-
Notifications
You must be signed in to change notification settings - Fork 77
azure: Use generated declarations #2194
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
e851696
3e62b0f
5ec663d
e4498f1
00db2b4
bb81be1
d645a88
54e5621
0914ba9
77d4052
838077c
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Large diffs are not rendered by default.
This file was deleted.
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Revert changes to this file |
Large diffs are not rendered by default.
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. TODO: Probably version this as an alpha |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -12,79 +12,89 @@ export const storageProviderType = "Microsoft.Storage/storageAccounts"; | |
| export const IdentityProvider: string = 'Microsoft.ManagedIdentity'; | ||
| export const UserAssignedIdentityResourceType: string = 'userAssignedIdentities'; | ||
|
|
||
| /** | ||
| * Common Roles that should be used to assign permissions to resources | ||
| * The role definitions can be found here: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles | ||
| */ | ||
| export const CommonRoleDefinitions = { | ||
| storageBlobDataContributor: { | ||
| name: "ba92f5b4-2d11-453d-a403-e96b0029c9fe", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Storage Blob Data Contributor", | ||
| description: "Allows for read, write and delete access to Azure Storage blob containers and data", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. These changes make it so the full values and everything show up in the declarations. Otherwise it just does |
||
| storageBlobDataOwner: { | ||
| name: "b7e6dc6d-f1e8-4753-8033-0f276bb0955b", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Storage Blob Data Owner", | ||
| description: "Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| storageQueueDataContributor: { | ||
| name: "974c5e8b-45b9-4653-ba55-5f855dd0fb88", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Storage Queue Data Contributor", | ||
| description: "Read, write, and delete Azure Storage queues and queue messages.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| azureServiceBusDataReceiver: { | ||
| name: "4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Azure Service Bus Data Receiver", | ||
| description: "Allows for receive access to Azure Service Bus resources.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| azureServiceBusDataOwner: { | ||
| name: "090c5cfd-751d-490a-894a-3ce6f1109419", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Azure Service Bus Data Owner", | ||
| description: "Allows for full access to Azure Service Bus resources.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| azureEventHubsDataReceiver: { | ||
| name: "a638d3c7-ab3a-418d-83e6-5f17a39d4fde", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Azure Event Hubs Data Receiver", | ||
| description: "Allows receive access to Azure Event Hubs resources.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| azureEventHubsDataOwner: { | ||
| name: "f526a384-b230-433a-b45c-95f59c4a2dec", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Azure Event Hubs Data Owner", | ||
| description: "Allows for full access to Azure Event Hubs resources.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| cosmosDBAccountReader: { | ||
| name: "fbdf93bf-df7d-467e-a4d2-9458aa1360c8", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Cosmos DB Account Reader", | ||
| description: "Can read Azure Cosmos DB account data.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| documentDBAccountContributor: { | ||
| name: "5bd9cd88-fe45-4216-938b-f97437e15450", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "DocumentDB Account Contributor", | ||
| description: "Can manage Azure Cosmos DB accounts.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const, | ||
| durableTaskDataContributor: { | ||
| name: "0ad04412-c4d5-4796-b79c-f76d14c8d402", | ||
| type: "Microsoft.Authorization/roleDefinitions", | ||
| roleName: "Durable Task Data Contributor", | ||
| description: "Durable Task role for all data access operations.", | ||
| roleType: "BuiltInRole" | ||
| } as RoleDefinition, | ||
| } as const; | ||
| } as const, | ||
| } as const satisfies Record<string, RoleDefinition>; | ||
|
|
||
| /** | ||
| * Constructs the role id for a given subscription and role name id | ||
| * | ||
| * @param subscriptionId - Id for the subscription | ||
| * @param roleId - Name id for the role to be assigned (i.e CommonRoleDefinitions.storageBlobDataContributor.name) | ||
| */ | ||
| export function createRoleId(subscriptionId: string, roleDefinition: RoleDefinition): string { | ||
| return `/subscriptions/${subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/${roleDefinition.name}`; | ||
| } | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Revert this file