azure.mgmt.authorization.v2022_05_01_preview.models module

class azure.mgmt.authorization.v2022_05_01_preview.models.ApprovalMode(value)

Bases: str, enum.Enum

The type of rule.

NO_APPROVAL = 'NoApproval'

PARALLEL = 'Parallel'

SERIAL = 'Serial'

SINGLE_STAGE = 'SingleStage'

class azure.mgmt.authorization.v2022_05_01_preview.models.ApprovalSettings(*, is_approval_required: Optional[bool] = None, is_approval_required_for_extension: Optional[bool] = None, is_requestor_justification_required: Optional[bool] = None, approval_mode: Optional[Union[str, _models.ApprovalMode]] = None, approval_stages: Optional[List[_models.ApprovalStage]] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The approval settings.

Variables

• is_approval_required (bool) – Determines whether approval is required or not.

• is_approval_required_for_extension (bool) – Determines whether approval is required for assignment extension.

• is_requestor_justification_required (bool) – Determine whether requestor justification is required.

• approval_mode (str or ApprovalMode) – The type of rule. Known values are: “SingleStage”, “Serial”, “Parallel”, and “NoApproval”.

• approval_stages (list[ApprovalStage]) – The approval stages of the request.

Keyword Arguments

• is_approval_required (bool) – Determines whether approval is required or not.

• is_approval_required_for_extension (bool) – Determines whether approval is required for assignment extension.

• is_requestor_justification_required (bool) – Determine whether requestor justification is required.

• approval_mode (str or ApprovalMode) – The type of rule. Known values are: “SingleStage”, “Serial”, “Parallel”, and “NoApproval”.

• approval_stages (list[ApprovalStage]) – The approval stages of the request.

class azure.mgmt.authorization.v2022_05_01_preview.models.ApprovalStage(*, approval_stage_time_out_in_days: Optional[int] = None, is_approver_justification_required: Optional[bool] = None, escalation_time_in_minutes: Optional[int] = None, primary_approvers: Optional[List[_models.UserSet]] = None, is_escalation_enabled: Optional[bool] = None, escalation_approvers: Optional[List[_models.UserSet]] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The approval stage.

Variables

• approval_stage_time_out_in_days (int) – The time in days when approval request would be timed out.

• is_approver_justification_required (bool) – Determines whether approver need to provide justification for his decision.

• escalation_time_in_minutes (int) – The time in minutes when the approval request would be escalated if the primary approver does not approve.

• primary_approvers (list[UserSet]) – The primary approver of the request.

• is_escalation_enabled (bool) – The value determine whether escalation feature is enabled.

• escalation_approvers (list[UserSet]) – The escalation approver of the request.

Keyword Arguments

• approval_stage_time_out_in_days (int) – The time in days when approval request would be timed out.

• is_approver_justification_required (bool) – Determines whether approver need to provide justification for his decision.

• escalation_time_in_minutes (int) – The time in minutes when the approval request would be escalated if the primary approver does not approve.

• primary_approvers (list[UserSet]) – The primary approver of the request.

• is_escalation_enabled (bool) – The value determine whether escalation feature is enabled.

• escalation_approvers (list[UserSet]) – The escalation approver of the request.

class azure.mgmt.authorization.v2022_05_01_preview.models.EnablementRules(value)

Bases: str, enum.Enum

The type of enablement rule.

JUSTIFICATION = 'Justification'

MULTI_FACTOR_AUTHENTICATION = 'MultiFactorAuthentication'

TICKETING = 'Ticketing'

class azure.mgmt.authorization.v2022_05_01_preview.models.ErrorAdditionalInfo(**kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The resource management error additional info.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

• type (str) – The additional info type.

• info (JSON) – The additional info.

class azure.mgmt.authorization.v2022_05_01_preview.models.ErrorDetail(**kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The error detail.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

• code (str) – The error code.

• message (str) – The error message.

• target (str) – The error target.

• details (list[ErrorDetail]) – The error details.

• additional_info (list[ErrorAdditionalInfo]) – The error additional info.

class azure.mgmt.authorization.v2022_05_01_preview.models.ErrorResponse(*, error: Optional[_models.ErrorDetail] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).

Variables

error (ErrorDetail) – The error object.

Keyword Arguments

error (ErrorDetail) – The error object.

class azure.mgmt.authorization.v2022_05_01_preview.models.NotificationDeliveryMechanism(value)

Bases: str, enum.Enum

The type of notification.

EMAIL = 'Email'

class azure.mgmt.authorization.v2022_05_01_preview.models.NotificationLevel(value)

Bases: str, enum.Enum

The notification level.

