provider.python.md

provider Submodule

Constructs

AzureadProvider

Represents a {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs azuread}.

Initializers

from cdktf_cdktf_provider_azuread import provider

provider.AzureadProvider(
  scope: Construct,
  id: str,
  alias: str = None,
  client_certificate: str = None,
  client_certificate_password: str = None,
  client_certificate_path: str = None,
  client_id: str = None,
  client_id_file_path: str = None,
  client_secret: str = None,
  client_secret_file_path: str = None,
  disable_terraform_partner_id: typing.Union[bool, IResolvable] = None,
  environment: str = None,
  metadata_host: str = None,
  msi_endpoint: str = None,
  oidc_request_token: str = None,
  oidc_request_url: str = None,
  oidc_token: str = None,
  oidc_token_file_path: str = None,
  partner_id: str = None,
  tenant_id: str = None,
  use_aks_workload_identity: typing.Union[bool, IResolvable] = None,
  use_cli: typing.Union[bool, IResolvable] = None,
  use_msi: typing.Union[bool, IResolvable] = None,
  use_oidc: typing.Union[bool, IResolvable] = None
)

Name	Type	Description
scope	constructs.Construct	The scope in which to define this construct.
id	str	The scoped construct ID.
alias	str	Alias name.
client_certificate	str	Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate.
client_certificate_password	str	The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate.
client_certificate_path	str	The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate.
client_id	str	The Client ID which should be used for service principal authentication.
client_id_file_path	str	The path to a file containing the Client ID which should be used for service principal authentication.
client_secret	str	The application password to use when authenticating as a Service Principal using a Client Secret.
client_secret_file_path	str	The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret.
disable_terraform_partner_id	typing.Union[bool, cdktf.IResolvable]	Disable the Terraform Partner ID, which is used if a custom partner_id isn't specified.
environment	str	The cloud environment which should be used.
metadata_host	str	The Hostname which should be used for the Azure Metadata Service.
msi_endpoint	str	The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically.
oidc_request_token	str	The bearer token for the request to the OIDC provider.
oidc_request_url	str	The URL for the OIDC provider from which to request an ID token.
oidc_token	str	The ID token for use when authenticating as a Service Principal using OpenID Connect.
oidc_token_file_path	str	The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
partner_id	str	A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution.
tenant_id	str	The Tenant ID which should be used. Works with all authentication methods except Managed Identity.
use_aks_workload_identity	typing.Union[bool, cdktf.IResolvable]	Allow Azure AKS Workload Identity to be used for Authentication.
use_cli	typing.Union[bool, cdktf.IResolvable]	Allow Azure CLI to be used for Authentication.
use_msi	typing.Union[bool, cdktf.IResolvable]	Allow Managed Identity to be used for Authentication.
use_oidc	typing.Union[bool, cdktf.IResolvable]	Allow OpenID Connect to be used for authentication.

---

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: str

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

alias^Optional

• Type: str

Alias name.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#alias AzureadProvider#alias}

---

client_certificate^Optional

• Type: str

Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_certificate AzureadProvider#client_certificate}

---

client_certificate_password^Optional

• Type: str

The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_certificate_password AzureadProvider#client_certificate_password}

---

client_certificate_path^Optional

• Type: str

The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_certificate_path AzureadProvider#client_certificate_path}

---

client_id^Optional

• Type: str

The Client ID which should be used for service principal authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_id AzureadProvider#client_id}

---

client_id_file_path^Optional

• Type: str

The path to a file containing the Client ID which should be used for service principal authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_id_file_path AzureadProvider#client_id_file_path}

---

client_secret^Optional

• Type: str

The application password to use when authenticating as a Service Principal using a Client Secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_secret AzureadProvider#client_secret}

---

client_secret_file_path^Optional

• Type: str

The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_secret_file_path AzureadProvider#client_secret_file_path}

---

disable_terraform_partner_id^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

Disable the Terraform Partner ID, which is used if a custom partner_id isn't specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#disable_terraform_partner_id AzureadProvider#disable_terraform_partner_id}

---

environment^Optional

• Type: str

The cloud environment which should be used.

Possible values are: global (also public), usgovernmentl4 (also usgovernment), usgovernmentl5 (also dod), and china. Defaults to global. Not used and should not be specified when metadata_host is specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#environment AzureadProvider#environment}

---

metadata_host^Optional

• Type: str

The Hostname which should be used for the Azure Metadata Service.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#metadata_host AzureadProvider#metadata_host}

---

msi_endpoint^Optional

• Type: str

The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#msi_endpoint AzureadProvider#msi_endpoint}

---

oidc_request_token^Optional

• Type: str

The bearer token for the request to the OIDC provider.

