisionsEnabled bool
    Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
    BackupReviewers []AccessReviewReviewerArgs
    This is the collection of backup reviewers.
    DefaultDecision string | DefaultDecisionType
    This specifies the behavior for the autoReview feature when an access review completes.
    DefaultDecisionEnabled bool
    Flag to indicate whether reviewers are required to provide a justification when reviewing access.
    DescriptionForAdmins string
    The description provided by the access review creator and visible to admins.
    DescriptionForReviewers string
    The description provided by the access review creator to be shown to reviewers.
    DisplayName string
    The display name for the schedule definition.
    EndDate string
    The DateTime when the review is scheduled to end. Required if type is endDate
    ExcludeResourceId string
    This is used to indicate the resource id(s) to exclude
    ExcludeRoleDefinitionId string
    This is used to indicate the role definition id(s) to exclude
    ExpandNestedMemberships bool
    Flag to indicate whether to expand nested memberships or not.
    InactiveDuration string
    Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    IncludeAccessBelowResource bool
    Flag to indicate whether to expand nested memberships or not.
    IncludeInheritedAccess bool
    Flag to indicate whether to expand nested memberships or not.
    InstanceDurationInDays int
    The duration in days for an instance.
    Instances []AccessReviewInstanceArgs
    This is the collection of instances returned when one does an expand on it.
    Interval int
    The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
    JustificationRequiredOnApproval bool
    Flag to indicate whether the reviewer is required to pass justification when recording a decision.
    MailNotificationsEnabled bool
    Flag to indicate whether sending mails to reviewers and the review creator is enabled.
    NumberOfOccurrences int
    The number of times to repeat the access review. Required and must be positive if type is numbered.
    RecommendationLookBackDuration string
    Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    RecommendationsEnabled bool
    Flag to indicate whether showing recommendations to reviewers is enabled.
    ReminderNotificationsEnabled bool
    Flag to indicate whether sending reminder emails to reviewers are enabled.
    Reviewers []AccessReviewReviewerArgs
    This is the collection of reviewers.
    ScheduleDefinitionId string
    The id of the access review schedule definition.
    StartDate string
    The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
    Type string | AccessReviewRecurrenceRangeType
    The recurrence range type. The possible values are: endDate, noEnd, numbered.
    autoApplyDecisionsEnabled Boolean
    Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
    backupReviewers List<AccessReviewReviewer>
    This is the collection of backup reviewers.
    defaultDecision String | DefaultDecisionType
    This specifies the behavior for the autoReview feature when an access review completes.
    defaultDecisionEnabled Boolean
    Flag to indicate whether reviewers are required to provide a justification when reviewing access.
    descriptionForAdmins String
    The description provided by the access review creator and visible to admins.
    descriptionForReviewers String
    The description provided by the access review creator to be shown to reviewers.
    displayName String
    The display name for the schedule definition.
    endDate String
    The DateTime when the review is scheduled to end. Required if type is endDate
    excludeResourceId String
    This is used to indicate the resource id(s) to exclude
    excludeRoleDefinitionId String
    This is used to indicate the role definition id(s) to exclude
    expandNestedMemberships Boolean
    Flag to indicate whether to expand nested memberships or not.
    inactiveDuration String
    Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    includeAccessBelowResource Boolean
    Flag to indicate whether to expand nested memberships or not.
    includeInheritedAccess Boolean
    Flag to indicate whether to expand nested memberships or not.
    instanceDurationInDays Integer
    The duration in days for an instance.
    instances List<AccessReviewInstance>
    This is the collection of instances returned when one does an expand on it.
    interval Integer
    The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
    justificationRequiredOnApproval Boolean
    Flag to indicate whether the reviewer is required to pass justification when recording a decision.
    mailNotificationsEnabled Boolean
    Flag to indicate whether sending mails to reviewers and the review creator is enabled.
    numberOfOccurrences Integer
    The number of times to repeat the access review. Required and must be positive if type is numbered.
    recommendationLookBackDuration String
    Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    recommendationsEnabled Boolean
    Flag to indicate whether showing recommendations to reviewers is enabled.
    reminderNotificationsEnabled Boolean
    Flag to indicate whether sending reminder emails to reviewers are enabled.
    reviewers List<AccessReviewReviewer>
    This is the collection of reviewers.
    scheduleDefinitionId String
    The id of the access review schedule definition.
    startDate String
    The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
    type String | AccessReviewRecurrenceRangeType
    The recurrence range type. The possible values are: endDate, noEnd, numbered.
    autoApplyDecisionsEnabled boolean
    Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
    backupReviewers AccessReviewReviewer[]
    This is the collection of backup reviewers.
    defaultDecision string | DefaultDecisionType
    This specifies the behavior for the autoReview feature when an access review completes.
    defaultDecisionEnabled boolean
    Flag to indicate whether reviewers are required to provide a justification when reviewing access.
    descriptionForAdmins string
    The description provided by the access review creator and visible to admins.
    descriptionForReviewers string
    The description provided by the access review creator to be shown to reviewers.
    displayName string
    The display name for the schedule definition.
    endDate string
    The DateTime when the review is scheduled to end. Required if type is endDate
    excludeResourceId string
    This is used to indicate the resource id(s) to exclude
    excludeRoleDefinitionId string
    This is used to indicate the role definition id(s) to exclude
    expandNestedMemberships boolean
    Flag to indicate whether to expand nested memberships or not.
    inactiveDuration string
    Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    includeAccessBelowResource boolean
    Flag to indicate whether to expand nested memberships or not.
    includeInheritedAccess boolean
    Flag to indicate whether to expand nested memberships or not.
    instanceDurationInDays number
    The duration in days for an instance.
