Docs Home
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi
azure-native.sovereign.LandingZoneConfigurationOperation
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi
Concrete proxy resource types can be created by aliasing this type using a specific property type.
Uses Azure REST API version 2025-02-27-preview.
Example Usage
LandingZoneConfigurationOperations_Create
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var landingZoneConfigurationOperation = new AzureNative.Sovereign.LandingZoneConfigurationOperation("landingZoneConfigurationOperation", new()
{
LandingZoneAccountName = "lza-RemApiExample",
LandingZoneConfigurationName = "lzc-RemApiExample",
Properties = new AzureNative.Sovereign.Inputs.LandingZoneConfigurationResourcePropertiesArgs
{
AzureBastionCreationOption = AzureNative.Sovereign.ResourceCreationOptions.UseExisting,
CustomNamingConvention = new[]
{
new AzureNative.Sovereign.Inputs.CustomNamingConventionArgs
{
Formula = "{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}",
ResourceType = AzureNative.Sovereign.ResourceType.DdosProtectionPlans,
},
},
DdosProtectionCreationOption = AzureNative.Sovereign.ResourceCreationOptions.UseExisting,
DecommissionedMgMetadata = new AzureNative.Sovereign.Inputs.DecommissionedManagementGroupPropertiesArgs
{
Create = true,
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
ExistingAzureBastionId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/bastionHosts/bas-RemApiExample",
ExistingDdosProtectionId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/ddosProtectionPlans/ddos-RemApiExample",
ExistingLogAnalyticsWorkspaceId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.OperationalInsights/workspaces/log-RemApiExample",
FirewallCreationOption = AzureNative.Sovereign.FirewallCreationOptions.Premium,
FirewallSubnetCidrBlock = "10.20.254.0/24",
GatewaySubnetCidrBlock = "10.20.252.0/24",
HubNetworkCidrBlock = "10.20.0.0/16",
LandingZonesMgChildren = new[]
{
new AzureNative.Sovereign.Inputs.LandingZoneManagementGroupPropertiesArgs
{
Name = "Corp",
PolicyInitiativesAssignmentProperties = new() { },
},
new AzureNative.Sovereign.Inputs.LandingZoneManagementGroupPropertiesArgs
{
Name = "Online",
PolicyInitiativesAssignmentProperties = new() { },
},
new AzureNative.Sovereign.Inputs.LandingZoneManagementGroupPropertiesArgs
{
Name = "Confidential Corp",
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = null,
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea",
},
},
},
new AzureNative.Sovereign.Inputs.LandingZoneManagementGroupPropertiesArgs
{
Name = "Confidential Online",
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = null,
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea",
},
},
},
},
LandingZonesMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
LogAnalyticsWorkspaceCreationOption = AzureNative.Sovereign.ResourceCreationOptions.UseExisting,
LogRetentionInDays = 540,
ManagedIdentity = new AzureNative.Sovereign.Inputs.ManagedIdentityPropertiesArgs
{
Type = AzureNative.Sovereign.ManagedIdentityResourceType.UserAssigned,
UserAssignedIdentityResourceId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-RemApiExample",
},
NamingConventionFormula = "{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}-{Environment}",
PlatformConnectivityMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
PlatformIdentityMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
PlatformManagementMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
PlatformMgChildren = new[]
{
new AzureNative.Sovereign.Inputs.PlatformManagementGroupPropertiesArgs
{
Name = "Telemetry",
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
new AzureNative.Sovereign.Inputs.PlatformManagementGroupPropertiesArgs
{
Name = "Security",
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
},
PlatformMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
SandboxMgMetadata = new AzureNative.Sovereign.Inputs.SandboxManagementGroupPropertiesArgs
{
Create = true,
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
Tags = new[]
{
new AzureNative.Sovereign.Inputs.TagsArgs
{
Name = "tag1",
Value = "Lorem",
},
new AzureNative.Sovereign.Inputs.TagsArgs
{
Name = "tag2",
Value = "Ipsum",
},
},
TopLevelMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = new Dictionary<string, object?>
{
["listOfAllowedLocations"] = new[]
{
"swedencentral",
"eastus2",
"uksouth",
},
},
PolicyInitiativeId = "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
},
},
},
},
ResourceGroupName = "rg-RemApiExample",
});
});
package main
import (
sovereign "github.com/pulumi/pulumi-azure-native-sdk/sovereign/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sovereign.NewLandingZoneConfigurationOperation(ctx, "landingZoneConfigurationOperation", &sovereign.LandingZoneConfigurationOperationArgs{
LandingZoneAccountName: pulumi.String("lza-RemApiExample"),
LandingZoneConfigurationName: pulumi.String("lzc-RemApiExample"),
Properties: &sovereign.LandingZoneConfigurationResourcePropertiesArgs{
AzureBastionCreationOption: pulumi.String(sovereign.ResourceCreationOptionsUseExisting),
CustomNamingConvention: sovereign.CustomNamingConventionArray{
&sovereign.CustomNamingConventionArgs{
Formula: pulumi.String("{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}"),
ResourceType: pulumi.String(sovereign.ResourceTypeDdosProtectionPlans),
},
},
DdosProtectionCreationOption: pulumi.String(sovereign.ResourceCreationOptionsUseExisting),
DecommissionedMgMetadata: &sovereign.DecommissionedManagementGroupPropertiesArgs{
Create: pulumi.Bool(true),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
ExistingAzureBastionId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/bastionHosts/bas-RemApiExample"),
ExistingDdosProtectionId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/ddosProtectionPlans/ddos-RemApiExample"),
ExistingLogAnalyticsWorkspaceId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.OperationalInsights/workspaces/log-RemApiExample"),
FirewallCreationOption: pulumi.String(sovereign.FirewallCreationOptionsPremium),
FirewallSubnetCidrBlock: pulumi.String("10.20.254.0/24"),
GatewaySubnetCidrBlock: pulumi.String("10.20.252.0/24"),
HubNetworkCidrBlock: pulumi.String("10.20.0.0/16"),
LandingZonesMgChildren: sovereign.LandingZoneManagementGroupPropertiesArray{
&sovereign.LandingZoneManagementGroupPropertiesArgs{
Name: pulumi.String("Corp"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{},
},
&sovereign.LandingZoneManagementGroupPropertiesArgs{
Name: pulumi.String("Online"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{},
},
&sovereign.LandingZoneManagementGroupPropertiesArgs{
Name: pulumi.String("Confidential Corp"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea"),
},
},
},
&sovereign.LandingZoneManagementGroupPropertiesArgs{
Name: pulumi.String("Confidential Online"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea"),
},
},
},
},
LandingZonesMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
LogAnalyticsWorkspaceCreationOption: pulumi.String(sovereign.ResourceCreationOptionsUseExisting),
LogRetentionInDays: pulumi.Float64(540),
ManagedIdentity: &sovereign.ManagedIdentityPropertiesArgs{
Type: pulumi.String(sovereign.ManagedIdentityResourceTypeUserAssigned),
UserAssignedIdentityResourceId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-RemApiExample"),
},
NamingConventionFormula: pulumi.String("{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}-{Environment}"),
PlatformConnectivityMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
PlatformIdentityMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
PlatformManagementMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
PlatformMgChildren: sovereign.PlatformManagementGroupPropertiesArray{
&sovereign.PlatformManagementGroupPropertiesArgs{
Name: pulumi.String("Telemetry"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
&sovereign.PlatformManagementGroupPropertiesArgs{
Name: pulumi.String("Security"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
},
PlatformMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
SandboxMgMetadata: &sovereign.SandboxManagementGroupPropertiesArgs{
Create: pulumi.Bool(true),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
Tags: sovereign.TagsArray{
&sovereign.TagsArgs{
Name: pulumi.String("tag1"),
Value: pulumi.String("Lorem"),
},
&sovereign.TagsArgs{
Name: pulumi.String("tag2"),
Value: pulumi.String("Ipsum"),
},
},
TopLevelMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any(map[string]interface{}{
"listOfAllowedLocations": []string{
"swedencentral",
"eastus2",
"uksouth",
},
}),
PolicyInitiativeId: pulumi.String("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523"),
},
},
},
},
ResourceGroupName: pulumi.String("rg-RemApiExample"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.sovereign.LandingZoneConfigurationOperation;
import com.pulumi.azurenative.sovereign.LandingZoneConfigurationOperationArgs;
import com.pulumi.azurenative.sovereign.inputs.LandingZoneConfigurationResourcePropertiesArgs;
import com.pulumi.azurenative.sovereign.inputs.DecommissionedManagementGroupPropertiesArgs;
import com.pulumi.azurenative.sovereign.inputs.ManagementGroupPropertiesArgs;
import com.pulumi.azurenative.sovereign.inputs.ManagedIdentityPropertiesArgs;
import com.pulumi.azurenative.sovereign.inputs.SandboxManagementGroupPropertiesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var landingZoneConfigurationOperation = new LandingZoneConfigurationOperation("landingZoneConfigurationOperation", LandingZoneConfigurationOperationArgs.builder()
.landingZoneAccountName("lza-RemApiExample")
.landingZoneConfigurationName("lzc-RemApiExample")
.properties(LandingZoneConfigurationResourcePropertiesArgs.builder()
.azureBastionCreationOption("UseExisting")
.customNamingConvention(CustomNamingConventionArgs.builder()
.formula("{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}")
.resourceType("ddosProtectionPlans")
.build())
.ddosProtectionCreationOption("UseExisting")
.decommissionedMgMetadata(DecommissionedManagementGroupPropertiesArgs.builder()
.create(true)
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.existingAzureBastionId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/bastionHosts/bas-RemApiExample")
.existingDdosProtectionId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/ddosProtectionPlans/ddos-RemApiExample")
.existingLogAnalyticsWorkspaceId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.OperationalInsights/workspaces/log-RemApiExample")
.firewallCreationOption("Premium")
.firewallSubnetCidrBlock("10.20.254.0/24")
.gatewaySubnetCidrBlock("10.20.252.0/24")
.hubNetworkCidrBlock("10.20.0.0/16")
.landingZonesMgChildren(
LandingZoneManagementGroupPropertiesArgs.builder()
.name("Corp")
.policyInitiativesAssignmentProperties()
.build(),
LandingZoneManagementGroupPropertiesArgs.builder()
.name("Online")
.policyInitiativesAssignmentProperties()
.build(),
LandingZoneManagementGroupPropertiesArgs.builder()
.name("Confidential Corp")
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters()