For use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_request_token AzureadProvider#oidc_request_token}

---

oidc_request_url^Optional

• Type: str

The URL for the OIDC provider from which to request an ID token.

For use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_request_url AzureadProvider#oidc_request_url}

---

oidc_token^Optional

• Type: str

The ID token for use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_token AzureadProvider#oidc_token}

---

oidc_token_file_path^Optional

• Type: str

The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_token_file_path AzureadProvider#oidc_token_file_path}

---

partner_id^Optional

• Type: str

A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#partner_id AzureadProvider#partner_id}

---

tenant_id^Optional

• Type: str

The Tenant ID which should be used. Works with all authentication methods except Managed Identity.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#tenant_id AzureadProvider#tenant_id}

---

use_aks_workload_identity^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

Allow Azure AKS Workload Identity to be used for Authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_aks_workload_identity AzureadProvider#use_aks_workload_identity}

---

use_cli^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

Allow Azure CLI to be used for Authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_cli AzureadProvider#use_cli}

---

use_msi^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

Allow Managed Identity to be used for Authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_msi AzureadProvider#use_msi}

---

use_oidc^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

Allow OpenID Connect to be used for authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_oidc AzureadProvider#use_oidc}

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
add_override	No description.
override_logical_id	Overrides the auto-generated logical ID with a specific ID.
reset_override_logical_id	Resets a previously passed logical Id to use the auto-generated logical id again.
to_hcl_terraform	No description.
to_metadata	No description.
to_terraform	Adds this resource to the terraform JSON output.
reset_alias	No description.
reset_client_certificate	No description.
reset_client_certificate_password	No description.
reset_client_certificate_path	No description.
reset_client_id	No description.
reset_client_id_file_path	No description.
reset_client_secret	No description.
reset_client_secret_file_path	No description.
reset_disable_terraform_partner_id	No description.
reset_environment	No description.
reset_metadata_host	No description.
reset_msi_endpoint	No description.
reset_oidc_request_token	No description.
reset_oidc_request_url	No description.
reset_oidc_token	No description.
reset_oidc_token_file_path	No description.
reset_partner_id	No description.
reset_tenant_id	No description.
reset_use_aks_workload_identity	No description.
reset_use_cli	No description.
reset_use_msi	No description.
reset_use_oidc	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

add_override

def add_override(
  path: str,
  value: typing.Any
) -> None

path^Required

• Type: str

---

value^Required

• Type: typing.Any

---

override_logical_id

def override_logical_id(
  new_logical_id: str
) -> None

Overrides the auto-generated logical ID with a specific ID.

new_logical_id^Required

• Type: str

The new logical ID to use for this stack element.

---

reset_override_logical_id

def reset_override_logical_id() -> None

Resets a previously passed logical Id to use the auto-generated logical id again.

to_hcl_terraform

def to_hcl_terraform() -> typing.Any

to_metadata

def to_metadata() -> typing.Any

to_terraform

def to_terraform() -> typing.Any

Adds this resource to the terraform JSON output.

reset_alias

def reset_alias() -> None

reset_client_certificate

def reset_client_certificate() -> None

reset_client_certificate_password

def reset_client_certificate_password() -> None

reset_client_certificate_path

def reset_client_certificate_path() -> None

reset_client_id

def reset_client_id() -> None

reset_client_id_file_path

def reset_client_id_file_path() -> None

reset_client_secret

def reset_client_secret() -> None

reset_client_secret_file_path

def reset_client_secret_file_path() -> None

reset_disable_terraform_partner_id

def reset_disable_terraform_partner_id() -> None

reset_environment

def reset_environment() -> None

reset_metadata_host

def reset_metadata_host() -> None

reset_msi_endpoint

def reset_msi_endpoint() -> None

reset_oidc_request_token

def reset_oidc_request_token() -> None

reset_oidc_request_url

def reset_oidc_request_url() -> None

reset_oidc_token

def reset_oidc_token() -> None

reset_oidc_token_file_path

def reset_oidc_token_file_path() -> None

reset_partner_id

def reset_partner_id() -> None

reset_tenant_id

def reset_tenant_id() -> None

reset_use_aks_workload_identity

def reset_use_aks_workload_identity() -> None

reset_use_cli

def reset_use_cli() -> None

reset_use_msi

def reset_use_msi() -> None

reset_use_oidc

def reset_use_oidc() -> None

Static Functions

Name	Description
is_construct	Checks if x is a construct.
is_terraform_element	No description.
is_terraform_provider	No description.
generate_config_for_import	Generates CDKTF code for importing a AzureadProvider resource upon running "cdktf plan ".