    instances AccessReviewInstance[]
    This is the collection of instances returned when one does an expand on it.
    interval number
    The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
    justificationRequiredOnApproval boolean
    Flag to indicate whether the reviewer is required to pass justification when recording a decision.
    mailNotificationsEnabled boolean
    Flag to indicate whether sending mails to reviewers and the review creator is enabled.
    numberOfOccurrences number
    The number of times to repeat the access review. Required and must be positive if type is numbered.
    recommendationLookBackDuration string
    Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    recommendationsEnabled boolean
    Flag to indicate whether showing recommendations to reviewers is enabled.
    reminderNotificationsEnabled boolean
    Flag to indicate whether sending reminder emails to reviewers are enabled.
    reviewers AccessReviewReviewer[]
    This is the collection of reviewers.
    scheduleDefinitionId string
    The id of the access review schedule definition.
    startDate string
    The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
    type string | AccessReviewRecurrenceRangeType
    The recurrence range type. The possible values are: endDate, noEnd, numbered.
    auto_apply_decisions_enabled bool
    Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
    backup_reviewers Sequence[AccessReviewReviewerArgs]
    This is the collection of backup reviewers.
    default_decision str | DefaultDecisionType
    This specifies the behavior for the autoReview feature when an access review completes.
    default_decision_enabled bool
    Flag to indicate whether reviewers are required to provide a justification when reviewing access.
    description_for_admins str
    The description provided by the access review creator and visible to admins.
    description_for_reviewers str
    The description provided by the access review creator to be shown to reviewers.
    display_name str
    The display name for the schedule definition.
    end_date str
    The DateTime when the review is scheduled to end. Required if type is endDate
    exclude_resource_id str
    This is used to indicate the resource id(s) to exclude
    exclude_role_definition_id str
    This is used to indicate the role definition id(s) to exclude
    expand_nested_memberships bool
    Flag to indicate whether to expand nested memberships or not.
    inactive_duration str
    Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    include_access_below_resource bool
    Flag to indicate whether to expand nested memberships or not.
    include_inherited_access bool
    Flag to indicate whether to expand nested memberships or not.
    instance_duration_in_days int
    The duration in days for an instance.
    instances Sequence[AccessReviewInstanceArgs]
    This is the collection of instances returned when one does an expand on it.
    interval int
    The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
    justification_required_on_approval bool
    Flag to indicate whether the reviewer is required to pass justification when recording a decision.
    mail_notifications_enabled bool
    Flag to indicate whether sending mails to reviewers and the review creator is enabled.
    number_of_occurrences int
    The number of times to repeat the access review. Required and must be positive if type is numbered.
    recommendation_look_back_duration str
    Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    recommendations_enabled bool
    Flag to indicate whether showing recommendations to reviewers is enabled.
    reminder_notifications_enabled bool
    Flag to indicate whether sending reminder emails to reviewers are enabled.
    reviewers Sequence[AccessReviewReviewerArgs]
    This is the collection of reviewers.
    schedule_definition_id str
    The id of the access review schedule definition.
    start_date str
    The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
    type str | AccessReviewRecurrenceRangeType
    The recurrence range type. The possible values are: endDate, noEnd, numbered.
    autoApplyDecisionsEnabled Boolean
    Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.
    backupReviewers List<Property Map>
    This is the collection of backup reviewers.
    defaultDecision String | "Approve" | "Deny" | "Recommendation"
    This specifies the behavior for the autoReview feature when an access review completes.
    defaultDecisionEnabled Boolean
    Flag to indicate whether reviewers are required to provide a justification when reviewing access.
    descriptionForAdmins String
    The description provided by the access review creator and visible to admins.
    descriptionForReviewers String
    The description provided by the access review creator to be shown to reviewers.
    displayName String
    The display name for the schedule definition.
    endDate String
    The DateTime when the review is scheduled to end. Required if type is endDate
    excludeResourceId String
    This is used to indicate the resource id(s) to exclude
    excludeRoleDefinitionId String
    This is used to indicate the role definition id(s) to exclude
    expandNestedMemberships Boolean
    Flag to indicate whether to expand nested memberships or not.
    inactiveDuration String
    Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    includeAccessBelowResource Boolean
    Flag to indicate whether to expand nested memberships or not.
    includeInheritedAccess Boolean
    Flag to indicate whether to expand nested memberships or not.
    instanceDurationInDays Number
    The duration in days for an instance.
    instances List<Property Map>
    This is the collection of instances returned when one does an expand on it.
    interval Number
    The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.
    justificationRequiredOnApproval Boolean
    Flag to indicate whether the reviewer is required to pass justification when recording a decision.
    mailNotificationsEnabled Boolean
    Flag to indicate whether sending mails to reviewers and the review creator is enabled.
    numberOfOccurrences Number
    The number of times to repeat the access review. Required and must be positive if type is numbered.
    recommendationLookBackDuration String
    Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds))
    recommendationsEnabled Boolean
    Flag to indicate whether showing recommendations to reviewers is enabled.
    reminderNotificationsEnabled Boolean
    Flag to indicate whether sending reminder emails to reviewers are enabled.
    reviewers List<Property Map>
    This is the collection of reviewers.
    scheduleDefinitionId String
    The id of the access review schedule definition.
    startDate String
    The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.
    type String | "endDate" | "noEnd" | "numbered"
    The recurrence range type. The possible values are: endDate, noEnd, numbered.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AccessReviewScheduleDefinitionById resource produces the following output properties:

