salmon-egg-38815
05/24/2021, 5:09 PMbored-oyster-3147
05/24/2021, 5:33 PMscope
is a required input
So I think the better question is, why does your first example work? lolsalmon-egg-38815
05/25/2021, 5:31 AMusing System.Threading.Tasks;
using Pulumi;
using Azure = Pulumi.AzureNative;
using AzureAD = Pulumi.AzureAD;
using OldAzure = Pulumi.Azure;
class MyStack : ComponentResource
{
public MyStack()
{
var rg = new Azure.Resources.ResourceGroup("rg", new Azure.Resources.ResourceGroupArgs
{
Location = "UK South"
});
var contributorRoleDef = Output.Create(OldAzure.Authorization.GetRoleDefinition.InvokeAsync(new OldAzure.Authorization.GetRoleDefinitionArgs
{
Name = "Contributor"
}));
var globalAdmins = Output.Create(AzureAD.GetGroup.InvokeAsync(new AzureAD.GetGroupArgs
{
Name = "Global Admins"
}));
var assignment1 = new Azure.Authorization.RoleAssignment("assignment1", new Azure.Authorization.RoleAssignmentArgs
{
PrincipalId = globalAdmins.Apply(grp => grp.Id),
RoleDefinitionId = contributorRoleDef.Apply(def => def.Id),
Scope = rg.Id,
PrincipalType = "Group"
});
}
}
tall-librarian-49374
05/25/2021, 6:00 AMRoleDefinition.Get
and GetRoleDefinition
aren’t the same thing.Apply
because you are trying to pass an output as an argument.salmon-egg-38815
05/25/2021, 6:21 AMtall-librarian-49374
05/25/2021, 6:46 AM