ALL = 'All'

CRITICAL = 'Critical'

NONE = 'None'

class azure.mgmt.authorization.v2022_05_01_preview.models.Permission(*, actions: Optional[List[str]] = None, not_actions: Optional[List[str]] = None, data_actions: Optional[List[str]] = None, not_data_actions: Optional[List[str]] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

Role definition permissions.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

• actions (list[str]) – Allowed actions.

• not_actions (list[str]) – Denied actions.

• data_actions (list[str]) – Allowed Data actions.

• not_data_actions (list[str]) – Denied Data actions.

• condition (str) – The conditions on the role definition. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase ‘foo_storage_container’.

• condition_version (str) – Version of the condition. Currently the only accepted value is ‘2.0’.

Keyword Arguments

• actions (list[str]) – Allowed actions.

• not_actions (list[str]) – Denied actions.

• data_actions (list[str]) – Allowed Data actions.

• not_data_actions (list[str]) – Denied Data actions.

class azure.mgmt.authorization.v2022_05_01_preview.models.PermissionGetResult(*, value: Optional[List[_models.Permission]] = None, next_link: Optional[str] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

Permissions information.

Variables

• value (list[Permission]) – An array of permissions.

• next_link (str) – The URL to use for getting the next set of results.

Keyword Arguments

• value (list[Permission]) – An array of permissions.

• next_link (str) – The URL to use for getting the next set of results.

class azure.mgmt.authorization.v2022_05_01_preview.models.Principal(*, id: Optional[str] = None, display_name: Optional[str] = None, type: Optional[str] = None, email: Optional[str] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The name of the entity last modified it.

Variables

• id (str) – The id of the principal made changes.

• display_name (str) – The name of the principal made changes.

• type (str) – Type of principal such as user , group etc.

• email (str) – Email of principal.

Keyword Arguments

• id (str) – The id of the principal made changes.

• display_name (str) – The name of the principal made changes.

• type (str) – Type of principal such as user , group etc.

• email (str) – Email of principal.

class azure.mgmt.authorization.v2022_05_01_preview.models.RecipientType(value)

Bases: str, enum.Enum

The recipient type.

ADMIN = 'Admin'

APPROVER = 'Approver'

REQUESTOR = 'Requestor'

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleDefinition(*, role_name: Optional[str] = None, description: Optional[str] = None, role_type: Optional[str] = None, permissions: Optional[List[_models.Permission]] = None, assignable_scopes: Optional[List[str]] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

Role definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

• id (str) – The role definition ID.

• name (str) – The role definition name.

• type (str) – The role definition type.

• role_name (str) – The role name.

• description (str) – The role definition description.

• role_type (str) – The role type.

• permissions (list[Permission]) – Role definition permissions.

• assignable_scopes (list[str]) – Role definition assignable scopes.

• created_on (datetime) – Time it was created.

• updated_on (datetime) – Time it was updated.

• created_by (str) – Id of the user who created the assignment.

• updated_by (str) – Id of the user who updated the assignment.

Keyword Arguments

• role_name (str) – The role name.

• description (str) – The role definition description.

• role_type (str) – The role type.

• permissions (list[Permission]) – Role definition permissions.

• assignable_scopes (list[str]) – Role definition assignable scopes.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleDefinitionFilter(*, role_name: Optional[str] = None, type: Optional[str] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

Role Definitions filter.

Variables

• role_name (str) – Returns role definition with the specific name.

• type (str) – Returns role definition with the specific type.

Keyword Arguments

• role_name (str) – Returns role definition with the specific name.

• type (str) – Returns role definition with the specific type.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleDefinitionListResult(*, value: Optional[List[_models.RoleDefinition]] = None, next_link: Optional[str] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

Role definition list operation result.

Variables

• value (list[RoleDefinition]) – Role definition list.

• next_link (str) – The URL to use for getting the next set of results.

Keyword Arguments

• value (list[RoleDefinition]) – Role definition list.

• next_link (str) – The URL to use for getting the next set of results.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyApprovalRule(*, id: Optional[str] = None, target: Optional[_models.RoleManagementPolicyRuleTarget] = None, setting: Optional[_models.ApprovalSettings] = None, **kwargs: Any)

Bases: azure.mgmt.authorization.v2022_05_01_preview.models._models_py3.RoleManagementPolicyRule

The role management policy approval rule.

All required parameters must be populated in order to send to Azure.

Variables

• id (str) – The id of the rule.

• rule_type (str or RoleManagementPolicyRuleType) – The type of rule. Required. Known values are: “RoleManagementPolicyApprovalRule”, “RoleManagementPolicyAuthenticationContextRule”, “RoleManagementPolicyEnablementRule”, “RoleManagementPolicyExpirationRule”, and “RoleManagementPolicyNotificationRule”.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• setting (ApprovalSettings) – The approval setting.