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea")
.build())
.build(),
LandingZoneManagementGroupPropertiesArgs.builder()
.name("Confidential Online")
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters()
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea")
.build())
.build())
.landingZonesMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.logAnalyticsWorkspaceCreationOption("UseExisting")
.logRetentionInDays(540)
.managedIdentity(ManagedIdentityPropertiesArgs.builder()
.type("UserAssigned")
.userAssignedIdentityResourceId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-RemApiExample")
.build())
.namingConventionFormula("{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}-{Environment}")
.platformConnectivityMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.platformIdentityMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.platformManagementMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.platformMgChildren(
PlatformManagementGroupPropertiesArgs.builder()
.name("Telemetry")
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build(),
PlatformManagementGroupPropertiesArgs.builder()
.name("Security")
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.platformMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.sandboxMgMetadata(SandboxManagementGroupPropertiesArgs.builder()
.create(true)
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations", "swedencentral"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.tags(
TagsArgs.builder()
.name("tag1")
.value("Lorem")
.build(),
TagsArgs.builder()
.name("tag2")
.value("Ipsum")
.build())
.topLevelMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters(Map.of("listOfAllowedLocations",
"swedencentral",
"eastus2",
"uksouth"))
.policyInitiativeId("/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523")
.build())
.build())
.build())
.resourceGroupName("rg-RemApiExample")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const landingZoneConfigurationOperation = new azure_native.sovereign.LandingZoneConfigurationOperation("landingZoneConfigurationOperation", {
landingZoneAccountName: "lza-RemApiExample",
landingZoneConfigurationName: "lzc-RemApiExample",
properties: {
azureBastionCreationOption: azure_native.sovereign.ResourceCreationOptions.UseExisting,
customNamingConvention: [{
formula: "{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}",
resourceType: azure_native.sovereign.ResourceType.DdosProtectionPlans,
}],
ddosProtectionCreationOption: azure_native.sovereign.ResourceCreationOptions.UseExisting,
decommissionedMgMetadata: {
create: true,
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
existingAzureBastionId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/bastionHosts/bas-RemApiExample",
existingDdosProtectionId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/ddosProtectionPlans/ddos-RemApiExample",
existingLogAnalyticsWorkspaceId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.OperationalInsights/workspaces/log-RemApiExample",
firewallCreationOption: azure_native.sovereign.FirewallCreationOptions.Premium,
firewallSubnetCidrBlock: "10.20.254.0/24",
gatewaySubnetCidrBlock: "10.20.252.0/24",
hubNetworkCidrBlock: "10.20.0.0/16",
landingZonesMgChildren: [
{
name: "Corp",
policyInitiativesAssignmentProperties: [],
},
{
name: "Online",
policyInitiativesAssignmentProperties: [],
},
{
name: "Confidential Corp",
policyInitiativesAssignmentProperties: [{
assignmentParameters: {},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea",
}],
},
{
name: "Confidential Online",
policyInitiativesAssignmentProperties: [{
assignmentParameters: {},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea",
}],
},
],
landingZonesMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
logAnalyticsWorkspaceCreationOption: azure_native.sovereign.ResourceCreationOptions.UseExisting,
logRetentionInDays: 540,
managedIdentity: {
type: azure_native.sovereign.ManagedIdentityResourceType.UserAssigned,
userAssignedIdentityResourceId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-RemApiExample",
},
namingConventionFormula: "{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}-{Environment}",
platformConnectivityMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
platformIdentityMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
platformManagementMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
platformMgChildren: [
{
name: "Telemetry",
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
{
name: "Security",
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
],
platformMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
sandboxMgMetadata: {
create: true,
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: ["swedencentral"],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
tags: [
{
name: "tag1",
value: "Lorem",
},
{
name: "tag2",
value: "Ipsum",
},
],
topLevelMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: {
listOfAllowedLocations: [
"swedencentral",
"eastus2",
"uksouth",
],
},
policyInitiativeId: "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
},
resourceGroupName: "rg-RemApiExample",
});
import pulumi
import pulumi_azure_native as azure_native
landing_zone_configuration_operation = azure_native.sovereign.LandingZoneConfigurationOperation("landingZoneConfigurationOperation",
landing_zone_account_name="lza-RemApiExample",
landing_zone_configuration_name="lzc-RemApiExample",
properties={
"azure_bastion_creation_option": azure_native.sovereign.ResourceCreationOptions.USE_EXISTING,
"custom_naming_convention": [{
"formula": "{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}",
"resource_type": azure_native.sovereign.ResourceType.DDOS_PROTECTION_PLANS,
}],
"ddos_protection_creation_option": azure_native.sovereign.ResourceCreationOptions.USE_EXISTING,
"decommissioned_mg_metadata": {
"create": True,
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
"existing_azure_bastion_id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/bastionHosts/bas-RemApiExample",
"existing_ddos_protection_id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/ddosProtectionPlans/ddos-RemApiExample",
"existing_log_analytics_workspace_id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.OperationalInsights/workspaces/log-RemApiExample",
"firewall_creation_option": azure_native.sovereign.FirewallCreationOptions.PREMIUM,
"firewall_subnet_cidr_block": "10.20.254.0/24",
"gateway_subnet_cidr_block": "10.20.252.0/24",
"hub_network_cidr_block": "10.20.0.0/16",
"landing_zones_mg_children": [
{
"name": "Corp",
"policy_initiatives_assignment_properties": [],
},
{
"name": "Online",
"policy_initiatives_assignment_properties": [],
},
{
"name": "Confidential Corp",
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea",
}],
},
{
"name": "Confidential Online",
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea",
}],
},
],
"landing_zones_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
"log_analytics_workspace_creation_option": azure_native.sovereign.ResourceCreationOptions.USE_EXISTING,
"log_retention_in_days": 540,
"managed_identity": {
"type": azure_native.sovereign.ManagedIdentityResourceType.USER_ASSIGNED,
"user_assigned_identity_resource_id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-RemApiExample",
},
"naming_convention_formula": "{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}-{Environment}",
"platform_connectivity_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
"platform_identity_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
"platform_management_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
"platform_mg_children": [
{
"name": "Telemetry",
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
{
"name": "Security",
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
],
"platform_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
"sandbox_mg_metadata": {
"create": True,
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": ["swedencentral"],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
"tags": [
{
"name": "tag1",
"value": "Lorem",
},
{
"name": "tag2",
"value": "Ipsum",
},
],
"top_level_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": {
"listOfAllowedLocations": [
"swedencentral",
"eastus2",
"uksouth",
],
},
"policy_initiative_id": "/providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523",
}],
},
},
resource_group_name="rg-RemApiExample")
resources:
landingZoneConfigurationOperation:
type: azure-native:sovereign:LandingZoneConfigurationOperation
properties:
landingZoneAccountName: lza-RemApiExample
landingZoneConfigurationName: lzc-RemApiExample
properties:
azureBastionCreationOption: UseExisting
customNamingConvention:
- formula: '{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}'
resourceType: ddosProtectionPlans
ddosProtectionCreationOption: UseExisting
decommissionedMgMetadata:
create: true
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
existingAzureBastionId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/bastionHosts/bas-RemApiExample
existingDdosProtectionId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.Network/ddosProtectionPlans/ddos-RemApiExample
existingLogAnalyticsWorkspaceId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.OperationalInsights/workspaces/log-RemApiExample
firewallCreationOption: Premium
firewallSubnetCidrBlock: 10.20.254.0/24
gatewaySubnetCidrBlock: 10.20.252.0/24
hubNetworkCidrBlock: 10.20.0.0/16
landingZonesMgChildren:
- name: Corp
policyInitiativesAssignmentProperties: []
- name: Online
policyInitiativesAssignmentProperties: []
- name: Confidential Corp
policyInitiativesAssignmentProperties:
- assignmentParameters: {}
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea
- name: Confidential Online
policyInitiativesAssignmentProperties:
- assignmentParameters: {}
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/03de05a4-c324-4ccd-882f-a814ea8ab9ea
landingZonesMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
logAnalyticsWorkspaceCreationOption: UseExisting
logRetentionInDays: 540
managedIdentity:
type: UserAssigned
userAssignedIdentityResourceId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-RemApiExample/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-RemApiExample
namingConventionFormula: '{ResourceTypeAbbreviation}-{DeploymentPrefix}-Contoso-{DeploymentSuffix}-{Environment}'
platformConnectivityMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
platformIdentityMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
platformManagementMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
platformMgChildren:
- name: Telemetry
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
- name: Security
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
platformMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
sandboxMgMetadata:
create: true
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
tags:
- name: tag1
value: Lorem
- name: tag2
value: Ipsum
topLevelMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters:
listOfAllowedLocations:
- swedencentral
- eastus2
- uksouth
