Docs Home
Azure Active Directory (Azure AD) v6.4.0 published on Monday, Apr 7, 2025 by Pulumi
azuread.ApplicationPassword
Explore with Pulumi AI
Azure Active Directory (Azure AD) v6.4.0 published on Monday, Apr 7, 2025 by Pulumi
Example Usage
Basic example
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const example = new azuread.ApplicationRegistration("example", {displayName: "example"});
const exampleApplicationPassword = new azuread.ApplicationPassword("example", {applicationId: example.id});
import pulumi
import pulumi_azuread as azuread
example = azuread.ApplicationRegistration("example", display_name="example")
example_application_password = azuread.ApplicationPassword("example", application_id=example.id)
package main
import (
"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := azuread.NewApplicationRegistration(ctx, "example", &azuread.ApplicationRegistrationArgs{
DisplayName: pulumi.String("example"),
})
if err != nil {
return err
}
_, err = azuread.NewApplicationPassword(ctx, "example", &azuread.ApplicationPasswordArgs{
ApplicationId: example.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;
return await Deployment.RunAsync(() =>
{
var example = new AzureAD.ApplicationRegistration("example", new()
{
DisplayName = "example",
});
var exampleApplicationPassword = new AzureAD.ApplicationPassword("example", new()
{
ApplicationId = example.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.ApplicationRegistration;
import com.pulumi.azuread.ApplicationRegistrationArgs;
import com.pulumi.azuread.ApplicationPassword;
import com.pulumi.azuread.ApplicationPasswordArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ApplicationRegistration("example", ApplicationRegistrationArgs.builder()
.displayName("example")
.build());
var exampleApplicationPassword = new ApplicationPassword("exampleApplicationPassword", ApplicationPasswordArgs.builder()
.applicationId(example.id())
.build());
}
}
resources:
example:
type: azuread:ApplicationRegistration
properties:
displayName: example
exampleApplicationPassword:
type: azuread:ApplicationPassword
name: example
properties:
applicationId: ${example.id}
Time-based rotation
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
import * as time from "@pulumiverse/time";
const example = new azuread.ApplicationRegistration("example", {displayName: "example"});
const exampleRotating = new time.Rotating("example", {rotationDays: 7});
const exampleApplicationPassword = new azuread.ApplicationPassword("example", {
applicationId: example.id,
rotateWhenChanged: {
rotation: exampleRotating.id,
},
});
import pulumi
import pulumi_azuread as azuread
import pulumiverse_time as time
example = azuread.ApplicationRegistration("example", display_name="example")
example_rotating = time.Rotating("example", rotation_days=7)
example_application_password = azuread.ApplicationPassword("example",
application_id=example.id,
rotate_when_changed={
"rotation": example_rotating.id,
})
package main
import (
"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
"github.com/pulumi/pulumi-time/sdk/go/time"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := azuread.NewApplicationRegistration(ctx, "example", &azuread.ApplicationRegistrationArgs{
DisplayName: pulumi.String("example"),
})
if err != nil {
return err
}
exampleRotating, err := time.NewRotating(ctx, "example", &time.RotatingArgs{
RotationDays: pulumi.Int(7),
})
if err != nil {
return err
}
_, err = azuread.NewApplicationPassword(ctx, "example", &azuread.ApplicationPasswordArgs{
ApplicationId: example.ID(),
RotateWhenChanged: pulumi.StringMap{
"rotation": exampleRotating.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;
using Time = Pulumiverse.Time;
return await Deployment.RunAsync(() =>
{
var example = new AzureAD.ApplicationRegistration("example", new()
{
DisplayName = "example",
});
var exampleRotating = new Time.Rotating("example", new()
{
RotationDays = 7,
});
var exampleApplicationPassword = new AzureAD.ApplicationPassword("example", new()
{
ApplicationId = example.Id,
RotateWhenChanged =
{
{ "rotation", exampleRotating.Id },
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.ApplicationRegistration;
import com.pulumi.azuread.ApplicationRegistrationArgs;
import com.pulumi.time.Rotating;
import com.pulumi.time.RotatingArgs;
import com.pulumi.azuread.ApplicationPassword;
import com.pulumi.azuread.ApplicationPasswordArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ApplicationRegistration("example", ApplicationRegistrationArgs.builder()
.displayName("example")
.build());
var exampleRotating = new Rotating("exampleRotating", RotatingArgs.builder()
.rotationDays(7)
.build());
var exampleApplicationPassword = new ApplicationPassword("exampleApplicationPassword", ApplicationPasswordArgs.builder()