Keyword Arguments

• id (str) – The id of the rule.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• setting (ApprovalSettings) – The approval setting.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyAuthenticationContextRule(*, id: Optional[str] = None, target: Optional[_models.RoleManagementPolicyRuleTarget] = None, is_enabled: Optional[bool] = None, claim_value: Optional[str] = None, **kwargs: Any)

Bases: azure.mgmt.authorization.v2022_05_01_preview.models._models_py3.RoleManagementPolicyRule

The role management policy authentication context rule.

All required parameters must be populated in order to send to Azure.

Variables

• id (str) – The id of the rule.

• rule_type (str or RoleManagementPolicyRuleType) – The type of rule. Required. Known values are: “RoleManagementPolicyApprovalRule”, “RoleManagementPolicyAuthenticationContextRule”, “RoleManagementPolicyEnablementRule”, “RoleManagementPolicyExpirationRule”, and “RoleManagementPolicyNotificationRule”.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• is_enabled (bool) – The value indicating if rule is enabled.

• claim_value (str) – The claim value.

Keyword Arguments

• id (str) – The id of the rule.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• is_enabled (bool) – The value indicating if rule is enabled.

• claim_value (str) – The claim value.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyEnablementRule(*, id: Optional[str] = None, target: Optional[_models.RoleManagementPolicyRuleTarget] = None, enabled_rules: Optional[List[Union[str, _models.EnablementRules]]] = None, **kwargs: Any)

Bases: azure.mgmt.authorization.v2022_05_01_preview.models._models_py3.RoleManagementPolicyRule

The role management policy enablement rule.

All required parameters must be populated in order to send to Azure.

Variables

• id (str) – The id of the rule.

• rule_type (str or RoleManagementPolicyRuleType) – The type of rule. Required. Known values are: “RoleManagementPolicyApprovalRule”, “RoleManagementPolicyAuthenticationContextRule”, “RoleManagementPolicyEnablementRule”, “RoleManagementPolicyExpirationRule”, and “RoleManagementPolicyNotificationRule”.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• enabled_rules (list[str or EnablementRules]) – The list of enabled rules.

Keyword Arguments

• id (str) – The id of the rule.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• enabled_rules (list[str or EnablementRules]) – The list of enabled rules.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyExpirationRule(*, id: Optional[str] = None, target: Optional[_models.RoleManagementPolicyRuleTarget] = None, is_expiration_required: Optional[bool] = None, maximum_duration: Optional[str] = None, **kwargs: Any)

Bases: azure.mgmt.authorization.v2022_05_01_preview.models._models_py3.RoleManagementPolicyRule

The role management policy expiration rule.

All required parameters must be populated in order to send to Azure.

Variables

• id (str) – The id of the rule.

• rule_type (str or RoleManagementPolicyRuleType) – The type of rule. Required. Known values are: “RoleManagementPolicyApprovalRule”, “RoleManagementPolicyAuthenticationContextRule”, “RoleManagementPolicyEnablementRule”, “RoleManagementPolicyExpirationRule”, and “RoleManagementPolicyNotificationRule”.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• is_expiration_required (bool) – The value indicating whether expiration is required.

• maximum_duration (str) – The maximum duration of expiration in timespan.

Keyword Arguments

• id (str) – The id of the rule.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• is_expiration_required (bool) – The value indicating whether expiration is required.

• maximum_duration (str) – The maximum duration of expiration in timespan.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyNotificationRule(*, id: Optional[str] = None, target: Optional[_models.RoleManagementPolicyRuleTarget] = None, notification_type: Optional[Union[str, _models.NotificationDeliveryMechanism]] = None, notification_level: Optional[Union[str, _models.NotificationLevel]] = None, recipient_type: Optional[Union[str, _models.RecipientType]] = None, notification_recipients: Optional[List[str]] = None, is_default_recipients_enabled: Optional[bool] = None, **kwargs: Any)

Bases: azure.mgmt.authorization.v2022_05_01_preview.models._models_py3.RoleManagementPolicyRule

The role management policy notification rule.

All required parameters must be populated in order to send to Azure.

Variables

• id (str) – The id of the rule.

• rule_type (str or RoleManagementPolicyRuleType) – The type of rule. Required. Known values are: “RoleManagementPolicyApprovalRule”, “RoleManagementPolicyAuthenticationContextRule”, “RoleManagementPolicyEnablementRule”, “RoleManagementPolicyExpirationRule”, and “RoleManagementPolicyNotificationRule”.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• notification_type (str or NotificationDeliveryMechanism) – The type of notification. “Email”

• notification_level (str or NotificationLevel) – The notification level. Known values are: “None”, “Critical”, and “All”.