policyInitiativeId: /providers/Microsoft.Authorization/policySetDefinitions/c1cbff38-87c0-4b9f-9f70-035c7a3b5523
resourceGroupName: rg-RemApiExample
Create LandingZoneConfigurationOperation Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LandingZoneConfigurationOperation(name: string, args: LandingZoneConfigurationOperationArgs, opts?: CustomResourceOptions);@overload
def LandingZoneConfigurationOperation(resource_name: str,
args: LandingZoneConfigurationOperationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def LandingZoneConfigurationOperation(resource_name: str,
opts: Optional[ResourceOptions] = None,
landing_zone_account_name: Optional[str] = None,
resource_group_name: Optional[str] = None,
landing_zone_configuration_name: Optional[str] = None,
properties: Optional[LandingZoneConfigurationResourcePropertiesArgs] = None)func NewLandingZoneConfigurationOperation(ctx *Context, name string, args LandingZoneConfigurationOperationArgs, opts ...ResourceOption) (*LandingZoneConfigurationOperation, error)public LandingZoneConfigurationOperation(string name, LandingZoneConfigurationOperationArgs args, CustomResourceOptions? opts = null)
public LandingZoneConfigurationOperation(String name, LandingZoneConfigurationOperationArgs args)
public LandingZoneConfigurationOperation(String name, LandingZoneConfigurationOperationArgs args, CustomResourceOptions options)
type: azure-native:sovereign:LandingZoneConfigurationOperation
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LandingZoneConfigurationOperationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LandingZoneConfigurationOperationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LandingZoneConfigurationOperationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LandingZoneConfigurationOperationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LandingZoneConfigurationOperationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var landingZoneConfigurationOperationResource = new AzureNative.Sovereign.LandingZoneConfigurationOperation("landingZoneConfigurationOperationResource", new()
{
LandingZoneAccountName = "string",
ResourceGroupName = "string",
LandingZoneConfigurationName = "string",
Properties = new AzureNative.Sovereign.Inputs.LandingZoneConfigurationResourcePropertiesArgs
{
FirewallCreationOption = "string",
ManagedIdentity = new AzureNative.Sovereign.Inputs.ManagedIdentityPropertiesArgs
{
Type = "string",
UserAssignedIdentityResourceId = "string",
},
LogRetentionInDays = 0,
DdosProtectionCreationOption = "string",
LogAnalyticsWorkspaceCreationOption = "string",
AzureBastionCreationOption = "string",
HubNetworkCidrBlock = "string",
GatewaySubnetCidrBlock = "string",
LandingZonesMgChildren = new[]
{
new AzureNative.Sovereign.Inputs.LandingZoneManagementGroupPropertiesArgs
{
Name = "string",
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
},
NamingConventionFormula = "string",
ExistingLogAnalyticsWorkspaceId = "string",
ExistingDdosProtectionId = "string",
ExistingAzureBastionId = "string",
LandingZonesMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
DecommissionedMgMetadata = new AzureNative.Sovereign.Inputs.DecommissionedManagementGroupPropertiesArgs
{
Create = false,
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
CustomNamingConvention = new[]
{
new AzureNative.Sovereign.Inputs.CustomNamingConventionArgs
{
Formula = "string",
ResourceType = "string",
},
},
AzureBastionSubnetCidrBlock = "string",
FirewallSubnetCidrBlock = "string",
PlatformConnectivityMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
PlatformIdentityMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
PlatformManagementMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
PlatformMgChildren = new[]
{
new AzureNative.Sovereign.Inputs.PlatformManagementGroupPropertiesArgs
{
Name = "string",
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
},
PlatformMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
SandboxMgMetadata = new AzureNative.Sovereign.Inputs.SandboxManagementGroupPropertiesArgs
{
Create = false,
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
Tags = new[]
{
new AzureNative.Sovereign.Inputs.TagsArgs
{
Name = "string",
Value = "string",
},
},
TopLevelMgMetadata = new AzureNative.Sovereign.Inputs.ManagementGroupPropertiesArgs
{
PolicyInitiativesAssignmentProperties = new[]
{
new AzureNative.Sovereign.Inputs.PolicyInitiativeAssignmentPropertiesArgs
{
AssignmentParameters = "any",
PolicyInitiativeId = "string",
},
},
},
},
});
example, err := sovereign.NewLandingZoneConfigurationOperation(ctx, "landingZoneConfigurationOperationResource", &sovereign.LandingZoneConfigurationOperationArgs{
LandingZoneAccountName: pulumi.String("string"),
ResourceGroupName: pulumi.String("string"),
LandingZoneConfigurationName: pulumi.String("string"),
Properties: &sovereign.LandingZoneConfigurationResourcePropertiesArgs{
FirewallCreationOption: pulumi.String("string"),
ManagedIdentity: &sovereign.ManagedIdentityPropertiesArgs{
Type: pulumi.String("string"),
UserAssignedIdentityResourceId: pulumi.String("string"),
},
LogRetentionInDays: pulumi.Float64(0),
DdosProtectionCreationOption: pulumi.String("string"),
LogAnalyticsWorkspaceCreationOption: pulumi.String("string"),
AzureBastionCreationOption: pulumi.String("string"),
HubNetworkCidrBlock: pulumi.String("string"),
GatewaySubnetCidrBlock: pulumi.String("string"),
LandingZonesMgChildren: sovereign.LandingZoneManagementGroupPropertiesArray{
&sovereign.LandingZoneManagementGroupPropertiesArgs{
Name: pulumi.String("string"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
},
NamingConventionFormula: pulumi.String("string"),
ExistingLogAnalyticsWorkspaceId: pulumi.String("string"),
ExistingDdosProtectionId: pulumi.String("string"),
ExistingAzureBastionId: pulumi.String("string"),
LandingZonesMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
DecommissionedMgMetadata: &sovereign.DecommissionedManagementGroupPropertiesArgs{
Create: pulumi.Bool(false),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
CustomNamingConvention: sovereign.CustomNamingConventionArray{
&sovereign.CustomNamingConventionArgs{
Formula: pulumi.String("string"),
ResourceType: pulumi.String("string"),
},
},
AzureBastionSubnetCidrBlock: pulumi.String("string"),
FirewallSubnetCidrBlock: pulumi.String("string"),
PlatformConnectivityMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
PlatformIdentityMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
PlatformManagementMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
PlatformMgChildren: sovereign.PlatformManagementGroupPropertiesArray{
&sovereign.PlatformManagementGroupPropertiesArgs{
Name: pulumi.String("string"),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
},
PlatformMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
SandboxMgMetadata: &sovereign.SandboxManagementGroupPropertiesArgs{
Create: pulumi.Bool(false),
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
Tags: sovereign.TagsArray{
&sovereign.TagsArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
TopLevelMgMetadata: &sovereign.ManagementGroupPropertiesArgs{
PolicyInitiativesAssignmentProperties: sovereign.PolicyInitiativeAssignmentPropertiesArray{
&sovereign.PolicyInitiativeAssignmentPropertiesArgs{
AssignmentParameters: pulumi.Any("any"),
PolicyInitiativeId: pulumi.String("string"),
},
},
},
},
})
var landingZoneConfigurationOperationResource = new LandingZoneConfigurationOperation("landingZoneConfigurationOperationResource", LandingZoneConfigurationOperationArgs.builder()
.landingZoneAccountName("string")
.resourceGroupName("string")
.landingZoneConfigurationName("string")
.properties(LandingZoneConfigurationResourcePropertiesArgs.builder()
.firewallCreationOption("string")
.managedIdentity(ManagedIdentityPropertiesArgs.builder()
.type("string")
.userAssignedIdentityResourceId("string")
.build())
.logRetentionInDays(0)
.ddosProtectionCreationOption("string")
.logAnalyticsWorkspaceCreationOption("string")
.azureBastionCreationOption("string")
.hubNetworkCidrBlock("string")
.gatewaySubnetCidrBlock("string")
.landingZonesMgChildren(LandingZoneManagementGroupPropertiesArgs.builder()
.name("string")
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.namingConventionFormula("string")
.existingLogAnalyticsWorkspaceId("string")
.existingDdosProtectionId("string")
.existingAzureBastionId("string")
.landingZonesMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.decommissionedMgMetadata(DecommissionedManagementGroupPropertiesArgs.builder()
.create(false)
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.customNamingConvention(CustomNamingConventionArgs.builder()
.formula("string")
.resourceType("string")
.build())
.azureBastionSubnetCidrBlock("string")
.firewallSubnetCidrBlock("string")
.platformConnectivityMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.platformIdentityMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.platformManagementMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.platformMgChildren(PlatformManagementGroupPropertiesArgs.builder()
.name("string")
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.platformMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.sandboxMgMetadata(SandboxManagementGroupPropertiesArgs.builder()
.create(false)
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.tags(TagsArgs.builder()
.name("string")
.value("string")
.build())
.topLevelMgMetadata(ManagementGroupPropertiesArgs.builder()
.policyInitiativesAssignmentProperties(PolicyInitiativeAssignmentPropertiesArgs.builder()
.assignmentParameters("any")
.policyInitiativeId("string")
.build())
.build())
.build())
.build());
landing_zone_configuration_operation_resource = azure_native.sovereign.LandingZoneConfigurationOperation("landingZoneConfigurationOperationResource",
landing_zone_account_name="string",
resource_group_name="string",
landing_zone_configuration_name="string",
properties={
"firewall_creation_option": "string",
"managed_identity": {
"type": "string",
"user_assigned_identity_resource_id": "string",
},
"log_retention_in_days": 0,
"ddos_protection_creation_option": "string",
"log_analytics_workspace_creation_option": "string",
"azure_bastion_creation_option": "string",
"hub_network_cidr_block": "string",
"gateway_subnet_cidr_block": "string",
"landing_zones_mg_children": [{
"name": "string",
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
}],
"naming_convention_formula": "string",
"existing_log_analytics_workspace_id": "string",
"existing_ddos_protection_id": "string",
"existing_azure_bastion_id": "string",
"landing_zones_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
"decommissioned_mg_metadata": {
"create": False,
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
"custom_naming_convention": [{
"formula": "string",
"resource_type": "string",
}],
"azure_bastion_subnet_cidr_block": "string",
"firewall_subnet_cidr_block": "string",
"platform_connectivity_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
"platform_identity_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
"platform_management_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