.applicationId(example.id())
.rotateWhenChanged(Map.of("rotation", exampleRotating.id()))
.build());
}
}
resources:
example:
type: azuread:ApplicationRegistration
properties:
displayName: example
exampleRotating:
type: time:Rotating
name: example
properties:
rotationDays: 7
exampleApplicationPassword:
type: azuread:ApplicationPassword
name: example
properties:
applicationId: ${example.id}
rotateWhenChanged:
rotation: ${exampleRotating.id}
Create ApplicationPassword Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ApplicationPassword(name: string, args: ApplicationPasswordArgs, opts?: CustomResourceOptions);@overload
def ApplicationPassword(resource_name: str,
args: ApplicationPasswordInitArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ApplicationPassword(resource_name: str,
opts: Optional[ResourceOptions] = None,
application_id: Optional[str] = None,
display_name: Optional[str] = None,
end_date: Optional[str] = None,
end_date_relative: Optional[str] = None,
rotate_when_changed: Optional[Mapping[str, str]] = None,
start_date: Optional[str] = None)func NewApplicationPassword(ctx *Context, name string, args ApplicationPasswordArgs, opts ...ResourceOption) (*ApplicationPassword, error)public ApplicationPassword(string name, ApplicationPasswordArgs args, CustomResourceOptions? opts = null)
public ApplicationPassword(String name, ApplicationPasswordArgs args)
public ApplicationPassword(String name, ApplicationPasswordArgs args, CustomResourceOptions options)
type: azuread:ApplicationPassword
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ApplicationPasswordArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ApplicationPasswordInitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ApplicationPasswordArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ApplicationPasswordArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ApplicationPasswordArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var applicationPasswordResource = new AzureAD.ApplicationPassword("applicationPasswordResource", new()
{
ApplicationId = "string",
DisplayName = "string",
EndDate = "string",
RotateWhenChanged =
{
{ "string", "string" },
},
StartDate = "string",
});
example, err := azuread.NewApplicationPassword(ctx, "applicationPasswordResource", &azuread.ApplicationPasswordArgs{
ApplicationId: pulumi.String("string"),
DisplayName: pulumi.String("string"),
EndDate: pulumi.String("string"),
RotateWhenChanged: pulumi.StringMap{
"string": pulumi.String("string"),
},
StartDate: pulumi.String("string"),
})
var applicationPasswordResource = new ApplicationPassword("applicationPasswordResource", ApplicationPasswordArgs.builder()
.applicationId("string")
.displayName("string")
.endDate("string")
.rotateWhenChanged(Map.of("string", "string"))
.startDate("string")
.build());
application_password_resource = azuread.ApplicationPassword("applicationPasswordResource",
application_id="string",
display_name="string",
end_date="string",
rotate_when_changed={
"string": "string",
},
start_date="string")
const applicationPasswordResource = new azuread.ApplicationPassword("applicationPasswordResource", {
applicationId: "string",
displayName: "string",
endDate: "string",
rotateWhenChanged: {
string: "string",
},
startDate: "string",
});
type: azuread:ApplicationPassword
properties:
applicationId: string
displayName: string
endDate: string
rotateWhenChanged:
string: string
startDate: string
ApplicationPassword Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ApplicationPassword resource accepts the following input properties:
- Application
Id string - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- Display
Name string - A display name for the password. Changing this field forces a new resource to be created.
- End
Date string - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - End
Date stringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - Rotate
When Dictionary<string, string>Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- Start
Date string - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created.
- Application
Id string - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- Display
Name string - A display name for the password. Changing this field forces a new resource to be created.
- End
Date string - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - End
Date stringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - Rotate
When map[string]stringChanged - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- Start
Date string - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created.
- application
Id String - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display
Name String - A display name for the password. Changing this field forces a new resource to be created.