• recipient_type (str or RecipientType) – The recipient type. Known values are: “Requestor”, “Approver”, and “Admin”.

• notification_recipients (list[str]) – The list of notification recipients.

• is_default_recipients_enabled (bool) – Determines if the notification will be sent to the recipient type specified in the policy rule.

Keyword Arguments

• id (str) – The id of the rule.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

• notification_type (str or NotificationDeliveryMechanism) – The type of notification. “Email”

• notification_level (str or NotificationLevel) – The notification level. Known values are: “None”, “Critical”, and “All”.

• recipient_type (str or RecipientType) – The recipient type. Known values are: “Requestor”, “Approver”, and “Admin”.

• notification_recipients (list[str]) – The list of notification recipients.

• is_default_recipients_enabled (bool) – Determines if the notification will be sent to the recipient type specified in the policy rule.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyRule(*, id: Optional[str] = None, target: Optional[_models.RoleManagementPolicyRuleTarget] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The role management policy rule.

You probably want to use the sub-classes and not this class directly. Known sub-classes are: RoleManagementPolicyApprovalRule, RoleManagementPolicyAuthenticationContextRule, RoleManagementPolicyEnablementRule, RoleManagementPolicyExpirationRule, RoleManagementPolicyNotificationRule

All required parameters must be populated in order to send to Azure.

Variables

• id (str) – The id of the rule.

• rule_type (str or RoleManagementPolicyRuleType) – The type of rule. Required. Known values are: “RoleManagementPolicyApprovalRule”, “RoleManagementPolicyAuthenticationContextRule”, “RoleManagementPolicyEnablementRule”, “RoleManagementPolicyExpirationRule”, and “RoleManagementPolicyNotificationRule”.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

Keyword Arguments

• id (str) – The id of the rule.

• target (RoleManagementPolicyRuleTarget) – The target of the current rule.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyRuleTarget(*, caller: Optional[str] = None, operations: Optional[List[str]] = None, level: Optional[str] = None, target_objects: Optional[List[str]] = None, inheritable_settings: Optional[List[str]] = None, enforced_settings: Optional[List[str]] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The role management policy rule target.

Variables

• caller (str) – The caller of the setting.

• operations (list[str]) – The type of operation.

• level (str) – The assignment level to which rule is applied.

• target_objects (list[str]) – The list of target objects.

• inheritable_settings (list[str]) – The list of inheritable settings.

• enforced_settings (list[str]) – The list of enforced settings.

Keyword Arguments

• caller (str) – The caller of the setting.

• operations (list[str]) – The type of operation.

• level (str) – The assignment level to which rule is applied.

• target_objects (list[str]) – The list of target objects.

• inheritable_settings (list[str]) – The list of inheritable settings.

• enforced_settings (list[str]) – The list of enforced settings.

class azure.mgmt.authorization.v2022_05_01_preview.models.RoleManagementPolicyRuleType(value)

Bases: str, enum.Enum

The type of rule.

ROLE_MANAGEMENT_POLICY_APPROVAL_RULE = 'RoleManagementPolicyApprovalRule'

ROLE_MANAGEMENT_POLICY_AUTHENTICATION_CONTEXT_RULE = 'RoleManagementPolicyAuthenticationContextRule'

ROLE_MANAGEMENT_POLICY_ENABLEMENT_RULE = 'RoleManagementPolicyEnablementRule'

ROLE_MANAGEMENT_POLICY_EXPIRATION_RULE = 'RoleManagementPolicyExpirationRule'

ROLE_MANAGEMENT_POLICY_NOTIFICATION_RULE = 'RoleManagementPolicyNotificationRule'

class azure.mgmt.authorization.v2022_05_01_preview.models.UserSet(*, user_type: Optional[Union[str, _models.UserType]] = None, is_backup: Optional[bool] = None, id: Optional[str] = None, description: Optional[str] = None, **kwargs: Any)

Bases: azure.mgmt.authorization._serialization.Model

The detail of a user.

Variables

• user_type (str or UserType) – The type of user. Known values are: “User” and “Group”.

• is_backup (bool) – The value indicating whether the user is a backup fallback approver.

• id (str) – The object id of the user.

• description (str) – The description of the user.

Keyword Arguments

• user_type (str or UserType) – The type of user. Known values are: “User” and “Group”.

• is_backup (bool) – The value indicating whether the user is a backup fallback approver.

• id (str) – The object id of the user.

• description (str) – The description of the user.

class azure.mgmt.authorization.v2022_05_01_preview.models.UserType(value)

Bases: str, enum.Enum

The type of user.

GROUP = 'Group'

USER = 'User'