"platform_mg_children": [{
"name": "string",
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
}],
"platform_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
"sandbox_mg_metadata": {
"create": False,
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
"tags": [{
"name": "string",
"value": "string",
}],
"top_level_mg_metadata": {
"policy_initiatives_assignment_properties": [{
"assignment_parameters": "any",
"policy_initiative_id": "string",
}],
},
})
const landingZoneConfigurationOperationResource = new azure_native.sovereign.LandingZoneConfigurationOperation("landingZoneConfigurationOperationResource", {
landingZoneAccountName: "string",
resourceGroupName: "string",
landingZoneConfigurationName: "string",
properties: {
firewallCreationOption: "string",
managedIdentity: {
type: "string",
userAssignedIdentityResourceId: "string",
},
logRetentionInDays: 0,
ddosProtectionCreationOption: "string",
logAnalyticsWorkspaceCreationOption: "string",
azureBastionCreationOption: "string",
hubNetworkCidrBlock: "string",
gatewaySubnetCidrBlock: "string",
landingZonesMgChildren: [{
name: "string",
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
}],
namingConventionFormula: "string",
existingLogAnalyticsWorkspaceId: "string",
existingDdosProtectionId: "string",
existingAzureBastionId: "string",
landingZonesMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
decommissionedMgMetadata: {
create: false,
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
customNamingConvention: [{
formula: "string",
resourceType: "string",
}],
azureBastionSubnetCidrBlock: "string",
firewallSubnetCidrBlock: "string",
platformConnectivityMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
platformIdentityMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
platformManagementMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
platformMgChildren: [{
name: "string",
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
}],
platformMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
sandboxMgMetadata: {
create: false,
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
tags: [{
name: "string",
value: "string",
}],
topLevelMgMetadata: {
policyInitiativesAssignmentProperties: [{
assignmentParameters: "any",
policyInitiativeId: "string",
}],
},
},
});
type: azure-native:sovereign:LandingZoneConfigurationOperation
properties:
landingZoneAccountName: string
landingZoneConfigurationName: string
properties:
azureBastionCreationOption: string
azureBastionSubnetCidrBlock: string
customNamingConvention:
- formula: string
resourceType: string
ddosProtectionCreationOption: string
decommissionedMgMetadata:
create: false
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
existingAzureBastionId: string
existingDdosProtectionId: string
existingLogAnalyticsWorkspaceId: string
firewallCreationOption: string
firewallSubnetCidrBlock: string
gatewaySubnetCidrBlock: string
hubNetworkCidrBlock: string
landingZonesMgChildren:
- name: string
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
landingZonesMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
logAnalyticsWorkspaceCreationOption: string
logRetentionInDays: 0
managedIdentity:
type: string
userAssignedIdentityResourceId: string
namingConventionFormula: string
platformConnectivityMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
platformIdentityMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
platformManagementMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
platformMgChildren:
- name: string
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
platformMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
sandboxMgMetadata:
create: false
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
tags:
- name: string
value: string
topLevelMgMetadata:
policyInitiativesAssignmentProperties:
- assignmentParameters: any
policyInitiativeId: string
resourceGroupName: string
LandingZoneConfigurationOperation Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The LandingZoneConfigurationOperation resource accepts the following input properties:
- Landing
Zone stringAccount Name - The landing zone account.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Landing
Zone stringConfiguration Name - The landing zone configuration name
- Properties
Pulumi.
Azure Native. Sovereign. Inputs. Landing Zone Configuration Resource Properties - The resource-specific properties for this resource.
- Landing
Zone stringAccount Name - The landing zone account.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Landing
Zone stringConfiguration Name - The landing zone configuration name
- Properties
Landing
Zone Configuration Resource Properties Args - The resource-specific properties for this resource.
- landing
Zone StringAccount Name - The landing zone account.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- landing
Zone StringConfiguration Name - The landing zone configuration name
- properties
Landing
Zone Configuration Resource Properties - The resource-specific properties for this resource.
- landing
Zone stringAccount Name - The landing zone account.
- resource
Group stringName - The name of the resource group. The name is case insensitive.
- landing
Zone stringConfiguration Name - The landing zone configuration name
- properties
Landing
Zone Configuration Resource Properties - The resource-specific properties for this resource.
- landing_
zone_ straccount_ name - The landing zone account.
- resource_
group_ strname - The name of the resource group. The name is case insensitive.
- landing_
zone_ strconfiguration_ name - The landing zone configuration name
- properties
Landing
Zone Configuration Resource Properties Args - The resource-specific properties for this resource.
- landing
Zone StringAccount Name - The landing zone account.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- landing
Zone StringConfiguration Name - The landing zone configuration name
- properties Property Map
- The resource-specific properties for this resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the LandingZoneConfigurationOperation resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- System
Data Pulumi.Azure Native. Sovereign. Outputs. System Data Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- System
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The name of the resource
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The name of the resource
- system_
data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type str
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- system
Data Property Map - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
Supporting Types
CustomNamingConvention, CustomNamingConventionArgs
- Formula string
- The custom naming formula for the resource type.
- Resource
Type string | Pulumi.Azure Native. Sovereign. Resource Type - The type of the resource.
- Formula string
- The custom naming formula for the resource type.
- Resource
Type string | ResourceType - The type of the resource.
- formula String
- The custom naming formula for the resource type.
- resource
Type String | ResourceType - The type of the resource.
- formula string
- The custom naming formula for the resource type.
- resource
Type string | ResourceType - The type of the resource.
- formula str
- The custom naming formula for the resource type.
- resource_
type str | ResourceType - The type of the resource.
- formula String
- The custom naming formula for the resource type.
- resource
Type String | "azureFirewalls" | "workspaces" | "automation Accounts" | "dashboards" | "user Assigned Identities" | "bastion Hosts" | "ddos Protection Plans" | "network Security Groups" | "virtual Networks" | "route Tables" - The type of the resource.
CustomNamingConventionResponse, CustomNamingConventionResponseArgs
- Formula string
- The custom naming formula for the resource type.
- Resource
Type string - The type of the resource.
- Formula string
- The custom naming formula for the resource type.
- Resource
Type string - The type of the resource.
- formula String
- The custom naming formula for the resource type.
- resource
Type String - The type of the resource.
- formula string
- The custom naming formula for the resource type.
- resource
Type string - The type of the resource.
- formula str
- The custom naming formula for the resource type.
- resource_
type str - The type of the resource.
- formula String
- The custom naming formula for the resource type.
- resource
Type String - The type of the resource.
DecommissionedManagementGroupProperties, DecommissionedManagementGroupPropertiesArgs
- Create bool
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- Create bool
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- create boolean
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties[] - Array of policy initiatives applied to the management group.
- create bool
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties] - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
DecommissionedManagementGroupPropertiesResponse, DecommissionedManagementGroupPropertiesResponseArgs
- Create bool
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- Create bool
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties Response - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- create boolean
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties Response[] - Array of policy initiatives applied to the management group.
- create bool
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties Response] - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Decommissioned' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
FirewallCreationOptions, FirewallCreationOptionsArgs
- None
- NoneSelect 'None' value to skip Firewall deployment.
- Standard
- StandardSelect 'Standard' value to deploy the Firewall Standard SKU.
- Premium
- PremiumSelect 'Premium' value to deploy the Firewall Premium SKU.
- Firewall
Creation Options None - NoneSelect 'None' value to skip Firewall deployment.
- Firewall
Creation Options Standard - StandardSelect 'Standard' value to deploy the Firewall Standard SKU.
- Firewall
Creation Options Premium - PremiumSelect 'Premium' value to deploy the Firewall Premium SKU.
- None
- NoneSelect 'None' value to skip Firewall deployment.
- Standard
- StandardSelect 'Standard' value to deploy the Firewall Standard SKU.
- Premium
- PremiumSelect 'Premium' value to deploy the Firewall Premium SKU.
- None
- NoneSelect 'None' value to skip Firewall deployment.
- Standard
- StandardSelect 'Standard' value to deploy the Firewall Standard SKU.
- Premium
- PremiumSelect 'Premium' value to deploy the Firewall Premium SKU.
- NONE
- NoneSelect 'None' value to skip Firewall deployment.
- STANDARD
- StandardSelect 'Standard' value to deploy the Firewall Standard SKU.
- PREMIUM
- PremiumSelect 'Premium' value to deploy the Firewall Premium SKU.
- "None"
- NoneSelect 'None' value to skip Firewall deployment.
- "Standard"
- StandardSelect 'Standard' value to deploy the Firewall Standard SKU.
- "Premium"
- PremiumSelect 'Premium' value to deploy the Firewall Premium SKU.
