https://pulumi.com logo
Title
a

able-beard-29160

06/05/2020, 12:13 PM
Folks, is there already a convenience layer in Pulumi for Azure that could save me from working with UUIDs when assigning API permissions? For example, something like this:
export const app = new azuread.Application('app', {
  requiredResourceAccesses: [
    Apps.WindowsAzureActiveDirectory.withRoles(roles => [
      roles.Application.ReadWrite.All,
      roles.Application.ReadWrite.OwnedBy,
    ]),
  ],
});
Instead of this:
export const app = new azuread.Application('app', {
  requiredResourceAccesses: [
    {
      resourceAppId: '00000002-0000-0000-c000-000000000000',
      resourceAccesses: [
        {
          id: "1cda74f2-2616-4834-b122-5cb1b07f8a59",
          type: "Role",
        },
        {
          id: "824c81eb-e3f8-4ee6-8f6d-de7f50d565b7",
          type: "Role",
        },
      ],
    },
  ],
});
t

tall-librarian-49374

06/05/2020, 4:23 PM
Not that I know of… Would be great to have it!
a

able-beard-29160

06/05/2020, 6:05 PM
Thanks. I presume that would be a low-hanging fruit for contributing to Pulumi. I'll see how much time I can allot right now.