    AssignmentState string
    The role assignment state eligible/active to review
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    The access review schedule definition unique id.
    PrincipalId string
    The identity id
    PrincipalName string
    The identity display name
    PrincipalType string
    The identity type user/servicePrincipal to review
    ResourceId string
    ResourceId in which this review is getting created
    ReviewersType string
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    RoleDefinitionId string
    This is used to indicate the role being reviewed
    Status string
    This read-only field specifies the status of an accessReview.
    UserPrincipalName string
    The user principal name(if valid)
    AssignmentState string
    The role assignment state eligible/active to review
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    The access review schedule definition unique id.
    PrincipalId string
    The identity id
    PrincipalName string
    The identity display name
    PrincipalType string
    The identity type user/servicePrincipal to review
    ResourceId string
    ResourceId in which this review is getting created
    ReviewersType string
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    RoleDefinitionId string
    This is used to indicate the role being reviewed
    Status string
    This read-only field specifies the status of an accessReview.
    UserPrincipalName string
    The user principal name(if valid)
    assignmentState String
    The role assignment state eligible/active to review
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    The access review schedule definition unique id.
    principalId String
    The identity id
    principalName String
    The identity display name
    principalType String
    The identity type user/servicePrincipal to review
    resourceId String
    ResourceId in which this review is getting created
    reviewersType String
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    roleDefinitionId String
    This is used to indicate the role being reviewed
    status String
    This read-only field specifies the status of an accessReview.
    userPrincipalName String
    The user principal name(if valid)
    assignmentState string
    The role assignment state eligible/active to review
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    The access review schedule definition unique id.
    principalId string
    The identity id
    principalName string
    The identity display name
    principalType string
    The identity type user/servicePrincipal to review
    resourceId string
    ResourceId in which this review is getting created
    reviewersType string
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    roleDefinitionId string
    This is used to indicate the role being reviewed
    status string
    This read-only field specifies the status of an accessReview.
    userPrincipalName string
    The user principal name(if valid)
    assignment_state str
    The role assignment state eligible/active to review
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    The access review schedule definition unique id.
    principal_id str
    The identity id
    principal_name str
    The identity display name
    principal_type str
    The identity type user/servicePrincipal to review
    resource_id str
    ResourceId in which this review is getting created
    reviewers_type str
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    role_definition_id str
    This is used to indicate the role being reviewed
    status str
    This read-only field specifies the status of an accessReview.
    user_principal_name str
    The user principal name(if valid)
    assignmentState String
    The role assignment state eligible/active to review
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    The access review schedule definition unique id.
    principalId String
    The identity id
    principalName String
    The identity display name
    principalType String
    The identity type user/servicePrincipal to review
    resourceId String
    ResourceId in which this review is getting created
    reviewersType String
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    roleDefinitionId String
    This is used to indicate the role being reviewed
    status String
    This read-only field specifies the status of an accessReview.
    userPrincipalName String
    The user principal name(if valid)