LandingZoneConfigurationResourceProperties, LandingZoneConfigurationResourcePropertiesArgs
- Azure
Bastion string | Pulumi.Creation Option Azure Native. Sovereign. Resource Creation Options - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- Ddos
Protection string | Pulumi.Creation Option Azure Native. Sovereign. Resource Creation Options - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- Firewall
Creation string | Pulumi.Option Azure Native. Sovereign. Firewall Creation Options - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- Gateway
Subnet stringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- Hub
Network stringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- Log
Analytics string | Pulumi.Workspace Creation Option Azure Native. Sovereign. Resource Creation Options - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- Log
Retention doubleIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- Managed
Identity Pulumi.Azure Native. Sovereign. Inputs. Managed Identity Properties - The managed identity to be assigned to this landing zone configuration.
- Azure
Bastion stringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- Custom
Naming List<Pulumi.Convention Azure Native. Sovereign. Inputs. Custom Naming Convention> - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- Decommissioned
Mg Pulumi.Metadata Azure Native. Sovereign. Inputs. Decommissioned Management Group Properties - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- Existing
Azure stringBastion Id - The resource ID of the Bastion when reusing an existing one.
- Existing
Ddos stringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- Existing
Log stringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- Firewall
Subnet stringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- Landing
Zones List<Pulumi.Mg Children Azure Native. Sovereign. Inputs. Landing Zone Management Group Properties> - The child management groups of 'Landing Zones' management group and their assigned policies.
- Landing
Zones Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties - The assigned policies of the 'Landing Zones' management group.
- Naming
Convention stringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- Platform
Connectivity Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- Platform
Identity Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties - The assigned policies of the 'Identity' management group under 'Platform' management group.
- Platform
Management Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties - The assigned policies of the 'Management' management group under 'Platform' management group.
- Platform
Mg List<Pulumi.Children Azure Native. Sovereign. Inputs. Platform Management Group Properties> - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- Platform
Mg Pulumi.Metadata Azure Native. Sovereign. Inputs. Management Group Properties - The assigned policies of the 'Platform' management group.
- Sandbox
Mg Pulumi.Metadata Azure Native. Sovereign. Inputs. Sandbox Management Group Properties - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
-
List<Pulumi.
Azure Native. Sovereign. Inputs. Tags> - Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- Top
Level Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties - The assigned policies of the parent management group.
- Azure
Bastion string | ResourceCreation Option Creation Options - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- Ddos
Protection string | ResourceCreation Option Creation Options - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- Firewall
Creation string | FirewallOption Creation Options - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- Gateway
Subnet stringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- Hub
Network stringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- Log
Analytics string | ResourceWorkspace Creation Option Creation Options - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- Log
Retention float64In Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- Managed
Identity ManagedIdentity Properties - The managed identity to be assigned to this landing zone configuration.
- Azure
Bastion stringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- Custom
Naming []CustomConvention Naming Convention - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- Decommissioned
Mg DecommissionedMetadata Management Group Properties - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- Existing
Azure stringBastion Id - The resource ID of the Bastion when reusing an existing one.
- Existing
Ddos stringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- Existing
Log stringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- Firewall
Subnet stringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- Landing
Zones []LandingMg Children Zone Management Group Properties - The child management groups of 'Landing Zones' management group and their assigned policies.
- Landing
Zones ManagementMg Metadata Group Properties - The assigned policies of the 'Landing Zones' management group.
- Naming
Convention stringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- Platform
Connectivity ManagementMg Metadata Group Properties - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- Platform
Identity ManagementMg Metadata Group Properties - The assigned policies of the 'Identity' management group under 'Platform' management group.
- Platform
Management ManagementMg Metadata Group Properties - The assigned policies of the 'Management' management group under 'Platform' management group.
- Platform
Mg []PlatformChildren Management Group Properties - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- Platform
Mg ManagementMetadata Group Properties - The assigned policies of the 'Platform' management group.
- Sandbox
Mg SandboxMetadata Management Group Properties - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
- []Tags
- Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- Top
Level ManagementMg Metadata Group Properties - The assigned policies of the parent management group.
- azure
Bastion String | ResourceCreation Option Creation Options - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos
Protection String | ResourceCreation Option Creation Options - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall
Creation String | FirewallOption Creation Options - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway
Subnet StringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub
Network StringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log
Analytics String | ResourceWorkspace Creation Option Creation Options - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log
Retention DoubleIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed
Identity ManagedIdentity Properties - The managed identity to be assigned to this landing zone configuration.
- azure
Bastion StringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom
Naming List<CustomConvention Naming Convention> - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned
Mg DecommissionedMetadata Management Group Properties - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing
Azure StringBastion Id - The resource ID of the Bastion when reusing an existing one.
- existing
Ddos StringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing
Log StringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall
Subnet StringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing
Zones List<LandingMg Children Zone Management Group Properties> - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing
Zones ManagementMg Metadata Group Properties - The assigned policies of the 'Landing Zones' management group.
- naming
Convention StringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform
Connectivity ManagementMg Metadata Group Properties - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform
Identity ManagementMg Metadata Group Properties - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform
Management ManagementMg Metadata Group Properties - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform
Mg List<PlatformChildren Management Group Properties> - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform
Mg ManagementMetadata Group Properties - The assigned policies of the 'Platform' management group.
- sandbox
Mg SandboxMetadata Management Group Properties - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
- List<Tags>
- Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top
Level ManagementMg Metadata Group Properties - The assigned policies of the parent management group.
- azure
Bastion string | ResourceCreation Option Creation Options - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos
Protection string | ResourceCreation Option Creation Options - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall
Creation string | FirewallOption Creation Options - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway
Subnet stringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub
Network stringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log
Analytics string | ResourceWorkspace Creation Option Creation Options - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log
Retention numberIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed
Identity ManagedIdentity Properties - The managed identity to be assigned to this landing zone configuration.
- azure
Bastion stringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom
Naming CustomConvention Naming Convention[] - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned
Mg DecommissionedMetadata Management Group Properties - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing
Azure stringBastion Id - The resource ID of the Bastion when reusing an existing one.
- existing
Ddos stringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing
Log stringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall
Subnet stringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing
Zones LandingMg Children Zone Management Group Properties[] - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing
Zones ManagementMg Metadata Group Properties - The assigned policies of the 'Landing Zones' management group.
- naming
Convention stringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform
Connectivity ManagementMg Metadata Group Properties - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform
Identity ManagementMg Metadata Group Properties - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform
Management ManagementMg Metadata Group Properties - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform
Mg PlatformChildren Management Group Properties[] - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform
Mg ManagementMetadata Group Properties - The assigned policies of the 'Platform' management group.
- sandbox
Mg SandboxMetadata Management Group Properties - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
- Tags[]
- Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top
Level ManagementMg Metadata Group Properties - The assigned policies of the parent management group.
- azure_
bastion_ str | Resourcecreation_ option Creation Options - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos_
protection_ str | Resourcecreation_ option Creation Options - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall_
creation_ str | Firewalloption Creation Options - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway_
subnet_ strcidr_ block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub_
network_ strcidr_ block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log_
analytics_ str | Resourceworkspace_ creation_ option Creation Options - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log_
retention_ floatin_ days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed_
identity ManagedIdentity Properties - The managed identity to be assigned to this landing zone configuration.
- azure_
bastion_ strsubnet_ cidr_ block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom_
naming_ Sequence[Customconvention Naming Convention] - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned_
mg_ Decommissionedmetadata Management Group Properties - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing_
azure_ strbastion_ id - The resource ID of the Bastion when reusing an existing one.
- existing_
ddos_ strprotection_ id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing_
log_ stranalytics_ workspace_ id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall_
subnet_ strcidr_ block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing_
zones_ Sequence[Landingmg_ children Zone Management Group Properties] - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing_
zones_ Managementmg_ metadata Group Properties - The assigned policies of the 'Landing Zones' management group.
- naming_
convention_ strformula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform_
connectivity_ Managementmg_ metadata Group Properties - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform_
identity_ Managementmg_ metadata Group Properties - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform_
management_ Managementmg_ metadata Group Properties - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform_
mg_ Sequence[Platformchildren Management Group Properties] - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform_
mg_ Managementmetadata Group Properties - The assigned policies of the 'Platform' management group.
- sandbox_
mg_ Sandboxmetadata Management Group Properties - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
- Sequence[Tags]
- Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top_
level_ Managementmg_ metadata Group Properties - The assigned policies of the parent management group.
- azure
Bastion String | "Yes" | "No" | "UseCreation Option Existing" - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos
Protection String | "Yes" | "No" | "UseCreation Option Existing" - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall
Creation String | "None" | "Standard" | "Premium"Option - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway
Subnet StringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub
Network StringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log
Analytics String | "Yes" | "No" | "UseWorkspace Creation Option Existing" - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log
Retention NumberIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed
Identity Property Map - The managed identity to be assigned to this landing zone configuration.
- azure
Bastion StringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom
Naming List<Property Map>Convention - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned
Mg Property MapMetadata - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing
Azure StringBastion Id - The resource ID of the Bastion when reusing an existing one.
- existing
Ddos StringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing
Log StringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall
Subnet StringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing
Zones List<Property Map>Mg Children - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing
Zones Property MapMg Metadata - The assigned policies of the 'Landing Zones' management group.
- naming
Convention StringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform
Connectivity Property MapMg Metadata - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform
Identity Property MapMg Metadata - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform
Management Property MapMg Metadata - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform
Mg List<Property Map>Children - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform
Mg Property MapMetadata - The assigned policies of the 'Platform' management group.
- sandbox
Mg Property MapMetadata - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
- List<Property Map>
- Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top
Level Property MapMg Metadata - The assigned policies of the parent management group.
LandingZoneConfigurationResourcePropertiesResponse, LandingZoneConfigurationResourcePropertiesResponseArgs
- string
- The status that indicates the current phase of the configuration process for a deployment.