---

is_construct

from cdktf_cdktf_provider_azuread import provider

provider.AzureadProvider.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

is_terraform_element

from cdktf_cdktf_provider_azuread import provider

provider.AzureadProvider.is_terraform_element(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

is_terraform_provider

from cdktf_cdktf_provider_azuread import provider

provider.AzureadProvider.is_terraform_provider(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

generate_config_for_import

from cdktf_cdktf_provider_azuread import provider

provider.AzureadProvider.generate_config_for_import(
  scope: Construct,
  import_to_id: str,
  import_from_id: str,
  provider: TerraformProvider = None
)

Generates CDKTF code for importing a AzureadProvider resource upon running "cdktf plan ".

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

import_to_id^Required

• Type: str

The construct id used in the generated config for the AzureadProvider to import.

---

import_from_id^Required

• Type: str

The id of the existing AzureadProvider that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: cdktf.TerraformProvider

? Optional instance of the provider where the AzureadProvider to import is found.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
cdktf_stack	cdktf.TerraformStack	No description.
fqn	str	No description.
friendly_unique_id	str	No description.
meta_attributes	typing.Mapping[typing.Any]	No description.
terraform_resource_type	str	No description.
terraform_generator_metadata	cdktf.TerraformProviderGeneratorMetadata	No description.
terraform_provider_source	str	No description.
alias	str	No description.
alias_input	str	No description.
client_certificate_input	str	No description.
client_certificate_password_input	str	No description.
client_certificate_path_input	str	No description.
client_id_file_path_input	str	No description.
client_id_input	str	No description.
client_secret_file_path_input	str	No description.
client_secret_input	str	No description.
disable_terraform_partner_id_input	typing.Union[bool, cdktf.IResolvable]	No description.
environment_input	str	No description.
metadata_host_input	str	No description.
msi_endpoint_input	str	No description.
oidc_request_token_input	str	No description.
oidc_request_url_input	str	No description.
oidc_token_file_path_input	str	No description.
oidc_token_input	str	No description.
partner_id_input	str	No description.
tenant_id_input	str	No description.
use_aks_workload_identity_input	typing.Union[bool, cdktf.IResolvable]	No description.
use_cli_input	typing.Union[bool, cdktf.IResolvable]	No description.
use_msi_input	typing.Union[bool, cdktf.IResolvable]	No description.
use_oidc_input	typing.Union[bool, cdktf.IResolvable]	No description.
client_certificate	str	No description.
client_certificate_password	str	No description.
client_certificate_path	str	No description.
client_id	str	No description.
client_id_file_path	str	No description.
client_secret	str	No description.
client_secret_file_path	str	No description.
disable_terraform_partner_id	typing.Union[bool, cdktf.IResolvable]	No description.
environment	str	No description.
metadata_host	str	No description.
msi_endpoint	str	No description.
oidc_request_token	str	No description.
oidc_request_url	str	No description.
oidc_token	str	No description.
oidc_token_file_path	str	No description.
partner_id	str	No description.
tenant_id	str	No description.
use_aks_workload_identity	typing.Union[bool, cdktf.IResolvable]	No description.
use_cli	typing.Union[bool, cdktf.IResolvable]	No description.
use_msi	typing.Union[bool, cdktf.IResolvable]	No description.
use_oidc	typing.Union[bool, cdktf.IResolvable]	No description.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

cdktf_stack^Required

cdktf_stack: TerraformStack

• Type: cdktf.TerraformStack

---

fqn^Required

fqn: str

• Type: str

---

friendly_unique_id^Required

friendly_unique_id: str

• Type: str

---

meta_attributes^Required

meta_attributes: typing.Mapping[typing.Any]

• Type: typing.Mapping[typing.Any]

---

terraform_resource_type^Required

terraform_resource_type: str

• Type: str

---

terraform_generator_metadata^Optional

terraform_generator_metadata: TerraformProviderGeneratorMetadata

• Type: cdktf.TerraformProviderGeneratorMetadata

---

terraform_provider_source^Optional

terraform_provider_source: str

• Type: str

---

alias^Optional

alias: str

• Type: str

---

alias_input^Optional

alias_input: str

• Type: str

---

client_certificate_input^Optional

client_certificate_input: str

• Type: str

---

client_certificate_password_input^Optional

client_certificate_password_input: str

• Type: str

---

client_certificate_path_input^Optional

client_certificate_path_input: str

• Type: str

---

client_id_file_path_input^Optional

client_id_file_path_input: str

• Type: str

---

client_id_input^Optional

client_id_input: str

• Type: str

---

client_secret_file_path_input^Optional

client_secret_file_path_input: str

• Type: str

---

client_secret_input^Optional

client_secret_input: str

• Type: str

---

disable_terraform_partner_id_input^Optional

disable_terraform_partner_id_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