    Supporting Types

    AccessReviewInstance, AccessReviewInstanceArgs

    BackupReviewers List<Pulumi.AzureNative.Authorization.Inputs.AccessReviewReviewer>
    This is the collection of backup reviewers.
    EndDateTime string
    The DateTime when the review instance is scheduled to end.
    Reviewers List<Pulumi.AzureNative.Authorization.Inputs.AccessReviewReviewer>
    This is the collection of reviewers.
    StartDateTime string
    The DateTime when the review instance is scheduled to be start.
    BackupReviewers []AccessReviewReviewer
    This is the collection of backup reviewers.
    EndDateTime string
    The DateTime when the review instance is scheduled to end.
    Reviewers []AccessReviewReviewer
    This is the collection of reviewers.
    StartDateTime string
    The DateTime when the review instance is scheduled to be start.
    backupReviewers List<AccessReviewReviewer>
    This is the collection of backup reviewers.
    endDateTime String
    The DateTime when the review instance is scheduled to end.
    reviewers List<AccessReviewReviewer>
    This is the collection of reviewers.
    startDateTime String
    The DateTime when the review instance is scheduled to be start.
    backupReviewers AccessReviewReviewer[]
    This is the collection of backup reviewers.
    endDateTime string
    The DateTime when the review instance is scheduled to end.
    reviewers AccessReviewReviewer[]
    This is the collection of reviewers.
    startDateTime string
    The DateTime when the review instance is scheduled to be start.
    backup_reviewers Sequence[AccessReviewReviewer]
    This is the collection of backup reviewers.
    end_date_time str
    The DateTime when the review instance is scheduled to end.
    reviewers Sequence[AccessReviewReviewer]
    This is the collection of reviewers.
    start_date_time str
    The DateTime when the review instance is scheduled to be start.
    backupReviewers List<Property Map>
    This is the collection of backup reviewers.
    endDateTime String
    The DateTime when the review instance is scheduled to end.
    reviewers List<Property Map>
    This is the collection of reviewers.
    startDateTime String
    The DateTime when the review instance is scheduled to be start.

    AccessReviewInstanceResponse, AccessReviewInstanceResponseArgs

    Id string
    The access review instance id.
    Name string
    The access review instance name.
    ReviewersType string
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    Status string
    This read-only field specifies the status of an access review instance.
    Type string
    The resource type.
    BackupReviewers List<Pulumi.AzureNative.Authorization.Inputs.AccessReviewReviewerResponse>
    This is the collection of backup reviewers.
    EndDateTime string
    The DateTime when the review instance is scheduled to end.
    Reviewers List<Pulumi.AzureNative.Authorization.Inputs.AccessReviewReviewerResponse>
    This is the collection of reviewers.
    StartDateTime string
    The DateTime when the review instance is scheduled to be start.
    Id string
    The access review instance id.
    Name string
    The access review instance name.
    ReviewersType string
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    Status string
    This read-only field specifies the status of an access review instance.
    Type string
    The resource type.
    BackupReviewers []AccessReviewReviewerResponse
    This is the collection of backup reviewers.
    EndDateTime string
    The DateTime when the review instance is scheduled to end.
    Reviewers []AccessReviewReviewerResponse
    This is the collection of reviewers.
    StartDateTime string
    The DateTime when the review instance is scheduled to be start.
    id String
    The access review instance id.
    name String
    The access review instance name.
    reviewersType String
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    status String
    This read-only field specifies the status of an access review instance.
    type String
    The resource type.
    backupReviewers List<AccessReviewReviewerResponse>
    This is the collection of backup reviewers.
    endDateTime String
    The DateTime when the review instance is scheduled to end.
    reviewers List<AccessReviewReviewerResponse>
    This is the collection of reviewers.
    startDateTime String
    The DateTime when the review instance is scheduled to be start.
    id string
    The access review instance id.
    name string
    The access review instance name.
    reviewersType string
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    status string
    This read-only field specifies the status of an access review instance.
    type string
    The resource type.
    backupReviewers AccessReviewReviewerResponse[]
    This is the collection of backup reviewers.
    endDateTime string
    The DateTime when the review instance is scheduled to end.
    reviewers AccessReviewReviewerResponse[]
    This is the collection of reviewers.
    startDateTime string
    The DateTime when the review instance is scheduled to be start.
    id str
    The access review instance id.
    name str
    The access review instance name.
    reviewers_type str
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    status str
    This read-only field specifies the status of an access review instance.
    type str
    The resource type.
    backup_reviewers Sequence[AccessReviewReviewerResponse]
    This is the collection of backup reviewers.
    end_date_time str
    The DateTime when the review instance is scheduled to end.
    reviewers Sequence[AccessReviewReviewerResponse]
    This is the collection of reviewers.
    start_date_time str
    The DateTime when the review instance is scheduled to be start.
    id String
    The access review instance id.
    name String
    The access review instance name.
    reviewersType String
    This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review.
    status String
    This read-only field specifies the status of an access review instance.
    type String
    The resource type.
    backupReviewers List<Property Map>
    This is the collection of backup reviewers.
    endDateTime String
    The DateTime when the review instance is scheduled to end.
    reviewers List<Property Map>
    This is the collection of reviewers.
    startDateTime String
    The DateTime when the review instance is scheduled to be start.

    AccessReviewRecurrenceRangeType, AccessReviewRecurrenceRangeTypeArgs

    EndDate
    endDate
    NoEnd
    noEnd
    Numbered
    numbered
    AccessReviewRecurrenceRangeTypeEndDate
    endDate
    AccessReviewRecurrenceRangeTypeNoEnd
    noEnd
    AccessReviewRecurrenceRangeTypeNumbered
    numbered
    EndDate
    endDate
    NoEnd
    noEnd
    Numbered
    numbered
    EndDate
    endDate
    NoEnd
    noEnd
    Numbered
    numbered
    END_DATE
    endDate
    NO_END
    noEnd
    NUMBERED
    numbered
    "endDate"
    endDate
    "noEnd"
    noEnd
    "numbered"
    numbered

    AccessReviewReviewer, AccessReviewReviewerArgs

    PrincipalId string
    The id of the reviewer(user/servicePrincipal)
    PrincipalId string
    The id of the reviewer(user/servicePrincipal)
    principalId String
    The id of the reviewer(user/servicePrincipal)
    principalId string
    The id of the reviewer(user/servicePrincipal)
    principal_id str
    The id of the reviewer(user/servicePrincipal)
    principalId String
    The id of the reviewer(user/servicePrincipal)

    AccessReviewReviewerResponse, AccessReviewReviewerResponseArgs

    PrincipalType string
    The identity type : user/servicePrincipal
    PrincipalId string
    The id of the reviewer(user/servicePrincipal)
    PrincipalType string
    The identity type : user/servicePrincipal
    PrincipalId string
    The id of the reviewer(user/servicePrincipal)
    principalType String
    The identity type : user/servicePrincipal
    principalId String
    The id of the reviewer(user/servicePrincipal)
    principalType string
    The identity type : user/servicePrincipal
    principalId string
    The id of the reviewer(user/servicePrincipal)
    principal_type str
    The identity type : user/servicePrincipal
    principal_id str
    The id of the reviewer(user/servicePrincipal)
    principalType String
    The identity type : user/servicePrincipal
    principalId String
    The id of the reviewer(user/servicePrincipal)

    DefaultDecisionType, DefaultDecisionTypeArgs

    Approve
    Approve
    Deny
    Deny
    Recommendation
    Recommendation
    DefaultDecisionTypeApprove
    Approve
    DefaultDecisionTypeDeny
    Deny
    DefaultDecisionTypeRecommendation
    Recommendation
    Approve
    Approve
    Deny
    Deny
    Recommendation
    Recommendation
    Approve
    Approve
    Deny
    Deny
    Recommendation
    Recommendation
    APPROVE
    Approve
    DENY
    Deny
    RECOMMENDATION
    Recommendation
    "Approve"
    Approve
    "Deny"
    Deny
    "Recommendation"
    Recommendation

    Package Details

    Repository
    Azure Native pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native logo
    This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
    Azure Native v2.63.0 published on Tuesday, Sep 24, 2024 by Pulumi