- Azure
Bastion stringCreation Option - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- Ddos
Protection stringCreation Option - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- Firewall
Creation stringOption - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- Gateway
Subnet stringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- Hub
Network stringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- Log
Analytics stringWorkspace Creation Option - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- Log
Retention doubleIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- Managed
Identity Pulumi.Azure Native. Sovereign. Inputs. Managed Identity Properties Response - The managed identity to be assigned to this landing zone configuration.
- Provisioning
State string - The state that reflects the current stage in the creation, updating, or deletion process of the landing zone configuration.
- Azure
Bastion stringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- Custom
Naming List<Pulumi.Convention Azure Native. Sovereign. Inputs. Custom Naming Convention Response> - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- Decommissioned
Mg Pulumi.Metadata Azure Native. Sovereign. Inputs. Decommissioned Management Group Properties Response - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- Existing
Azure stringBastion Id - The resource ID of the Bastion when reusing an existing one.
- Existing
Ddos stringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- Existing
Log stringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- Firewall
Subnet stringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- Landing
Zones List<Pulumi.Mg Children Azure Native. Sovereign. Inputs. Landing Zone Management Group Properties Response> - The child management groups of 'Landing Zones' management group and their assigned policies.
- Landing
Zones Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties Response - The assigned policies of the 'Landing Zones' management group.
- Naming
Convention stringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- Platform
Connectivity Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties Response - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- Platform
Identity Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties Response - The assigned policies of the 'Identity' management group under 'Platform' management group.
- Platform
Management Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties Response - The assigned policies of the 'Management' management group under 'Platform' management group.
- Platform
Mg List<Pulumi.Children Azure Native. Sovereign. Inputs. Platform Management Group Properties Response> - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- Platform
Mg Pulumi.Metadata Azure Native. Sovereign. Inputs. Management Group Properties Response - The assigned policies of the 'Platform' management group.
- Sandbox
Mg Pulumi.Metadata Azure Native. Sovereign. Inputs. Sandbox Management Group Properties Response - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
-
List<Pulumi.
Azure Native. Sovereign. Inputs. Tags Response> - Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- Top
Level Pulumi.Mg Metadata Azure Native. Sovereign. Inputs. Management Group Properties Response - The assigned policies of the parent management group.
- string
- The status that indicates the current phase of the configuration process for a deployment.
- Azure
Bastion stringCreation Option - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- Ddos
Protection stringCreation Option - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- Firewall
Creation stringOption - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- Gateway
Subnet stringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- Hub
Network stringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- Log
Analytics stringWorkspace Creation Option - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- Log
Retention float64In Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- Managed
Identity ManagedIdentity Properties Response - The managed identity to be assigned to this landing zone configuration.
- Provisioning
State string - The state that reflects the current stage in the creation, updating, or deletion process of the landing zone configuration.
- Azure
Bastion stringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- Custom
Naming []CustomConvention Naming Convention Response - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- Decommissioned
Mg DecommissionedMetadata Management Group Properties Response - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- Existing
Azure stringBastion Id - The resource ID of the Bastion when reusing an existing one.
- Existing
Ddos stringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- Existing
Log stringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- Firewall
Subnet stringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- Landing
Zones []LandingMg Children Zone Management Group Properties Response - The child management groups of 'Landing Zones' management group and their assigned policies.
- Landing
Zones ManagementMg Metadata Group Properties Response - The assigned policies of the 'Landing Zones' management group.
- Naming
Convention stringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- Platform
Connectivity ManagementMg Metadata Group Properties Response - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- Platform
Identity ManagementMg Metadata Group Properties Response - The assigned policies of the 'Identity' management group under 'Platform' management group.
- Platform
Management ManagementMg Metadata Group Properties Response - The assigned policies of the 'Management' management group under 'Platform' management group.
- Platform
Mg []PlatformChildren Management Group Properties Response - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- Platform
Mg ManagementMetadata Group Properties Response - The assigned policies of the 'Platform' management group.
- Sandbox
Mg SandboxMetadata Management Group Properties Response - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
-
[]Tags
Response - Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- Top
Level ManagementMg Metadata Group Properties Response - The assigned policies of the parent management group.
- String
- The status that indicates the current phase of the configuration process for a deployment.
- azure
Bastion StringCreation Option - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos
Protection StringCreation Option - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall
Creation StringOption - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway
Subnet StringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub
Network StringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log
Analytics StringWorkspace Creation Option - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log
Retention DoubleIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed
Identity ManagedIdentity Properties Response - The managed identity to be assigned to this landing zone configuration.
- provisioning
State String - The state that reflects the current stage in the creation, updating, or deletion process of the landing zone configuration.
- azure
Bastion StringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom
Naming List<CustomConvention Naming Convention Response> - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned
Mg DecommissionedMetadata Management Group Properties Response - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing
Azure StringBastion Id - The resource ID of the Bastion when reusing an existing one.
- existing
Ddos StringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing
Log StringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall
Subnet StringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing
Zones List<LandingMg Children Zone Management Group Properties Response> - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing
Zones ManagementMg Metadata Group Properties Response - The assigned policies of the 'Landing Zones' management group.
- naming
Convention StringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform
Connectivity ManagementMg Metadata Group Properties Response - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform
Identity ManagementMg Metadata Group Properties Response - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform
Management ManagementMg Metadata Group Properties Response - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform
Mg List<PlatformChildren Management Group Properties Response> - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform
Mg ManagementMetadata Group Properties Response - The assigned policies of the 'Platform' management group.
- sandbox
Mg SandboxMetadata Management Group Properties Response - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
-
List<Tags
Response> - Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top
Level ManagementMg Metadata Group Properties Response - The assigned policies of the parent management group.
- string
- The status that indicates the current phase of the configuration process for a deployment.
- azure
Bastion stringCreation Option - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos
Protection stringCreation Option - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall
Creation stringOption - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway
Subnet stringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub
Network stringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log
Analytics stringWorkspace Creation Option - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log
Retention numberIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed
Identity ManagedIdentity Properties Response - The managed identity to be assigned to this landing zone configuration.
- provisioning
State string - The state that reflects the current stage in the creation, updating, or deletion process of the landing zone configuration.
- azure
Bastion stringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom
Naming CustomConvention Naming Convention Response[] - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned
Mg DecommissionedMetadata Management Group Properties Response - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing
Azure stringBastion Id - The resource ID of the Bastion when reusing an existing one.
- existing
Ddos stringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing
Log stringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall
Subnet stringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing
Zones LandingMg Children Zone Management Group Properties Response[] - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing
Zones ManagementMg Metadata Group Properties Response - The assigned policies of the 'Landing Zones' management group.
- naming
Convention stringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform
Connectivity ManagementMg Metadata Group Properties Response - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform
Identity ManagementMg Metadata Group Properties Response - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform
Management ManagementMg Metadata Group Properties Response - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform
Mg PlatformChildren Management Group Properties Response[] - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform
Mg ManagementMetadata Group Properties Response - The assigned policies of the 'Platform' management group.
- sandbox
Mg SandboxMetadata Management Group Properties Response - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
-
Tags
Response[] - Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top
Level ManagementMg Metadata Group Properties Response - The assigned policies of the parent management group.
- str
- The status that indicates the current phase of the configuration process for a deployment.
- azure_
bastion_ strcreation_ option - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos_
protection_ strcreation_ option - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall_
creation_ stroption - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway_
subnet_ strcidr_ block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub_
network_ strcidr_ block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log_
analytics_ strworkspace_ creation_ option - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log_
retention_ floatin_ days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed_
identity ManagedIdentity Properties Response - The managed identity to be assigned to this landing zone configuration.
- provisioning_
state str - The state that reflects the current stage in the creation, updating, or deletion process of the landing zone configuration.
- azure_
bastion_ strsubnet_ cidr_ block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom_
naming_ Sequence[Customconvention Naming Convention Response] - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned_
mg_ Decommissionedmetadata Management Group Properties Response - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing_
azure_ strbastion_ id - The resource ID of the Bastion when reusing an existing one.
- existing_
ddos_ strprotection_ id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing_
log_ stranalytics_ workspace_ id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall_
subnet_ strcidr_ block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing_
zones_ Sequence[Landingmg_ children Zone Management Group Properties Response] - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing_
zones_ Managementmg_ metadata Group Properties Response - The assigned policies of the 'Landing Zones' management group.
- naming_
convention_ strformula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform_
connectivity_ Managementmg_ metadata Group Properties Response - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform_
identity_ Managementmg_ metadata Group Properties Response - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform_
management_ Managementmg_ metadata Group Properties Response - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform_
mg_ Sequence[Platformchildren Management Group Properties Response] - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform_
mg_ Managementmetadata Group Properties Response - The assigned policies of the 'Platform' management group.
- sandbox_
mg_ Sandboxmetadata Management Group Properties Response - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
-
Sequence[Tags
Response] - Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top_
level_ Managementmg_ metadata Group Properties Response - The assigned policies of the parent management group.
- String
- The status that indicates the current phase of the configuration process for a deployment.
- azure
Bastion StringCreation Option - Parameter used to deploy a Bastion: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing Bastion.
- ddos
Protection StringCreation Option - Parameter used to deploy a DDoS protection plan: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing DDoS protection plan.
- firewall
Creation StringOption - Parameter used for deploying a Firewall: Select 'No' to skip deployment, 'Standard' to deploy the Standard SKU, or 'Premium' to deploy the Premium SKU.
- gateway
Subnet StringCidr Block - The gateway subnet address used for deploying a virtual network. Specify the subnet using IPv4 CIDR notation.
- hub
Network StringCidr Block - The Virtual Network address. Specify the address using IPv4 CIDR notation.