- end
Date String - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end
Date StringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - rotate
When Map<String,String>Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start
Date String - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created.
- application
Id string - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display
Name string - A display name for the password. Changing this field forces a new resource to be created.
- end
Date string - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end
Date stringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - rotate
When {[key: string]: string}Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start
Date string - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created.
- application_
id str - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display_
name str - A display name for the password. Changing this field forces a new resource to be created.
- end_
date str - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end_
date_ strrelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - rotate_
when_ Mapping[str, str]changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start_
date str - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created.
- application
Id String - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display
Name String - A display name for the password. Changing this field forces a new resource to be created.
- end
Date String - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end
Date StringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - rotate
When Map<String>Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start
Date String - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created.
Outputs
All input properties are implicitly available as output properties. Additionally, the ApplicationPassword resource produces the following output properties:
Look up Existing ApplicationPassword Resource
Get an existing ApplicationPassword resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ApplicationPasswordState, opts?: CustomResourceOptions): ApplicationPassword@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
application_id: Optional[str] = None,
display_name: Optional[str] = None,
end_date: Optional[str] = None,
end_date_relative: Optional[str] = None,
key_id: Optional[str] = None,
rotate_when_changed: Optional[Mapping[str, str]] = None,
start_date: Optional[str] = None,
value: Optional[str] = None) -> ApplicationPasswordfunc GetApplicationPassword(ctx *Context, name string, id IDInput, state *ApplicationPasswordState, opts ...ResourceOption) (*ApplicationPassword, error)public static ApplicationPassword Get(string name, Input<string> id, ApplicationPasswordState? state, CustomResourceOptions? opts = null)public static ApplicationPassword get(String name, Output<String> id, ApplicationPasswordState state, CustomResourceOptions options)resources: _: type: azuread:ApplicationPassword get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Application
Id string - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- Display
Name string - A display name for the password. Changing this field forces a new resource to be created.
- End
Date string - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - End
Date stringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - Key
Id string - A UUID used to uniquely identify this password credential.
- Rotate
When Dictionary<string, string>Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- Start
Date string - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. - Value string
- The password for this application, which is generated by Azure Active Directory.
- Application
Id string - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- Display
Name string - A display name for the password. Changing this field forces a new resource to be created.
- End
Date string - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - End
Date stringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - Key
Id string - A UUID used to uniquely identify this password credential.
- Rotate
When map[string]stringChanged - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- Start
Date string - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. - Value string
- The password for this application, which is generated by Azure Active Directory.
- application
Id String - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display
Name String - A display name for the password. Changing this field forces a new resource to be created.
- end
Date String - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end
Date StringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - key
Id String - A UUID used to uniquely identify this password credential.
- rotate
When Map<String,String>Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start
Date String - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. - value String
- The password for this application, which is generated by Azure Active Directory.
- application
Id string - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display
Name string - A display name for the password. Changing this field forces a new resource to be created.
- end
Date string - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end
Date stringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - key
Id string - A UUID used to uniquely identify this password credential.
- rotate
When {[key: string]: string}Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start
Date string - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. - value string
- The password for this application, which is generated by Azure Active Directory.
- application_
id str - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display_
name str - A display name for the password. Changing this field forces a new resource to be created.
- end_
date str - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end_
date_ strrelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - key_
id str - A UUID used to uniquely identify this password credential.
- rotate_
when_ Mapping[str, str]changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start_
date str - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. - value str
- The password for this application, which is generated by Azure Active Directory.
- application
Id String - The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created.
- display
Name String - A display name for the password. Changing this field forces a new resource to be created.
- end
Date String - The end date until which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. - end
Date StringRelative - A relative duration for which the password is valid until, for example
240h(10 days) or2400h30m. Changing this field forces a new resource to be created. - key
Id String - A UUID used to uniquely identify this password credential.
- rotate
When Map<String>Changed - A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
- start
Date String - The start date from which the password is valid, formatted as an RFC3339 date string (e.g.
2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. - value String
- The password for this application, which is generated by Azure Active Directory.
Import
This resource does not support importing.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Active Directory (Azure AD) pulumi/pulumi-azuread
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azureadTerraform Provider.
Azure Active Directory (Azure AD) v6.4.0 published on Monday, Apr 7, 2025 by Pulumi