Resource: azuread_directory_role_eligibility_schedule_request

Manages a single directory role eligibility schedule request within Azure Active Directory.

API Permissions

The following API permissions are required in order to use this resource.

The calling principal requires one of the following application roles: RoleEligibilitySchedule.ReadWrite.Directory or RoleManagement.ReadWrite.Directory.

The calling principal requires one of the following directory roles: Privileged Role Administrator or Global Administrator.

Example Usage

data "azuread_user" "example" {
  user_principal_name = "jdoe@hashicorp.com"
}

resource "azuread_directory_role" "example" {
  display_name = "Application Administrator"
}

resource "azuread_directory_role_eligibility_schedule_request" "example" {
  role_definition_id = azuread_directory_role.example.template_id
  principal_id       = azuread_user.example.object_id
  directory_scope_id = "/"
  justification      = "Example"
}

Argument Reference

The following arguments are supported:

Attributes Reference

In addition to all arguments above, the following attributes are exported:

No additional attributes are exported

Import

Directory role eligibility schedule requests can be imported using the ID of the assignment, e.g.

terraform import azuread_directory_role_eligibility_schedule_request.example 822ec710-4c9f-4f71-a27a-451759cc7522