- log
Analytics StringWorkspace Creation Option - Parameter used to deploy a log analytics workspace: Select 'Yes' to enable deployment, 'No' to skip it, or 'Existing' to reuse an existing log analytics workspace.
- log
Retention NumberIn Days - Parameter to define the retention period for logs, in days. The minimum duration is 30 days and the maximum is 730 days.
- managed
Identity Property Map - The managed identity to be assigned to this landing zone configuration.
- provisioning
State String - The state that reflects the current stage in the creation, updating, or deletion process of the landing zone configuration.
- azure
Bastion StringSubnet Cidr Block - The Bastion subnet address. Specify the address using IPv4 CIDR notation.
- custom
Naming List<Property Map>Convention - The custom naming convention applied to specific resource types for this landing zone configuration, which overrides the default naming convention for those resource types. Example - 'customNamingConvention': [{'resourceType': 'azureFirewalls', 'formula': '{DeploymentPrefix}-afwl-{DeploymentSuffix}'}]
- decommissioned
Mg Property MapMetadata - The assigned policies of the 'Decommissioned' management group and indicator to create it or not.
- existing
Azure StringBastion Id - The resource ID of the Bastion when reusing an existing one.
- existing
Ddos StringProtection Id - The resource ID of the DDoS protection plan when reusing an existing one.
- existing
Log StringAnalytics Workspace Id - The resource ID of the log analytics workspace when reusing an existing one.
- firewall
Subnet StringCidr Block - The Firewall subnet address used for deploying a firewall. Specify the Firewall subnet using IPv4 CIDR notation.
- landing
Zones List<Property Map>Mg Children - The child management groups of 'Landing Zones' management group and their assigned policies.
- landing
Zones Property MapMg Metadata - The assigned policies of the 'Landing Zones' management group.
- naming
Convention StringFormula - The default naming convention applied to all resources for this landing zone configuration. Example - {DeploymentPrefix}-Contoso-{ResourceTypeAbbreviation}{DeploymentSuffix}-{Environment}-testing
- platform
Connectivity Property MapMg Metadata - The assigned policies of the 'Connectivity' management group under 'Platform' management group.
- platform
Identity Property MapMg Metadata - The assigned policies of the 'Identity' management group under 'Platform' management group.
- platform
Management Property MapMg Metadata - The assigned policies of the 'Management' management group under 'Platform' management group.
- platform
Mg List<Property Map>Children - The names of the 'Platform' child management groups and their assigned policies, excluding the default ones: 'Connectivity', 'Identity', and 'Management'
- platform
Mg Property MapMetadata - The assigned policies of the 'Platform' management group.
- sandbox
Mg Property MapMetadata - The assigned policies of the 'Sandbox' management group and indicator to create it or not.
- List<Property Map>
- Tags are key-value pairs that can be assigned to a resource to organize and manage it more effectively. Example: {'name': 'a tag name', 'value': 'a tag value'}
- top
Level Property MapMg Metadata - The assigned policies of the parent management group.
LandingZoneManagementGroupProperties, LandingZoneManagementGroupPropertiesArgs
- Name string
- Management group name.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- Name string
- Management group name.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- name string
- Management group name.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties[] - Array of policy initiatives applied to the management group.
- name str
- Management group name.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties] - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
LandingZoneManagementGroupPropertiesResponse, LandingZoneManagementGroupPropertiesResponseArgs
- Name string
- Management group name.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- Name string
- Management group name.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties Response - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- name string
- Management group name.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties Response[] - Array of policy initiatives applied to the management group.
- name str
- Management group name.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties Response] - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
ManagedIdentityProperties, ManagedIdentityPropertiesArgs
- Type
string | Pulumi.
Azure Native. Sovereign. Managed Identity Resource Type - The type of managed identity.
- User
Assigned stringIdentity Resource Id - The resource id of the managed identity.
- Type
string | Managed
Identity Resource Type - The type of managed identity.
- User
Assigned stringIdentity Resource Id - The resource id of the managed identity.
- type
String | Managed
Identity Resource Type - The type of managed identity.
- user
Assigned StringIdentity Resource Id - The resource id of the managed identity.
- type
string | Managed
Identity Resource Type - The type of managed identity.
- user
Assigned stringIdentity Resource Id - The resource id of the managed identity.
- type
str | Managed
Identity Resource Type - The type of managed identity.
- user_
assigned_ stridentity_ resource_ id - The resource id of the managed identity.
- type
String | "System
Assigned" | "User Assigned" - The type of managed identity.
- user
Assigned StringIdentity Resource Id - The resource id of the managed identity.
ManagedIdentityPropertiesResponse, ManagedIdentityPropertiesResponseArgs
- Type string
- The type of managed identity.
- User
Assigned stringIdentity Resource Id - The resource id of the managed identity.
- Type string
- The type of managed identity.
- User
Assigned stringIdentity Resource Id - The resource id of the managed identity.
- type String
- The type of managed identity.
- user
Assigned StringIdentity Resource Id - The resource id of the managed identity.
- type string
- The type of managed identity.
- user
Assigned stringIdentity Resource Id - The resource id of the managed identity.
- type str
- The type of managed identity.
- user_
assigned_ stridentity_ resource_ id - The resource id of the managed identity.
- type String
- The type of managed identity.
- user
Assigned StringIdentity Resource Id - The resource id of the managed identity.
ManagedIdentityResourceType, ManagedIdentityResourceTypeArgs
- System
Assigned - SystemAssignedSystem assigned managed identity.
- User
Assigned - UserAssignedUser assigned managed identity.
- Managed
Identity Resource Type System Assigned - SystemAssignedSystem assigned managed identity.
- Managed
Identity Resource Type User Assigned - UserAssignedUser assigned managed identity.
- System
Assigned - SystemAssignedSystem assigned managed identity.
- User
Assigned - UserAssignedUser assigned managed identity.
- System
Assigned - SystemAssignedSystem assigned managed identity.
- User
Assigned - UserAssignedUser assigned managed identity.
- SYSTEM_ASSIGNED
- SystemAssignedSystem assigned managed identity.
- USER_ASSIGNED
- UserAssignedUser assigned managed identity.
- "System
Assigned" - SystemAssignedSystem assigned managed identity.
- "User
Assigned" - UserAssignedUser assigned managed identity.
ManagementGroupProperties, ManagementGroupPropertiesArgs
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties - Array of policy initiatives applied to the management group.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties[] - Array of policy initiatives applied to the management group.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties] - Array of policy initiatives applied to the management group.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
ManagementGroupPropertiesResponse, ManagementGroupPropertiesResponseArgs
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties Response - Array of policy initiatives applied to the management group.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties Response[] - Array of policy initiatives applied to the management group.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties Response] - Array of policy initiatives applied to the management group.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
PlatformManagementGroupProperties, PlatformManagementGroupPropertiesArgs
- Name string
- Management group name.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- Name string
- Management group name.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- name string
- Management group name.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties[] - Array of policy initiatives applied to the management group.
- name str
- Management group name.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties] - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
PlatformManagementGroupPropertiesResponse, PlatformManagementGroupPropertiesResponseArgs
- Name string
- Management group name.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- Name string
- Management group name.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties Response - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- name string
- Management group name.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties Response[] - Array of policy initiatives applied to the management group.
- name str
- Management group name.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties Response] - Array of policy initiatives applied to the management group.
- name String
- Management group name.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
PolicyInitiativeAssignmentProperties, PolicyInitiativeAssignmentPropertiesArgs
- Assignment
Parameters object - The parameters of the assigned policy initiative.
- Policy
Initiative stringId - The fully qualified id of the policy initiative.
- Assignment
Parameters interface{} - The parameters of the assigned policy initiative.
- Policy
Initiative stringId - The fully qualified id of the policy initiative.
- assignment
Parameters Object - The parameters of the assigned policy initiative.
- policy
Initiative StringId - The fully qualified id of the policy initiative.
- assignment
Parameters any - The parameters of the assigned policy initiative.
- policy
Initiative stringId - The fully qualified id of the policy initiative.
- assignment_
parameters Any - The parameters of the assigned policy initiative.
- policy_
initiative_ strid - The fully qualified id of the policy initiative.
- assignment
Parameters Any - The parameters of the assigned policy initiative.
- policy
Initiative StringId - The fully qualified id of the policy initiative.
PolicyInitiativeAssignmentPropertiesResponse, PolicyInitiativeAssignmentPropertiesResponseArgs
- Assignment
Parameters object - The parameters of the assigned policy initiative.
- Policy
Initiative stringId - The fully qualified id of the policy initiative.
- Assignment
Parameters interface{} - The parameters of the assigned policy initiative.
- Policy
Initiative stringId - The fully qualified id of the policy initiative.
- assignment
Parameters Object - The parameters of the assigned policy initiative.
- policy
Initiative StringId - The fully qualified id of the policy initiative.
- assignment
Parameters any - The parameters of the assigned policy initiative.
- policy
Initiative stringId - The fully qualified id of the policy initiative.
- assignment_
parameters Any - The parameters of the assigned policy initiative.
- policy_
initiative_ strid - The fully qualified id of the policy initiative.
- assignment
Parameters Any - The parameters of the assigned policy initiative.
- policy
Initiative StringId - The fully qualified id of the policy initiative.
ResourceCreationOptions, ResourceCreationOptionsArgs
- Yes
- YesValue to create a new resource.
- No
- NoValue to not create a new resource.
- Use
Existing - UseExistingValue to use an existing resource.
- Resource
Creation Options Yes - YesValue to create a new resource.