environment_input^Optional

environment_input: str

• Type: str

---

metadata_host_input^Optional

metadata_host_input: str

• Type: str

---

msi_endpoint_input^Optional

msi_endpoint_input: str

• Type: str

---

oidc_request_token_input^Optional

oidc_request_token_input: str

• Type: str

---

oidc_request_url_input^Optional

oidc_request_url_input: str

• Type: str

---

oidc_token_file_path_input^Optional

oidc_token_file_path_input: str

• Type: str

---

oidc_token_input^Optional

oidc_token_input: str

• Type: str

---

partner_id_input^Optional

partner_id_input: str

• Type: str

---

tenant_id_input^Optional

tenant_id_input: str

• Type: str

---

use_aks_workload_identity_input^Optional

use_aks_workload_identity_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

use_cli_input^Optional

use_cli_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

use_msi_input^Optional

use_msi_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

use_oidc_input^Optional

use_oidc_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

client_certificate^Optional

client_certificate: str

• Type: str

---

client_certificate_password^Optional

client_certificate_password: str

• Type: str

---

client_certificate_path^Optional

client_certificate_path: str

• Type: str

---

client_id^Optional

client_id: str

• Type: str

---

client_id_file_path^Optional

client_id_file_path: str

• Type: str

---

client_secret^Optional

client_secret: str

• Type: str

---

client_secret_file_path^Optional

client_secret_file_path: str

• Type: str

---

disable_terraform_partner_id^Optional

disable_terraform_partner_id: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

environment^Optional

environment: str

• Type: str

---

metadata_host^Optional

metadata_host: str

• Type: str

---

msi_endpoint^Optional

msi_endpoint: str

• Type: str

---

oidc_request_token^Optional

oidc_request_token: str

• Type: str

---

oidc_request_url^Optional

oidc_request_url: str

• Type: str

---

oidc_token^Optional

oidc_token: str

• Type: str

---

oidc_token_file_path^Optional

oidc_token_file_path: str

• Type: str

---

partner_id^Optional

partner_id: str

• Type: str

---

tenant_id^Optional

tenant_id: str

• Type: str

---

use_aks_workload_identity^Optional

use_aks_workload_identity: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

use_cli^Optional

use_cli: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

use_msi^Optional

use_msi: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

use_oidc^Optional

use_oidc: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

Constants

Name	Type	Description
tfResourceType	str	No description.

---

tfResourceType^Required

tfResourceType: str

• Type: str

---

Structs

AzureadProviderConfig

Initializer

from cdktf_cdktf_provider_azuread import provider

provider.AzureadProviderConfig(
  alias: str = None,
  client_certificate: str = None,
  client_certificate_password: str = None,
  client_certificate_path: str = None,
  client_id: str = None,
  client_id_file_path: str = None,
  client_secret: str = None,
  client_secret_file_path: str = None,
  disable_terraform_partner_id: typing.Union[bool, IResolvable] = None,
  environment: str = None,
  metadata_host: str = None,
  msi_endpoint: str = None,
  oidc_request_token: str = None,
  oidc_request_url: str = None,
  oidc_token: str = None,
  oidc_token_file_path: str = None,
  partner_id: str = None,
  tenant_id: str = None,
  use_aks_workload_identity: typing.Union[bool, IResolvable] = None,
  use_cli: typing.Union[bool, IResolvable] = None,
  use_msi: typing.Union[bool, IResolvable] = None,
  use_oidc: typing.Union[bool, IResolvable] = None
)

Properties

Name	Type	Description
alias	str	Alias name.
client_certificate	str	Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate.
client_certificate_password	str	The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate.
client_certificate_path	str	The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate.
client_id	str	The Client ID which should be used for service principal authentication.
client_id_file_path	str	The path to a file containing the Client ID which should be used for service principal authentication.
client_secret	str	The application password to use when authenticating as a Service Principal using a Client Secret.
client_secret_file_path	str	The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret.
disable_terraform_partner_id	typing.Union[bool, cdktf.IResolvable]	Disable the Terraform Partner ID, which is used if a custom partner_id isn't specified.
environment	str	The cloud environment which should be used.
metadata_host	str	The Hostname which should be used for the Azure Metadata Service.
msi_endpoint	str	The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically.
oidc_request_token	str	The bearer token for the request to the OIDC provider.
oidc_request_url	str	The URL for the OIDC provider from which to request an ID token.
oidc_token	str	The ID token for use when authenticating as a Service Principal using OpenID Connect.
oidc_token_file_path	str	The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.
partner_id	str	A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution.
tenant_id	str	The Tenant ID which should be used. Works with all authentication methods except Managed Identity.
use_aks_workload_identity	typing.Union[bool, cdktf.IResolvable]	Allow Azure AKS Workload Identity to be used for Authentication.
use_cli	typing.Union[bool, cdktf.IResolvable]	Allow Azure CLI to be used for Authentication.
use_msi	typing.Union[bool, cdktf.IResolvable]	Allow Managed Identity to be used for Authentication.
use_oidc	typing.Union[bool, cdktf.IResolvable]	Allow OpenID Connect to be used for authentication.

---

alias^Optional

alias: str

• Type: str

Alias name.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#alias AzureadProvider#alias}

---

client_certificate^Optional

client_certificate: str

• Type: str

Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_certificate AzureadProvider#client_certificate}

---

client_certificate_password^Optional

client_certificate_password: str

• Type: str

The password to decrypt the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_certificate_password AzureadProvider#client_certificate_password}

---

client_certificate_path^Optional

client_certificate_path: str

• Type: str

The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_certificate_path AzureadProvider#client_certificate_path}

---

client_id^Optional

client_id: str

• Type: str

The Client ID which should be used for service principal authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_id AzureadProvider#client_id}

---

client_id_file_path^Optional

client_id_file_path: str

• Type: str

The path to a file containing the Client ID which should be used for service principal authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_id_file_path AzureadProvider#client_id_file_path}

---

client_secret^Optional

client_secret: str

• Type: str

The application password to use when authenticating as a Service Principal using a Client Secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_secret AzureadProvider#client_secret}

---

client_secret_file_path^Optional

client_secret_file_path: str

• Type: str

The path to a file containing the application password to use when authenticating as a Service Principal using a Client Secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#client_secret_file_path AzureadProvider#client_secret_file_path}

---

disable_terraform_partner_id^Optional

disable_terraform_partner_id: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

Disable the Terraform Partner ID, which is used if a custom partner_id isn't specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#disable_terraform_partner_id AzureadProvider#disable_terraform_partner_id}

---

environment^Optional

environment: str

• Type: str

The cloud environment which should be used.

Possible values are: global (also public), usgovernmentl4 (also usgovernment), usgovernmentl5 (also dod), and china. Defaults to global. Not used and should not be specified when metadata_host is specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#environment AzureadProvider#environment}

---

metadata_host^Optional

metadata_host: str

• Type: str

The Hostname which should be used for the Azure Metadata Service.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#metadata_host AzureadProvider#metadata_host}

---

msi_endpoint^Optional

msi_endpoint: str

• Type: str

The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#msi_endpoint AzureadProvider#msi_endpoint}

---

oidc_request_token^Optional

oidc_request_token: str

• Type: str

The bearer token for the request to the OIDC provider.

For use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_request_token AzureadProvider#oidc_request_token}

---

oidc_request_url^Optional

oidc_request_url: str

• Type: str

The URL for the OIDC provider from which to request an ID token.

For use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_request_url AzureadProvider#oidc_request_url}

---

oidc_token^Optional

oidc_token: str

• Type: str

The ID token for use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_token AzureadProvider#oidc_token}

---

oidc_token_file_path^Optional

oidc_token_file_path: str

• Type: str

The path to a file containing an ID token for use when authenticating as a Service Principal using OpenID Connect.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#oidc_token_file_path AzureadProvider#oidc_token_file_path}

---

partner_id^Optional

partner_id: str

• Type: str

A GUID/UUID that is registered with Microsoft to facilitate partner resource usage attribution.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#partner_id AzureadProvider#partner_id}

---

tenant_id^Optional

tenant_id: str

• Type: str

The Tenant ID which should be used. Works with all authentication methods except Managed Identity.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#tenant_id AzureadProvider#tenant_id}

---

use_aks_workload_identity^Optional

use_aks_workload_identity: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

Allow Azure AKS Workload Identity to be used for Authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_aks_workload_identity AzureadProvider#use_aks_workload_identity}

---

use_cli^Optional

use_cli: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

Allow Azure CLI to be used for Authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_cli AzureadProvider#use_cli}

---

use_msi^Optional

use_msi: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

Allow Managed Identity to be used for Authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_msi AzureadProvider#use_msi}

---

use_oidc^Optional

use_oidc: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

Allow OpenID Connect to be used for authentication.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/azuread/2.51.0/docs#use_oidc AzureadProvider#use_oidc}

---