- Resource
Creation Options No - NoValue to not create a new resource.
- Resource
Creation Options Use Existing - UseExistingValue to use an existing resource.
- Yes
- YesValue to create a new resource.
- No
- NoValue to not create a new resource.
- Use
Existing - UseExistingValue to use an existing resource.
- Yes
- YesValue to create a new resource.
- No
- NoValue to not create a new resource.
- Use
Existing - UseExistingValue to use an existing resource.
- YES
- YesValue to create a new resource.
- NO
- NoValue to not create a new resource.
- USE_EXISTING
- UseExistingValue to use an existing resource.
- "Yes"
- YesValue to create a new resource.
- "No"
- NoValue to not create a new resource.
- "Use
Existing" - UseExistingValue to use an existing resource.
ResourceType, ResourceTypeArgs
- Azure
Firewalls - azureFirewallsValue when customer wants to provide a custom naming convention for Azure Firewall.
- Workspaces
- workspacesValue when customer wants to provide a custom naming convention for Log Analytics workspace.
- Automation
Accounts - automationAccountsValue when customer wants to provide a custom naming convention for automation account.
- Dashboards
- dashboardsValue when customer wants to provide a custom naming convention for dashboard.
- User
Assigned Identities - userAssignedIdentitiesValue when customer wants to provide a custom naming convention for managed identity.
- Bastion
Hosts - bastionHostsValue when customer wants to provide a custom naming convention for Bastion.
- Ddos
Protection Plans - ddosProtectionPlansValue when customer wants to provide a custom naming convention for DDoS protection plan.
- Network
Security Groups - networkSecurityGroupsValue when customer wants to provide a custom naming convention for Bastion NSG.
- Virtual
Networks - virtualNetworksValue when customer wants to provide a custom naming convention for virtual network.
- Route
Tables - routeTablesValue when customer wants to provide a custom naming convention for route table.
- Resource
Type Azure Firewalls - azureFirewallsValue when customer wants to provide a custom naming convention for Azure Firewall.
- Resource
Type Workspaces - workspacesValue when customer wants to provide a custom naming convention for Log Analytics workspace.
- Resource
Type Automation Accounts - automationAccountsValue when customer wants to provide a custom naming convention for automation account.
- Resource
Type Dashboards - dashboardsValue when customer wants to provide a custom naming convention for dashboard.
- Resource
Type User Assigned Identities - userAssignedIdentitiesValue when customer wants to provide a custom naming convention for managed identity.
- Resource
Type Bastion Hosts - bastionHostsValue when customer wants to provide a custom naming convention for Bastion.
- Resource
Type Ddos Protection Plans - ddosProtectionPlansValue when customer wants to provide a custom naming convention for DDoS protection plan.
- Resource
Type Network Security Groups - networkSecurityGroupsValue when customer wants to provide a custom naming convention for Bastion NSG.
- Resource
Type Virtual Networks - virtualNetworksValue when customer wants to provide a custom naming convention for virtual network.
- Resource
Type Route Tables - routeTablesValue when customer wants to provide a custom naming convention for route table.
- Azure
Firewalls - azureFirewallsValue when customer wants to provide a custom naming convention for Azure Firewall.
- Workspaces
- workspacesValue when customer wants to provide a custom naming convention for Log Analytics workspace.
- Automation
Accounts - automationAccountsValue when customer wants to provide a custom naming convention for automation account.
- Dashboards
- dashboardsValue when customer wants to provide a custom naming convention for dashboard.
- User
Assigned Identities - userAssignedIdentitiesValue when customer wants to provide a custom naming convention for managed identity.
- Bastion
Hosts - bastionHostsValue when customer wants to provide a custom naming convention for Bastion.
- Ddos
Protection Plans - ddosProtectionPlansValue when customer wants to provide a custom naming convention for DDoS protection plan.
- Network
Security Groups - networkSecurityGroupsValue when customer wants to provide a custom naming convention for Bastion NSG.
- Virtual
Networks - virtualNetworksValue when customer wants to provide a custom naming convention for virtual network.
- Route
Tables - routeTablesValue when customer wants to provide a custom naming convention for route table.
- Azure
Firewalls - azureFirewallsValue when customer wants to provide a custom naming convention for Azure Firewall.
- Workspaces
- workspacesValue when customer wants to provide a custom naming convention for Log Analytics workspace.
- Automation
Accounts - automationAccountsValue when customer wants to provide a custom naming convention for automation account.
- Dashboards
- dashboardsValue when customer wants to provide a custom naming convention for dashboard.
- User
Assigned Identities - userAssignedIdentitiesValue when customer wants to provide a custom naming convention for managed identity.
- Bastion
Hosts - bastionHostsValue when customer wants to provide a custom naming convention for Bastion.
- Ddos
Protection Plans - ddosProtectionPlansValue when customer wants to provide a custom naming convention for DDoS protection plan.
- Network
Security Groups - networkSecurityGroupsValue when customer wants to provide a custom naming convention for Bastion NSG.
- Virtual
Networks - virtualNetworksValue when customer wants to provide a custom naming convention for virtual network.
- Route
Tables - routeTablesValue when customer wants to provide a custom naming convention for route table.
- AZURE_FIREWALLS
- azureFirewallsValue when customer wants to provide a custom naming convention for Azure Firewall.
- WORKSPACES
- workspacesValue when customer wants to provide a custom naming convention for Log Analytics workspace.
- AUTOMATION_ACCOUNTS
- automationAccountsValue when customer wants to provide a custom naming convention for automation account.
- DASHBOARDS
- dashboardsValue when customer wants to provide a custom naming convention for dashboard.
- USER_ASSIGNED_IDENTITIES
- userAssignedIdentitiesValue when customer wants to provide a custom naming convention for managed identity.
- BASTION_HOSTS
- bastionHostsValue when customer wants to provide a custom naming convention for Bastion.
- DDOS_PROTECTION_PLANS
- ddosProtectionPlansValue when customer wants to provide a custom naming convention for DDoS protection plan.
- NETWORK_SECURITY_GROUPS
- networkSecurityGroupsValue when customer wants to provide a custom naming convention for Bastion NSG.
- VIRTUAL_NETWORKS
- virtualNetworksValue when customer wants to provide a custom naming convention for virtual network.
- ROUTE_TABLES
- routeTablesValue when customer wants to provide a custom naming convention for route table.
- "azure
Firewalls" - azureFirewallsValue when customer wants to provide a custom naming convention for Azure Firewall.
- "workspaces"
- workspacesValue when customer wants to provide a custom naming convention for Log Analytics workspace.
- "automation
Accounts" - automationAccountsValue when customer wants to provide a custom naming convention for automation account.
- "dashboards"
- dashboardsValue when customer wants to provide a custom naming convention for dashboard.
- "user
Assigned Identities" - userAssignedIdentitiesValue when customer wants to provide a custom naming convention for managed identity.
- "bastion
Hosts" - bastionHostsValue when customer wants to provide a custom naming convention for Bastion.
- "ddos
Protection Plans" - ddosProtectionPlansValue when customer wants to provide a custom naming convention for DDoS protection plan.
- "network
Security Groups" - networkSecurityGroupsValue when customer wants to provide a custom naming convention for Bastion NSG.
- "virtual
Networks" - virtualNetworksValue when customer wants to provide a custom naming convention for virtual network.
- "route
Tables" - routeTablesValue when customer wants to provide a custom naming convention for route table.
SandboxManagementGroupProperties, SandboxManagementGroupPropertiesArgs
- Create bool
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- Create bool
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties> - Array of policy initiatives applied to the management group.
- create boolean
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties[] - Array of policy initiatives applied to the management group.
- create bool
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties] - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
SandboxManagementGroupPropertiesResponse, SandboxManagementGroupPropertiesResponseArgs
- Create bool
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives List<Pulumi.Assignment Properties Azure Native. Sovereign. Inputs. Policy Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- Create bool
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- Policy
Initiatives []PolicyAssignment Properties Initiative Assignment Properties Response - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<PolicyAssignment Properties Initiative Assignment Properties Response> - Array of policy initiatives applied to the management group.
- create boolean
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives PolicyAssignment Properties Initiative Assignment Properties Response[] - Array of policy initiatives applied to the management group.
- create bool
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy_
initiatives_ Sequence[Policyassignment_ properties Initiative Assignment Properties Response] - Array of policy initiatives applied to the management group.
- create Boolean
- This parameter determines whether the 'Sandbox' management group will be created. If set to true, the group will be created; if set to false, it will not be created. The default value is false.
- policy
Initiatives List<Property Map>Assignment Properties - Array of policy initiatives applied to the management group.
SystemDataResponse, SystemDataResponseArgs
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
- created
At string - The timestamp of resource creation (UTC).
- created
By string - The identity that created the resource.
- created
By stringType - The type of identity that created the resource.
- last
Modified stringAt - The timestamp of resource last modification (UTC)
- last
Modified stringBy - The identity that last modified the resource.
- last
Modified stringBy Type - The type of identity that last modified the resource.
- created_
at str - The timestamp of resource creation (UTC).
- created_
by str - The identity that created the resource.
- created_
by_ strtype - The type of identity that created the resource.
- last_
modified_ strat - The timestamp of resource last modification (UTC)
- last_
modified_ strby - The identity that last modified the resource.
- last_
modified_ strby_ type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
Tags, TagsArgs
TagsResponse, TagsResponseArgs
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:sovereign:LandingZoneConfigurationOperation lzc-RemApiExample /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sovereign/landingZoneAccounts/{landingZoneAccountName}/landingZoneConfigurations/{landingZoneConfigurationName}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi